T-Online schickt Abuse-Mail (Sinkhole) ohne Informationen + ich finde nur Adware

HonigDieter · 24.11.2014, 16:41

Hallo Experten!

Vor ein paar Tagen hat mir die Abuse-Abteilung der Telekom eine Nachricht geschickt, in der stand, dass "mindestens ein Rechner, der sich über [unse]ren Internetzugang mit dem Internet verbindet, mit einem Virus/Trojaner infiziert ist.", dazu eine IP-Adresse und eine Uhrzeit (habe es geprüft, es ist unsere gewesen zu dem angegebenen Zeitpunkt).

Auf Nachfrage wurde die Aussage dann sogar noch erweitert, statt einem waren es nun mehrere Trojaner: "Den Beschwerden zufolge befindet sich in Ihrem LAN mindestens ein mit mehreren Trojanern verseuchter Rechner". Bemerkt wurde es aufgrund einer Kontaktaufnahme aus unserem Netz, zu einem Sinkhole. Weitere Fragen, um was für ein Sinkhole es sich handelt usw, wurden nicht beantwortet oder falsch verstanden, also habe ich nur eine Uhrzeit, zu der Kontakt zu einem Sinkhole aufgenommen worden sein soll. Alles weitere ist GEHEIM, sagt die Telekom. ...

Mit diesen Unmengen an Information stehe ich jetzt da, und muss rausfinden, welcher PC (Familiennetz!, also 4 PCs, ein Laptop, ein Fernseher, eine alte Dreambox, ein mittelalter Blurayplayer, ein älteres Smartphone, ein alter m0n0wall-Router und ein Telekom-Speedport am Ende) verantwortlich ist.

Daraufhin habe ich natürlich gleich auf allen Windows-Rechnern (es sind 3) Virensuchläufe mit der Avira-Bootcd und der Kaspersky-Bootcd gemacht (ja, jeweils neu + aktualisiert), das folgende wurde gefunden:

PC_1
* Ein paar alte Android-GetRoots für Experimente mit einem Tablet, die seit 2012 in einer RAR-Datei herumliegen.

PC_2
* Eine Phishingmail (als ob da nur eine wäre!) und eine TR...CRYPT...GEN-Variante (Name leider nicht aufgeschrieben), beides in Mails tief in der Outlook-PST-Datei (ich glaube, ich hab die dort auch schon vor ewigen Zeiten mal gesehen).

PC_3
* In meinen "Temporary Internet Files" vom IE ist eine websecurity[1].exe mit Mustern von
ADWARE/Rogue.1007362.1 (Avira)
not-a-virus:AdWare.Win32.AdLoad.bvkn (Kaspersky)
* In einer von mir runtergeladenen isoburn.zip (liegt seit Jahren da rum, noch mitübernommen von älterem PC)
TR/PSW.Bancos.213 (Avira)
* In vor zwei Jahren runtergeladenen Backups (TAR) eines damals von mir betriebenen vServers in den E-Mail-Postfächern ein
WORM/Sober.O (Avira)
* Bei Kaspersky in Archiven ab einigen Ebenen (Archive in Archiven von Archiven, wie üblich bei Pleskbackups) Lesefehler.

Und das ist doch eigentlich NICHTS, oder? Die einen sind verpackt in seit Jahren rumliegenden ZIPs, RARs, TARs und PSTs -- und eine Adware ist da, die von Avira umbenannt wurde.

Was ist denn eure Meinung? Meint ihr, es war die Adware, die das Sinkhole kontaktiert hat? Oder sollte ich das Vollprogramm (wie im Log-Auswertungs-Thread) durchziehen? Oder meine Masterarbeit abbrechen und alle PCs neu installieren, meinem Vater ein neues Smartphone kaufen, und Fernseher, Blurayplayer, Router und Dreambox wegwerfen? :-/

Ein anderer Verdacht zieht natürlich das Smartphone auf sich. Aber wie man das Smartphone, Linux/BDS-PCs oder gar Embedded systems prüft, weiß ich nicht.
Für Hilfe und Anregungen bin ich deshalb natürlich mehr als dankbar. :-)

schrauber · 24.11.2014, 17:02

Hi,

schauen wir mal.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

HonigDieter · 24.11.2014, 21:03

Hallo schrauber, vielen Dank für die Antwort!

Im Folgenden die FRST-Tests der drei Windows-Rechner, allesamt NICHT im abgesicherten Modus, aber ohne LAN:

PC_1, FRST.txt
[CODE]
FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2014 01
Ran by ***** (administrator) on ***** on 24-11-2014 19:03:33
Running from C:\Users\*****\Desktop
Loaded Profile: ***** (Available profiles: *****)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wave Systems Corp.) C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Computer, Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Broadcom Corporation) C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
() C:\Program Files (x86)\Livedrive\VSSService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\Dell SAS RAID Storage Manager\Framework\VivaldiFramework.exe
() C:\Program Files (x86)\Dell SAS RAID Storage Manager\MegaMonitor\mrmonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Dell SAS RAID Storage Manager\JRE\bin\javaw.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Broadcom Corporation) C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files (x86)\WizMouse\WizMouse.exe
(Akamai Technologies, Inc.) C:\Users\*****\AppData\Local\Akamai\netsession_win.exe
(Livedrive Internet Ltd) C:\Program Files (x86)\Livedrive\Livedrive.exe
(Dell) C:\Users\*****\AppData\Local\Apps\2.0\GVMK0YCA.VLY\LNA98ORP.YRE\dell..tion_0f612f649c4a10af_0005.0009_14e1a3fbfbaf942c\DellSystemDetect.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Akamai Technologies, Inc.) C:\Users\*****\AppData\Local\Akamai\netsession_win.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe
(LSI Logic) C:\Program Files (x86)\Dell SAS RAID Storage Manager\MegaPopup\popup.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
() C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\DocuAction.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Wave Systems Corp.) C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe
(Apple Inc.) C:\Program Files (x86)\QuickTime\QTTask.exe
() C:\*****\*****\WinSplit Revolution\WinSplit.exe
(desktopApps) C:\*****\Auswahlmenue\MenuApp\MenuApp.exe
() C:\*****\*****\WinSplit Revolution\WinSplitDrvr32.exe
() C:\*****\*****\WinSplit Revolution\WinSplitDrvr64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe
(Dell Inc.) C:\Program Files\Dell\Dell System Manager\PanelHelper32.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\vc10tray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [USCService] => C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe [34232 2010-06-22] (Broadcom Corporation)
HKLM\...\Run: [ATIModeChange] => Ati2mdxx.exe
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Popup] => c:\Program Files (x86)\Dell SAS RAID Storage Manager\MegaPopup\Popup.exe [81096 2007-12-18] (LSI Logic)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-04-29] (CyberLink Corp.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7843744 2014-02-04] (Acronis)
HKLM-x32\...\Run: [VC10Player] => C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe [411464 2010-09-17] (H+H Software GmbH)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [SoundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816 2011-02-24] (Analog Devices, Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [UnlockerAssistant] => "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-12-15] ()
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [831192 2014-07-03] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-2394814504-1440049560-3600677472-1001\...\Run: [WizMouse] => C:\Program Files (x86)\WizMouse\WizMouse.exe [121648 2011-09-30] ()
HKU\S-1-5-21-2394814504-1440049560-3600677472-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-2394814504-1440049560-3600677472-1001\...\Run: [Akamai NetSession Interface] => C:\Users\*****\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2394814504-1440049560-3600677472-1001\...\Run: [Livedrive] => C:\Program Files (x86)\Livedrive\Livedrive.exe [1842840 2014-07-24] (Livedrive Internet Ltd)
HKU\S-1-5-21-2394814504-1440049560-3600677472-1001\...\Run: [DellSystemDetect] => C:\Users\*****\AppData\Local\Apps\2.0\GVMK0YCA.VLY\LNA98ORP.YRE\dell..tion_0f612f649c4a10af_0005.0009_14e1a3fbfbaf942c\DellSystemDetect.exe [263232 2014-08-06] (Dell)
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell System Manager.lnk
ShortcutTarget: Dell System Manager.lnk -> C:\Program Files\Dell\Dell System Manager\DCPSysMgr.exe (Dell Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DocAction (Plustek SmartOffice PS286 Plus).lnk
ShortcutTarget: DocAction (Plustek SmartOffice PS286 Plus).lnk -> C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\DocuAction.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TdmNotify.lnk
ShortcutTarget: TdmNotify.lnk -> C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmNotify.exe (Wave Systems Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinSplit Revolution.lnk
ShortcutTarget: WinSplit Revolution.lnk -> C:\*****\*****\WinSplit Revolution\WinSplit.exe ()
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MenuAppServer.lnk
ShortcutTarget: MenuAppServer.lnk -> C:\Programme Portable\Auswahlmenue\MenuApp\MenuApp.exe (desktopApps)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: [BackupOverlay] -> {B44A5D93-1351-41A1-BD91-5E92435D8ECD} => C:\Program Files (x86)\Livedrive\Extensions.dll (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
ShellIconOverlayIdentifiers: [LivedriveDownloadOverlay] -> {CBCDB610-6B68-4EE9-B7A2-1282FD0C9292} => C:\Program Files (x86)\Livedrive\Extensions.dll (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers: [LivedriveSharedOverlay] -> {84CEF1E4-1356-4063-845F-05047F4DD52C} => C:\Program Files (x86)\Livedrive\Extensions.dll (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers: [LivedriveSyncedOverlay] -> {42058329-2FBF-4B33-8E52-3BE5754DE0C1} => C:\Program Files (x86)\Livedrive\Extensions.dll (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers: [LivedriveUploadOverlay] -> {39A1715A-E4CD-4F1E-B5C4-36B5DB80124E} => C:\Program Files (x86)\Livedrive\Extensions.dll (Livedrive Internet Ltd)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2394814504-1440049560-3600677472-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2394814504-1440049560-3600677472-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USREL/8
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2394814504-1440049560-3600677472-1001 -> DefaultScope {FAC9EE75-3AE7-43D2-9EB0-217D6FBC2914} URL = 
SearchScopes: HKU\S-1-5-21-2394814504-1440049560-3600677472-1001 -> {FAC9EE75-3AE7-43D2-9EB0-217D6FBC2914} URL = 
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg.dll No File
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll (Adobe Systems Incorporated.)
BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg32.dll No File
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll (Adobe Systems Incorporated.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
DPF: HKLM-x32 {EDFCB7CB-942C-4822-AF14-F0B687409848} https://www.direktbild.de/ImageUploader4.cab
DPF: HKLM-x32 {F9BF64A0-5A65-43E0-ACDB-B223E7F9DDD9} hxxp://*****:85/WEBWATCH2.cab
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\TmIEPlg32.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.20.1

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3q66lpz2.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKU\S-1-5-21-2394814504-1440049560-3600677472-1001: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3q66lpz2.default\searchplugins\startpage-https---deutsch.xml
FF Extension: Xmarks - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3q66lpz2.default\Extensions\foxmarks@kei.com [2014-07-29]
FF Extension: ColorZilla - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3q66lpz2.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2012-08-08]
FF Extension: DownloadHelper - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3q66lpz2.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-07]
FF Extension: Firebug - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3q66lpz2.default\Extensions\firebug@software.joehewitt.com.xpi [2011-11-11]
FF Extension: RequestPolicy - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3q66lpz2.default\Extensions\requestpolicy@requestpolicy.com.xpi [2011-11-13]
FF Extension: NoScript - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3q66lpz2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2011-11-11]
FF Extension: Web Developer - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3q66lpz2.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2011-11-11]
FF Extension: Toggle Web Developer Toolbar - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3q66lpz2.default\Extensions\{c75a27d8-4529-449f-b67b-aba65d7a1c0a}.xpi [2014-07-29]
FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3q66lpz2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-11-11]
FF Extension: DownThemAll! - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\3q66lpz2.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-11-11]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-04-13]
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - c:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\FirefoxExtension
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
R2 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [File not signed]
R2 BrcmMgmtAgent; C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe [158720 2010-06-29] (Broadcom Corporation) [File not signed]
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [405208 2014-07-03] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-07-03] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [773848 2014-07-03] (BlueStack Systems, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2011-11-12] (Macrovision Europe Ltd.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 LivedriveVSSService; C:\Program Files (x86)\Livedrive\VSSService.exe [210584 2014-07-24] ()
R2 MegaMonitorSrv; c:\Program Files (x86)\Dell SAS RAID Storage Manager\MegaMonitor\mrmonitor.exe [446464 2008-07-14] () [File not signed]
R2 MSMFramework; c:\Program Files (x86)\Dell SAS RAID Storage Manager\Framework\VivaldiFramework.exe [56952 2008-05-26] () [File not signed]
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [994360 2011-10-14] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [399416 2011-10-14] (Secunia)
S3 SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [1558016 2010-02-03] (Wave Systems Corp.) [File not signed]
S2 tcsd_win32.exe; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1273856 2008-11-12] () [File not signed]
R2 VC10SecS; C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe [144712 2010-09-17] (H+H Software GmbH)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-07-03] (BlueStack Systems)
R1 CbFs; C:\Windows\system32\drivers\cbfs.sys [191960 2010-02-16] (EldoS Corporation)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352008 2012-11-10] (EldoS Corporation)
R0 CFsDep; C:\Windows\System32\DRIVERS\CFsDep.sys [20352 2012-09-18] (Citrix Systems, Inc.)
R3 cvhdbus; C:\Windows\System32\DRIVERS\cvhdbus6.sys [78464 2012-09-18] (Citrix Systems, Inc.)
R2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
S3 HH10Help.sys; C:\Windows\system32\drivers\HH10Help.sys [24088 2009-07-09] (H+H Software GmbH)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
S3 Rockusb; C:\Windows\System32\DRIVERS\rockusb.sys [64752 2011-07-19] (Fuzhou Rockchip Electronics Co,Ltd.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-05-04] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-05-04] (Acronis International GmbH)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-05-16] (Oracle Corporation)
R1 vdrv1000; C:\Windows\System32\DRIVERS\vdrv1000.sys [223256 2010-05-21] (H+H Software GmbH)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-05-04] (Acronis International GmbH)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [X]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-24 19:03 - 2014-11-24 19:03 - 00031724 _____ () C:\Users\*****\Desktop\FRST.txt
2014-11-24 19:03 - 2014-11-23 21:45 - 02118144 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2014-11-24 19:01 - 2014-11-24 19:03 - 00000000 ____D () C:\FRST
2014-11-24 19:00 - 2014-11-24 19:00 - 00001160 _____ () C:\Users\*****\Desktop\***** (F) 6,88 GB.lnk
2014-11-24 18:57 - 2014-11-24 18:57 - 00001172 _____ () C:\Users\*****\Desktop\KRD10 (D) 0 Bytes.lnk
2014-11-24 18:57 - 2014-11-24 18:57 - 00000349 _____ () C:\Users\*****\Desktop\Gruntz (G) 0 Bytes.lnk
2014-11-19 10:21 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 10:21 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 10:21 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 10:21 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-16 13:03 - 2014-11-16 13:03 - 00000000 ____D () C:\Users\*****\colorama.egg-info
2014-11-16 10:40 - 2014-11-16 10:41 - 00000000 ____D () C:\Users\*****\.idlerc
2014-11-16 10:39 - 2014-11-16 14:56 - 00000000 ____D () C:\Users\*****\AppData\Roaming\TortoiseGit
2014-11-16 10:38 - 2014-11-16 22:29 - 00000000 ____D () C:\Users\*****\AppData\Local\TGitCache
2014-11-16 10:21 - 2014-11-16 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2014-11-16 10:20 - 2014-11-16 10:21 - 00000000 ____D () C:\Program Files (x86)\Git
2014-11-16 10:19 - 2014-11-16 10:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TortoiseGit
2014-11-16 10:19 - 2014-11-16 10:19 - 00000000 ____D () C:\Program Files\TortoiseGit
2014-11-15 21:55 - 2014-11-15 21:55 - 00000000 __SHD () C:\Users\*****\AppData\Local\EmieBrowserModeList
2014-11-15 21:31 - 2014-11-16 16:36 - 00000000 ____D () C:\Users\*****\Documents\foto-ins-richtige-format
2014-11-15 21:19 - 2014-11-15 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.4
2014-11-15 21:17 - 2014-11-15 21:27 - 00000000 ____D () C:\Python34
2014-11-12 16:41 - 2014-11-12 16:41 - 17926832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-11-12 09:36 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 09:36 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 09:36 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 09:36 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 09:36 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 09:36 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 09:36 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 09:36 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 09:36 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 09:36 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 09:36 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 09:36 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 09:36 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 09:36 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 09:36 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 09:36 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 09:36 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 09:36 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 09:36 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 09:36 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 09:36 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 09:36 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 09:36 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 09:36 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 09:36 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 09:36 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 09:36 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 09:36 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 09:36 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 09:36 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 09:36 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 09:36 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 09:36 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 09:36 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 09:36 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 09:36 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 09:36 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 09:36 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 09:36 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 09:36 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 09:36 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 09:36 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 09:36 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 09:36 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 09:36 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 09:36 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 09:36 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 09:36 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 09:36 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 09:36 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 09:36 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 09:36 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 09:36 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 09:36 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 09:36 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 09:36 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 09:36 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 09:36 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 09:36 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 09:36 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 09:36 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 09:36 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 09:36 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 09:36 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 09:36 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 09:36 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 09:36 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 09:36 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 09:31 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 09:31 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 09:31 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 09:31 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 09:31 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 09:31 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 09:31 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 09:31 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 09:31 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 09:31 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 09:31 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 09:31 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 09:31 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 09:31 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 09:31 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 09:31 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 09:31 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 09:31 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 09:31 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 09:31 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 09:31 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 09:31 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 09:31 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 09:31 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 09:31 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 09:31 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 09:30 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 09:30 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 09:30 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 09:30 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 09:30 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 09:30 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 09:30 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 08:30 - 2014-11-12 08:30 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-12 08:30 - 2014-11-12 08:30 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-11-12 08:30 - 2014-11-12 08:30 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-11-12 08:30 - 2014-11-12 08:30 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-12 08:17 - 2014-08-08 16:25 - 00001809 _____ () C:\Users\*****\Desktop\Start BlueStacks.lnk
2014-11-10 16:21 - 2014-11-10 16:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rossmann Fotowelt Software
2014-11-10 16:13 - 2014-11-10 16:21 - 00000000 ____D () C:\Program Files (x86)\Rossmann Fotowelt Software
2014-11-09 20:43 - 2014-11-09 20:43 - 06057862 _____ (Tim Kosse) C:\Users\*****\Downloads\FileZilla_3.9.0.5_win32-setup.exe
2014-11-08 17:21 - 2014-11-14 22:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-27 10:21 - 2014-10-27 10:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-10-27 10:21 - 2014-10-27 10:21 - 00000000 ____D () C:\ProgramData\Apple Computer

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-24 18:57 - 2011-11-12 17:24 - 00000000 ____D () C:\Users\*****\AppData\Local\Adobe
2014-11-24 18:41 - 2012-10-25 20:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-24 18:39 - 2009-07-14 05:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-24 18:39 - 2009-07-14 05:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-24 18:36 - 2011-10-28 09:13 - 01057644 _____ () C:\Windows\WindowsUpdate.log
2014-11-24 18:32 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-24 18:32 - 2009-07-14 05:51 - 00096018 _____ () C:\Windows\setupact.log
2014-11-19 22:27 - 2014-02-13 17:53 - 00000000 ____D () C:\Users\*****\AppData\Roaming\ClassicShell
2014-11-19 21:55 - 2011-11-11 19:53 - 00000000 ____D () C:\Users\*****\AppData\Local\TSVNCache
2014-11-19 10:15 - 2011-11-11 17:03 - 00000000 ____D () C:\Users\*****\AppData\Local\Livedrive
2014-11-16 18:20 - 2011-11-11 20:18 - 00000000 ____D () C:\Temp
2014-11-16 13:03 - 2011-11-05 15:40 - 00000000 ____D () C:\Users\*****
2014-11-16 12:02 - 2011-11-11 17:02 - 00000000 ____D () C:\Users\*****\AppData\Roaming\vlc
2014-11-15 19:14 - 2012-05-18 17:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-14 20:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-14 09:30 - 2011-11-05 15:44 - 00000000 ____D () C:\Windows\System32\Tasks\Dell
2014-11-13 12:05 - 2014-05-01 18:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 09:59 - 2009-07-14 05:45 - 02023168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 09:55 - 2010-11-21 04:47 - 00195210 _____ () C:\Windows\PFRO.log
2014-11-12 21:56 - 2013-12-06 14:36 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 21:56 - 2011-11-10 15:27 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 17:11 - 2012-10-25 20:29 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 17:11 - 2012-10-25 20:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 17:11 - 2011-10-28 09:22 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 08:36 - 2014-01-26 19:32 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-12 08:30 - 2011-10-28 09:38 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-09 20:31 - 2010-11-21 07:50 - 00712406 _____ () C:\Windows\system32\perfh007.dat
2014-11-09 20:31 - 2010-11-21 07:50 - 00153794 _____ () C:\Windows\system32\perfc007.dat
2014-11-09 20:30 - 2009-07-14 06:13 - 01650380 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-08 16:09 - 2014-07-26 10:55 - 00000000 ____D () C:\Users\*****\.mediathek3
2014-11-04 14:30 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-04 11:44 - 2014-02-23 20:05 - 00000000 ____D () C:\Users\*****\AppData\Local\Akamai
2014-10-27 10:21 - 2011-11-12 17:24 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-10-25 13:56 - 2012-01-05 22:15 - 00041984 _____ () C:\Users\*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-25 11:11 - 2013-08-14 18:14 - 00000000 ____D () C:\Users\Public\_Datenaustausch

Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\*****\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\*****\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\*****\AppData\Local\Temp\kxcfuavw.dll
C:\Users\*****\AppData\Local\Temp\LDAC93.tmp.exe
C:\Users\*****\AppData\Local\Temp\ld_227558.exe
C:\Users\*****\AppData\Local\Temp\readSTILog.dll
C:\Users\*****\AppData\Local\Temp\rogsco1b.dll
C:\Users\*****\AppData\Local\Temp\rootsupd.exe
C:\Users\*****\AppData\Local\Temp\Update.exe
C:\Users\*****\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\*****\AppData\Local\Temp\xn4myrba.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-15 19:48

==================== End Of Log ============================

--- --- ---

--- --- ---

PC_1, Addition.txt

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2014 01
Ran by ***** at 2014-11-24 19:04:10
Running from C:\Users\*****\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1776.40513 - ABBYY Software House)
Acronis True Image 2014 (HKLM-x32\...\{3ECDD663-5AF8-489B-9E3C-561F33A271BD}Visible) (Version: 17.0.6673 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.6673 - Acronis) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen (HKLM-x32\...\Adobe_b8d47b526dcac7b06fa9efb844abcb5) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version:  - )
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
AHV content for Acrobat and Flash (x32 Version: 1 - Adobe Systems Incorporated) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2394814504-1440049560-3600677472-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{24CB9D46-D8F7-0D9D-4CB3-9F9D7D9DC0B6}) (Version: 3.0.825.0 - ATI Technologies, Inc.)
Autodesk FBX 2013.3 Plug-in for Maya 2011 64-bit (HKLM\...\Autodesk FBX 2013.3 Plug-in for Maya 2011 64-bit) (Version:  - Autodesk)
Autodesk FBX Converter x64 2013.3 (HKLM-x32\...\Autodesk FBX Converter x64 2013.3) (Version:  - Autodesk)
Autodesk MatchMover 2011 64-bit (HKLM\...\{DDE113EA-5DB0-4F68-BB58-5F67DD2308B4}) (Version: 13.00.0000 - Autodesk)
Autodesk Maya 2011 64-bit (HKLM\...\{887CB4A1-5DB4-4924-A2C6-CDCB72376CC7}) (Version: 13.00.0000 - Autodesk)
Autodesk Maya 2011 English Documentation 64-bit (HKLM\...\{47374ACF-9023-40e7-9830-ECED0DCBC3DC}) (Version: 13.0 - Autodesk)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.7.8981 - )
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.0 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
BioAPI Framework (Version: 1.0.1 - Dell Inc.) Hidden
Blender (HKLM\...\Blender) (Version: 2.71 - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.12.3119 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{1AFACC2A-9A60-43EF-ABDB-2CEECA5EA77F}) (Version: 0.8.12.3119 - BlueStack Systems, Inc.)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{64973F6A-8754-43D1-BDD0-FC6F0546347B}) (Version: 14.4.6.2 - Broadcom Corporation)
CamStudio OSS Desktop Recorder (HKLM-x32\...\{FD9C31B6-F572-414D-81E3-89368C97A125}_is1) (Version: 2.6 Beta r294 - CamStudio Open Source Dev Team)
Citrix XenConvert_x64 (HKLM\...\{B744D6FA-078A-4C61-B6F5-B23E223E1618}) (Version: 2.5.2918 - Citrix Systems, Inc.)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
com! Update Pack Builder 5.0.7 (HKLM-x32\...\com! Update Pack Builder_is1) (Version:  - com! - Das Computer Magazin)
Composite 2011 (64-bit) (HKLM\...\{DBF6B4E9-CD43-476A-895D-4D688D41CE63}) (Version: 6.0.0 - Autodesk)
Cuttermaran 1.70 (HKLM-x32\...\{5F499D33-546A-442B-B0F9-4C58F3B5B6E3}) (Version: 1.7.0 - toarnold)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3225 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery Manager (HKLM\...\{50B4B603-A4C6-4739-AE96-6C76A0F8A388}) (Version: 1.3.1 - Dell Inc.)
Dell Client System Update (HKLM-x32\...\{04566294-A6B6-4462-9721-031073EB3694}) (Version: 1.3.0 - Dell Inc.)
Dell Control Point 64 (Version: 1.6.468.86 - Broadcom Corporation) Hidden
Dell ControlPoint Security Manager (HKLM-x32\...\{F4487649-7368-4217-AEA3-1E04DB3E2C5C}) (Version: 1.6.468.86 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Embassy Trust Suite by Wave Systems (Version: 02.05.04.001 - Wave Systems Corp) Hidden
Dell SAS RAID Storage Manager (x32 Version: 2.66.0000 - LSI Corp.) Hidden
Dell SAS RAID Storage Manager v2.66-00 (HKLM-x32\...\InstallShield_{BF6D7B73-BAB6-44F8-A0CD-E01851D3B3CF}) (Version: 2.66.0000 - LSI Corp.)
Dell Security Device Driver Pack (HKLM-x32\...\{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}) (Version: 1.4.056 - Dell Inc.)
Dell System Detect (HKU\S-1-5-21-2394814504-1440049560-3600677472-1001\...\9204f5692a8faf3b) (Version: 5.9.0.5 - Dell)
Dell System Manager (HKLM\...\{0DB0EA38-E806-44ED-A892-489F2E305080}) (Version: 1.5.00000 - Dell Inc.)
DI Capture (HKLM-x32\...\{04DB82C1-94DF-45AE-88C4-C32489EE1E85}) (Version: 4.0.0 - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.29.55 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
digiKam 2.3.0 (HKLM-x32\...\digiKam) (Version: 2.3.0 - The digiKam team)
DupDetector 3.201 (HKLM-x32\...\DupDetector_is1) (Version:  - Prismatic Software)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
EF CheckSum Manager (HKLM\...\EF CheckSum Manager) (Version:  - EFSoftware)
Elements 12 Organizer (x32 Version: 12.0 - Ihr Firmenname) Hidden
EMBASSY Security Center Lite (Version: 04.01.00.044 - Ihr Firmenname) Hidden
EMBASSY Security Center Lite (x32 Version:  - ) Hidden
EMBASSY Security Setup (Version: 04.01.00.043 - Ihr Firmenname) Hidden
EMBASSY Security Setup (x32 Version:  - ) Hidden
ESC Home Page Plugin (Version: 04.01.00.010 - Ihr Firmenname) Hidden
ESC Home Page Plugin (x32 Version:  - ) Hidden
ESET Smart Security (HKLM\...\{F5A3E880-A737-48F2-A124-6F5D4CEA6AB4}) (Version: 7.0.302.26 - ESET, spol s r. o.)
Exif-Viewer 2.50  (HKLM-x32\...\Exif-Viewer) (Version: 2.50 - Ralf Bibinger)
Extreme Tux Racer (HKU\S-1-5-21-2394814504-1440049560-3600677472-1001\...\Extreme Tux Racer) (Version:  - )
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Gemalto (Version: 01.64.00.0010 - Wave Systems Corp) Hidden
Git version 1.9.4-preview20140929 (HKLM-x32\...\Git_is1) (Version: 1.9.4-preview20140929 - The Git Development Community)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
GSview 4.9 (HKLM\...\GSview 4.9) (Version:  - )
GUI for dvdauthor 1.07 (HKLM-x32\...\GUI for dvdauthor) (Version: 1.07 - Boraxsoft)
HDR Darkroom Windows Version v4.0 (HKLM-x32\...\HDR Darkroom) (Version: Windows Version v4.0 - HengTu, Inc.)
Hugin 2011.4.0 (HKLM-x32\...\Hugin) (Version: 2011.4.0 hg_cf9be9344356 - The Hugin Development Team)
IDA Pro Free v4.9 (HKLM-x32\...\IDA Pro Free_is1) (Version:  - )
ImageMagick 6.8.9-5 Q16 (64-bit) (2014-07-15) (HKLM\...\ImageMagick 6.8.9 Q16 (64-bit)_is1) (Version: 6.8.9 - ImageMagick Studio LLC)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java SE Development Kit 7 Update 65 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170650}) (Version: 1.7.0.650 - Oracle)
Java(TM) SE Development Kit 7 Update 1 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170010}) (Version: 1.7.0.10 - Oracle)
Java(TM) SE Development Kit 7 Update 3 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170030}) (Version: 1.7.0.30 - Oracle)
JavaFX 2.0.3 (64-bit) (HKLM\...\{1111706F-666A-4037-7777-203648764D10}) (Version: 2.0.3 - Oracle Corporation)
JavaFX 2.0.3 SDK (64-bit) (HKLM\...\{2222706F-666A-4037-7777-203648764D10}) (Version: 2.0.3 - Oracle Corporation)
Junction Link Magic 2.0 (HKLM\...\Junction Link Magic_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LibreOffice 4.2.5.2 (HKLM-x32\...\{8D8F47B2-0E03-4C50-9803-A01120878F96}) (Version: 4.2.5.2 - The Document Foundation)
Livebrush Mini (HKLM-x32\...\com.livebrush.2205ABAA7E8202CDC1251B1FA1E879364B7BAB52.1) (Version: 1.5 - MoreMeYou)
Livebrush Mini (x32 Version: 1.5 - MoreMeYou) Hidden
Livedrive (HKLM\...\{7D2E0E90-3BBA-43B1-894D-EC39A4E18748}) (Version: 1.15.2.0 - Livedrive Internet Limited)
Loksim3D (HKLM\...\Loksim3D_is1) (Version: 2.8.2 - Loksim3D)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.0) (HKLM\...\SDKSetup_7.0.7600.16385.40715) (Version: 7.0.7600.16385.40715 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.6.1 - )
NTRU TCG Software Stack (Version: 2.1.29 - NTRU Cryptosystems) Hidden
OKI Color Swatch-Dienstprogramm (HKLM-x32\...\{A344F95E-E51A-450C-8F84-C940BF61903E}) (Version: 2.1.10 - Okidata)
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
OLYMPUS Master (HKLM-x32\...\InstallShield_{BA820A24-704B-428D-9904-71A10DAC1372}) (Version: 1.41.3000 - OLYMPUS IMAGING CORP.)
OLYMPUS Master (x32 Version: 1.41.3000 - OLYMPUS IMAGING CORP.) Hidden
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 8.2.2.2413 - Electronic Arts, Inc.)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
Pingus (HKLM-x32\...\Pingus) (Version: 0.7.5 - )
Plustek SmartOffice PS286 Plus (HKLM-x32\...\{E26FBB01-C5BC-4B9D-AD30-8DDBEFF52E32}) (Version: 4.1.1 - )
Preboot Manager (Version: 03.01.00.084 - Wave Systems Corp.) Hidden
PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Python 3.4 PythonMagick-0.9.10 (64-bit) (HKLM\...\PythonMagick-py3.4) (Version:  - )
Python 3.4.2 (64-bit) (HKLM\...\{cd723946-09c1-38d3-8542-732ba931e9ef}) (Version: 3.4.2150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rossmann Fotowelt Software 4.13 (HKLM-x32\...\Rossmann Fotowelt Software) (Version: 4.13 - ORWO Net)
Samsung CLP-500 Series (HKLM-x32\...\Samsung CLP-500 Series) (Version:  - )
Secunia PSI (2.0.0.4003) (HKLM-x32\...\Secunia PSI) (Version: 2.0.0.4003 - Secunia)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
ShiftN 3.6.1 (HKLM-x32\...\ShiftN_is1) (Version: 3.6.1 - Marcus Hebel)
Sony Ericsson Media Manager 1.2 (HKLM-x32\...\{98EA51C9-B0B0-45BC-8641-3E119EA47D7B}) (Version: 1.2.610 - Sony Ericsson)
SoundMAX (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.2.7280 - Analog Devices)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
StreamTransport version: 1.0.2.2171 (HKLM-x32\...\{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1) (Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
TeraCopy 2.27 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
TeXnicCenter Version 1.0 Stable RC1 (HKLM-x32\...\TeXnicCenter_is1) (Version: Version 1.0 Stable RC1 - TeXnicCenter.org)
TortoiseGit 1.8.11.0 (64 bit) (HKLM\...\{56AB2BBB-7F02-4F4E-8FE2-8E83857E2E4B}) (Version: 1.8.11.0 - TortoiseGit)
TortoiseSVN 1.7.7.22907 (64 bit) (HKLM\...\{4371D69B-FB6A-4A61-8477-C1B919FB2311}) (Version: 1.7.22907 - TortoiseSVN)
Trusted Drive Manager (Version: 3.3.3.104 - Wave Systems Corp.) Hidden
UPEK TouchChip Fingerprint Reader (Version: 1.2.0 - Dell Inc.) Hidden
Vim 7.2 (HKLM\...\Vim 7.2) (Version:  - )
Virtual CD v10 (HKLM-x32\...\{10C51313-A308-4B40-90E3-B368D5882660}) (Version: 10.10.9 - H+H Software GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
Wave Infrastructure Installer (Version: 07.65.31.0000 - Wave Systems Corp) Hidden
Wave Support Software (Version: 05.11.00.040 - Ihr Firmenname) Hidden
Wave Support Software (x32 Version:  - ) Hidden
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.12 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.10 - Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Dell Inc. PBADRV System  (09/11/2009 1.0.1.6) (HKLM\...\9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 - Dell Inc.)
WizMouse v1.6.0.2 (HKLM-x32\...\WizMouse_is1) (Version:  - Antibody Software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2394814504-1440049560-3600677472-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()

==================== Restore Points  =========================

11-11-2014 11:15:19 Windows Update
12-11-2014 07:26:52 Installed Java 7 Update 71
12-11-2014 20:54:38 Windows Update
13-11-2014 09:24:55 Windows Update
15-11-2014 20:14:34 Installed Python 2.7.8 (64-bit)
15-11-2014 20:17:19 Installed Python 3.4.2 (64-bit)
16-11-2014 08:58:18 Installed TortoiseGit 1.8.11.0 (64 bit)
16-11-2014 09:23:38 German Languagepack for TortoiseGit wird installiert
18-11-2014 11:08:38 Windows Update
19-11-2014 11:20:04 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {37A00206-66B5-4344-828C-31EF22CEF81D} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-10] (PC-Doctor, Inc.)
Task: {4EEE295B-682B-4A46-96EF-00FF65FCC7C6} - System32\Tasks\AdobeAAMUpdater-1.0-*****-***** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {7C5A2005-8E55-49A6-8079-63A194CD0A5F} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {9501E2F4-8A30-4B5F-94CC-C348403C7741} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {98F82CD9-4194-4D81-9908-36760F51C073} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B5CBE779-BC42-4A73-A8C7-F20B32E1DD12} - System32\Tasks\Dell\Client System Update => C:\Program Files (x86)\Dell\ClientSystemUpdate\DellClientSystemUpdate.exe [2012-10-11] (Dell Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2011-11-11 16:55 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2011-11-11 20:12 - 2008-06-04 07:53 - 00027648 _____ () C:\Windows\System32\spd__l.dll
2014-07-24 15:05 - 2014-07-24 15:05 - 00210584 _____ () C:\Program Files (x86)\Livedrive\VSSService.exe
2008-05-26 15:33 - 2008-05-26 15:33 - 00056952 ____R () c:\Program Files (x86)\Dell SAS RAID Storage Manager\Framework\VivaldiFramework.exe
2008-07-14 09:28 - 2008-07-14 09:28 - 00446464 _____ () c:\Program Files (x86)\Dell SAS RAID Storage Manager\MegaMonitor\mrmonitor.exe
2011-11-11 17:54 - 2011-04-12 21:53 - 00015360 _____ () C:\*****\*****\WinSplit Revolution\WinSplitHook64.DLL
2012-05-15 12:29 - 2012-05-15 12:29 - 00088968 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2014-08-22 16:06 - 2014-08-22 16:06 - 00792424 _____ () C:\Program Files\TortoiseGit\bin\libgit2_tgit.dll
2014-08-22 16:06 - 2014-08-22 16:06 - 00087400 _____ () C:\Program Files\TortoiseGit\bin\zlib1_tgit.dll
2013-10-01 09:32 - 2013-10-01 09:32 - 02818216 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2013-02-03 16:05 - 2011-10-26 17:41 - 00318976 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2013-02-03 16:05 - 2011-10-26 17:41 - 00126464 _____ () C:\Program Files\TeraCopy\TeraCopy64.dll
2012-04-06 19:47 - 2014-08-19 20:12 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2010-03-02 13:49 - 2010-03-02 13:49 - 00013824 _____ () C:\Windows\system32\Wavx_ESC_Logging.dll
2008-11-12 12:29 - 2008-11-12 12:29 - 00004608 _____ () C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_DEU.dll
2011-11-11 17:34 - 2011-09-30 09:51 - 00121648 _____ () C:\Program Files (x86)\WizMouse\WizMouse.exe
2014-04-15 12:19 - 2011-05-30 12:56 - 00192512 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\DocuAction.exe
2011-09-27 04:45 - 2012-12-15 17:42 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
2011-11-11 17:54 - 2011-04-12 21:53 - 03951616 _____ () C:\*****\*****\WinSplit Revolution\WinSplit.exe
2011-11-11 17:54 - 2011-04-12 21:53 - 00015872 _____ () C:\*****\*****\WinSplit Revolution\WinSplitDrvr32.exe
2011-11-11 17:54 - 2011-04-12 21:53 - 00017920 _____ () C:\*****\*****\WinSplit Revolution\WinSplitDrvr64.exe
2012-12-15 17:42 - 2012-12-15 17:42 - 00225280 _____ () C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe
2011-06-17 13:42 - 2011-06-17 13:42 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-06-02 11:28 - 2011-06-02 11:28 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2008-05-26 15:41 - 2008-05-26 15:41 - 00208600 ____R () C:\Program Files (x86)\Dell SAS RAID Storage Manager\Framework\Authenticate.dll
2007-10-24 11:38 - 2007-10-24 11:38 - 00081568 ____R () C:\Program Files (x86)\Dell SAS RAID Storage Manager\Framework\storelibirjni.dll
2007-10-24 11:36 - 2007-10-24 11:36 - 00081568 ____R () C:\Program Files (x86)\Dell SAS RAID Storage Manager\Framework\storelibjni.dll
2006-06-22 10:49 - 2006-06-22 10:49 - 00122880 _____ () C:\Program Files (x86)\Dell SAS RAID Storage Manager\Framework\systype.dll
2014-10-15 19:29 - 2014-10-15 19:29 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2011-11-14 10:50 - 2010-11-05 23:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-02-04 17:25 - 2014-02-04 17:25 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2014-02-04 17:28 - 2014-02-04 17:28 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-07-24 14:58 - 2014-07-24 14:58 - 00816128 _____ () C:\Program Files (x86)\Livedrive\Localisation.dll
2011-07-28 15:20 - 2011-07-28 15:20 - 00270336 _____ () C:\Program Files (x86)\Livedrive\AlphaFS.dll
2011-11-11 17:54 - 2011-04-12 21:53 - 00013312 _____ () C:\*****\*****\WinSplit Revolution\WinSplitHook32.DLL
2014-07-24 15:05 - 2014-07-24 15:05 - 00068760 _____ () C:\Program Files (x86)\Livedrive\Native.dll
2014-08-22 15:51 - 2014-08-22 15:51 - 00592232 _____ () C:\Program Files\TortoiseGit\bin\libgit232_tgit.dll
2014-08-22 15:51 - 2014-08-22 15:51 - 00076648 _____ () C:\Program Files\TortoiseGit\bin\zlib132_tgit.dll
2012-05-15 11:54 - 2012-05-15 11:54 - 00070536 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2014-04-15 12:19 - 2011-05-30 12:55 - 00036864 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\AmCommonLib.dll
2014-04-15 12:19 - 2011-06-13 12:09 - 00086016 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\DocuRes.dll
2014-04-15 12:18 - 2010-12-22 13:50 - 00061440 _____ () C:\Program Files (x86)\Common Files\iMpacct\EdgeFill.dll
2014-04-15 12:18 - 2008-06-26 13:11 - 00045056 _____ () C:\Program Files (x86)\Common Files\iMpacct\EdgeFillRsc.dll
2014-04-15 12:18 - 2006-05-15 14:24 - 00122938 _____ () C:\Program Files (x86)\Common Files\iMpacct\CommonFunc.dll
2014-04-15 12:19 - 2011-05-30 12:57 - 00159744 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\Scan.dll
2014-04-15 12:19 - 2011-06-13 12:09 - 00090112 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\ScanRes.dll
2014-04-15 12:19 - 2011-06-09 12:52 - 00147456 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\ScanProcess.dll
2014-04-15 12:19 - 2009-06-25 09:00 - 00897024 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\EncryptPdf.dll
2014-04-15 12:19 - 2011-04-27 16:07 - 00061440 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\PlkMsg.dll
2014-04-15 12:19 - 2011-03-04 14:51 - 00086016 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\PlkMsgRes.dll
2014-04-15 12:19 - 2011-06-09 15:58 - 00098304 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\Filing.DLL
2014-04-15 12:19 - 2011-05-30 12:55 - 00090194 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\FormatManager.dll
2014-04-15 12:19 - 2011-03-17 08:00 - 00053248 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\FormatManagerRes.dll
2014-04-15 12:19 - 2010-06-07 14:06 - 00040960 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\FilingRes.dll
2014-04-15 12:19 - 2011-06-09 15:58 - 00098304 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\PDF.DLL
2014-04-15 12:19 - 2011-05-30 12:57 - 00077824 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\OCR.DLL
2014-04-15 12:19 - 2010-06-07 14:06 - 00036864 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\OcrRes.dll
2014-04-15 12:19 - 2011-06-09 15:58 - 00053248 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\eMail.DLL
2014-04-15 12:19 - 2010-06-07 14:06 - 00049152 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\EmailRes.dll
2014-04-15 12:19 - 2011-06-09 15:58 - 00102400 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\Custom.DLL
2014-04-15 12:19 - 2010-06-07 14:06 - 00040960 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\CustomRes.dll
2014-04-15 12:19 - 2011-05-30 12:55 - 00040960 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\Copy.DLL
2014-04-15 12:19 - 2010-06-07 14:06 - 00045056 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\CopyRes.dll
2014-04-15 12:19 - 2005-09-21 13:36 - 00061440 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\PrnDriver.dll
2014-04-15 12:19 - 2011-05-30 12:57 - 00077824 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\BCR.DLL
2014-04-15 12:19 - 2011-06-09 15:59 - 00114688 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\FTP.DLL
2014-04-15 12:19 - 2010-06-07 14:06 - 00045056 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\FtpRes.dll
2014-02-04 17:25 - 2014-02-04 17:25 - 00036672 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2011-11-11 17:47 - 2008-08-18 16:08 - 00050688 _____ () C:\Program Files (x86)\Virtual CD v10\System\ogg.dll
2011-11-11 17:47 - 2008-08-18 16:11 - 01237504 _____ () C:\Program Files (x86)\Virtual CD v10\System\vorbis.dll
2011-09-27 04:45 - 2012-12-15 17:42 - 00060504 _____ () C:\Program Files (x86)\Bamboo Dock\BambooWinTab.dll
2013-10-10 11:02 - 2013-10-10 11:02 - 00013120 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2011-11-11 17:54 - 2011-04-12 21:53 - 00011264 _____ () C:\*****\*****\WinSplit Revolution\WinSplitLib.dll
2013-10-01 10:00 - 2013-10-01 10:00 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2394814504-1440049560-3600677472-500 - Administrator - Disabled)
***** (S-1-5-21-2394814504-1440049560-3600677472-1001 - Administrator - Enabled) => C:\Users\*****
Gast (S-1-5-21-2394814504-1440049560-3600677472-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2394814504-1440049560-3600677472-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/24/2014 06:32:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/20/2014 09:09:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/19/2014 09:54:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/19/2014 10:13:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/18/2014 04:08:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/18/2014 09:27:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/17/2014 09:53:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: digikam.exe, Version: 0.0.0.0, Zeitstempel: 0x4eb6bf9e
Name des fehlerhaften Moduls: QtCore4.dll, Version: 4.7.4.0, Zeitstempel: 0x4e8d91ff
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00155647
ID des fehlerhaften Prozesses: 0x1dec
Startzeit der fehlerhaften Anwendung: 0xdigikam.exe0
Pfad der fehlerhaften Anwendung: digikam.exe1
Pfad des fehlerhaften Moduls: digikam.exe2
Berichtskennung: digikam.exe3

Error: (11/17/2014 01:38:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/16/2014 09:36:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2014 07:14:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (11/24/2014 06:39:51 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.

Error: (11/24/2014 06:32:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NTRU TSS v1.2.1.29 TCS" ist vom Dienst "TPM-Basisdienste" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%0

Error: (11/20/2014 09:09:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NTRU TSS v1.2.1.29 TCS" ist vom Dienst "TPM-Basisdienste" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%0

Error: (11/19/2014 10:27:20 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (11/19/2014 09:54:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NTRU TSS v1.2.1.29 TCS" ist vom Dienst "TPM-Basisdienste" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%0

Error: (11/19/2014 00:19:49 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (11/19/2014 00:19:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (11/19/2014 10:12:49 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NTRU TSS v1.2.1.29 TCS" ist vom Dienst "TPM-Basisdienste" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%0

Error: (11/18/2014 11:38:54 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (11/18/2014 04:08:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NTRU TSS v1.2.1.29 TCS" ist vom Dienst "TPM-Basisdienste" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%0


Microsoft Office Sessions:
=========================
Error: (11/24/2014 06:32:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/20/2014 09:09:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/19/2014 09:54:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/19/2014 10:13:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/18/2014 04:08:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/18/2014 09:27:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/17/2014 09:53:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: digikam.exe0.0.0.04eb6bf9eQtCore4.dll4.7.4.04e8d91ffc0000005001556471dec01d002a0e841abdfC:\Program Files (x86)\digiKam\bin\digikam.exeC:\Program Files (x86)\digiKam\bin\QtCore4.dllcf18e7d6-6e9b-11e4-b618-14feb5dfb7fb

Error: (11/17/2014 01:38:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/16/2014 09:36:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/15/2014 07:14:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2012-01-27 18:23:25.490
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-01-27 18:23:25.490
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-01-27 18:23:25.474
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-01-27 18:23:25.458
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-01-27 18:21:30.370
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-01-27 18:21:30.355
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-01-27 18:21:30.339
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-01-27 18:21:30.323
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-01-27 18:19:15.271
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-01-27 18:19:15.255
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Xeon(R) CPU E5620 @ 2.40GHz
Percentage of memory in use: 36%
Total physical RAM: 8189.58 MB
Available physical RAM: 5190.17 MB
Total Pagefile: 16377.34 MB
Available Pagefile: 13206 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:815.12 GB) (Free:368.37 GB) NTFS
Drive d: (KRD10) (CDROM) (Total:0.29 GB) (Free:0 GB) CDFS
Drive f: (*****) (Removable) (Total:7.53 GB) (Free:6.89 GB) FAT32
Drive g: (Gruntz) (CDROM) (Total:0.36 GB) (Free:0 GB) CDFS
Drive n: (NichtSichern) (Fixed) (Total:100 GB) (Free:15.69 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 70000000)
Partition 1: (Not Active) - (Size=243 MB) - (Type=DE)
Partition 2: (Active) - (Size=16.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=815.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=100 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B)

==================== End Of Log ============================

Das war PC 1 von 3 (Beitrag war zu lang).

HonigDieter · 24.11.2014, 21:04

PC_2, FRST.txt
[CODE]
FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2014 01
Ran by ***** (administrator) on ***** on 24-11-2014 19:52:43
Running from C:\Users\*****\Desktop
Loaded Profile: ***** (Available profiles: *****)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Gupta Technologies, LLC) C:\AdvoWeb\Advoware\Server\dbntsrv.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(AGFEO      ) C:\Program Files (x86)\AGFEO\Tk-Suite-Basic\tkserver\tksock.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
(AGFEO      ) C:\Program Files (x86)\AGFEO\Tk-Suite-Basic\tkserver\tkmedia.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
() C:\Program Files (x86)\WinSplit Revolution\WinSplit.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(AVM Berlin) C:\Program Files (x86)\FRITZ!\IWatch.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
() C:\Program Files (x86)\WinSplit Revolution\WinSplitDrvr32.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe
() C:\Program Files (x86)\WinSplit Revolution\WinSplitDrvr64.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(AGFEO) C:\Program Files (x86)\AGFEO\Tk-Suite-Basic\tools\ctimon.exe
() C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\DocuAction.exe
(telegate MEDIA AG) C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch Herbst 2014\kstart32.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDFViewerPlus\pdfPro5Hook.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\vc10tray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
() C:\*****\*****\Everything\Everything-1.2.1.371.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Common Files\Lexware\LxWebAccess\LxWebAccess.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [395344 2011-09-22] (Acronis)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5587832 2011-09-22] (Acronis)
HKLM-x32\...\Run: [VC10Player] => C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe [417288 2013-01-08] (H+H Software GmbH)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2621440 2010-06-10] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [DocAction_656U] => C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\DocuAction.exe [210944 2013-03-25] ()
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-02-10] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-02-10] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] => C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe [328992 2010-02-09] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDFViewerPlus\pdfpro5hook.exe [1369376 2010-02-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDFViewerPlus\RegistryController.exe [62752 2010-02-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [DNS7reminder] => C:\Program Files (x86)\Nuance\NaturallySpeaking13\Ereg\Ereg.exe [325960 2014-05-30] (Nuance Communications, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2694355323-837647822-1861536204-1000\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKU\S-1-5-21-2694355323-837647822-1861536204-1000\...\Run: [Winsplit] => C:\Program Files (x86)\WinSplit Revolution\WinSplit.exe [3951616 2011-04-12] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISDNWatch.lnk
ShortcutTarget: ISDNWatch.lnk -> C:\Program Files (x86)\FRITZ!\IWatch.exe (AVM Berlin)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Quicken 2014 Zahlungserinnerung.lnk
ShortcutTarget: Quicken 2014 Zahlungserinnerung.lnk -> C:\Windows\Installer\{E60036CF-1E46-4DFE-832F-5476574B30FF}\BillMinder.8C5DA79E_7079_4AB3_81F7_712153351D0D.exe (Macrovision Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TK-Suite Client.lnk
ShortcutTarget: TK-Suite Client.lnk -> C:\Program Files (x86)\AGFEO\Tk-Suite-Basic\tools\ctimon.exe (AGFEO)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telefon- und Branchenbuch Herbst 2014 - Schnellstarter.lnk
ShortcutTarget: Telefon- und Branchenbuch Herbst 2014 - Schnellstarter.lnk -> C:\Program Files (x86)\klickTel\Telefon- und Branchenbuch Herbst 2014\kstart32.exe (telegate MEDIA AG)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\dgnriaie_x64.dll (Nuance Communications, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDFViewerPlus\Bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO-x32: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\dgnriaie.dll (Nuance Communications, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1395075218625
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.20.1

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\h0ja7v5l.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: nuance.com/DgnRia2_x86_64 -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\npDgnRia2_x64.dll (Nuance Communications, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: nuance.com/DgnRia2 -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\npDgnRia2.dll (Nuance Communications, Inc.)
FF Plugin HKU\S-1-5-21-2694355323-837647822-1861536204-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF user.js: detected! => C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\h0ja7v5l.default\user.js
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\h0ja7v5l.default\searchplugins\dictcc-ende.xml
FF Extension: Xmarks - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\h0ja7v5l.default\Extensions\foxmarks@kei.com [2014-07-25]
FF Extension: Screengrab - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\h0ja7v5l.default\Extensions\{02450954-cdd9-410f-b1da-db804e18c671} [2014-03-24]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\h0ja7v5l.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2014-03-24]
FF Extension: EPUBReader - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\h0ja7v5l.default\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F} [2014-08-21]
FF Extension: ra e Toolbar - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\h0ja7v5l.default\Extensions\{B7D3E479-CC68-42B5-A338-938ECE35F419} [2014-03-24]
FF Extension: Dragon Web Extension - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\h0ja7v5l.default\Extensions\dgnria2@nuance.com.xpi [2014-11-06]
FF Extension: Firebug - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\h0ja7v5l.default\Extensions\firebug@software.joehewitt.com.xpi [2013-10-11]
FF Extension: RA-MICRO Toolbar - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\h0ja7v5l.default\Extensions\rechercheToolbar@ra-info.de.xpi [2014-03-24]
FF Extension: RequestPolicy - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\h0ja7v5l.default\Extensions\requestpolicy@requestpolicy.com.xpi [2014-08-13]
FF Extension: NoScript - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\h0ja7v5l.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-06-01]
FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\h0ja7v5l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-01]
FF Extension: DownThemAll! - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\h0ja7v5l.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-10-12]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-12-09]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

Locked "vdrv1000" service was unlocked successfully. <===== ATTENTION

R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 DragonLoggerService; C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe [137280 2014-07-23] (Nuance Communications, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 Gupta SQLBase Advoware; C:\AdvoWeb\Advoware\Server\dbntsrv.exe [1089536 2007-09-05] (Gupta Technologies, LLC) [File not signed]
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-02-10] (Nuance Communications, Inc.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)
R2 tksock; C:\Program Files (x86)\AGFEO\Tk-Suite-Basic\tkserver\tksock.exe [1626112 2007-10-29] (AGFEO      ) [File not signed]
R2 VC10SecS; C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe [147464 2013-01-08] (H+H Software GmbH)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-05-02] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AVMCOWAN; C:\Windows\System32\DRIVERS\AVMCOWAN.sys [79872 2009-06-10] (AVM GmbH)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
R3 FUS2BASE; C:\Windows\System32\DRIVERS\fus2base.sys [696832 2009-06-10] (AVM Berlin)
S3 HH10Help.sys; C:\Windows\system32\drivers\HH10Help.sys [24088 2009-07-09] (H+H Software GmbH)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-04-18] (Secunia)
R1 vdrv1000; C:\Windows\System32\DRIVERS\vdrv1000.sys [226080 2012-12-06] (H+H Software GmbH)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-24 19:52 - 2014-11-24 19:53 - 00019975 _____ () C:\Users\*****\Desktop\FRST.txt
2014-11-24 19:52 - 2014-11-24 19:52 - 00000000 ____D () C:\FRST
2014-11-24 19:51 - 2014-11-23 21:45 - 02118144 _____ (Farbar) C:\Users\*****\Desktop\FRST64.exe
2014-11-24 19:50 - 2014-11-24 19:50 - 00001160 _____ () C:\Users\*****\Desktop\***** (E) 6,88 GB.lnk
2014-11-21 11:45 - 2014-11-21 11:45 - 00012029 _____ () C:\hijackthis.log
2014-11-19 05:23 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 05:23 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 05:23 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 05:23 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-13 02:14 - 2014-11-13 02:15 - 00000000 ____D () C:\0481b325bed1ce6b70f172a37b
2014-11-12 22:15 - 2014-11-12 22:15 - 00000000 ____D () C:\c2ffbdbaa28510fdf0a4cd
2014-11-12 07:45 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 07:45 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 07:45 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 07:45 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 07:45 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 07:45 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 07:45 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 07:45 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 07:45 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 07:45 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 07:45 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 07:45 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 07:45 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 07:45 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 07:45 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 07:45 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 07:45 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 07:45 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 07:45 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 07:45 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 07:45 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 07:45 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 07:45 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 07:45 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 07:45 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 07:45 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 07:45 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 07:45 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 07:45 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 07:45 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 07:45 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 07:45 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 07:45 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 07:45 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 07:45 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 07:45 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 07:45 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 07:45 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 07:45 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 07:45 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 07:45 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 07:45 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 07:45 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 07:45 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 07:45 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 07:45 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 07:45 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 07:45 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 07:45 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 07:45 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 07:45 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 07:45 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 07:45 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 07:45 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 07:45 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 07:45 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 07:45 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 07:45 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 07:45 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 07:45 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 07:45 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 07:45 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 07:45 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 07:45 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 07:45 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 07:45 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 07:45 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 07:45 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 07:44 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 07:44 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 07:44 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 07:44 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 07:44 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 07:44 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 07:44 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 07:44 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 07:44 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 07:44 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 07:44 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 07:44 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 07:44 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 07:44 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 07:44 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 07:44 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 07:44 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 07:44 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 07:44 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 07:44 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 07:44 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 07:44 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 07:44 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 07:44 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 07:44 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 07:44 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 07:44 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 07:44 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 07:44 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 07:44 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 07:44 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 07:44 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 07:44 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-10 19:28 - 2014-11-10 19:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-05 11:24 - 2014-11-05 11:24 - 00002799 _____ () C:\Users\Public\Desktop\Dragon NaturallySpeaking.lnk
2014-11-05 11:24 - 2014-11-05 11:24 - 00002787 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Dragon NaturallySpeaking.lnk
2014-11-05 11:24 - 2014-11-05 11:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon NaturallySpeaking
2014-11-05 10:45 - 2014-11-05 10:45 - 00000000 ____D () C:\ProgramData\Macrovision
2014-11-04 14:21 - 2014-11-04 14:21 - 01728221 _____ ( ) C:\Users\*****\Downloads\KIUpdate33010.exe
2014-11-04 14:19 - 2014-11-20 11:59 - 00000000 ____D () C:\Program Files (x86)\klickIdent Herbst 2014
2014-11-04 14:19 - 2014-11-04 14:19 - 00001122 _____ () C:\Users\Public\Desktop\klickIdent 33.lnk
2014-11-04 14:19 - 2014-11-04 14:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\klickIdent Herbst 2014
2014-11-02 15:18 - 2014-11-02 15:18 - 00000000 ____D () C:\Users\*****\Documents\korrektur
2014-10-27 16:13 - 2014-10-27 16:40 - 00000000 ____D () C:\Users\*****\AppData\Roaming\klickTel
2014-10-27 16:08 - 2014-10-27 16:28 - 00000212 _____ () C:\Windows\ktel.ini
2014-10-27 16:08 - 2014-10-27 16:08 - 00001356 _____ () C:\Users\Public\Desktop\Telefon- und Branchenbuch Herbst 2014 - Suchassistent.lnk
2014-10-27 16:08 - 2014-10-27 16:08 - 00001348 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telefon- und Branchenbuch Herbst 2014.lnk
2014-10-27 16:08 - 2014-10-27 16:08 - 00001336 _____ () C:\Users\Public\Desktop\Telefon- und Branchenbuch Herbst 2014.lnk
2014-10-27 16:08 - 2014-10-27 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\klickTel
2014-10-27 16:07 - 2014-10-27 16:07 - 00000000 ____D () C:\Program Files (x86)\klickTel

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-24 19:51 - 2014-03-11 17:18 - 00000000 ____D () C:\Users\*****\AppData\Roaming\ClassicShell
2014-11-24 19:50 - 2014-03-25 15:46 - 00000000 ____D () C:\Users\*****\Documents\Outlook-Dateien
2014-11-24 18:59 - 2014-04-29 14:00 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-24 16:49 - 2013-04-16 23:10 - 01647590 _____ () C:\Windows\WindowsUpdate.log
2014-11-24 11:40 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-24 11:40 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-24 06:48 - 2009-07-14 05:51 - 00173792 _____ () C:\Windows\setupact.log
2014-11-23 16:51 - 2013-10-12 16:43 - 00000000 ____D () C:\ProgramData\TEMP
2014-11-23 16:12 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-21 14:21 - 2013-10-12 15:59 - 00000000 ____D () C:\Users\Public\Documents\ScanDoc
2014-11-21 11:45 - 2012-10-01 07:29 - 00702964 _____ () C:\Windows\system32\perfh007.dat
2014-11-21 11:45 - 2012-10-01 07:29 - 00150604 _____ () C:\Windows\system32\perfc007.dat
2014-11-21 11:45 - 2009-07-14 06:13 - 01629436 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-21 11:04 - 2014-03-24 11:50 - 00000000 ____D () C:\Users\*****\Documents\Schnellscan
2014-11-21 08:13 - 2014-04-11 16:53 - 00000000 ____D () C:\Users\*****\AppData\Local\CUSTPDF Writer
2014-11-13 18:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 14:02 - 2013-04-16 14:18 - 00099120 _____ () C:\Users\*****\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-13 13:58 - 2009-07-14 05:45 - 00387232 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 13:56 - 2014-05-06 22:09 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 13:52 - 2013-06-18 20:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 22:15 - 2013-10-10 15:43 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 22:15 - 2013-05-05 17:09 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 15:06 - 2014-04-29 14:00 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 15:06 - 2014-04-29 14:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 15:06 - 2014-04-29 14:00 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 14:59 - 2014-09-09 18:59 - 04918960 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-11-12 08:34 - 2014-05-17 12:27 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-11-12 08:33 - 2014-08-21 17:48 - 00000000 ____D () C:\Users\*****\AppData\Local\.elfohilfe
2014-11-12 08:32 - 2013-04-16 14:18 - 00000000 ____D () C:\Users\*****
2014-11-11 18:47 - 2013-06-01 20:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-10 12:51 - 2014-03-27 09:39 - 00001715 _____ () C:\Users\*****\AppData\Roaming\SAS7_000.DAT
2014-11-09 13:37 - 2014-05-11 09:50 - 00000000 ____D () C:\Users\*****\Documents\Handy-Backup
2014-11-05 11:30 - 2013-10-12 16:42 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Nuance
2014-11-05 11:24 - 2013-10-12 16:42 - 00001873 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk
2014-11-05 11:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Speech
2014-11-05 10:45 - 2013-10-12 16:41 - 00000000 ____D () C:\ProgramData\Nuance
2014-11-05 10:45 - 2013-10-12 16:41 - 00000000 ____D () C:\Program Files (x86)\Nuance
2014-11-05 07:12 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-04 14:57 - 2013-12-10 12:36 - 00000000 ____D () C:\Users\*****\AppData\Local\FRITZ!
2014-11-04 14:30 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-27 16:07 - 2013-06-18 21:10 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\*****\AppData\Local\Temp\InstallAX.exe
C:\Users\*****\AppData\Local\Temp\InstallAX_11_8_800_168.exe
C:\Users\*****\AppData\Local\Temp\InstHelper.exe
C:\Users\*****\AppData\Local\Temp\ose00000.exe
C:\Users\*****\AppData\Local\Temp\SetupAssistant.exe
C:\Users\*****\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\*****\AppData\Local\Temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-15 08:37

==================== End Of Log ============================

--- --- ---

--- --- ---

PC_2, Addition.txt

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2014 01
Ran by ***** at 2014-11-24 19:53:19
Running from C:\Users\*****\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acronis True Image Home 2011 (HKLM-x32\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.6942 - Acronis)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Advo-ware 3 Laufzeitumgebung (HKLM-x32\...\{0ECD6342-2B55-4306-B13A-775B0BA19B35}) (Version: 3.0.3 - ReNoWin Datentechnik GmbH)
Advo-ware 3 Office Dateien (HKLM-x32\...\{32F3169D-367A-485F-96BB-33C7119513C8}) (Version: 3.0.2 - ReNoWin Datentechnik GmbH)
Advo-ware 3 Server (HKLM-x32\...\{39F59C8F-98F1-4B94-8BFF-9A1AAD2B6DC8}) (Version: 3.0.6 - ReNoWin Datentechnik GmbH)
Advoware PDF-Drucker (HKLM\...\Advoware PDF-Drucker) (Version:  - )
AGFEO TK-Suite Basic 3 (HKLM-x32\...\tksuite_tksuite_basic) (Version:  - AGFEO)
AVM FRITZ! (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
DDBAC (HKLM-x32\...\{E3B6D3FB-A593-41BA-9AB1-FFE46F608565}) (Version: 5.3.21 - DataDesign)
Dragon NaturallySpeaking 13 (HKLM-x32\...\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}) (Version: 13.00.000 - Nuance Communications Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.2.14508 - Landesfinanzdirektion Thüringen)
ESET Smart Security (HKLM\...\{F5A3E880-A737-48F2-A124-6F5D4CEA6AB4}) (Version: 7.0.302.26 - ESET, spol s r. o.)
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
FormatFactory 3.3.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
Gupta SQLBase 8.5.4 (HKLM-x32\...\{76CB6E74-1A12-47CA-BF43-5993BFD920B1}) (Version: 8.6.11.0 - ReNoWin Datentechnik GmbH)
HL-2250DN (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Junction Link Magic 2.0 (HKLM\...\Junction Link Magic_is1) (Version:  - )
klickIdent ProfiPlus 33 (HKLM-x32\...\klickIdent ProfiPlus 33_is1) (Version: 33.00 - )
klickTel Telefon- und Branchenbuch Herbst 2014 (HKLM-x32\...\{06A82578-774B-40A7-B070-A93C0B31AB6B}) (Version: 1.00.0000 - telegate MEDIA AG)
Lexware Info Service (HKLM-x32\...\{8AE7E507-BC49-4DF0-A236-26878691AB53}) (Version: 2.90.00.0009 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (HKLM-x32\...\{A64DF516-9CDC-4299-BD34-2B2C80CD453B}) (Version: 19.00.00.0059 - Haufe-Lexware GmbH & Co.KG)
MEDION GoPal Assistant (HKLM-x32\...\{B9D45A76-61DF-4387-B0FE-CA165D582B57}) (Version: 6.3.6.13143 - MEDION)
Medion GoPal Assistant 4.01.028 (HKLM-x32\...\Medion GoPal Assistant) (Version: 4.1.28.0 - Medion)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger)
Nuance PaperPort 12 (HKLM-x32\...\{69192731-44E6-4C08-B0A3-66174478B9E3}) (Version: 12.1.0000 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{EC00862A-C16F-4ED0-BC06-34538512E730}) (Version: 5.30.3296 - Nuance Communications, Inc)
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
Oracle VM VirtualBox 4.3.10 (HKLM\...\{5632714F-6A48-4BF2-89E0-F8B6CE9FE6D1}) (Version: 4.3.10 - Oracle Corporation)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 1.00.0001 - Nuance Communications, Inc.)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.1 - pdfforge)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.2 - Tracker Software Products Ltd)
Plustek SmartOffice PS286 Plus (HKLM-x32\...\{E26FBB01-C5BC-4B9D-AD30-8DDBEFF52E32}) (Version: 5.1.0 - )
Quicken DELUXE 2014 (HKLM-x32\...\{E60036CF-1E46-4DFE-832F-5476574B30FF}) (Version: 21.37.00.0185 - Haufe-Lexware GmbH & Co.KG)
Scansoft PDF Professional (x32 Version:  - ) Hidden
Secunia PSI (3.0.0.7009) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.7009 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
sv.net (HKLM-x32\...\sv.net) (Version: 14.1 - ITSG GmbH)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Virtual CD v10 (HKLM-x32\...\{10C51313-A308-4B40-90E3-B368D5882660}) (Version: 10.50.1 - H+H Software GmbH)
Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) (HKLM\...\{4A5A427F-BA39-4BF0-7777-9A47FBE60C9F}) (Version: 11.0.0 - Nuance Communications Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.6b5 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinSCP 5.5.3 (HKLM-x32\...\winscp3_is1) (Version: 5.5.3 - Martin Prikryl)
WinSplit Revolution (v11.04) (HKLM-x32\...\WinSplit Revolution) (Version: 11.04 - Raphael Lencrerot)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2694355323-837647822-1861536204-1000_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-2694355323-837647822-1861536204-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll No  (the data entry has 4 more characters).
CustomCLSID: HKU\S-1-5-21-2694355323-837647822-1861536204-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll No  (the data entry has 4 more characters).
CustomCLSID: HKU\S-1-5-21-2694355323-837647822-1861536204-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll No  (the data entry has 4 more characters).
CustomCLSID: HKU\S-1-5-21-2694355323-837647822-1861536204-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\FileSyncApi64.dll No Fi (the data entry has 2 more characters).

==================== Restore Points  =========================

08-11-2014 09:51:43 Windows Update
12-11-2014 21:13:41 Windows Update
13-11-2014 01:14:20 Windows Update
13-11-2014 12:48:36 Windows Update
18-11-2014 06:39:30 Windows Update
20-11-2014 06:25:36 Windows Update
22-11-2014 09:34:51 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {277471AD-2252-4598-B0E0-8E845CC87D30} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {D77D5F85-FC90-4823-9866-2133F870B5F3} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-10-12 19:14 - 2008-07-19 17:26 - 00087040 _____ () C:\Windows\System32\custmon64.dll
2013-12-10 12:33 - 2006-02-23 11:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2013-12-10 12:33 - 2006-02-22 10:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll
2011-04-12 21:53 - 2011-04-12 21:53 - 00015360 _____ () C:\Program Files (x86)\WinSplit Revolution\WinSplitHook64.DLL
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-03-24 12:07 - 2012-01-20 14:55 - 00678400 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2014-03-24 12:07 - 2012-01-29 16:55 - 00657920 _____ () C:\Program Files\TeraCopy\TeraCopy64.dll
2011-04-12 21:53 - 2011-04-12 21:53 - 03951616 _____ () C:\Program Files (x86)\WinSplit Revolution\WinSplit.exe
2011-04-12 21:53 - 2011-04-12 21:53 - 00015872 _____ () C:\Program Files (x86)\WinSplit Revolution\WinSplitDrvr32.exe
2011-04-12 21:53 - 2011-04-12 21:53 - 00017920 _____ () C:\Program Files (x86)\WinSplit Revolution\WinSplitDrvr64.exe
2013-10-12 15:09 - 2013-03-25 16:06 - 00210944 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\DocuAction.exe
2014-08-23 12:07 - 2013-05-02 19:05 - 01185048 ____N () C:\Program Files\Tablet\Wacom\libxml2.dll
2014-03-24 11:44 - 2009-03-13 02:18 - 00602624 _____ () C:\*****\*****\Everything\Everything-1.2.1.371.exe
2006-05-12 12:49 - 2006-05-12 12:49 - 00028672 _____ () C:\Program Files (x86)\AGFEO\Tk-Suite-Basic\tkserver\tkmedia_lib.dll
2006-11-23 11:22 - 2006-11-23 11:22 - 00036864 _____ () C:\Program Files (x86)\AGFEO\Tk-Suite-Basic\tkserver\tkmedia_capi.dll
2006-05-12 12:49 - 2006-05-12 12:49 - 00020480 _____ () C:\Program Files (x86)\AGFEO\Tk-Suite-Basic\tkserver\tkmedia_serial.dll
2006-05-12 12:49 - 2006-05-12 12:49 - 00020480 _____ () C:\Program Files (x86)\AGFEO\Tk-Suite-Basic\tkserver\tkmedia_xport.dll
2011-04-12 21:53 - 2011-04-12 21:53 - 00011264 _____ () C:\Program Files (x86)\WinSplit Revolution\WinSplitLib.dll
2011-04-12 21:53 - 2011-04-12 21:53 - 00013312 _____ () C:\Program Files (x86)\WinSplit Revolution\WinSplitHook32.DLL
2011-09-22 21:20 - 2011-09-22 21:20 - 11233136 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\Common\ti_managers.dll
2013-06-18 21:10 - 2008-08-18 15:08 - 00050688 _____ () C:\Program Files (x86)\Virtual CD v10\System\ogg.dll
2013-06-18 21:10 - 2008-08-18 15:11 - 01237504 _____ () C:\Program Files (x86)\Virtual CD v10\System\vorbis.dll
2013-10-12 14:24 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2005-04-26 08:10 - 2005-04-26 08:10 - 04005888 _____ () C:\Program Files (x86)\AGFEO\Tk-Suite-Basic\tools\qt-mt334.dll
2005-04-26 08:10 - 2005-04-26 08:10 - 00061440 _____ () C:\Program Files (x86)\AGFEO\Tk-Suite-Basic\tools\styles\qwindowsxpstyle.dll
2013-10-12 15:09 - 2013-03-25 16:05 - 00027136 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\AmCommonLib.dll
2013-10-12 15:09 - 2012-09-13 20:01 - 00098304 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\DocuRes.dll
2013-10-12 15:09 - 2008-06-26 13:11 - 00045056 _____ () C:\Program Files (x86)\Common Files\iMpacct\EdgeFillRsc.dll
2013-10-12 15:09 - 2006-05-15 14:24 - 00122938 _____ () C:\Program Files (x86)\Common Files\iMpacct\CommonFunc.dll
2013-10-12 15:09 - 2013-05-03 16:38 - 00269824 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\Scan.dll
2013-10-12 15:09 - 2013-05-03 15:23 - 00163840 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\ScanRes.dll
2013-10-12 15:09 - 2009-06-25 09:00 - 00897024 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\EncryptPdf.dll
2013-10-12 15:09 - 2013-04-25 08:31 - 00058368 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\PlkMsg.dll
2013-10-12 15:09 - 2013-03-08 20:19 - 00073728 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\PlkMsgRes.dll
2013-10-12 15:09 - 2013-03-25 16:06 - 00104448 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\Custom.DLL
2013-10-12 15:09 - 2013-03-25 16:05 - 00087040 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\FormatManager.dll
2013-10-12 15:09 - 2012-09-14 20:20 - 00061440 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\FormatManagerRes.dll
2013-10-12 15:09 - 2012-08-03 18:50 - 00049152 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\CustomRes.dll
2013-10-12 15:09 - 2013-03-25 16:06 - 00098304 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\PDF.DLL
2013-10-12 15:09 - 2012-08-03 18:52 - 00049152 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\FilingRes.dll
2013-10-12 15:09 - 2013-03-25 16:05 - 00075264 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\OCR.DLL
2013-10-12 15:09 - 2012-08-03 18:53 - 00049152 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\OcrRes.dll
2013-10-12 15:09 - 2013-03-25 16:06 - 00098304 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\Filing.DLL
2013-10-12 15:09 - 2013-03-25 16:06 - 00060416 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\eMail.DLL
2013-10-12 15:09 - 2010-06-07 14:06 - 00049152 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\EmailRes.dll
2013-10-12 15:09 - 2013-03-25 16:06 - 00038912 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\Copy.DLL
2013-10-12 15:09 - 2010-06-07 14:06 - 00045056 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\CopyRes.dll
2013-10-12 15:09 - 2005-09-21 13:36 - 00061440 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\PrnDriver.dll
2013-10-12 15:09 - 2013-01-16 10:36 - 00065536 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\ScanAdvanced.dll
2013-10-12 15:09 - 2013-04-12 10:42 - 00956928 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\ScanApi.dll
2013-10-12 15:09 - 2013-01-24 15:09 - 00868352 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\PlkASize\timage.dll
2013-10-12 15:09 - 2013-01-24 15:09 - 00868352 _____ () C:\Program Files (x86)\Common Files\iMpacct\timage.dll
2013-10-12 15:09 - 2010-09-07 15:38 - 01093632 _____ () C:\Program Files (x86)\Common Files\iMpacct\plkacd.dll
2013-10-12 15:09 - 2007-06-26 16:08 - 00040960 _____ () C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\DetectSession.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:01C66DD9
AlternateDataStreams: C:\ProgramData\TEMP:0B9FB94D
AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2694355323-837647822-1861536204-500 - Administrator - Disabled)
Gast (S-1-5-21-2694355323-837647822-1861536204-501 - Limited - Disabled)
***** (S-1-5-21-2694355323-837647822-1861536204-1000 - Administrator - Enabled) => C:\Users\*****

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/24/2014 07:50:42 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054

Error: (11/24/2014 07:50:33 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054

Error: (11/24/2014 07:50:16 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054

Error: (11/24/2014 05:42:00 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054

Error: (11/24/2014 09:45:37 AM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054

Error: (11/24/2014 06:52:50 AM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054

Error: (11/24/2014 06:48:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ISUSPM.exe, Version: 13.0.0.43575, Zeitstempel: 0x4e9664be
Name des fehlerhaften Moduls: ISUSPM.exe, Version: 13.0.0.43575, Zeitstempel: 0x4e9664be
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000ab4b
ID des fehlerhaften Prozesses: 0x408
Startzeit der fehlerhaften Anwendung: 0xISUSPM.exe0
Pfad der fehlerhaften Anwendung: ISUSPM.exe1
Pfad des fehlerhaften Moduls: ISUSPM.exe2
Berichtskennung: ISUSPM.exe3

Error: (11/23/2014 04:51:15 PM) (Source: Windows Activation Technologies) (EventID: 14) (User: )
Description: Fehler bei der Echtheitsprüfung: 
 hr = 0x800706BA

Error: (11/23/2014 04:14:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/22/2014 09:50:16 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054


System errors:
=============
Error: (11/24/2014 06:46:57 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (11/22/2014 10:37:48 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.

Error: (11/21/2014 11:42:35 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.

Error: (11/21/2014 11:42:35 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.

Error: (11/21/2014 11:42:34 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.

Error: (11/21/2014 11:42:34 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.

Error: (11/21/2014 06:46:45 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053BrYNSvc{F2189AE3-E432-427F-93B6-38D1C6F5E8D4}

Error: (11/21/2014 06:46:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "BrYNSvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (11/21/2014 06:46:32 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst BrYNSvc erreicht.

Error: (11/18/2014 10:34:27 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}


Microsoft Office Sessions:
=========================
Error: (11/24/2014 07:50:42 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054

Error: (11/24/2014 07:50:33 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054

Error: (11/24/2014 07:50:16 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054

Error: (11/24/2014 05:42:00 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054

Error: (11/24/2014 09:45:37 AM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054

Error: (11/24/2014 06:52:50 AM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054

Error: (11/24/2014 06:48:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ISUSPM.exe13.0.0.435754e9664beISUSPM.exe13.0.0.435754e9664bec00000050000ab4b40801d0073545df4225C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exeC:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe93a78798-739d-11e4-baff-0025648dce53

Error: (11/23/2014 04:51:15 PM) (Source: Windows Activation Technologies) (EventID: 14) (User: )
Description: 0x800706BA

Error: (11/23/2014 04:14:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/22/2014 09:50:16 PM) (Source: DNS logging) (EventID: 0) (User: )
Description: Logger: Socket error: 10054


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 33%
Total physical RAM: 3993.61 MB
Available physical RAM: 2658.73 MB
Total Pagefile: 7985.4 MB
Available Pagefile: 6354.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:455.99 GB) (Free:293.43 GB) NTFS
Drive e: (*****) (Removable) (Total:7.53 GB) (Free:6.89 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D4CA5E40)
Partition 1: (Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Not Active) - (Size=456 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B)

==================== End Of Log ============================

Das war PC 2 von 3, Beitrag war zu lang...

HonigDieter · 24.11.2014, 21:06

PC_3, FRST.txt
[CODE]
FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-11-2014
Ran by ***** (administrator) on ***** on 24-11-2014 18:30:20
Running from C:\Temp
Loaded Profile: ***** (Available profiles: *****)
Platform: Microsoft Windows 7 Professional N  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(REINER SCT) C:\Windows\System32\cjpcsc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
() C:\Program Files\GNU\GnuPGv2\dirmngr.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Foxit Corporation) C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(H+H Software GmbH) C:\Program Files\Virtual CD v10\System\VC10SecS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
() C:\Program Files\WizMouse\WizMouse.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\Audio\HDA\RtDCpl.exe
(Dell Inc.) C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
(Broadcom Corporation) C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
() C:\Program Files\Bamboo Dock\BambooCore.exe
(Acronis) C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
(H+H Software GmbH) C:\Program Files\Virtual CD v10\System\VC10Play.exe
() C:\Windows\FixCamera.exe
() C:\Windows\vsnpstd3.exe
(Acronis International GmbH) C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\FeedReader30\feedreader.exe
(LAN Messenger) D:\*****\*****\*****\PortableApps\LANMessengerPortable\App\LANMessenger\lmc.exe
(Evoluent) C:\Program Files\Evoluent\VMouse\V4\EvoMouseExec.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AGFEO) C:\Program Files\AGFEO\Tk-Suite-Basic\tools\ctimon.exe
(desktopApps) D:\*****\*****\Auswahlmenue\MenuApp-Programm\32Bit\MenuApp.exe
(H+H Software GmbH) C:\Program Files\Virtual CD v10\System\vc10tray.exe
(Samsung Electronics.) C:\Program Files\Samsung\Samsung Magician\Samsung Magician.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
() C:\Program Files\AutoHotkey\AutoHotkey.exe
(g10 Code GmbH) C:\Program Files\GNU\GnuPGv2\gpg-agent.exe
(Acronis) C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(PortableApps.com) D:\*****\*****\*****\PortableApps\TaskCoachPortable\TaskCoachPortable.exe
(PortableApps.com) D:\*****\*****\*****\PortableApps\PidginPortable\PidginPortable.exe
() D:\*****\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\taskcoach.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(The Pidgin developer community) D:\*****\*****\*****\PortableApps\PidginPortable\App\Pidgin\pidgin-portable.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Nullriver Software) D:\*****\*****\*****\PortableApps\winMd5SumPortable\winMd5Sum.exe
(hxxp://tortoisegit.org/) C:\Program Files\TortoiseGit\bin\TGitCache.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtDCpl.exe [2691072 2009-08-26] (Realtek Semiconductor Corp.)
HKLM\...\Run: [ChangeTPMAuth] => C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe [184320 2009-06-03] (Wave Systems Corp.)
HKLM\...\Run: [DellControlPoint] => C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe [656384 2009-06-11] (Dell Inc.)
HKLM\...\Run: [USCService] => C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe [15872 2009-07-05] (Broadcom Corporation)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [150208 2014-01-18] (IvoSoft)
HKLM\...\Run: [BambooCore] => C:\Program Files\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM\...\Run: [TrueImageMonitor.exe] => C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe [7843744 2014-02-04] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe [380656 2013-07-18] (Acronis)
HKLM\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2013-10-10] (Cisco Systems, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5110672 2013-09-12] (ESET)
HKLM\...\Run: [LexwareInfoService] => C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe [189808 2011-07-31] (Haufe-Lexware GmbH & Co. KG)
HKLM\...\Run: [VC10Player] => C:\Program Files\Virtual CD v10\System\VC10Play.exe [417288 2013-01-08] (H+H Software GmbH)
HKLM\...\Run: [FixCamera] => C:\Windows\FixCamera.exe [20480 2007-02-10] ()
HKLM\...\Run: [tsnpstd3] => C:\Windows\tsnpstd3.exe
HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [827392 2006-09-19] ()
HKLM\...\Run: [AcronisTibMounterMonitor] => C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKU\S-1-5-21-3200770914-2407154358-3816992364-1000\...\Run: [feedreader.exe] => C:\Program Files\FeedReader30\feedreader.exe [2089472 2010-01-21] ()
HKU\S-1-5-21-3200770914-2407154358-3816992364-1000\...\Run: [LAN Messenger] => C:\PortableProgramme\Portable-Apps\PortableApps\LANMessengerPortable\App\LANMessenger\lmc.exe [1721344 2012-07-24] (LAN Messenger)
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Evoluent Mouse Manager.lnk
ShortcutTarget: Evoluent Mouse Manager.lnk -> C:\Windows\Installer\{AD6E0AE0-DADF-480E-82AE-4CDA6035D341}\_BBBCF44DDE3DA1E118ADB6.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Quicken 2014 Zahlungserinnerung.lnk
ShortcutTarget: Quicken 2014 Zahlungserinnerung.lnk -> C:\Windows\Installer\{E60036CF-1E46-4DFE-832F-5476574B30FF}\BillMinder.8C5DA79E_7079_4AB3_81F7_712153351D0D.exe (Macrovision Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TK-Suite Client.lnk
ShortcutTarget: TK-Suite Client.lnk -> C:\Program Files\AGFEO\Tk-Suite-Basic\tools\ctimon.exe (AGFEO)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MenuAppServer.lnk
ShortcutTarget: MenuAppServer.lnk -> C:\PortableProgramme\Auswahlmenue\MenuApp-Programm\32Bit\MenuApp.exe (desktopApps)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation)
Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\WinSplit.lnk
ShortcutTarget: WinSplit.lnk -> C:\PortableProgramme\Nicht-Portable-Apps\WinSplit Revolution\WinSplit.exe ()
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files\Acronis\TrueImageHome\tishell.dll ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files\Acronis\TrueImageHome\tishell.dll ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files\Acronis\TrueImageHome\tishell.dll ()
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.20.1

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default
FF DefaultSearchEngine: Startpage HTTPS - Deutsch
FF SelectedSearchEngine: Startpage HTTPS - Deutsch
FF Homepage: about:blank|*****|*****|*****|*****|*****||hxxp://www.pcwelt.de/forum/usercp.php|hxxp://www.lokalisten.de|hxxp://www.studivz.net|hxxp://www.facebook.com|*****|*****|*****|*****
FF NetworkProxy: "autoconfig_url", "hxxp://pac.lrz-muenchen.de/"
FF NetworkProxy: "ftp", "91.209.67.1"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "91.209.67.1"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "91.209.67.1"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "91.209.67.1"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3200770914-2407154358-3816992364-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\searchplugins\dictcc-deen.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\searchplugins\startpage-https---deutsch.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\searchplugins\wiktionary-de.xml
FF Extension: Xmarks - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\foxmarks@kei.com [2014-11-24]
FF Extension: DOM Inspector - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\inspector@mozilla.org [2014-02-28]
FF Extension: Link Widgets - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\linkwidget@clav.mozdev.org [2014-02-28]
FF Extension: WebPG for Firefox - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\webpg-firefox@curetheitch.com [2014-02-28]
FF Extension: Screengrab - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\{02450954-cdd9-410f-b1da-db804e18c671} [2014-02-28]
FF Extension: Shooter - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\{11b496ea-481a-11dc-8314-0800200c9a66} [2014-05-10]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2014-02-28]
FF Extension: Dr.Web Anti-Virus Link Checker - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5} [2014-02-28]
FF Extension: ColorZilla - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2014-02-28]
FF Extension: Live HTTP Headers - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} [2014-05-05]
FF Extension: DownloadHelper - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-08]
FF Extension: Wired-Marker - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\{e36db930-f18d-4449-b45f-e286cfb9e03a} [2014-02-28]
FF Extension: Selenium IDE: C# Formatters - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\csharpformatters@seleniumhq.org.xpi [2014-10-23]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\elemhidehelper@adblockplus.org.xpi [2014-02-28]
FF Extension: FacebookBlocker - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\facebookBlocker@webgraph.com.xpi [2014-02-28]
FF Extension: FaviconizeTab - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\faviconizetab@espion.just-size.jp.xpi [2014-02-28]
FF Extension: Firebug - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\firebug@software.joehewitt.com.xpi [2014-02-28]
FF Extension: FirePath - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\FireXPath@pierre.tholence.com.xpi [2014-03-17]
FF Extension: Facebook Privacy Watcher - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\fpw@informatik.tu-darmstadt.de.xpi [2014-08-24]
FF Extension: ProxTube - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\ich@maltegoetz.de.xpi [2014-09-11]
FF Extension: Selenium IDE: Java Formatters - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\javaformatters@seleniumhq.org.xpi [2014-10-23]
FF Extension: Add-on Builder Helper (discontinued) - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\jid0-t3eeRQgGANLCH9c50lPqcTDuNng@jetpack.xpi [2014-02-28]
FF Extension: Google search link fix - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\jid0-XWJxt5VvCXkKzQK99PhZqAn7Xbg@jetpack.xpi [2014-02-28]
FF Extension: Lightbeam - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi [2014-02-28]
FF Extension: Memory Restart - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\memoryrestart@teamextension.com.xpi [2014-02-28]
FF Extension: Print Edit - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\printedit@DW-dev.xpi [2014-02-28]
FF Extension: Selenium IDE: Python Formatters - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\pythonformatters@seleniumhq.org.xpi [2014-10-23]
FF Extension: RequestPolicy - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\requestpolicy@requestpolicy.com.xpi [2014-02-28]
FF Extension: Selenium IDE: Ruby Formatters - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\rubyformatters@seleniumhq.org.xpi [2014-10-23]
FF Extension: Stealthy - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\stealthyextension@gmail.com.xpi [2014-02-28]
FF Extension: SuperStop - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\superstop@gavinsharp.com.xpi [2014-02-28]
FF Extension: User Style Manager - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\UserStyleManager@girishsharma.xpi [2014-02-28]
FF Extension: VTzilla - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\vtzilla@virustotal.com.xpi [2014-02-28]
FF Extension: X-notifier - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2014-02-28]
FF Extension: NoScript - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-02-24]
FF Extension: TabRenamizer - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\{792BDDFE-2E7C-42ed-B18D-18154D2761BD}.xpi [2014-02-28]
FF Extension: Selenium IDE - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\{a6fd85ed-e919-4a43-a5af-8da18bda539f}.xpi [2014-10-23]
FF Extension: LeechBlock - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi [2014-02-28]
FF Extension: Update Scanner - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\{c07d1a49-9894-49ff-a594-38960ede8fb9}.xpi [2014-02-28]
FF Extension: Web Developer - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2014-02-28]
FF Extension: Toggle Web Developer Toolbar - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\{c75a27d8-4529-449f-b67b-aba65d7a1c0a}.xpi [2014-07-29]
FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-28]
FF Extension: DownThemAll! - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-02-28]
FF Extension: Greasemonkey - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\oirylyay.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2014-02-28]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-02-23]

Chrome: 
=======

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcrSch2Svc; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [778000 2013-07-18] (Acronis)
R2 afcdpsrv; C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe [3906552 2014-05-10] (Acronis)
R2 cjpcsc; C:\Windows\system32\cjpcsc.exe [518192 2014-01-27] (REINER SCT)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1490104 2014-01-02] (Microsoft Corporation)
R2 DirMngr; C:\Program Files\GNU\GnuPGv2\dirmngr.exe [216576 2014-09-03] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1337752 2013-09-12] (ESET)
R2 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S3 SecureStorageService; C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe [1019904 2009-06-03] (Wave Systems Corp.) [File not signed]
R2 syncagentsrv; C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7152200 2014-02-04] (Acronis)
S2 tcsd_win32.exe; C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1273856 2008-11-12] () [File not signed]
R2 VC10SecS; C:\Program Files\Virtual CD v10\System\VC10SecS.exe [147464 2013-01-08] (H+H Software GmbH)
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [558480 2013-10-10] (Cisco Systems, Inc.)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [542488 2014-01-13] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 acsock; C:\Windows\System32\DRIVERS\acsock.sys [92528 2013-10-10] (Cisco Systems, Inc.)
R1 bizVSerial; C:\Windows\System32\drivers\bizVSerialNT.sys [14949 2007-05-31] (franson.biz) [File not signed]
S3 Blfp; C:\Windows\System32\DRIVERS\basp.sys [84992 2009-05-11] (Broadcom Corporation)
R3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [28664 2012-09-04] (REINER SCT)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [188808 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [174400 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37416 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [49240 2013-09-17] (ESET)
R3 EvoMouseDriverFilterHidUsb; C:\Windows\System32\DRIVERS\EvoMouseDriverFilterHidUsb.sys [22712 2010-06-23] (Evoluent)
R3 EvoMouseDriverMini; C:\Windows\System32\drivers\EvoMouseDriverMini.sys [20024 2010-06-23] ()
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 HH10Help.sys; C:\Windows\system32\drivers\HH10Help.sys [13952 2010-03-10] (H+H Software GmbH) [File not signed]
S3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [12088 2013-11-11] (Windows (R) Win 7 DDK provider)
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHDA.sys [2748064 2009-11-16] (Realtek Semiconductor Corp.)
R0 PBADRV; C:\Windows\System32\DRIVERS\PBADRV.sys [26608 2008-06-04] (Dell Inc)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-12-06] (Secunia)
S3 s117bus; C:\Windows\System32\DRIVERS\s117bus.sys [82984 2007-06-25] (MCCI Corporation)
S3 s117mdfl; C:\Windows\System32\DRIVERS\s117mdfl.sys [14888 2007-06-25] (MCCI Corporation)
S3 s117mdm; C:\Windows\System32\DRIVERS\s117mdm.sys [108456 2007-06-25] (MCCI Corporation)
S3 s117mgmt; C:\Windows\System32\DRIVERS\s117mgmt.sys [100264 2007-06-25] (MCCI Corporation)
S3 s117nd5; C:\Windows\System32\DRIVERS\s117nd5.sys [22952 2007-06-25] (MCCI Corporation)
S3 s117obex; C:\Windows\System32\DRIVERS\s117obex.sys [98344 2007-06-25] (MCCI Corporation)
S3 s117unic; C:\Windows\System32\DRIVERS\s117unic.sys [98856 2007-06-25] (MCCI Corporation)
R3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10252544 2007-03-27] (Sonix Co. Ltd.)
R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
S3 tdrpman; C:\Windows\System32\DRIVERS\tdrpman.sys [889888 2014-05-10] (Acronis International GmbH)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [736192 2014-05-10] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [143648 2014-05-10] (Acronis International GmbH)
R1 vdrv1000; C:\Windows\System32\DRIVERS\vdrv1000.sys [188704 2012-12-06] (H+H Software GmbH)
R0 vididr; C:\Windows\System32\DRIVERS\vididr.sys [116000 2014-05-10] (Acronis International GmbH)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [85280 2014-05-10] (Acronis International GmbH)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva-6.sys [43376 2013-10-10] (Cisco Systems, Inc.)
S3 WacHidRouter; C:\Windows\System32\DRIVERS\wachidrouter.sys [76600 2013-11-11] (Wacom Technology)
S3 wacomrouterfilter; C:\Windows\System32\DRIVERS\wacomrouterfilter.sys [13112 2013-11-11] (Wacom Technology)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-24 18:16 - 2014-11-24 18:30 - 00000000 ____D () C:\FRST
2014-11-24 18:11 - 2014-11-24 18:11 - 00001160 _____ () C:\Users\*****\Desktop\***** (E) 6,88 GB.lnk
2014-11-24 17:20 - 2014-11-24 17:20 - 00000022 _____ () C:\Windows\S.dirmngr
2014-11-24 17:16 - 2014-11-24 17:16 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-11-24 17:16 - 2014-11-24 17:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-11-24 17:16 - 2014-11-24 17:16 - 00000000 ____D () C:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
2014-11-24 17:16 - 2014-11-24 17:16 - 00000000 ____D () C:\Program Files\iTunes
2014-11-24 17:16 - 2014-11-24 17:16 - 00000000 ____D () C:\Program Files\iPod
2014-11-23 16:25 - 2014-08-30 02:50 - 05702656 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-11-23 16:24 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-23 16:24 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-23 16:24 - 2014-11-06 04:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-23 16:24 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-23 16:24 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-23 16:24 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-23 16:24 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-23 16:24 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-23 16:24 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-23 16:24 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-23 16:24 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-23 16:24 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-23 16:24 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-23 16:24 - 2014-11-06 03:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-23 16:24 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-23 16:24 - 2014-11-06 03:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-23 16:24 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-23 16:24 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-23 16:24 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-23 16:24 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-23 16:24 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-23 16:24 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-23 16:24 - 2014-11-06 03:22 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-23 16:24 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-23 16:24 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-23 16:24 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-23 16:24 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-23 16:24 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-23 16:24 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-23 16:24 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-23 16:24 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-23 16:24 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-23 16:24 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-23 16:24 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-23 16:24 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-23 16:24 - 2014-10-03 02:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-23 16:24 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-23 16:24 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-23 16:24 - 2014-10-03 02:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-23 16:24 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-23 16:24 - 2014-08-29 02:44 - 02744320 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-11-23 16:24 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-11-23 16:24 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-11-23 16:24 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-11-23 16:24 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-11-23 16:24 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-11-23 16:23 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-23 16:23 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-23 16:23 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-23 16:23 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-23 16:23 - 2014-10-10 01:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-23 16:23 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-23 16:23 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-23 16:23 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-23 16:23 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-23 16:23 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-23 16:23 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-23 16:23 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-11-23 16:23 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-23 16:23 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-23 16:23 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-23 16:23 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-11-23 16:23 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-11-23 16:23 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-11-18 17:45 - 2014-11-18 17:46 - 00000000 ____D () C:\Users\*****\FormGenTmp
2014-11-15 22:54 - 2014-11-15 22:54 - 00002415 _____ () C:\Users\*****\AppData\Local\recently-used.xbel
2014-11-11 16:53 - 2014-11-11 17:31 - 00000000 ____D () C:\Users\*****\AppData\Roaming\JOSM
2014-11-11 09:16 - 2014-11-11 09:17 - 00001448 _____ () C:\Users\*****\Desktop\finanzabfrage.py.lnk
2014-11-10 22:06 - 2014-11-10 22:06 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-07 11:20 - 2014-11-11 09:17 - 00000000 ____D () C:\Program Files\Mozilla Firefox.bak
2014-11-04 11:30 - 2014-11-04 11:30 - 00000000 ____D () C:\Users\*****\.m2
2014-11-04 11:16 - 2014-11-04 11:16 - 00000000 ____D () C:\Users\*****\.ssh
2014-11-03 21:47 - 2014-11-03 21:47 - 00000000 ____D () C:\Users\*****\pip
2014-10-26 20:00 - 2014-10-26 20:00 - 00000000 ____D () C:\Python34
2014-10-26 20:00 - 2014-10-26 20:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.4

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-24 18:18 - 2014-02-13 21:56 - 00000000 ____D () C:\Users\*****\AppData\Roaming\ClassicShell
2014-11-24 18:17 - 2014-05-04 12:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-24 18:11 - 2009-07-14 05:02 - 00031552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-24 18:11 - 2009-07-14 05:02 - 00031552 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-24 18:10 - 2014-02-12 19:34 - 02054991 _____ () C:\Windows\WindowsUpdate.log
2014-11-24 18:03 - 2010-11-20 22:03 - 01657428 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-24 18:01 - 2014-04-19 13:40 - 00000000 ____D () C:\Users\*****\AppData\Local\TGitCache
2014-11-24 17:21 - 2014-02-13 22:31 - 00000000 ____D () C:\Users\*****\AppData\Local\TSVNCache
2014-11-24 17:20 - 2009-07-14 05:17 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-24 17:20 - 2009-07-14 05:07 - 00056212 _____ () C:\Windows\setupact.log
2014-11-24 17:16 - 2014-10-08 13:44 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-11-24 17:16 - 2014-02-22 12:33 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-11-24 14:32 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-11-23 17:31 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-23 17:14 - 2009-07-14 05:02 - 00519688 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-23 17:13 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-11-23 16:59 - 2014-03-13 11:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-18 17:45 - 2014-02-12 20:45 - 00000000 ____D () C:\Users\*****
2014-11-14 18:16 - 2014-04-27 14:00 - 00007617 _____ () C:\Users\*****\AppData\Local\Resmon.ResmonCfg
2014-11-12 21:31 - 2014-03-08 12:26 - 00005421 _____ () C:\Users\*****\AppData\Roaming\.sdedit.conf
2014-11-12 15:17 - 2014-02-13 16:09 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-12 15:17 - 2014-02-13 16:09 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-12 09:24 - 2014-02-13 16:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-12 09:24 - 2010-11-20 22:49 - 00149928 _____ () C:\Windows\PFRO.log
2014-11-11 21:54 - 2014-02-13 23:15 - 00000000 ____D () C:\Users\*****\AppData\Roaming\vlc
2014-11-11 20:51 - 2014-04-28 21:46 - 00000600 _____ () C:\Users\*****\AppData\Local\PUTTY.RND
2014-11-04 14:30 - 2014-02-23 18:18 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-31 23:25 - 2014-02-13 16:09 - 100445232 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-31 10:40 - 2014-05-26 10:39 - 00000374 _____ () C:\Windows\Tasks\Netzadresse erneuern.job
2014-10-29 17:23 - 2014-03-11 16:59 - 00000000 ____D () C:\Users\*****\AppData\Roaming\MyPhoneExplorer

Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\avgnt.exe
C:\Users\*****\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\*****\AppData\Local\Temp\Foxit Updater.exe
C:\Users\*****\AppData\Local\Temp\install_flashplayer15x32axau_mssd_aaa_aih.exe
C:\Users\*****\AppData\Local\Temp\IntResource.dll
C:\Users\*****\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\*****\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\*****\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\*****\AppData\Local\Temp\MouseKeyboardCenterx86_1031.exe
C:\Users\*****\AppData\Local\Temp\npp.6.5.2.Installer.exe
C:\Users\*****\AppData\Local\Temp\npp.6.6.3.Installer.exe
C:\Users\*****\AppData\Local\Temp\npp.6.6.7.Installer.exe
C:\Users\*****\AppData\Local\Temp\npp.6.6.9.Installer.exe
C:\Users\*****\AppData\Local\Temp\OfficeSetup.exe
C:\Users\*****\AppData\Local\Temp\ose00000.exe
C:\Users\*****\AppData\Local\Temp\Samsung_Magician_Setup_v44.exe
C:\Users\*****\AppData\Local\Temp\Setup.exe
C:\Users\*****\AppData\Local\Temp\sfamcc00001.dll
C:\Users\*****\AppData\Local\Temp\sfextra.dll
C:\Users\*****\AppData\Local\Temp\SkypeSetup.exe
C:\Users\*****\AppData\Local\Temp\swt-win32-3346.dll
C:\Users\*****\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\*****\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\*****\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-15 19:49

==================== End Of Log ============================

--- --- ---

--- --- ---

PC_3, Addition.txt

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-11-2014
Ran by ***** at 2014-11-24 18:30:44
Running from C:\Temp
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22beta (HKLM\...\7-Zip) (Version:  - )
Acronis True Image 2014 (HKLM\...\{3ECDD663-5AF8-489B-9E3C-561F33A271BD}Visible) (Version: 17.0.6673 - Acronis)
Acronis True Image 2014 (Version: 17.0.6673 - Acronis) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 15.0.0.249 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
AGFEO TK-Suite Basic 3 (HKLM\...\tksuite_tksuite_basic) (Version:  - AGFEO)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aptana Studio 3 (HKLM\...\Aptana Studio 3) (Version: 3.4.2 - Appcelerator, Inc.)
Aspell German Dictionary-0.50-2 (HKLM\...\Aspell German Dictionary_is1) (Version:  - GNU)
AutoHotkey 1.1.15.00 (HKLM\...\AutoHotkey) (Version: 1.1.15.00 - Lexikos)
Bamboo Dock (HKLM\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (Version: 4.1.0 - Wacom Europe GmbH) Hidden
BioAPI Framework (Version: 1.0.1 - Dell Inc.) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom NetXtreme-I Netlink Driver and Management Installer (HKLM\...\{2E98C5B7-D64C-4D7E-BFC3-A7D078569F28}) (Version: 12.25.02 - Broadcom Corporation)
BS32MMWrapper (Version: 1.6.326.57 - Broadcom Corporation) Hidden
Chipcardmaster 7.11 (HKLM\...\Chipcardmaster_is1) (Version:  - Dr. Olaf Jacobsen)
Cisco AnyConnect Secure Mobility Client  (HKLM\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04072 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (Version: 3.1.04072 - Cisco Systems, Inc.) Hidden
Classic Shell (HKLM\...\{13793E6A-6DBC-4112-81B7-7554DFC5D959}) (Version: 4.0.4 - IvoSoft)
Corel Graphics - Windows Shell Extension (HKLM\...\_{B6B75FB9-D1DB-491B-847D-144D9C580AA3}) (Version: 16.4.0.1280 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.4.1280 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - BR (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Capture (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Common (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Connect (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Content (HKLM\...\_{C221B72F-C0AC-4DD7-B27E-701B1E9DE23A}) (Version: 16.0 -  Corel Corporation)
CorelDRAW Graphics Suite X6 - Content (Version: 16.0 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Custom Data (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - DE (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Draw (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - EN (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - ES (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Filters (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FontNav (Version: 16.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - FR (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IPM (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - IT (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - NL (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Photozoom Plugin (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Redist (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Setup Files (Version: 16.7 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VBA (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VideoBrowser (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - VSTA (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 - Writing Tools (Version: 16.7 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X6 (HKLM\...\_{511DE7EA-AA68-4D7A-A2E3-0E7B5186B822}) (Version: 16.4.1.1281 - Corel Corporation)
CorelDRAW Graphics Suite X6 (Version: 16.7 - Corel Corporation) Hidden
cyberJack Base Components (HKLM\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.10.8 - REINER SCT)
DCP32MMWrapper (Version: 1.6.326.57 - Broadcom Corporation) Hidden
DDBAC (HKLM\...\{E3B6D3FB-A593-41BA-9AB1-FFE46F608565}) (Version: 5.3.21 - DataDesign)
Dell Client System Update (HKLM\...\{04566294-A6B6-4462-9721-031073EB3694}) (Version: 1.3.0 - Dell Inc.)
Dell Control Point (Version: 1.6.326.57 - Broadcom Corporation) Hidden
Dell ControlPoint Security Manager (HKLM\...\{F4487649-7368-4217-AEA3-1E04DB3E2C5C}) (Version: 1.6.326.57 - Dell Inc.)
Dell Embassy Trust Suite by Wave Systems (Version: 03.04.00.062 - Wave Systems Corp) Hidden
Dell Resource CD (HKLM\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.00.0000 - Ihr Firmenname)
Dell Security Device Driver Pack (HKLM\...\{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}) (Version: 1.3.039 - Dell Inc.)
EMBASSY Security Center (Version: 03.09.00.092 - Ihr Firmenname) Hidden
EMBASSY Security Setup (Version: 03.09.00.102 - Ihr Firmenname) Hidden
ESC Home Page Plugin (Version: 03.04.00.029 - Ihr Firmenname) Hidden
ESET Smart Security (HKLM\...\{025FFD63-BE62-4C83-B8DD-D8CCCB55355B}) (Version: 7.0.302.26 - ESET, spol s r. o.)
Evoluent Mouse Manager (HKLM\...\{AD6E0AE0-DADF-480E-82AE-4CDA6035D341}) (Version: 4.0.0 - Evoluent)
FeedReader (HKLM\...\FeedReader_is1) (Version:  - i-Systems Inc.)
Foxit Cloud (HKLM\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.5.129.617 - Foxit Corporation)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.1.5.624 - Foxit Corporation)
Gemalto (Version: 01.01.00.0000 - Wave Systems Corp) Hidden
Ghostscript GPL 8.64 (Msi Setup) (HKLM\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (Version: 8.64 - Corel Corporation) Hidden
Git version 1.8.5.2-preview20131230 (HKLM\...\Git_is1) (Version: 1.8.5.2-preview20131230 - The Git Development Community)
GlassFish Server Open Source Edition 4.1 (HKLM\...\nbi-glassfish-mod-4.1.0.13.0) (Version:  - )
GNU Aspell 0.50-3 (HKLM\...\GNU Aspell_is1) (Version:  - GNU)
GnuWin32: Cpio-2.6-2 (HKLM\...\Cpio-2.6-2_is1) (Version: 2.6-2 - GnuWin32)
gpg4o - GPG for Outlook (HKLM\...\{BC7DF0B9-330B-4B59-8455-649AABD213E6}) (Version: 3.3.26 - Giegerich und Partner GmbH)
Gpg4win (2.2.2) (HKLM\...\GPG4Win) (Version: 2.2.2 - The Gpg4win Project)
GPGrelay 0.959  (HKLM\...\GPGrelay) (Version: 0.959 - Andreas John)
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM\...\{8E87B944-4815-3C5E-947F-5035C9F64362}.KB947789) (Version: 1 - Microsoft Corporation)
HP Basic Starter Camera (HKLM\...\{ECD03DA7-5952-406A-8156-5F0C93618D1F}) (Version: 5.18.1.002 - Hewlett-Packard)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1872 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version:  - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java SE Development Kit 7 Update 51 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle)
Java SE Development Kit 7 Update 55 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170550}) (Version: 1.7.0.550 - Oracle)
Java SE Development Kit 7 Update 65 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170650}) (Version: 1.7.0.650 - Oracle)
Junction Link Magic 2.0 (HKLM\...\Junction Link Magic_is1) (Version:  - )
Lexware Info Service (HKLM\...\{8AE7E507-BC49-4DF0-A236-26878691AB53}) (Version: 2.90.00.0009 - Haufe-Lexware GmbH & Co.KG)
Lexware online banking (HKLM\...\{A64DF516-9CDC-4299-BD34-2B2C80CD453B}) (Version: 19.00.00.0059 - Haufe-Lexware GmbH & Co.KG)
Licensing Service (03000201) (Version: 03.00.02.15 - Protexis Inc.) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 365 Home Premium - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4569.1507 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3200770914-2407154358-3816992364-1000\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM\...\{8E87B944-4815-3C5E-947F-5035C9F64362}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (HKLM\...\{76DAEC83-AF7B-333C-8A53-83D7C7D39199}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 de) (HKLM\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
NetBeans IDE 8.0.1 (HKLM\...\nbi-nb-base-8.0.1.0.201408251540) (Version: 8.0.1 - NetBeans.org)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NTRU TCG Software Stack (Version: 2.1.29 - NTRU Cryptosystems) Hidden
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4569.1507 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1507 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4569.1507 - Microsoft Corporation) Hidden
OKI Network Extension (HKLM\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
OpenAL (HKLM\...\OpenAL) (Version:  - )
OpenSSL 1.0.1g Light (32-bit) (HKLM\...\OpenSSL Light (32-bit)_is1) (Version:  - OpenSSL Win32 Installer Team)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Preboot Manager (Version: 02.09.00.071 - Wave Systems Corp.) Hidden
Python 3.4.2 (HKLM\...\{2583CDBA-8A53-4622-BB67-1D163714C1B4}) (Version: 3.4.16349 - Python Software Foundation)
Quicken DELUXE 2014 (HKLM\...\{E60036CF-1E46-4DFE-832F-5476574B30FF}) (Version: 21.37.00.0185 - Haufe-Lexware GmbH & Co.KG)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5876 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.4.0 - Samsung Electronics)
Secunia PSI (3.0.0.9016) (HKLM\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skype™ 6.20 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
SO32MMWrapper (Version: 1.6.326.57 - Broadcom Corporation) Hidden
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
SuperTux Version 0.3.4 (HKLM\...\{5095BBEC-9A2F-4DA1-B5EF-511C728A2FF6}_is1) (Version: 0.3.4 - SuperTux Development Team)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
TeXnicCenter Version 2.02 Stable (HKLM\...\TeXnicCenter_is1) (Version: 2.02 Stable - The TeXnicCenter Team)
TortoiseGit 1.8.11.0 (32 bit) (HKLM\...\{96D611C3-3B32-4D90-8B5D-6A00884066E4}) (Version: 1.8.11.0 - TortoiseGit)
TortoiseSVN 1.8.8.25755 (32 bit) (HKLM\...\{E9741943-84C8-48D3-9B88-CDD9CADF9DA0}) (Version: 1.8.25755 - TortoiseSVN)
TrueCrypt (HKLM\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Tuckers Abenteuer (HKU\S-1-5-21-3200770914-2407154358-3816992364-1000\...\Tuckers Abenteuer) (Version:  - )
UBitMenuDE (HKLM\...\{CBCFD97D-FE82-43F4-A978-996CACF71E6B}_is1) (Version: 01.04 - UBit Schweiz AG)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Virtual CD v10 (HKLM\...\{10C51313-A308-4B40-90E3-B368D5882660}) (Version: 10.50.2 - H+H Software GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-3 - Wacom Technology Corp.)
Wave Infrastructure Installer (Version: 07.00.21.0000 - Wave Systems Corp) Hidden
Wave Support Software (Version: 05.10.00.046 - Ihr Firmenname) Hidden
WebTablet FB Plugin 32 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
Windows-Treiberpaket - Dell Inc. PBADRV System  (01/07/2008 1.0.1.5) (HKLM\...\9D57DE505B6D8C710EF3B74BE638DBB936EED8A3) (Version: 01/07/2008 1.0.1.5 - Dell Inc.)
WizMouse v1.7.0.3 (HKLM\...\WizMouse_is1) (Version:  - Antibody Software)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{20DD1B9E-87C4-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\MSCOMCT2.OCX (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{232E456A-87C3-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\MSCOMCT2.OCX (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{38911D8E-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{38911D90-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{38911D92-E448-11D0-84A3-00DD01104159}\InprocServer32 -> C:\Windows\system32\comct332.ocx (Microsoft Corporation )
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{603C7E80-87C2-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\MSCOMCT2.OCX (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\*****\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\*****\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\*****\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{B09DE715-87C1-11D1-8BE3-0000F8754DA1}\InprocServer32 -> C:\Windows\system32\MSCOMCT2.OCX (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> No File Path
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\*****\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\*****\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\*****\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\*****\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\FileSyncApi.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3200770914-2407154358-3816992364-1000_Classes\CLSID\{FE38753A-44A3-11D1-B5B7-0000C09000C4}\InprocServer32 -> C:\Windows\system32\MSCOMCT2.OCX (Microsoft Corporation)

==================== Restore Points  =========================

10-11-2014 20:39:49 Geplanter Prüfpunkt
18-11-2014 17:16:11 Geplanter Prüfpunkt
23-11-2014 15:25:09 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {01E5DA9F-4D28-4F45-9897-C7F4C121A8D3} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {273CB7AC-71EE-4FC8-B27D-774C4ACF3E79} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {2E73708F-48D4-4B91-BC11-9F51839ECDC3} - System32\Tasks\{198A069B-9FCD-4D28-BCD2-D87A017C9F62} => D:\Gruntzrun\GRUNTZ.EXE
Task: {2F499632-C1D9-4989-8346-8157A4F4D483} - System32\Tasks\SamsungMagician => C:\Program Files\Samsung\Samsung Magician\Samsung Magician.exe [2014-05-19] (Samsung Electronics.)
Task: {36B48D06-0925-4E29-A6CF-6E99D99EA3CF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-12] (Adobe Systems Incorporated)
Task: {3A04BA36-04D7-46ED-B1C3-0F0D8F165396} - System32\Tasks\Dieters Tastenkombinationen laden => D:\*****\Eigene Dokumente\*****\*****\autohotkey\Tastenkombinationen_starten.bat [2014-05-27] ()
Task: {4799F1D0-C454-4439-BFDE-1F43D45B8504} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {72141D5F-CC40-4A14-AD0F-4048B76B4B59} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2013-12-17] (Microsoft Corporation)
Task: {73CFE003-C679-416C-AC29-3BB6D1462111} - System32\Tasks\Everything Suche starten ohne UAC => C:\*****\*****\Everything\Everything-1.3.4.686.exe [2014-08-06] ()
Task: {831A1978-3497-4AE9-A9E3-35CC0C5F7587} - System32\Tasks\DieterButtonClicker starten => D:\*****\Eigene Dokumente\*****\*****\autohotkey\buttonClicker.ahk [2014-10-30] ()
Task: {8DA1F263-1B57-408A-8AB5-5F62652EE7D1} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {9910A31C-7F3C-4139-A301-EC91E1766DC8} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9ABD14AC-FA58-4F4F-AA75-976AFD091FEE} - System32\Tasks\Dell\Client System Update => C:\Program Files\Dell\ClientSystemUpdate\DellClientSystemUpdate.exe [2012-10-11] (Dell Inc.)
Task: {9D22C170-4978-4012-8745-B8FB9CD13ABF} - System32\Tasks\WizMouse => C:\Program Files\WizMouse\WizMouseLaunch.exe [2013-09-22] ()
Task: {A9B3A87A-5B78-49AC-8E00-9748FDE12BDC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-02-26] (Microsoft Corporation)
Task: {DBD0708A-ED63-4C5F-956D-90400D3A68D1} - System32\Tasks\{89BA4E46-8280-4C24-A05F-0F169585A29C} => D:\Gruntzrun\GRUNTZ.EXE
Task: {E368BA79-77B6-478B-90B6-D51DAA92CA83} - System32\Tasks\Kommandozeile mit System => cmd
Task: {F382327D-2246-4016-9FBF-A0D210EB85D3} - System32\Tasks\Netzadresse erneuern => C:\*****\*****\Netzwerkadresse erneuern\net.bat [2010-09-19] ()
Task: {F56EDF97-4364-4B29-A523-A0322A4EFDFC} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {FD8EE935-6D5A-4FDF-9FBE-0A2021063402} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Netzadresse erneuern.job => ?

==================== Loaded Modules (whitelisted) =============

2013-10-10 22:48 - 2013-10-10 22:48 - 00063376 _____ () C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-21 19:20 - 2007-05-31 07:38 - 00167936 _____ () C:\Windows\system32\SerialXP.dll
2014-02-26 15:47 - 2013-10-31 17:14 - 00077992 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2014-02-26 15:47 - 2014-01-02 16:27 - 00414376 _____ () C:\Program Files\Microsoft Office 15\ClientX86\StreamServer.dll
2014-09-03 12:07 - 2014-09-03 12:07 - 00216576 _____ () C:\Program Files\GNU\GnuPGv2\dirmngr.exe
2014-09-03 11:53 - 2014-09-03 11:53 - 00221184 _____ () C:\Program Files\GNU\GnuPGv2\libksba-8.dll
2014-09-03 11:48 - 2014-09-03 11:48 - 00038400 _____ () C:\Program Files\GNU\GnuPGv2\libgpg-error-0.dll
2014-09-03 11:41 - 2014-09-03 11:41 - 00050176 _____ () C:\Program Files\GNU\GnuPGv2\libw32pth-0.dll
2014-09-03 11:53 - 2014-09-03 11:53 - 00069632 _____ () C:\Program Files\GNU\GnuPGv2\libassuan-0.dll
2014-09-03 11:56 - 2014-09-03 11:56 - 00742400 _____ () C:\Program Files\GNU\GnuPGv2\libgcrypt-20.dll
2014-02-21 18:40 - 2014-01-13 08:24 - 01019672 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2014-02-13 22:04 - 2013-09-22 10:27 - 00119000 _____ () C:\Program Files\WizMouse\wizmouse.exe
2014-08-22 14:51 - 2014-08-22 14:51 - 00592232 _____ () C:\Program Files\TortoiseGit\bin\libgit232_tgit.dll
2014-08-22 14:51 - 2014-08-22 14:51 - 00076648 _____ () C:\Program Files\TortoiseGit\bin\zlib132_tgit.dll
2014-08-10 14:40 - 2014-08-10 14:40 - 00065792 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2014-08-10 14:40 - 2014-08-10 14:40 - 00071936 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2013-10-01 09:32 - 2013-10-01 09:32 - 02634920 _____ () C:\Program Files\Acronis\TrueImageHome\tishell.dll
2013-10-01 10:00 - 2013-10-01 10:00 - 00022336 _____ () C:\Program Files\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
2010-07-04 22:32 - 2010-07-04 22:32 - 00010752 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2014-02-13 23:55 - 2012-01-20 14:55 - 00427520 _____ () C:\Program Files\TeraCopy\TeraCopyExt.dll
2014-05-12 10:49 - 2014-05-12 10:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2009-06-03 12:07 - 2009-06-03 12:07 - 00010752 _____ () C:\Windows\system32\Wavx_ESC_Logging.dll
2008-11-12 13:29 - 2008-11-12 13:29 - 00004608 _____ () C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\TspPopup_DEU.dll
2012-10-16 10:39 - 2012-10-16 10:39 - 00646744 _____ () C:\Program Files\Bamboo Dock\BambooCore.exe
2014-02-04 17:25 - 2014-02-04 17:25 - 00036672 _____ () C:\Program Files\Acronis\TrueImageHome\qt_icontray_ex.dll
2014-02-04 17:25 - 2014-02-04 17:25 - 00028992 _____ () C:\Program Files\Common Files\Acronis\Home\thread_pool.dll
2014-02-25 17:25 - 2008-08-18 16:08 - 00050688 _____ () C:\Program Files\Virtual CD v10\System\ogg.dll
2014-02-25 17:25 - 2008-08-18 16:11 - 01237504 _____ () C:\Program Files\Virtual CD v10\System\vorbis.dll
2014-02-26 20:33 - 2007-02-10 15:40 - 00020480 _____ () C:\Windows\FixCamera.exe
2006-09-19 09:07 - 2006-09-19 09:07 - 00827392 _____ () C:\Windows\vsnpstd3.exe
2013-10-10 11:02 - 2013-10-10 11:02 - 00013120 _____ () C:\Program Files\Common Files\Acronis\TibMounter\icudt38.dll
2014-02-28 11:07 - 2010-01-21 11:32 - 02089472 _____ () C:\Program Files\FeedReader30\feedreader.exe
2014-02-28 11:07 - 2010-01-20 15:55 - 00222720 _____ () C:\Program Files\FeedReader30\theme.dll
2009-01-10 20:32 - 2009-01-10 20:32 - 00011362 _____ () C:\*****\*****\PortableApps\LANMessengerPortable\App\LANMessenger\mingwm10.dll
2009-06-23 03:42 - 2009-06-23 03:42 - 00043008 _____ () C:\*****\*****\PortableApps\LANMessengerPortable\App\LANMessenger\libgcc_s_dw2-1.dll
2005-04-26 08:10 - 2005-04-26 08:10 - 04005888 _____ () C:\Program Files\AGFEO\Tk-Suite-Basic\tools\qt-mt334.dll
2005-04-26 08:10 - 2005-04-26 08:10 - 00061440 _____ () C:\Program Files\AGFEO\Tk-Suite-Basic\tools\styles\qwindowsxpstyle.dll
2014-02-13 23:29 - 2014-05-06 10:24 - 00013824 _____ () C:\Program Files\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2014-02-13 23:29 - 2014-05-19 19:20 - 00103424 _____ () C:\Program Files\Samsung\Samsung Magician\PAL.dll
2014-02-13 23:29 - 2014-05-19 19:20 - 00039424 _____ () C:\Program Files\Samsung\Samsung Magician\SATA.dll
2014-02-13 23:29 - 2014-05-19 19:19 - 00038400 _____ () C:\Program Files\Samsung\Samsung Magician\SAT.dll
2014-02-13 23:29 - 2014-05-19 19:20 - 00031232 _____ () C:\Program Files\Samsung\Samsung Magician\SMINI.dll
2014-02-13 23:29 - 2014-05-19 19:19 - 00029696 _____ () C:\Program Files\Samsung\Samsung Magician\SAS.dll
2014-02-26 15:47 - 2014-02-26 15:47 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll
2014-02-26 15:54 - 2014-02-26 15:57 - 01030312 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\ADDINS\UmOutlookAddin.dll
2014-02-26 15:48 - 2014-02-26 15:54 - 00125096 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\OUTLCTL.DLL
2014-02-22 12:39 - 2014-05-04 03:37 - 00908800 _____ () C:\Program Files\AutoHotkey\AutoHotkey.exe
2014-02-04 17:28 - 2014-02-04 17:28 - 00420160 _____ () C:\Program Files\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-11-24 17:23 - 2014-11-24 17:23 - 00011264 _____ () C:\Users\*****\AppData\Local\Temp\nsqCE38.tmp\System.dll
2014-11-24 17:23 - 2014-11-24 17:23 - 00008704 _____ () C:\Users\*****\AppData\Local\Temp\nsqCE38.tmp\newadvsplash.dll
2014-11-24 17:23 - 2014-11-24 17:23 - 00016384 _____ () C:\Users\*****\AppData\Local\Temp\nsqCE38.tmp\registry.dll
2014-11-24 17:23 - 2014-11-24 17:23 - 00011264 _____ () C:\Users\*****\AppData\Local\Temp\nsqCE86.tmp\System.dll
2014-11-24 17:23 - 2014-11-24 17:23 - 00008704 _____ () C:\Users\*****\AppData\Local\Temp\nsqCE86.tmp\newadvsplash.dll
2014-09-14 16:25 - 2014-09-14 16:25 - 00120320 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\taskcoach.exe
2012-04-10 22:31 - 2012-04-10 22:31 - 00285184 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\_hashlib.pyd
2012-04-10 22:31 - 2012-04-10 22:31 - 00040960 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\_socket.pyd
2012-04-10 22:31 - 2012-04-10 22:31 - 00721920 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\_ssl.pyd
2011-07-15 20:37 - 2011-07-15 20:37 - 00981504 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\wx._core_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00746496 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\wx._gdi_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00670720 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\wx._windows_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00966144 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\wx._controls_.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00674816 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\wx._misc_.pyd
2014-03-02 16:42 - 2014-03-02 16:42 - 00098816 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\win32api.pyd
2014-03-02 16:42 - 2014-03-02 16:42 - 00110080 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\pywintypes27.dll
2010-12-29 16:43 - 2010-12-29 16:43 - 00019456 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\zope.interface._zope_interface_coptimizations.pyd
2012-08-31 08:04 - 2012-08-31 08:04 - 00006656 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\twisted.python._initgroups.pyd
2012-04-10 22:31 - 2012-04-10 22:31 - 00074240 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\_ctypes.pyd
2014-03-02 16:42 - 2014-03-02 16:42 - 00035840 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\win32process.pyd
2012-04-10 22:31 - 2012-04-10 22:31 - 00009728 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\select.pyd
2012-10-27 15:20 - 2012-10-27 15:20 - 00119808 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\win32file.pyd
2014-03-02 16:42 - 2014-03-02 16:42 - 00018432 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\win32event.pyd
2014-03-02 16:42 - 2014-03-02 16:42 - 00167936 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\win32gui.pyd
2014-03-02 16:42 - 2014-03-02 16:42 - 00364544 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\pythoncom27.dll
2012-10-27 15:23 - 2012-10-27 15:23 - 00320512 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\win32com.shell.shell.pyd
2014-03-02 16:42 - 2014-03-02 16:42 - 00016384 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\_winxptheme.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00346112 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\wx._html.pyd
2012-04-10 22:31 - 2012-04-10 22:31 - 00059904 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\bz2.pyd
2011-07-15 20:39 - 2011-07-15 20:39 - 00341504 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\wx._gizmos.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00146944 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\wx._combo.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00395776 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\wx._grid.pyd
2011-07-15 20:38 - 2011-07-15 20:38 - 00109568 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\wx._wizard.pyd
2014-09-14 16:20 - 2014-09-14 16:20 - 00338944 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\_pysyncml.pyd
2012-04-10 22:31 - 2012-04-10 22:31 - 00103424 _____ () C:\*****\*****\PortableApps\TaskCoachPortable\App\TaskCoach\pyexpat.pyd
2014-11-10 22:06 - 2014-11-10 22:06 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00036878 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\libssp-0.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00671031 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\exchndl.dll
2014-10-23 21:19 - 2014-10-23 21:19 - 00904525 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\Gtk\bin\libcairo-2.dll
2014-10-23 21:19 - 2014-10-23 21:19 - 00279059 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\Gtk\bin\libfontconfig-1.dll
2014-10-23 21:19 - 2014-10-23 21:19 - 00177586 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\Gtk\bin\libexpat-1.dll
2014-10-23 21:19 - 2014-10-23 21:19 - 00553382 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\Gtk\bin\freetype6.dll
2014-10-23 21:19 - 2014-10-23 21:19 - 00216992 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\Gtk\bin\libpng14-14.dll
2014-10-23 21:19 - 2014-10-23 21:19 - 00100352 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\Gtk\bin\zlib1.dll
2014-10-19 21:39 - 2014-10-19 21:39 - 01274655 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\libxml2-2.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00475580 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\spellcheck\libgtkspell-0.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00020997 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\autoaccept.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00013253 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\buddynote.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00024924 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\convcolors.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00015702 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\extplacement.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00014147 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\gtkbuddynote.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00018882 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\history.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00012865 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\iconaway.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00019043 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\idle.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00018555 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\joinpart.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00015074 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\libaim.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00311021 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\liboscar.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00092398 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\libbonjour.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00328142 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\libgg.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00016005 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\libicq.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00107365 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\libirc.dll
2014-10-19 21:39 - 2014-10-19 21:39 - 00190464 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\libsasl.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00374169 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\libmsn.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00150598 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\libmxit.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00106670 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\libmyspace.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00123540 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\libnovell.dll
2012-11-02 15:55 - 2009-10-18 00:08 - 00215313 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\libqq.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00116071 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\libsametime.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00152852 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\libmeanwhile-1.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00170578 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\libsilc.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 02097721 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\libsilc-1-1-2.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00818985 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\libsilcclient-1-1-3.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00055880 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\libsimple.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00021337 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\libxmpp.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00417758 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\libjabber.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00022832 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\libyahoo.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00236666 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\libymsg.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00019793 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\libyahoojp.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00047934 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\log_reader.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00021795 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\markerline.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00013456 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\newline.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00029225 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\notify.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00017023 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\offlinemsg.dll
2012-11-02 15:55 - 2008-06-15 19:56 - 00201216 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\pidgin-otr.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00029256 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\pidginrc.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00015380 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\psychic.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00015429 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\relnot.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00015045 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\sendbutton.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00069575 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\spellchk.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00031427 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\ssl-nss.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00012004 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\ssl.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00015978 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\statenotify.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00030353 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\themeedit.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00032020 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\ticker.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00018399 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\timestamp.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00023851 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\timestamp_format.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00029791 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\win2ktrans.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00030771 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\winprefs.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00037191 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\xmppconsole.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00044494 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\plugins\xmppdisco.dll
2014-10-19 21:39 - 2014-10-19 21:39 - 00102400 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\sasl2\saslANONYMOUS.dll
2014-10-19 21:39 - 2014-10-19 21:39 - 00115712 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\sasl2\saslCRAMMD5.dll
2014-10-19 21:39 - 2014-10-19 21:39 - 00140288 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\sasl2\saslDIGESTMD5.dll
2014-10-19 21:39 - 2014-10-19 21:39 - 00102912 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\sasl2\saslLOGIN.dll
2014-10-19 21:39 - 2014-10-19 21:39 - 00102912 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\sasl2\saslPLAIN.dll
2014-10-19 21:40 - 2014-10-19 21:40 - 00486400 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\sqlite3.dll
2014-10-23 21:19 - 2014-10-23 21:19 - 00090496 _____ () C:\*****\*****\PortableApps\PidginPortable\App\Pidgin\Gtk\lib\gtk-2.0\2.10.0\engines\libwimp.dll

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3200770914-2407154358-3816992364-500 - Administrator - Disabled)
***** (S-1-5-21-3200770914-2407154358-3816992364-1000 - Administrator - Enabled) => C:\Users\*****
Gast (S-1-5-21-3200770914-2407154358-3816992364-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/24/2014 05:21:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/24/2014 05:21:30 PM) (Source: Wave TCG Client Services) (EventID: 123) (User: )
Description: The NTRU TSS is not running, Wave Software is unable to communicate to TPM

Error: (11/24/2014 05:09:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 504: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (11/24/2014 05:09:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (11/24/2014 05:09:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 496: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (11/24/2014 05:09:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (11/24/2014 05:09:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 488: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (11/24/2014 05:09:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (11/24/2014 05:09:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 480: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (11/24/2014 05:09:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053


System errors:
=============
Error: (11/24/2014 05:21:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (11/24/2014 05:20:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NTRU TSS v1.2.1.29 TCS" ist vom Dienst "TPM-Basisdienste" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%0

Error: (11/24/2014 02:08:43 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (11/24/2014 02:07:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NTRU TSS v1.2.1.29 TCS" ist vom Dienst "TPM-Basisdienste" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%0

Error: (11/23/2014 05:15:56 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (11/23/2014 05:14:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NTRU TSS v1.2.1.29 TCS" ist vom Dienst "TPM-Basisdienste" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%0

Error: (11/23/2014 05:14:00 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NTRU TSS v1.2.1.29 TCS" ist vom Dienst "TPM-Basisdienste" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%0

Error: (11/23/2014 04:06:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (11/23/2014 04:05:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NTRU TSS v1.2.1.29 TCS" ist vom Dienst "TPM-Basisdienste" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%0

Error: (11/23/2014 11:12:09 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}


Microsoft Office Sessions:
=========================
Error: (11/24/2014 05:21:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/24/2014 05:21:30 PM) (Source: Wave TCG Client Services) (EventID: 123) (User: )
Description: The NTRU TSS is not running, Wave Software is unable to communicate to TPM

Error: (11/24/2014 05:09:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 504: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (11/24/2014 05:09:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (11/24/2014 05:09:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 496: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (11/24/2014 05:09:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (11/24/2014 05:09:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 488: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (11/24/2014 05:09:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (11/24/2014 05:09:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 480: ERROR: read_msg errno 0 (Der Vorgang wurde erfolgreich beendet.)

Error: (11/24/2014 05:09:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz
Percentage of memory in use: 80%
Total physical RAM: 2011.65 MB
Available physical RAM: 398.7 MB
Total Pagefile: 4023.3 MB
Available Pagefile: 1778.28 MB
Total Virtual: 2047.88 MB
Available Virtual: 1914.06 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100.52 GB) (Free:61.35 GB) NTFS
Drive d: (*****) (Fixed) (Total:465.76 GB) (Free:248.43 GB) NTFS
Drive e: (*****) (Removable) (Total:7.53 GB) (Free:6.89 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: A97773DE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 000DA45B)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0B)

==================== End Of Log ============================

That's it for now. Hoffe ich hab alles richtig gemacht.

schrauber · 25.11.2014, 17:32

Zitat:

Oder meine Masterarbeit abbrechen und alle PCs neu installieren, meinem Vater ein neues Smartphone kaufen, und Fernseher, Blurayplayer, Router und Dreambox wegwerfen? :-/

Darauf wird es hinaus laufen......scherz

ich seh so nix. Adware kann alles. Das sind ja im Prinzip Baukasten die man sich einfach holt und dazu packt. Ob jetzt nen Sinkhole kontaktieren, Passwörter mitnehmen, alles machbar.

Aber aktuell an den Logs sehe ich nix, ausser bei PC2 im Firefox, da würde ich noch bissl Adware rausholen.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

HonigDieter · 28.11.2014, 21:28

Hallo Schrauber,

entschuldige bitte, dass ich mich jetzt ein paar Tage nicht gemeldet habe, ich war viel mit der Uni unterwegs.

1) Ich habe adwCleaner auf PC_2 laufen lassen. Auf "Löschen" habe ich aber nicht geklickt, denn alle Tabs mit den Funden waren leer -- bis auf zwei: C:\Users\*****\AppData\Roaming\pdfforge wurde unter Directories gelistet. Da drin ist aber nur Images2PDF\Images2PDF.settings, und das brauche ich noch. Außerdem wurde eine user.js gefunden, da steht aber nur "user_prefs("yahoo.homepage.dontask", true) drin. Also nichts schlimmes, oder?

2) Was ist denn mit den Alternate Data Streams auf PC_2, könnte da was böses drin sein?

3) Zu PC_3 und der websecurity[1].exe in den Temporary Internet Files: Wenn eine exe in den TIF landet, heißt das dann, dass sie auch ausgeführt wurde? Ich habe mit LastActivityView von Nir Sofer (hxxp://www.nirsoft.net/utils/computer_activity_view.html) aufgelistet, welche EXE-Dateien gestartet wurden, und da steht sie nicht drin.

4) Was soll ich denn nun machen? Ich meine, gefunden hab ich ja nichts! Soll ich mal GMER ausprobieren? Volatility??

Oder eher auf Smartphone etc. nach Viren suchen? (Nur wie?)

schrauber · 29.11.2014, 18:42

In den seltensten Fällen kommen so Meldungen der Telekom auch ohne Grund. Kann hier so sein.

Exe in Temp bedeutet das sie läuft, gelaufen ist oder von etwas anderem gerade geladen wurde.

Die ADS kann man entfernen:

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

AlternateDataStreams: C:\ProgramData\TEMP:01C66DD9
AlternateDataStreams: C:\ProgramData\TEMP:0B9FB94D
AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Jetzt auf allen 3 Rechnern bitte:

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

HonigDieter · 03.12.2014, 18:40

Hallo Schrauber,

vielen Dank. Zuerst noch eine kurze Info, was in in der Zwischenzeit zusätzlich gemacht habe:
Mich hat es etwas irritiert mit den Alternate Data Streams und ich habe mir gedacht, dass ich ja gar nicht weiß, auf welche Weise FRST nach solchen Streams sucht -- ich wollte es auf jeden Fall auch selber ein bisschen anschauen, das Folgende habe ich gemacht:
- Start mit Ubuntu-LiveCD, The Sleuth Kit installiert
- Mit gparted die dev-Pfade und Offsets von den Partitionen rausgefunden
- Mit fls ALLE Datei-Einträge der NTFS-MFT in eine Datei auflisten
- Mit dem folgenden Befehl alle Einträge mit einem Doppelpunkt im Dateinamen auflisten, aber nur einmal pro inode:

Code:

ATTFilter

cat ... | grep -e ".*:.*:" | sed "s/[rd\-]\/[rd\-] //" | sort -g | { lastInode=-1; while read line; do currentInode=$(echo "$line" | sed "s/\([0-9]*\).*/\1/"); if [ "$lastInode" != "$currentInode" ]; then echo "$line"; lastInode="$currentInode"; fi; done; }

- Das ganze in ein eilig gestricktes Bash-Skriptchen schmeißen, das alle übriggebliebenen inodes mit istat anschaut und alles filtert, was weniger als 2 $DATA-Streams hat, alle Hauptstreams (Name: N/A), alle Streams der Länge 0 und alle Zone.Identifier (geholt mit icat), auf die der Regex, den ich aus einem normalen Zone.Identifier habe, matcht.
(Mist, mir fällt grad auf, dass ein normales Verzeichnis ja 0 $DATA-Einträge hat!)

Auf den PCs PC_1 und PC_3 habe ich außer den normalen NTFS-$-Dateien wie $Extend NICHTS auffälliges gefunden (nur je ein Thumbnail in einem .url und eine Datei Update.CL in ProgramData/CyberLink/CLDShow.ini auf PC_1).
Auf PC_2 habe ich zusätzlich zu den anderen noch weitere Streams gefunden, an vielen Bilddateien hängen Sachen wie ^3or4kl4x13tuuug3Byamue2s4b und ^Q30lsldxJoudresxAaaqpcawXc dran (eventuell sind die vom Indexdienst), es gibt ^DocumentSummaryInformation und ^SummaryInformation an PaperPort-Dokumenten. An eml-Dateien sind anders geartete, binäre Zone.Identifier-Streams und OECustomProperty-Streams. Ein paar Stichproben fanden KEINE Executables (oder dlls), sondern nur "data: data" (Ausgabe vom file-Kommando).
--> PC_2 ist also der "ungewöhnlichste" der drei.

Gleich kommen die Logs...

HonigDieter · 03.12.2014, 18:41

Logs (1 von 3)

Hier die weiteren Logfiles:
MBAR PC_1

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org

Database version: v2014.12.03.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17420
***** :: ***** [administrator]

03.12.2014 16:43:08
mbar-log-2014-12-03 (16-43-08).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 392407
Time elapsed: 37 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

TDSSK PC_1

Code:

ATTFilter

17:47:08.0422 0x168c  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
17:47:11.0215 0x168c  ============================================================
17:47:11.0215 0x168c  Current date / time: 2014/12/03 17:47:11.0215
17:47:11.0215 0x168c  SystemInfo:
17:47:11.0215 0x168c  
17:47:11.0215 0x168c  OS Version: 6.1.7601 ServicePack: 1.0
17:47:11.0215 0x168c  Product type: Workstation
17:47:11.0215 0x168c  ComputerName: *****
17:47:11.0215 0x168c  UserName: *****
17:47:11.0215 0x168c  Windows directory: C:\Windows
17:47:11.0215 0x168c  System windows directory: C:\Windows
17:47:11.0215 0x168c  Running under WOW64
17:47:11.0215 0x168c  Processor architecture: Intel x64
17:47:11.0215 0x168c  Number of processors: 8
17:47:11.0215 0x168c  Page size: 0x1000
17:47:11.0215 0x168c  Boot type: Normal boot
17:47:11.0215 0x168c  ============================================================
17:47:13.0446 0x168c  KLMD registered as C:\Windows\system32\drivers\79736992.sys
17:47:13.0836 0x168c  System UUID: {3332BF87-9F55-9C33-386B-ECC715C53BC8}
17:47:14.0491 0x168c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:47:14.0522 0x168c  Drive \Device\Harddisk1\DR2 - Size: 0x1E3000000 ( 7.55 Gb ), SectorSize: 0x200, Cylinders: 0x3D9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:47:14.0522 0x168c  ============================================================
17:47:14.0522 0x168c  \Device\Harddisk0\DR0:
17:47:14.0522 0x168c  MBR partitions:
17:47:14.0522 0x168c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x7A000, BlocksNum 0x204D000
17:47:14.0522 0x168c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x20C7000, BlocksNum 0x65E3F000
17:47:14.0569 0x168c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x67F06800, BlocksNum 0xC7FF800
17:47:14.0569 0x168c  \Device\Harddisk1\DR2:
17:47:14.0569 0x168c  MBR partitions:
17:47:14.0569 0x168c  \Device\Harddisk1\DR2\Partition1: MBR, Type 0xB, StartLBA 0x800, BlocksNum 0xF17800
17:47:14.0569 0x168c  ============================================================
17:47:14.0616 0x168c  C: <-> \Device\Harddisk0\DR0\Partition2
17:47:14.0647 0x168c  N: <-> \Device\Harddisk0\DR0\Partition3
17:47:14.0647 0x168c  ============================================================
17:47:14.0647 0x168c  Initialize success
17:47:14.0647 0x168c  ============================================================
17:47:29.0748 0x1f04  ============================================================
17:47:29.0748 0x1f04  Scan started
17:47:29.0748 0x1f04  Mode: Manual; SigCheck; TDLFS; 
17:47:29.0748 0x1f04  ============================================================
17:47:29.0748 0x1f04  KSN ping started
17:47:32.0431 0x1f04  KSN ping finished: true
17:47:33.0960 0x1f04  ================ Scan system memory ========================
17:47:33.0960 0x1f04  System memory - ok
17:47:33.0960 0x1f04  ================ Scan services =============================
17:47:34.0163 0x1f04  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
17:47:34.0225 0x1f04  1394ohci - ok
17:47:34.0287 0x1f04  [ E0A8525A951ADDB4655BC2068566407D, 7C08B9DB7C281422FD64219DF81B7064CE16EA53CF00EB1FC33CB0741CE6605F ] 61883           C:\Windows\system32\DRIVERS\61883.sys
17:47:34.0319 0x1f04  61883 - ok
17:47:34.0334 0x1f04  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:47:34.0365 0x1f04  ACPI - ok
17:47:34.0381 0x1f04  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:47:34.0412 0x1f04  AcpiPmi - ok
17:47:34.0521 0x1f04  [ CD41DFA7A778555B2055E2D388F5CB33, AE149AB7823AE3A97E2826C06968F32A7E50331484203E4581C83E441A1680F9 ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
17:47:34.0568 0x1f04  AcrSch2Svc - ok
17:47:34.0599 0x1f04  [ DBAE970E1660D33F41F460D245A30A6A, 8C6DD2BD1B65411B38E1E710DEC87054950B9A54286B81681BC3730A8562A24F ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
17:47:34.0631 0x1f04  ADIHdAudAddService - ok
17:47:34.0958 0x1f04  [ 430C19CB511FD6E0DDCD44B42B1810DA, 2EE9FFB0B6DEC653327D8932EC731D81FF86C64A67CD37AABD2022CF04AA487C ] AdobeActiveFileMonitor12.0 C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
17:47:34.0989 0x1f04  AdobeActiveFileMonitor12.0 - ok
17:47:35.0114 0x1f04  [ F79623288F2A357AB20288B5DC4F452A, AA6F70A4C12E390E08074D6FD0EA0D1856D8274DA833E56A8811BF820A2D41D4 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:47:35.0114 0x1f04  AdobeFlashPlayerUpdateSvc - ok
17:47:35.0161 0x1f04  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
17:47:35.0192 0x1f04  adp94xx - ok
17:47:35.0223 0x1f04  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
17:47:35.0239 0x1f04  adpahci - ok
17:47:35.0255 0x1f04  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
17:47:35.0286 0x1f04  adpu320 - ok
17:47:35.0301 0x1f04  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:47:35.0411 0x1f04  AeLookupSvc - ok
17:47:35.0473 0x1f04  [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp           C:\Windows\system32\DRIVERS\afcdp.sys
17:47:35.0504 0x1f04  afcdp - ok
17:47:35.0660 0x1f04  [ 3B1C11CB7006495F799F8A2AB8B2D530, B7B0C4922A1843BBF8104CDC705C4FEA1F1A760C1CC2BD6BC5E4213A0E4ED9FD ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
17:47:35.0754 0x1f04  afcdpsrv - ok
17:47:35.0816 0x1f04  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
17:47:35.0863 0x1f04  AFD - ok
17:47:35.0894 0x1f04  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
17:47:35.0910 0x1f04  agp440 - ok
17:47:35.0910 0x1f04  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
17:47:35.0957 0x1f04  ALG - ok
17:47:36.0066 0x1f04  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:47:36.0081 0x1f04  aliide - ok
17:47:36.0128 0x1f04  [ 8EDD6F4D44179524D97978B05E53470C, BD9E6AF0A29929C3427D7C5131811C8AA0E7EE1763A7A23758D8274725047C17 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:47:36.0159 0x1f04  AMD External Events Utility - ok
17:47:36.0206 0x1f04  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:47:36.0222 0x1f04  amdide - ok
17:47:36.0253 0x1f04  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
17:47:36.0284 0x1f04  AmdK8 - ok
17:47:36.0565 0x1f04  [ 1161508314780CE14CD3DEF536AB7B75, D2C7D8FB32F1AB7BF301D6961D8BDD26F1F2C33BAF272BC465D49910C49E1107 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:47:36.0846 0x1f04  amdkmdag - ok
17:47:36.0893 0x1f04  [ 2005D4DABEC2B0A57C23F6C2D51A7A53, 25394A532598AFEC50340AFC309B3AE0C33B03C378875953B5E5536FBCE5F007 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:47:36.0939 0x1f04  amdkmdap - ok
17:47:36.0939 0x1f04  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
17:47:36.0971 0x1f04  AmdPPM - ok
17:47:36.0986 0x1f04  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:47:37.0002 0x1f04  amdsata - ok
17:47:37.0017 0x1f04  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
17:47:37.0033 0x1f04  amdsbs - ok
17:47:37.0033 0x1f04  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:47:37.0049 0x1f04  amdxata - ok
17:47:37.0095 0x1f04  [ 363571BC0C79E394E69300D1F2E3DDAE, 4C9DDB848900081D95C14026B0E7B84419867685506E616E1FDA1B79B1FD224B ] androidusb      C:\Windows\system32\Drivers\androidusb.sys
17:47:37.0127 0x1f04  androidusb - ok
17:47:37.0173 0x1f04  [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID           C:\Windows\system32\drivers\appid.sys
17:47:37.0205 0x1f04  AppID - ok
17:47:37.0220 0x1f04  [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:47:37.0251 0x1f04  AppIDSvc - ok
17:47:37.0298 0x1f04  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
17:47:37.0329 0x1f04  Appinfo - ok
17:47:37.0361 0x1f04  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
17:47:37.0392 0x1f04  AppMgmt - ok
17:47:37.0423 0x1f04  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
17:47:37.0423 0x1f04  arc - ok
17:47:37.0439 0x1f04  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:47:37.0454 0x1f04  arcsas - ok
17:47:37.0548 0x1f04  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:47:37.0563 0x1f04  aspnet_state - ok
17:47:37.0579 0x1f04  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:47:37.0626 0x1f04  AsyncMac - ok
17:47:37.0657 0x1f04  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:47:37.0673 0x1f04  atapi - ok
17:47:37.0719 0x1f04  [ CBD14F698DEF12EE3557604B726CB8EB, 45EDD88B18F2DE9024851BFDE9DC0CA943692DD306CB3A0822F4A5C0C3D7CDD6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
17:47:37.0719 0x1f04  AtiHDAudioService - ok
17:47:37.0782 0x1f04  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:47:37.0844 0x1f04  AudioEndpointBuilder - ok
17:47:37.0860 0x1f04  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:47:37.0891 0x1f04  AudioSrv - ok
17:47:37.0938 0x1f04  [ 16FABE84916623D0607E4A975544032C, 9D960CAE27B1769ED5B024C0A3375912432521C73C1F59E21111596A7981BDC3 ] Avc             C:\Windows\system32\DRIVERS\avc.sys
17:47:37.0953 0x1f04  Avc - ok
17:47:38.0000 0x1f04  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:47:38.0047 0x1f04  AxInstSV - ok
17:47:38.0094 0x1f04  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
17:47:38.0125 0x1f04  b06bdrv - ok
17:47:38.0156 0x1f04  [ 00E4FD35CE3E817F19D6BC2B6F97FD90, C2062C64C7737BAF92767B73C856B9A3C505758C1F0D411DCBB23D26837041D1 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:47:38.0172 0x1f04  b57nd60a - ok
17:47:38.0203 0x1f04  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:47:38.0219 0x1f04  BDESVC - ok
17:47:38.0234 0x1f04  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:47:38.0265 0x1f04  Beep - ok
17:47:38.0312 0x1f04  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
17:47:38.0359 0x1f04  BFE - ok
17:47:38.0406 0x1f04  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
17:47:38.0515 0x1f04  BITS - ok
17:47:38.0531 0x1f04  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:47:38.0562 0x1f04  blbdrive - ok
17:47:38.0593 0x1f04  [ 228086F7ED08E8F1F8622E8F0DED7B6E, E8E14F0DE2C9EBB0F50ADA7C6972276D6223BBB793959CB3D0AD5A6573FCFE36 ] Blfp            C:\Windows\system32\DRIVERS\basp.sys
17:47:38.0609 0x1f04  Blfp - ok
17:47:38.0655 0x1f04  [ 73686FE0B2E0469F89FD2075BE724704, 4BC5BBA7ACB5BDA77251B82B9CF16C6A9EBBCC29760860A0F37ABDDF9288143F ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
17:47:38.0671 0x1f04  Bonjour Service - detected UnsignedFile.Multi.Generic ( 1 )
17:47:41.0058 0x1f04  Detect skipped due to KSN trusted
17:47:41.0058 0x1f04  Bonjour Service - ok
17:47:41.0089 0x1f04  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:47:41.0151 0x1f04  bowser - ok
17:47:41.0198 0x1f04  [ 96AFB6D33247FE90421A5B2E76F4ED59, 4BBA27CF3AF63F223A5AB6C5535B3BB9B70C98EB482C11C7F4941667535D7368 ] BrcmMgmtAgent   C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
17:47:41.0229 0x1f04  BrcmMgmtAgent - detected UnsignedFile.Multi.Generic ( 1 )
17:47:43.0819 0x1f04  Detect skipped due to KSN trusted
17:47:43.0819 0x1f04  BrcmMgmtAgent - ok
17:47:43.0835 0x1f04  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
17:47:43.0850 0x1f04  BrFiltLo - ok
17:47:43.0866 0x1f04  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
17:47:43.0897 0x1f04  BrFiltUp - ok
17:47:43.0944 0x1f04  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
17:47:43.0975 0x1f04  Browser - ok
17:47:43.0991 0x1f04  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:47:44.0022 0x1f04  Brserid - ok
17:47:44.0037 0x1f04  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:47:44.0053 0x1f04  BrSerWdm - ok
17:47:44.0053 0x1f04  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:47:44.0084 0x1f04  BrUsbMdm - ok
17:47:44.0100 0x1f04  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:47:44.0115 0x1f04  BrUsbSer - ok
17:47:44.0225 0x1f04  [ 832708C45519A22C1DCB79E821EE0FCB, 1D820E3E0FC010E84002EF8EC9EED90156BD05BD1277E28721C39814AC590A35 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
17:47:44.0256 0x1f04  BstHdAndroidSvc - ok
17:47:44.0334 0x1f04  [ 3DB06068F75B6D75EC16BC26FB585AA6, E272535749F7CF0F60F4085EEFB75B37ECDF866EF383DC52B15DAEE279DEAC9E ] BstHdDrv        C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
17:47:44.0349 0x1f04  BstHdDrv - ok
17:47:44.0396 0x1f04  [ 6BC612284E3B76FA4D964EB85E5D142D, 483E779DE5555DA0295B22E2A3F0FEFD075D5DA769CFF2F21CE7DD1A6D71BF80 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
17:47:44.0412 0x1f04  BstHdLogRotatorSvc - ok
17:47:44.0427 0x1f04  [ A1A665A58A95BD87208199A99686CC4E, 4FDC42ED67D49575C06235AA2A65260D886A058E205A574D85433BA8053F5CEF ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
17:47:44.0459 0x1f04  BstHdUpdaterSvc - ok
17:47:44.0474 0x1f04  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:47:44.0505 0x1f04  BTHMODEM - ok
17:47:44.0537 0x1f04  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
17:47:44.0583 0x1f04  bthserv - ok
17:47:44.0599 0x1f04  [ D8466DF7629A7ACD2BED0CDE206E5DF9, 331BD8477FC311C09ED3D7F457AF2706260A17055E2CB8CC943E646A0864EEC6 ] CbFs            C:\Windows\system32\drivers\cbfs.sys
17:47:44.0615 0x1f04  CbFs - ok
17:47:44.0677 0x1f04  [ 3D50891CAA71E3479A8A10F25CA9207F, AEF11602299188DC07F758D13ACC5F91BCD8BE94E87D050C01B1CD155CE10791 ] cbfs3           C:\Windows\system32\drivers\cbfs3.sys
17:47:44.0693 0x1f04  cbfs3 - ok
17:47:44.0724 0x1f04  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:47:44.0771 0x1f04  cdfs - ok
17:47:44.0786 0x1f04  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:47:44.0817 0x1f04  cdrom - ok
17:47:44.0833 0x1f04  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:47:44.0880 0x1f04  CertPropSvc - ok
17:47:44.0895 0x1f04  [ 13BAA96EE3CDD9B0ACCA2A11D90CEC47, 15F2D6560499BF2520C1B63E91C8E88EC0FE2A0CFE8DD106B9374212A46A6939 ] CFsDep          C:\Windows\system32\DRIVERS\CFsDep.sys
17:47:44.0911 0x1f04  CFsDep - ok
17:47:44.0911 0x1f04  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
17:47:44.0927 0x1f04  circlass - ok
17:47:44.0958 0x1f04  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
17:47:44.0973 0x1f04  CLFS - ok
17:47:45.0036 0x1f04  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:47:45.0051 0x1f04  clr_optimization_v2.0.50727_32 - ok
17:47:45.0098 0x1f04  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:47:45.0114 0x1f04  clr_optimization_v2.0.50727_64 - ok
17:47:45.0192 0x1f04  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:47:45.0207 0x1f04  clr_optimization_v4.0.30319_32 - ok
17:47:45.0207 0x1f04  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:47:45.0254 0x1f04  clr_optimization_v4.0.30319_64 - ok
17:47:45.0285 0x1f04  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
17:47:45.0285 0x1f04  CmBatt - ok
17:47:45.0332 0x1f04  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:47:45.0348 0x1f04  cmdide - ok
17:47:45.0395 0x1f04  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
17:47:45.0426 0x1f04  CNG - ok
17:47:45.0441 0x1f04  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
17:47:45.0457 0x1f04  Compbatt - ok
17:47:45.0473 0x1f04  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
17:47:45.0519 0x1f04  CompositeBus - ok
17:47:45.0519 0x1f04  COMSysApp - ok
17:47:45.0535 0x1f04  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
17:47:45.0551 0x1f04  crcdisk - ok
17:47:45.0597 0x1f04  [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:47:45.0629 0x1f04  CryptSvc - ok
17:47:45.0660 0x1f04  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
17:47:45.0707 0x1f04  CSC - ok
17:47:45.0738 0x1f04  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
17:47:45.0785 0x1f04  CscService - ok
17:47:45.0816 0x1f04  [ 643A450035DB69D5DF6EFDB4FAC8AA52, E4185ACAE4EEDA7628027683A910240CF73A2140434865B53491A21C55098ACA ] cvhdbus         C:\Windows\system32\DRIVERS\cvhdbus6.sys
17:47:45.0831 0x1f04  cvhdbus - ok
17:47:45.0847 0x1f04  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:47:45.0909 0x1f04  DcomLaunch - ok
17:47:45.0972 0x1f04  [ 230BFB96A86AB29DA6DEB234F8985D34, B60FA89DD360E9EC56FD0412314316E76FB6C4103F6656267E237F390E416D6A ] dcpsysmgrsvc    c:\Program Files\Dell\Dell System Manager\DCPSysMgrSvc.exe
17:47:45.0987 0x1f04  dcpsysmgrsvc - ok
17:47:46.0003 0x1f04  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
17:47:46.0065 0x1f04  defragsvc - ok
17:47:46.0081 0x1f04  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:47:46.0112 0x1f04  DfsC - ok
17:47:46.0175 0x1f04  [ 2D589A2C024B2FB238535DB9F7B3597D, 1EB47F73BC890D67A50C72E30BFE139AA1747C88E2FA8029A7382B203C37B512 ] DgiVecp         C:\Windows\system32\Drivers\DgiVecp.sys
17:47:46.0175 0x1f04  DgiVecp - ok
17:47:46.0206 0x1f04  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:47:46.0268 0x1f04  Dhcp - ok
17:47:46.0284 0x1f04  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
17:47:46.0331 0x1f04  discache - ok
17:47:46.0362 0x1f04  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
17:47:46.0377 0x1f04  Disk - ok
17:47:46.0409 0x1f04  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
17:47:46.0440 0x1f04  dmvsc - ok
17:47:46.0471 0x1f04  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:47:46.0487 0x1f04  Dnscache - ok
17:47:46.0518 0x1f04  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:47:46.0549 0x1f04  dot3svc - ok
17:47:46.0565 0x1f04  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
17:47:46.0611 0x1f04  DPS - ok
17:47:46.0643 0x1f04  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:47:46.0658 0x1f04  drmkaud - ok
17:47:46.0721 0x1f04  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:47:46.0767 0x1f04  DXGKrnl - ok
17:47:46.0814 0x1f04  [ D47E023B543D9FA72EBAAD4D30E499B3, 7045060D418B1EE1499336A973C334869330843F3ADE5420D93B64A1BDAB2DA8 ] eamonm          C:\Windows\system32\DRIVERS\eamonm.sys
17:47:46.0830 0x1f04  eamonm - ok
17:47:46.0845 0x1f04  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
17:47:46.0877 0x1f04  EapHost - ok
17:47:47.0001 0x1f04  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
17:47:47.0126 0x1f04  ebdrv - ok
17:47:47.0173 0x1f04  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
17:47:47.0189 0x1f04  EFS - ok
17:47:47.0251 0x1f04  [ EDE769200779A9746A0F1425EBEE59FE, 001DAE9569FCA7CD5A97B8F74940ADCD084DADD2F69F1002765F424B10D30B97 ] ehdrv           C:\Windows\system32\DRIVERS\ehdrv.sys
17:47:47.0267 0x1f04  ehdrv - ok
17:47:47.0313 0x1f04  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:47:47.0360 0x1f04  ehRecvr - ok
17:47:47.0376 0x1f04  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
17:47:47.0391 0x1f04  ehSched - ok
17:47:47.0532 0x1f04  [ 58FBDA10FC403CF9F82ABD0A68129BA3, D731021C2A94A31CD944E95628AC2DFFF0D555659BF0DF6FC57676B8B88355A4 ] ekrn            C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
17:47:47.0579 0x1f04  ekrn - ok
17:47:47.0625 0x1f04  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
17:47:47.0657 0x1f04  elxstor - ok
17:47:47.0688 0x1f04  [ D8A6B4CAA5E240878D65E0EAEE6D9082, 930247BDD721CBDCC515AC294FE10032FDCA7D27AD4FEB4E2216B733BA2B5F43 ] epfw            C:\Windows\system32\DRIVERS\epfw.sys
17:47:47.0719 0x1f04  epfw - ok
17:47:47.0735 0x1f04  [ C581DEBB25220862D325BE141F02E989, 0B2F9736160DA624719F3F2296CABAEEC3C5542F4ED28C8DCF358621C5B7758D ] EpfwLWF         C:\Windows\system32\DRIVERS\EpfwLWF.sys
17:47:47.0750 0x1f04  EpfwLWF - ok
17:47:47.0766 0x1f04  [ DC4E3C33A00AF1165E7BDA9CE147ED2D, 8325664A161118AACFC0DC9E4139D8D1ABCA052A1197F43F4C9C40D0AED2DE1B ] epfwwfp         C:\Windows\system32\DRIVERS\epfwwfp.sys
17:47:47.0766 0x1f04  epfwwfp - ok
17:47:47.0781 0x1f04  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:47:47.0813 0x1f04  ErrDev - ok
17:47:47.0859 0x1f04  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
17:47:47.0906 0x1f04  EventSystem - ok
17:47:47.0922 0x1f04  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:47:47.0969 0x1f04  exfat - ok
17:47:47.0984 0x1f04  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:47:48.0031 0x1f04  fastfat - ok
17:47:48.0062 0x1f04  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
17:47:48.0125 0x1f04  Fax - ok
17:47:48.0140 0x1f04  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
17:47:48.0156 0x1f04  fdc - ok
17:47:48.0171 0x1f04  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
17:47:48.0203 0x1f04  fdPHost - ok
17:47:48.0218 0x1f04  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:47:48.0249 0x1f04  FDResPub - ok
17:47:48.0265 0x1f04  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:47:48.0265 0x1f04  FileInfo - ok
17:47:48.0281 0x1f04  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:47:48.0312 0x1f04  Filetrace - ok
17:47:48.0374 0x1f04  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:47:48.0405 0x1f04  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
17:47:50.0792 0x1f04  Detect skipped due to KSN trusted
17:47:50.0792 0x1f04  FLEXnet Licensing Service - ok
17:47:50.0870 0x1f04  [ A4297244D4F817278A6AE45B1899CA9C, F70146A3D78061F00549906355503EDB4402F0599D34CE3208B51562C44AB80A ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
17:47:50.0948 0x1f04  FLEXnet Licensing Service 64 - ok
17:47:50.0964 0x1f04  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
17:47:50.0979 0x1f04  flpydisk - ok
17:47:51.0011 0x1f04  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:47:51.0026 0x1f04  FltMgr - ok
17:47:51.0073 0x1f04  [ FDD776FAC4159A2983940D1E411FE9F3, 3B147B4D3C5CC67117D65152FA8BD3A603728C92B023AE45CD166E6FF3F474C5 ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys
17:47:51.0089 0x1f04  fltsrv - ok
17:47:51.0167 0x1f04  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
17:47:51.0229 0x1f04  FontCache - ok
17:47:51.0307 0x1f04  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:47:51.0307 0x1f04  FontCache3.0.0.0 - ok
17:47:51.0323 0x1f04  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:47:51.0338 0x1f04  FsDepends - ok
17:47:51.0369 0x1f04  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:47:51.0385 0x1f04  Fs_Rec - ok
17:47:51.0432 0x1f04  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:47:51.0447 0x1f04  fvevol - ok
17:47:51.0463 0x1f04  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:47:51.0479 0x1f04  gagp30kx - ok
17:47:51.0525 0x1f04  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:47:51.0588 0x1f04  gpsvc - ok
17:47:51.0603 0x1f04  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:47:51.0619 0x1f04  hcw85cir - ok
17:47:51.0650 0x1f04  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:47:51.0681 0x1f04  HdAudAddService - ok
17:47:51.0713 0x1f04  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:47:51.0744 0x1f04  HDAudBus - ok
17:47:51.0806 0x1f04  [ 62FB29642745DD290910BFD79537FCE0, 56206F936958082B3A2AD93E4E5C7EDA9518A6F12670C6F26EC7A35D0D5305DF ] HH10Help.sys    C:\Windows\system32\drivers\HH10Help.sys
17:47:51.0822 0x1f04  HH10Help.sys - ok
17:47:51.0822 0x1f04  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
17:47:51.0837 0x1f04  HidBatt - ok
17:47:51.0853 0x1f04  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:47:51.0884 0x1f04  HidBth - ok
17:47:51.0884 0x1f04  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
17:47:51.0900 0x1f04  HidIr - ok
17:47:51.0947 0x1f04  [ D42E350C3F5B9DDCE7BDDB109B413109, F015CCAB3719B1834DF3EE0265D905675C743F116526A2882B6077E540B8A74F ] hidkmdf         C:\Windows\system32\DRIVERS\hidkmdf.sys
17:47:51.0947 0x1f04  hidkmdf - ok
17:47:52.0025 0x1f04  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
17:47:52.0071 0x1f04  hidserv - ok
17:47:52.0134 0x1f04  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:47:52.0165 0x1f04  HidUsb - ok
17:47:52.0196 0x1f04  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:47:52.0227 0x1f04  hkmsvc - ok
17:47:52.0259 0x1f04  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:47:52.0290 0x1f04  HomeGroupListener - ok
17:47:52.0305 0x1f04  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:47:52.0337 0x1f04  HomeGroupProvider - ok
17:47:52.0368 0x1f04  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:47:52.0383 0x1f04  HpSAMD - ok
17:47:52.0415 0x1f04  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:47:52.0477 0x1f04  HTTP - ok
17:47:52.0477 0x1f04  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:47:52.0493 0x1f04  hwpolicy - ok
17:47:52.0524 0x1f04  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
17:47:52.0539 0x1f04  i8042prt - ok
17:47:52.0586 0x1f04  [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor          C:\Windows\system32\drivers\iaStor.sys
17:47:52.0602 0x1f04  iaStor - ok
17:47:52.0664 0x1f04  [ 8FFF9083252C16FE3960173722605E9E, 6546FDA34B9AF94C5E86E5269BBC2F02F1E78D6D4BE5B5EC01F4B284CC934994 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:47:52.0664 0x1f04  IAStorDataMgrSvc - ok
17:47:52.0695 0x1f04  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:47:52.0711 0x1f04  iaStorV - ok
17:47:52.0742 0x1f04  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
17:47:52.0758 0x1f04  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
17:47:55.0269 0x1f04  Detect skipped due to KSN trusted
17:47:55.0269 0x1f04  IDriverT - ok
17:47:55.0332 0x1f04  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:47:55.0379 0x1f04  idsvc - ok
17:47:55.0379 0x1f04  IEEtwCollectorService - ok
17:47:55.0394 0x1f04  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
17:47:55.0410 0x1f04  iirsp - ok
17:47:55.0472 0x1f04  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
17:47:55.0503 0x1f04  IKEEXT - ok
17:47:55.0535 0x1f04  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:47:55.0550 0x1f04  intelide - ok
17:47:55.0581 0x1f04  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:47:55.0597 0x1f04  intelppm - ok
17:47:55.0628 0x1f04  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:47:55.0659 0x1f04  IPBusEnum - ok
17:47:55.0675 0x1f04  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:47:55.0706 0x1f04  IpFilterDriver - ok
17:47:55.0769 0x1f04  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:47:55.0815 0x1f04  iphlpsvc - ok
17:47:55.0831 0x1f04  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:47:55.0847 0x1f04  IPMIDRV - ok
17:47:55.0847 0x1f04  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:47:55.0893 0x1f04  IPNAT - ok
17:47:55.0909 0x1f04  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:47:55.0940 0x1f04  IRENUM - ok
17:47:55.0956 0x1f04  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:47:55.0971 0x1f04  isapnp - ok
17:47:56.0018 0x1f04  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:47:56.0034 0x1f04  iScsiPrt - ok
17:47:56.0065 0x1f04  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:47:56.0081 0x1f04  kbdclass - ok
17:47:56.0096 0x1f04  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:47:56.0112 0x1f04  kbdhid - ok
17:47:56.0127 0x1f04  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
17:47:56.0143 0x1f04  KeyIso - ok
17:47:56.0190 0x1f04  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:47:56.0190 0x1f04  KSecDD - ok
17:47:56.0237 0x1f04  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:47:56.0252 0x1f04  KSecPkg - ok
17:47:56.0268 0x1f04  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:47:56.0299 0x1f04  ksthunk - ok
17:47:56.0330 0x1f04  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:47:56.0377 0x1f04  KtmRm - ok
17:47:56.0408 0x1f04  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:47:56.0439 0x1f04  LanmanServer - ok
17:47:56.0471 0x1f04  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:47:56.0517 0x1f04  LanmanWorkstation - ok
17:47:56.0611 0x1f04  [ 404DBB6C07EC7770830611D71D311233, CC63F6CA72DF07D8AF761595B41BFD08CEA0522248C5B0BD55238D6463B9E9C3 ] LivedriveVSSService C:\Program Files (x86)\Livedrive\VSSService.exe
17:47:56.0611 0x1f04  LivedriveVSSService - ok
17:47:56.0627 0x1f04  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:47:56.0658 0x1f04  lltdio - ok
17:47:56.0689 0x1f04  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:47:56.0751 0x1f04  lltdsvc - ok
17:47:56.0767 0x1f04  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:47:56.0798 0x1f04  lmhosts - ok
17:47:56.0814 0x1f04  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:47:56.0829 0x1f04  LSI_FC - ok
17:47:56.0845 0x1f04  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
17:47:56.0861 0x1f04  LSI_SAS - ok
17:47:56.0876 0x1f04  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
17:47:56.0892 0x1f04  LSI_SAS2 - ok
17:47:56.0892 0x1f04  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:47:56.0907 0x1f04  LSI_SCSI - ok
17:47:56.0939 0x1f04  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
17:47:56.0985 0x1f04  luafv - ok
17:47:57.0001 0x1f04  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:47:57.0017 0x1f04  Mcx2Svc - ok
17:47:57.0079 0x1f04  [ 2F326A7FE67B2F8FF5FD21EA8468F393, 2579ED240D1793429BE69C146E534A9E95E8B8F029D5BBCEC1D7867001695C31 ] MegaMonitorSrv  c:\Program Files (x86)\Dell SAS RAID Storage Manager\MegaMonitor\mrmonitor.exe
17:47:57.0095 0x1f04  MegaMonitorSrv - detected UnsignedFile.Multi.Generic ( 1 )
17:47:59.0575 0x1f04  Detect skipped due to KSN trusted
17:47:59.0575 0x1f04  MegaMonitorSrv - ok
17:47:59.0575 0x1f04  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
17:47:59.0591 0x1f04  megasas - ok
17:47:59.0606 0x1f04  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
17:47:59.0637 0x1f04  MegaSR - ok
17:47:59.0653 0x1f04  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
17:47:59.0684 0x1f04  MMCSS - ok
17:47:59.0700 0x1f04  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
17:47:59.0731 0x1f04  Modem - ok
17:47:59.0762 0x1f04  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:47:59.0778 0x1f04  monitor - ok
17:47:59.0809 0x1f04  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:47:59.0825 0x1f04  mouclass - ok
17:47:59.0840 0x1f04  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:47:59.0840 0x1f04  mouhid - ok
17:47:59.0871 0x1f04  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:47:59.0887 0x1f04  mountmgr - ok
17:47:59.0981 0x1f04  [ DEA022193DF8C88F6E2B3E33D148A5DB, 97DFC47DB83E04A975A1969AA120385463FCAF4E1A9984FD3220442D7026B45A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:48:00.0012 0x1f04  MozillaMaintenance - ok
17:48:00.0027 0x1f04  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:48:00.0059 0x1f04  mpio - ok
17:48:00.0074 0x1f04  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:48:00.0105 0x1f04  mpsdrv - ok
17:48:00.0152 0x1f04  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:48:00.0199 0x1f04  MpsSvc - ok
17:48:00.0230 0x1f04  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:48:00.0261 0x1f04  MRxDAV - ok
17:48:00.0277 0x1f04  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:48:00.0308 0x1f04  mrxsmb - ok
17:48:00.0339 0x1f04  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:48:00.0542 0x1f04  mrxsmb10 - ok
17:48:00.0558 0x1f04  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:48:00.0589 0x1f04  mrxsmb20 - ok
17:48:00.0636 0x1f04  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:48:00.0651 0x1f04  msahci - ok
17:48:00.0683 0x1f04  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:48:00.0698 0x1f04  msdsm - ok
17:48:00.0698 0x1f04  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
17:48:00.0729 0x1f04  MSDTC - ok
17:48:00.0761 0x1f04  [ 72949A24D37A20A54B3D4D3DADBB55E9, 580B59EF2DFA4F6EE27BA37904F0705CBCD74F9B07D2D795093C045F94AE6DB5 ] MSDV            C:\Windows\system32\DRIVERS\msdv.sys
17:48:00.0792 0x1f04  MSDV - ok
17:48:00.0807 0x1f04  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:48:00.0839 0x1f04  Msfs - ok
17:48:00.0870 0x1f04  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:48:00.0901 0x1f04  mshidkmdf - ok
17:48:00.0932 0x1f04  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:48:00.0932 0x1f04  msisadrv - ok
17:48:00.0963 0x1f04  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:48:00.0995 0x1f04  MSiSCSI - ok
17:48:00.0995 0x1f04  msiserver - ok
17:48:01.0073 0x1f04  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:48:01.0104 0x1f04  MSKSSRV - ok
17:48:01.0213 0x1f04  [ 103B3BBE23AB774B009D182276EC6786, 823AF63D5D47B56455078DD20DF000D11A0BD2E094E9002E5B9E8245D7AEAE68 ] msloop          C:\Windows\system32\DRIVERS\loop.sys
17:48:01.0244 0x1f04  msloop - ok
17:48:01.0260 0x1f04  [ C17A985DA001ECBAAAE40372DB18492D, 4AAA72A047FDAD45B088CB874B4BB91B1844B060D3E6F2CC3095B9D0848CCEFC ] MSMFramework    c:\Program Files (x86)\Dell SAS RAID Storage Manager\Framework\VivaldiFramework.exe
17:48:01.0291 0x1f04  MSMFramework - detected UnsignedFile.Multi.Generic ( 1 )
17:48:03.0803 0x1f04  Detect skipped due to KSN trusted
17:48:03.0803 0x1f04  MSMFramework - ok
17:48:03.0818 0x1f04  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:48:03.0865 0x1f04  MSPCLOCK - ok
17:48:03.0865 0x1f04  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:48:03.0912 0x1f04  MSPQM - ok
17:48:03.0943 0x1f04  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:48:03.0959 0x1f04  MsRPC - ok
17:48:03.0974 0x1f04  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
17:48:03.0974 0x1f04  mssmbios - ok
17:48:03.0990 0x1f04  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:48:04.0037 0x1f04  MSTEE - ok
17:48:04.0037 0x1f04  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
17:48:04.0052 0x1f04  MTConfig - ok
17:48:04.0068 0x1f04  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
17:48:04.0083 0x1f04  Mup - ok
17:48:04.0115 0x1f04  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
17:48:04.0146 0x1f04  napagent - ok
17:48:04.0177 0x1f04  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:48:04.0208 0x1f04  NativeWifiP - ok
17:48:04.0271 0x1f04  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:48:04.0302 0x1f04  NDIS - ok
17:48:04.0333 0x1f04  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:48:04.0364 0x1f04  NdisCap - ok
17:48:04.0380 0x1f04  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:48:04.0411 0x1f04  NdisTapi - ok
17:48:04.0411 0x1f04  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:48:04.0458 0x1f04  Ndisuio - ok
17:48:04.0473 0x1f04  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:48:04.0520 0x1f04  NdisWan - ok
17:48:04.0536 0x1f04  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:48:04.0567 0x1f04  NDProxy - ok
17:48:04.0583 0x1f04  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:48:04.0614 0x1f04  NetBIOS - ok
17:48:04.0629 0x1f04  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:48:04.0661 0x1f04  NetBT - ok
17:48:04.0676 0x1f04  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
17:48:04.0692 0x1f04  Netlogon - ok
17:48:04.0739 0x1f04  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
17:48:04.0785 0x1f04  Netman - ok
17:48:04.0848 0x1f04  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:48:04.0863 0x1f04  NetMsmqActivator - ok
17:48:04.0863 0x1f04  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:48:04.0879 0x1f04  NetPipeActivator - ok
17:48:04.0910 0x1f04  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
17:48:04.0973 0x1f04  netprofm - ok
17:48:04.0973 0x1f04  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:48:04.0988 0x1f04  NetTcpActivator - ok
17:48:05.0004 0x1f04  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:48:05.0019 0x1f04  NetTcpPortSharing - ok
17:48:05.0051 0x1f04  [ 73CE12B8BDD747B0063CB0A7EF44CEA7, F570BB52BE460DBA6203698CC96FFD9674E1903D0E0F5C49375BE3F8D8E89582 ] netvsc          C:\Windows\system32\DRIVERS\netvsc60.sys
17:48:05.0066 0x1f04  netvsc - ok
17:48:05.0082 0x1f04  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
17:48:05.0097 0x1f04  nfrd960 - ok
17:48:05.0144 0x1f04  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:48:05.0175 0x1f04  NlaSvc - ok
17:48:05.0191 0x1f04  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:48:05.0222 0x1f04  Npfs - ok
17:48:05.0238 0x1f04  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
17:48:05.0285 0x1f04  nsi - ok
17:48:05.0300 0x1f04  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:48:05.0316 0x1f04  nsiproxy - ok
17:48:05.0409 0x1f04  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:48:05.0472 0x1f04  Ntfs - ok
17:48:05.0487 0x1f04  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
17:48:05.0534 0x1f04  Null - ok
17:48:05.0565 0x1f04  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:48:05.0581 0x1f04  nvraid - ok
17:48:05.0597 0x1f04  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:48:05.0612 0x1f04  nvstor - ok
17:48:05.0612 0x1f04  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:48:05.0628 0x1f04  nv_agp - ok
17:48:05.0643 0x1f04  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:48:05.0659 0x1f04  ohci1394 - ok
17:48:05.0690 0x1f04  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:48:05.0706 0x1f04  p2pimsvc - ok
17:48:05.0737 0x1f04  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
17:48:05.0768 0x1f04  p2psvc - ok
17:48:05.0799 0x1f04  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:48:05.0815 0x1f04  Parport - ok
17:48:05.0846 0x1f04  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:48:05.0862 0x1f04  partmgr - ok
17:48:05.0877 0x1f04  [ 363B3F857ABEE85767E01E3044C539CD, F6CB6C4B5B206E75BC8EB125363B1A095BA24FCC997A10605D59FCE44BA8651C ] PBADRV          C:\Windows\system32\DRIVERS\PBADRV.sys
17:48:05.0893 0x1f04  PBADRV - ok
17:48:05.0924 0x1f04  [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:48:05.0955 0x1f04  PcaSvc - ok
17:48:05.0971 0x1f04  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
17:48:05.0987 0x1f04  pci - ok
17:48:06.0018 0x1f04  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:48:06.0033 0x1f04  pciide - ok
17:48:06.0049 0x1f04  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:48:06.0065 0x1f04  pcmcia - ok
17:48:06.0065 0x1f04  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:48:06.0080 0x1f04  pcw - ok
17:48:06.0143 0x1f04  [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:48:06.0174 0x1f04  PEAUTH - ok
17:48:06.0236 0x1f04  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
17:48:06.0314 0x1f04  PeerDistSvc - ok
17:48:06.0392 0x1f04  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:48:06.0408 0x1f04  PerfHost - ok
17:48:06.0470 0x1f04  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
17:48:06.0564 0x1f04  pla - ok
17:48:06.0595 0x1f04  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:48:06.0626 0x1f04  PlugPlay - ok
17:48:06.0642 0x1f04  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:48:06.0657 0x1f04  PNRPAutoReg - ok
17:48:06.0673 0x1f04  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:48:06.0689 0x1f04  PNRPsvc - ok
17:48:06.0735 0x1f04  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:48:06.0813 0x1f04  PolicyAgent - ok
17:48:06.0829 0x1f04  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
17:48:06.0860 0x1f04  Power - ok
17:48:06.0891 0x1f04  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:48:06.0938 0x1f04  PptpMiniport - ok
17:48:06.0938 0x1f04  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
17:48:06.0969 0x1f04  Processor - ok
17:48:07.0001 0x1f04  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:48:07.0047 0x1f04  ProfSvc - ok
17:48:07.0063 0x1f04  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:48:07.0063 0x1f04  ProtectedStorage - ok
17:48:07.0094 0x1f04  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:48:07.0141 0x1f04  Psched - ok
17:48:07.0172 0x1f04  [ FB46E9A827A8799EBD7BFA9128C91F37, 7C40E9C1720522D76AF45A588DFF47BDF0E2A99AF3A396854A00F1273EA13193 ] PSI             C:\Windows\system32\DRIVERS\psi_mf.sys
17:48:07.0188 0x1f04  PSI - ok
17:48:07.0203 0x1f04  [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
17:48:07.0219 0x1f04  PxHlpa64 - ok
17:48:07.0281 0x1f04  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:48:07.0344 0x1f04  ql2300 - ok
17:48:07.0359 0x1f04  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:48:07.0375 0x1f04  ql40xx - ok
17:48:07.0391 0x1f04  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
17:48:07.0422 0x1f04  QWAVE - ok
17:48:07.0422 0x1f04  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:48:07.0437 0x1f04  QWAVEdrv - ok
17:48:07.0453 0x1f04  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:48:07.0484 0x1f04  RasAcd - ok
17:48:07.0515 0x1f04  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:48:07.0547 0x1f04  RasAgileVpn - ok
17:48:07.0562 0x1f04  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
17:48:07.0593 0x1f04  RasAuto - ok
17:48:07.0609 0x1f04  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:48:07.0656 0x1f04  Rasl2tp - ok
17:48:07.0687 0x1f04  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
17:48:07.0734 0x1f04  RasMan - ok
17:48:07.0749 0x1f04  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:48:07.0796 0x1f04  RasPppoe - ok
17:48:07.0796 0x1f04  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:48:07.0843 0x1f04  RasSstp - ok
17:48:07.0874 0x1f04  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:48:07.0905 0x1f04  rdbss - ok
17:48:07.0921 0x1f04  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:48:07.0952 0x1f04  rdpbus - ok
17:48:07.0968 0x1f04  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:48:08.0124 0x1f04  RDPCDD - ok
17:48:08.0155 0x1f04  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
17:48:08.0171 0x1f04  RDPDR - ok
17:48:08.0186 0x1f04  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:48:08.0217 0x1f04  RDPENCDD - ok
17:48:08.0233 0x1f04  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:48:08.0264 0x1f04  RDPREFMP - ok
17:48:08.0295 0x1f04  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:48:08.0327 0x1f04  RdpVideoMiniport - ok
17:48:08.0358 0x1f04  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:48:08.0405 0x1f04  RDPWD - ok
17:48:08.0436 0x1f04  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:48:08.0451 0x1f04  rdyboost - ok
17:48:08.0483 0x1f04  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:48:08.0529 0x1f04  RemoteAccess - ok
17:48:08.0545 0x1f04  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:48:08.0576 0x1f04  RemoteRegistry - ok
17:48:08.0623 0x1f04  [ 419C0130A9F557BB13A9B0EB32678136, 8829D19CA68E57563C0B9C16735C528E3C27511CC03F69BA45DB2D69C52EE4DC ] Rockusb         C:\Windows\system32\DRIVERS\rockusb.sys
17:48:08.0639 0x1f04  Rockusb - ok
17:48:08.0654 0x1f04  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:48:08.0685 0x1f04  RpcEptMapper - ok
17:48:08.0717 0x1f04  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
17:48:08.0717 0x1f04  RpcLocator - ok
17:48:08.0748 0x1f04  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
17:48:08.0779 0x1f04  RpcSs - ok
17:48:08.0795 0x1f04  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:48:08.0841 0x1f04  rspndr - ok
17:48:08.0873 0x1f04  [ 6C90231046FB9FC4123C42179832817F, 68161EC19787C074B9B3B3426E744FBDD637E8A72ABB51436ED83DD1554A68C6 ] s117bus         C:\Windows\system32\DRIVERS\s117bus.sys
17:48:08.0888 0x1f04  s117bus - ok
17:48:08.0919 0x1f04  [ 3279341C90EF8F226AF77623039F4495, DAE52030277454601A401DBCE8ABACB9952362968C2C1D848AD594DC7CBB478D ] s117mdfl        C:\Windows\system32\DRIVERS\s117mdfl.sys
17:48:08.0935 0x1f04  s117mdfl - ok
17:48:08.0935 0x1f04  [ 73E331F555279E753B312675DDAF4516, 07592A944057B613E5BC19BE459F221423A16E792A3B0421DABE6D74A414C147 ] s117mdm         C:\Windows\system32\DRIVERS\s117mdm.sys
17:48:08.0951 0x1f04  s117mdm - ok
17:48:08.0997 0x1f04  [ D420731FD2880F0F40F20771EFAAD671, 6CFE6B5FD22530A6BD55BC0E7C1BB4A3701D51F36613FAB07BB1E361C1B0A7A1 ] s117mgmt        C:\Windows\system32\DRIVERS\s117mgmt.sys
17:48:09.0013 0x1f04  s117mgmt - ok
17:48:09.0044 0x1f04  [ 98236CA5A9A77D0983AC3F6D6527C796, D27C1C123CC4FCDF2EC54C12EE1A60FBCA9252EDA3D5635A45C2CDAF5763AE9E ] s117nd5         C:\Windows\system32\DRIVERS\s117nd5.sys
17:48:09.0060 0x1f04  s117nd5 - ok
17:48:09.0091 0x1f04  [ 1DD613909477AE298C98E86617EC356B, FA848B6BFB0C5313BB9AC37B0196D2B49F4AE0E8906C92624F10E602614654D3 ] s117obex        C:\Windows\system32\DRIVERS\s117obex.sys
17:48:09.0107 0x1f04  s117obex - ok
17:48:09.0153 0x1f04  [ 9A22DF5FE9B6BE279D820776A6ADB56F, 77790E331C7C10850B40EBE8FD99A536BB467935832D895D082639DAA3A86E6A ] s117unic        C:\Windows\system32\DRIVERS\s117unic.sys
17:48:09.0153 0x1f04  s117unic - ok
17:48:09.0185 0x1f04  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
17:48:09.0200 0x1f04  s3cap - ok
17:48:09.0216 0x1f04  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
17:48:09.0231 0x1f04  SamSs - ok
17:48:09.0247 0x1f04  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:48:09.0263 0x1f04  sbp2port - ok
17:48:09.0278 0x1f04  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:48:09.0325 0x1f04  SCardSvr - ok
17:48:09.0341 0x1f04  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:48:09.0372 0x1f04  scfilter - ok
17:48:09.0419 0x1f04  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
17:48:09.0497 0x1f04  Schedule - ok
17:48:09.0528 0x1f04  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:48:09.0559 0x1f04  SCPolicySvc - ok
17:48:09.0559 0x1f04  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:48:09.0575 0x1f04  SDRSVC - ok
17:48:09.0606 0x1f04  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:48:09.0637 0x1f04  secdrv - ok
17:48:09.0637 0x1f04  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
17:48:09.0684 0x1f04  seclogon - ok
17:48:09.0746 0x1f04  [ 5B66DB4877BBAC9F7493AA8D84421E49, D1FCE833A9140E5EC3106373A6FF42335A9A20EBBE020E757B55F032DA0FA7AE ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
17:48:09.0777 0x1f04  Secunia PSI Agent - ok
17:48:09.0809 0x1f04  [ 0E88FDF474F2CDD370A4A6CE77D018F0, D01DA8FF7ADB073E4EECDBDF4F5FE595D6AC70F8C57AFC9ED5C51486CFCECC50 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
17:48:09.0824 0x1f04  Secunia Update Agent - ok
17:48:09.0933 0x1f04  [ 38A40E111ABDF0862B72BB37A8BD5E62, 53909004042698ACE3FD7FC506A2D68DE10D0C3EBD8400BEAA78015C3913CF48 ] SecureStorageService C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
17:48:10.0011 0x1f04  SecureStorageService - detected UnsignedFile.Multi.Generic ( 1 )
17:48:12.0523 0x1f04  Detect skipped due to KSN trusted
17:48:12.0523 0x1f04  SecureStorageService - ok
17:48:12.0523 0x1f04  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
17:48:12.0570 0x1f04  SENS - ok
17:48:12.0570 0x1f04  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:48:12.0585 0x1f04  SensrSvc - ok
17:48:12.0617 0x1f04  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:48:12.0632 0x1f04  Serenum - ok
17:48:12.0663 0x1f04  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:48:12.0679 0x1f04  Serial - ok
17:48:12.0710 0x1f04  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:48:12.0726 0x1f04  sermouse - ok
17:48:12.0741 0x1f04  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
17:48:12.0788 0x1f04  SessionEnv - ok
17:48:12.0788 0x1f04  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:48:12.0804 0x1f04  sffdisk - ok
17:48:12.0819 0x1f04  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:48:12.0835 0x1f04  sffp_mmc - ok
17:48:12.0851 0x1f04  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:48:12.0866 0x1f04  sffp_sd - ok
17:48:12.0882 0x1f04  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
17:48:12.0897 0x1f04  sfloppy - ok
17:48:12.0929 0x1f04  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:48:12.0975 0x1f04  SharedAccess - ok
17:48:12.0991 0x1f04  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:48:13.0038 0x1f04  ShellHWDetection - ok
17:48:13.0053 0x1f04  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
17:48:13.0053 0x1f04  SiSRaid2 - ok
17:48:13.0069 0x1f04  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:48:13.0085 0x1f04  SiSRaid4 - ok
17:48:13.0116 0x1f04  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:48:13.0147 0x1f04  Smb - ok
17:48:13.0178 0x1f04  [ FBE0201AB61E18934C812C34D31A4403, 549E51FC11CCA30B21970C90F4799D6CB94481CDC623B8C319F16DAEFC8A190B ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
17:48:13.0194 0x1f04  snapman - ok
17:48:13.0225 0x1f04  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:48:13.0241 0x1f04  SNMPTRAP - ok
17:48:13.0272 0x1f04  [ 12583AF6CBE0050651EAF2723B3AD7B3, 965D4F981B54669A96C5AB02D09BF0A9850D13862425B8981F1A9271350F28BB ] speedfan        C:\Windows\syswow64\speedfan.sys
17:48:13.0287 0x1f04  speedfan - ok
17:48:13.0287 0x1f04  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:48:13.0303 0x1f04  spldr - ok
17:48:13.0350 0x1f04  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
17:48:13.0397 0x1f04  Spooler - ok
17:48:13.0506 0x1f04  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
17:48:13.0662 0x1f04  sppsvc - ok
17:48:13.0677 0x1f04  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:48:13.0709 0x1f04  sppuinotify - ok
17:48:13.0755 0x1f04  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:48:13.0787 0x1f04  srv - ok
17:48:13.0802 0x1f04  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:48:13.0833 0x1f04  srv2 - ok
17:48:13.0849 0x1f04  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:48:13.0865 0x1f04  srvnet - ok
17:48:13.0880 0x1f04  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:48:13.0927 0x1f04  SSDPSRV - ok
17:48:13.0958 0x1f04  [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
17:48:13.0974 0x1f04  SSPORT - ok
17:48:13.0974 0x1f04  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:48:14.0021 0x1f04  SstpSvc - ok
17:48:14.0021 0x1f04  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
17:48:14.0036 0x1f04  stexstor - ok
17:48:14.0067 0x1f04  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
17:48:14.0099 0x1f04  stisvc - ok
17:48:14.0130 0x1f04  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
17:48:14.0145 0x1f04  storvsc - ok
17:48:14.0161 0x1f04  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
17:48:14.0161 0x1f04  swenum - ok
17:48:14.0192 0x1f04  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
17:48:14.0255 0x1f04  swprv - ok
17:48:14.0535 0x1f04  [ 0FE29D81F372CA2DCE9E49736A3BD3E6, 10ED93BEE7ECBD2AF5E7AB0197CC82A5424FD63A2ED90F0417B266AD06E5F32C ] syncagentsrv    C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
17:48:14.0707 0x1f04  syncagentsrv - ok
17:48:14.0723 0x1f04  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\Synth3dVsc.sys
17:48:14.0754 0x1f04  Synth3dVsc - ok
17:48:14.0769 0x1f04  [ 4CDD7DF58730D23BA9CB5829A6E2ECEA, 89A2A1604C2BF985894000F51D9D376B32F1327197866850B5BF8640272DE828 ] SynthVid        C:\Windows\system32\DRIVERS\VMBusVideoM.sys
17:48:14.0785 0x1f04  SynthVid - ok
17:48:14.0847 0x1f04  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
17:48:14.0941 0x1f04  SysMain - ok
17:48:14.0957 0x1f04  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:48:14.0972 0x1f04  TabletInputService - ok
17:48:15.0003 0x1f04  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:48:15.0050 0x1f04  TapiSrv - ok
17:48:15.0066 0x1f04  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
17:48:15.0113 0x1f04  TBS - ok
17:48:15.0191 0x1f04  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:48:15.0284 0x1f04  Tcpip - ok
17:48:15.0331 0x1f04  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:48:15.0393 0x1f04  TCPIP6 - ok
17:48:15.0425 0x1f04  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:48:15.0440 0x1f04  tcpipreg - ok
17:48:15.0503 0x1f04  [ 69F1A38A6DBFE682491CB61A596662E3, A1FD47C8D4331132806205756F5793F2602442B233CAA0628FD27D8766321CE0 ] tcsd_win32.exe  C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
17:48:15.0581 0x1f04  tcsd_win32.exe - detected UnsignedFile.Multi.Generic ( 1 )
17:48:18.0155 0x1f04  Detect skipped due to KSN trusted
17:48:18.0155 0x1f04  tcsd_win32.exe - ok
17:48:18.0248 0x1f04  [ 8C6740F641A1C3D56A1A396AEB0158E7, 27B4D191183833349B8121CB9A9BBDA6DADED3FC903CDC00431F7A101632B225 ] TdmService      C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
17:48:18.0311 0x1f04  TdmService - ok
17:48:18.0326 0x1f04  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:48:18.0357 0x1f04  TDPIPE - ok
17:48:18.0435 0x1f04  [ 07330E30921C70E9D9B416EE43A06349, 398500C12E685BCF732C7F80A2C0E95181E5377A0E6C14CF9A3EE8580083A556 ] tdrpman         C:\Windows\system32\DRIVERS\tdrpman.sys
17:48:18.0498 0x1f04  tdrpman - ok
17:48:18.0529 0x1f04  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:48:18.0560 0x1f04  TDTCP - ok
17:48:18.0576 0x1f04  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:48:18.0623 0x1f04  tdx - ok
17:48:18.0825 0x1f04  [ 3438EFDC30F7A41D3598ED60BBF6CF2A, 342B8E78DF6B4BA641C5CCB5B1343B363B770681F0794A809728789E3BE56E46 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
17:48:18.0950 0x1f04  TeamViewer9 - ok
17:48:18.0966 0x1f04  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
17:48:18.0966 0x1f04  TermDD - ok
17:48:18.0997 0x1f04  [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
17:48:19.0013 0x1f04  terminpt - ok
17:48:19.0059 0x1f04  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
17:48:19.0091 0x1f04  TermService - ok
17:48:19.0122 0x1f04  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
17:48:19.0137 0x1f04  Themes - ok
17:48:19.0169 0x1f04  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
17:48:19.0200 0x1f04  THREADORDER - ok
17:48:19.0278 0x1f04  [ DE604462206F7D8C203F767F425FCA8D, 149FBF6367C45415B939A9B1A7A10DA7A5E19F28CE533BCBE2B20DA4B78F8645 ] tib             C:\Windows\system32\DRIVERS\tib.sys
17:48:19.0325 0x1f04  tib - ok
17:48:19.0356 0x1f04  [ 3C29FB9FC9B4C511AD69DC50257FEC75, 4906DADE076FD363C53044C805602EEA4D0EF6E92041C693E1BED2286614B36E ] tib_mounter     C:\Windows\system32\DRIVERS\tib_mounter.sys
17:48:19.0356 0x1f04  tib_mounter - ok
17:48:19.0387 0x1f04  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
17:48:19.0418 0x1f04  TrkWks - ok
17:48:19.0465 0x1f04  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:48:19.0512 0x1f04  TrustedInstaller - ok
17:48:19.0543 0x1f04  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:48:19.0559 0x1f04  tssecsrv - ok
17:48:19.0605 0x1f04  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:48:19.0621 0x1f04  TsUsbFlt - ok
17:48:19.0637 0x1f04  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
17:48:19.0668 0x1f04  TsUsbGD - ok
17:48:19.0699 0x1f04  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
17:48:19.0730 0x1f04  tsusbhub - ok
17:48:19.0761 0x1f04  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:48:19.0808 0x1f04  tunnel - ok
17:48:19.0808 0x1f04  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:48:19.0824 0x1f04  uagp35 - ok
17:48:19.0855 0x1f04  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:48:19.0902 0x1f04  udfs - ok
17:48:19.0933 0x1f04  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:48:19.0949 0x1f04  UI0Detect - ok
17:48:19.0964 0x1f04  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:48:19.0980 0x1f04  uliagpkx - ok
17:48:20.0042 0x1f04  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:48:20.0073 0x1f04  umbus - ok
17:48:20.0089 0x1f04  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
17:48:20.0105 0x1f04  UmPass - ok
17:48:20.0151 0x1f04  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
17:48:20.0167 0x1f04  UmRdpService - ok
17:48:20.0198 0x1f04  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
17:48:20.0229 0x1f04  upnphost - ok
17:48:20.0292 0x1f04  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
17:48:20.0323 0x1f04  usbaudio - ok
17:48:20.0354 0x1f04  [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:48:20.0370 0x1f04  usbccgp - ok
17:48:20.0401 0x1f04  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:48:20.0417 0x1f04  usbcir - ok
17:48:20.0432 0x1f04  [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:48:20.0463 0x1f04  usbehci - ok
17:48:20.0495 0x1f04  [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:48:20.0526 0x1f04  usbhub - ok
17:48:20.0557 0x1f04  [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:48:20.0573 0x1f04  usbohci - ok
17:48:20.0604 0x1f04  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
17:48:20.0619 0x1f04  usbprint - ok
17:48:20.0666 0x1f04  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
17:48:20.0697 0x1f04  usbscan - ok
17:48:20.0713 0x1f04  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:48:20.0729 0x1f04  USBSTOR - ok
17:48:20.0775 0x1f04  [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
17:48:20.0775 0x1f04  usbuhci - ok
17:48:20.0807 0x1f04  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
17:48:20.0838 0x1f04  UxSms - ok
17:48:20.0853 0x1f04  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
17:48:20.0869 0x1f04  VaultSvc - ok
17:48:20.0931 0x1f04  [ CDA796F41C2B64CEEC143B3A86904CFB, 8D9CACB74608C145A75424F4169E447A9EFA0EC3DD1412F097B56F86C0FC8E6E ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
17:48:20.0947 0x1f04  VBoxDrv - ok
17:48:21.0009 0x1f04  [ 8CD776EB77695524CCE594AAC3A71569, AEF6F9B0E5F67E87819EB0E9FA5220EEF247A160A2BF8511CEDC8D12A9D4D941 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
17:48:21.0025 0x1f04  VBoxNetAdp - ok
17:48:21.0056 0x1f04  [ 39D80811EB7E87CD7F682A3124693CBA, C90A08CCE322FB01F5D8E7CE269CFC5B91E7A30FC4BCCEE047C636D651E5A59A ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
17:48:21.0072 0x1f04  VBoxNetFlt - ok
17:48:21.0119 0x1f04  [ 3447B8DC38D7E53E8C4BBA8270B5B9E8, 175DE2B17CA7A1542A743DEDECD5D420C1B030B5726B9368D61E62DE86DF49E8 ] VBoxUSB         C:\Windows\system32\Drivers\VBoxUSB.sys
17:48:21.0119 0x1f04  VBoxUSB - ok
17:48:21.0181 0x1f04  [ 248C6ADD9467AF319D1882A5E8B12966, EE23FB426C6408354A1D212978528F5ECA8ADBB7441C5734F5675D7306235163 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
17:48:21.0197 0x1f04  VBoxUSBMon - ok
17:48:21.0228 0x1f04  [ B23E8160D25C6A76638C4BEB2BF8BE37, 07F19A7A7842535337982B3D34515F7BB912B29C3C094A43750E8123BA2DEDC1 ] VC10SecS        C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
17:48:21.0228 0x1f04  VC10SecS - ok
17:48:21.0275 0x1f04  [ F0FAF3FB9B138F8CAFB65ECFFE9F4AB6, E0869E4E9271B484209BB44E6E17D99BE6CEA08A983132C0D69FA373202B14D7 ] vcd10bus        C:\Windows\system32\DRIVERS\vcd10bus.sys
17:48:21.0275 0x1f04  vcd10bus - ok
17:48:21.0275 0x1f04  Suspicious service (NoAccess): vdrv1000
17:48:21.0321 0x1f04  [ 1AC97D99886D17004FF97823331CC9D6, 6084498D90939B5A6D09249568E742AC7CEF321A397ABF912CE1E52B75F67339 ] vdrv1000        C:\Windows\system32\DRIVERS\vdrv1000.sys
17:48:21.0337 0x1f04  vdrv1000 - detected LockedService.Multi.Generic ( 1 )
17:48:23.0724 0x1f04  Detect skipped due to KSN trusted
17:48:23.0724 0x1f04  vdrv1000 - ok
17:48:23.0755 0x1f04  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:48:23.0755 0x1f04  vdrvroot - ok
17:48:23.0802 0x1f04  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
17:48:23.0849 0x1f04  vds - ok
17:48:23.0864 0x1f04  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:48:23.0880 0x1f04  vga - ok
17:48:23.0895 0x1f04  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:48:23.0927 0x1f04  VgaSave - ok
17:48:23.0927 0x1f04  VGPU - ok
17:48:23.0958 0x1f04  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:48:23.0973 0x1f04  vhdmp - ok
17:48:24.0020 0x1f04  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:48:24.0036 0x1f04  viaide - ok
17:48:24.0083 0x1f04  [ 35E8A18D1C558D5C2FF2FFED2FD396F6, 5516AC03964DD33CF239AB3FB1D41BAB7454DB35FB38C45907614C3DB8F23391 ] vididr          C:\Windows\system32\DRIVERS\vididr.sys
17:48:24.0098 0x1f04  vididr - ok
17:48:24.0129 0x1f04  [ 0DCD5C8F2E0B3650C4A29F6569C074FD, 8FB24D79ADE1541C5DD6241A3395EF2E6575A8376111294CD5C87ECA798EDCFD ] vidsflt         C:\Windows\system32\DRIVERS\vidsflt.sys
17:48:24.0145 0x1f04  vidsflt - ok
17:48:24.0161 0x1f04  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
17:48:24.0176 0x1f04  VMBusHID - ok
17:48:24.0192 0x1f04  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:48:24.0207 0x1f04  volmgr - ok
17:48:24.0223 0x1f04  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:48:24.0239 0x1f04  volmgrx - ok
17:48:24.0254 0x1f04  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:48:24.0285 0x1f04  volsnap - ok
17:48:24.0317 0x1f04  [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
17:48:24.0332 0x1f04  vpcbus - ok
17:48:24.0348 0x1f04  [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
17:48:24.0379 0x1f04  vpcnfltr - ok
17:48:24.0410 0x1f04  [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
17:48:24.0426 0x1f04  vpcusb - ok
17:48:24.0457 0x1f04  [ 30D4243726A15A14F5C5E45898D14394, 0EED69CACCDEC1260C79B187370E420C12654F0F5F777A1FF27F5C5FF3BAE2E1 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
17:48:24.0473 0x1f04  vpcvmm - ok
17:48:24.0488 0x1f04  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
17:48:24.0504 0x1f04  vsmraid - ok
17:48:24.0566 0x1f04  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
17:48:24.0660 0x1f04  VSS - ok
17:48:24.0660 0x1f04  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
17:48:24.0691 0x1f04  vwifibus - ok
17:48:24.0722 0x1f04  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
17:48:24.0785 0x1f04  W32Time - ok
17:48:24.0831 0x1f04  [ A212A4F5D2BB731F9CC6E2C546A0B464, 32828D9A153519D3521F89419DCE91ABB25AD0601A525ED8947C1FA2434DF608 ] WacHidRouter    C:\Windows\system32\DRIVERS\wachidrouter.sys
17:48:24.0831 0x1f04  WacHidRouter - ok
17:48:24.0847 0x1f04  wacommousefilter - ok
17:48:24.0863 0x1f04  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:48:24.0894 0x1f04  WacomPen - ok
17:48:24.0894 0x1f04  [ E722E0C28881186D1B7E09A66C4D4DA5, 8BAF9D96706EE4251F20E850ECDF4201ADB04C9A8E31FD5C669F75E2299A0414 ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
17:48:24.0909 0x1f04  wacomrouterfilter - ok
17:48:24.0925 0x1f04  wacomvhid - ok
17:48:24.0941 0x1f04  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:48:24.0972 0x1f04  WANARP - ok
17:48:24.0972 0x1f04  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:48:25.0003 0x1f04  Wanarpv6 - ok
17:48:25.0050 0x1f04  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
17:48:25.0128 0x1f04  wbengine - ok
17:48:25.0143 0x1f04  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:48:25.0175 0x1f04  WbioSrvc - ok
17:48:25.0190 0x1f04  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:48:25.0206 0x1f04  wcncsvc - ok
17:48:25.0221 0x1f04  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:48:25.0237 0x1f04  WcsPlugInService - ok
17:48:25.0237 0x1f04  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
17:48:25.0253 0x1f04  Wd - ok
17:48:25.0315 0x1f04  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:48:25.0346 0x1f04  Wdf01000 - ok
17:48:25.0377 0x1f04  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:48:25.0424 0x1f04  WdiServiceHost - ok
17:48:25.0424 0x1f04  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:48:25.0440 0x1f04  WdiSystemHost - ok
17:48:25.0487 0x1f04  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
17:48:25.0502 0x1f04  WebClient - ok
17:48:25.0518 0x1f04  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:48:25.0565 0x1f04  Wecsvc - ok
17:48:25.0565 0x1f04  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:48:25.0611 0x1f04  wercplsupport - ok
17:48:25.0658 0x1f04  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:48:25.0689 0x1f04  WerSvc - ok
17:48:25.0705 0x1f04  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:48:25.0736 0x1f04  WfpLwf - ok
17:48:25.0892 0x1f04  [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
17:48:25.0908 0x1f04  WimFltr - ok
17:48:25.0908 0x1f04  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:48:25.0939 0x1f04  WIMMount - ok
17:48:25.0970 0x1f04  WinDefend - ok
17:48:25.0986 0x1f04  WinHttpAutoProxySvc - ok
17:48:26.0033 0x1f04  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:48:26.0079 0x1f04  Winmgmt - ok
17:48:26.0157 0x1f04  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
17:48:26.0251 0x1f04  WinRM - ok
17:48:26.0298 0x1f04  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:48:26.0329 0x1f04  WinUsb - ok
17:48:26.0376 0x1f04  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:48:26.0423 0x1f04  Wlansvc - ok
17:48:26.0501 0x1f04  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:48:26.0579 0x1f04  wlidsvc - ok
17:48:26.0594 0x1f04  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
17:48:26.0594 0x1f04  WmiAcpi - ok
17:48:26.0625 0x1f04  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:48:26.0641 0x1f04  wmiApSrv - ok
17:48:26.0657 0x1f04  WMPNetworkSvc - ok
17:48:26.0657 0x1f04  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:48:26.0703 0x1f04  WPCSvc - ok
17:48:26.0719 0x1f04  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:48:26.0735 0x1f04  WPDBusEnum - ok
17:48:26.0750 0x1f04  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:48:26.0813 0x1f04  ws2ifsl - ok
17:48:26.0828 0x1f04  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
17:48:26.0844 0x1f04  wscsvc - ok
17:48:26.0844 0x1f04  WSearch - ok
17:48:26.0953 0x1f04  [ 539D52A1CB4CC3BFB9B6CAD7883B8ECA, 3CAC8F755F85F06C6FFA8C5328943DC55F410EAAA64F0E4241C3E7F60A48D4A9 ] WTabletServiceCon C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
17:48:26.0969 0x1f04  WTabletServiceCon - ok
17:48:27.0078 0x1f04  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:48:27.0171 0x1f04  wuauserv - ok
17:48:27.0218 0x1f04  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:48:27.0281 0x1f04  WudfPf - ok
17:48:27.0312 0x1f04  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:48:27.0343 0x1f04  WUDFRd - ok
17:48:27.0374 0x1f04  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:48:27.0390 0x1f04  wudfsvc - ok
17:48:27.0437 0x1f04  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:48:27.0452 0x1f04  WwanSvc - ok
17:48:27.0468 0x1f04  ================ Scan global ===============================
17:48:27.0483 0x1f04  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:48:27.0530 0x1f04  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:48:27.0546 0x1f04  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:48:27.0561 0x1f04  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:48:27.0593 0x1f04  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
17:48:27.0608 0x1f04  [ Global ] - ok
17:48:27.0608 0x1f04  ================ Scan MBR ==================================
17:48:27.0608 0x1f04  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:48:27.0983 0x1f04  \Device\Harddisk0\DR0 - ok
17:48:27.0998 0x1f04  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR2
17:48:28.0123 0x1f04  \Device\Harddisk1\DR2 - ok
17:48:28.0123 0x1f04  ================ Scan VBR ==================================
17:48:28.0123 0x1f04  [ 81802CE8183A52621CEEDECA295F4349 ] \Device\Harddisk0\DR0\Partition1
17:48:28.0170 0x1f04  \Device\Harddisk0\DR0\Partition1 - ok
17:48:28.0170 0x1f04  [ 58A0F18F19616DE80E38EF0EAAA59124 ] \Device\Harddisk0\DR0\Partition2
17:48:28.0201 0x1f04  \Device\Harddisk0\DR0\Partition2 - ok
17:48:28.0217 0x1f04  [ 25F4834BB47A88FF764B6182AEACC0A0 ] \Device\Harddisk0\DR0\Partition3
17:48:28.0217 0x1f04  \Device\Harddisk0\DR0\Partition3 - ok
17:48:28.0217 0x1f04  [ 1837DF63DDB19374B8429E38FDECA69F ] \Device\Harddisk1\DR2\Partition1
17:48:28.0217 0x1f04  \Device\Harddisk1\DR2\Partition1 - ok
17:48:28.0217 0x1f04  ================ Scan generic autorun ======================
17:48:28.0263 0x1f04  [ C973C36D057A121A8BB940CB74AFF53F, 8D4012D1FBCA62EC4DB1338B5CEF9E1F3183FD5EAE461DB26942CCBC6A3C8E7E ] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
17:48:28.0279 0x1f04  USCService - ok
17:48:28.0279 0x1f04  ATIModeChange - ok
17:48:28.0326 0x1f04  [ A0B996A6D4F7502EC6A9AADFB87FDA25, 2A79F03DECCC5C11E5B14109F5FBD790A4E005A45C71766E3C85BF14699F034C ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
17:48:28.0341 0x1f04  Acronis Scheduler2 Service - ok
17:48:28.0419 0x1f04  [ C4642DD25768D4F8088DF9D2FC4EC380, CDC1F6A66E638F63C40DBD061AFC71AE2A5FD6CC4C2FDCE3BD9E71892213AC34 ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
17:48:28.0435 0x1f04  Classic Start Menu - ok
17:48:28.0591 0x1f04  [ 79C9B6A7836DC358216036A1EBA31B62, 9E3987ED10C5CFCD06A2DCBC4E0838004F97A1527527749EF3CC7C5EC5AC2597 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
17:48:28.0622 0x1f04  AdobeAAMUpdater-1.0 - ok
17:48:28.0825 0x1f04  [ C019E2FEB48A2B618E03A9FCD879B72A, 585B8072337C9E11BE1854E2A062E59CDCEC1406292987E6FDCA752F1848FD4E ] C:\Program Files\ESET\ESET Smart Security\egui.exe
17:48:28.0965 0x1f04  egui - ok
17:48:28.0997 0x1f04  [ E2CCD7652189543D0F55AD8D2C486786, 7D0C7056847E3F5E924EFDB6B326B80DA5826B6D5F35612D7FAE499428D5FA0F ] c:\Program Files (x86)\Dell SAS RAID Storage Manager\MegaPopup\Popup.exe
17:48:29.0012 0x1f04  Popup - detected UnsignedFile.Multi.Generic ( 1 )
17:48:31.0493 0x1f04  Detect skipped due to KSN trusted
17:48:31.0493 0x1f04  Popup - ok
17:48:31.0524 0x1f04  [ F5FBA8724DE219E96D9ABAF4772D31A3, C36CF6E40F831E01BA029B571EFCB46C5EA5A11750D13FE979DDFAE8B916AFFB ] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
17:48:31.0524 0x1f04  RemoteControl9 - ok
17:48:31.0539 0x1f04  [ 38DD8C528516755C37619DB364826055, 6CA2C4D289C56E5AE4A839DC085F379E3E53EFCE1F0EE99F38FCF348D5B42B04 ] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe
17:48:31.0555 0x1f04  PDVD9LanguageShortcut - ok
17:48:31.0820 0x1f04  [ B8434467D90B65E5A2D697C7FF511802, A0F5D234A1CA1384160FB63AF40B169B4649DF7D77534DE1B16E1063EC922A87 ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
17:48:32.0007 0x1f04  TrueImageMonitor.exe - ok
17:48:32.0039 0x1f04  [ E773BE83CB63D295A367B26D846EFB8A, 82DCBAA3AAF68949B37AE8CB9CD806176460B27581287076FFF1D10402CFD1DC ] C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe
17:48:32.0054 0x1f04  VC10Player - ok
17:48:32.0132 0x1f04  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
17:48:32.0132 0x1f04  APSDaemon - ok
17:48:32.0210 0x1f04  [ 4A73AB8412D3AA6CFAD24051FF9DBFA7, 7C1F6BDECE92F2A58E88FC603F1BEE9B0F72130136AE9A368892323A9A327FD1 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
17:48:32.0226 0x1f04  IAStorIcon - ok
17:48:32.0288 0x1f04  [ 1A4847CC028356563814DB495DBD1BBB, 280A490EB6A3A9A6DE63329FB343DF210EF813F97831920F03CB11CDBADA4E36 ] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
17:48:32.0335 0x1f04  SoundMAXPnP - ok
17:48:32.0382 0x1f04  [ 53B42D7D1E5F50B70369F2E856BCDC72, 6F32C145AE59F70D47237C3194F03B489C604A57C57C195B00696A7906309103 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
17:48:32.0413 0x1f04  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
17:48:34.0925 0x1f04  Detect skipped due to KSN trusted
17:48:34.0925 0x1f04  StartCCC - ok
17:48:34.0925 0x1f04  UnlockerAssistant - ok
17:48:35.0003 0x1f04  [ C6352C29C56077749CEEDD08680D347D, DF520DA9E9F8D34004E497969FC4AB0D9F057EEE5D8A0BBB91C5EBC983011ABD ] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
17:48:35.0034 0x1f04  BambooCore - ok
17:48:35.0112 0x1f04  [ 5FF9A79628D4A0BA3DCD6CF5EC8FD3BF, 9818AAF8F1F1C0CBD8B89352DBAF1ADBEA1F19928543517EB6473C112E95A38D ] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
17:48:35.0143 0x1f04  AcronisTibMounterMonitor - ok
17:48:35.0237 0x1f04  [ 298F33473654083D2AD6B2144832A2F8, AE2667D191593ACC5091B5EEF2E19353DA7914D2D465E25BB96EFB58FFAF9CE0 ] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
17:48:35.0268 0x1f04  BlueStacks Agent - ok
17:48:35.0361 0x1f04  [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
17:48:35.0377 0x1f04  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
17:48:37.0779 0x1f04  Detect skipped due to KSN trusted
17:48:37.0779 0x1f04  QuickTime Task - ok
17:48:37.0842 0x1f04  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:48:37.0889 0x1f04  Sidebar - ok
17:48:37.0904 0x1f04  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:48:37.0920 0x1f04  mctadmin - ok
17:48:37.0951 0x1f04  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:48:37.0998 0x1f04  Sidebar - ok
17:48:37.0998 0x1f04  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:48:38.0013 0x1f04  mctadmin - ok
17:48:38.0045 0x1f04  [ C4BA73BD1E2116D2C271134FE22D224E, 437ACC18A2F6471556A225D64959D5D3517EF8E855B366A100AC64F6F09B1141 ] C:\Program Files (x86)\WizMouse\WizMouse.exe
17:48:38.0060 0x1f04  WizMouse - ok
17:48:38.0076 0x1f04  EA Core - ok
17:48:38.0294 0x1f04  [ CC78200C3ECFFA178E78308A0E160D80, 4E02D6827A99401781032A397663770FA7BE56397AA20F6E2FACE0A0004109C5 ] C:\Users\*****\AppData\Local\Akamai\netsession_win.exe
17:48:38.0403 0x1f04  Akamai NetSession Interface - ok
17:48:38.0528 0x1f04  [ 5CBD07CAB65889CCEFA594FDC3A80713, 5CF7BBF470E453C112F2E05D74C4C0ECEA88E4E81A22221E1E0E1980273FD7F2 ] C:\Program Files (x86)\Livedrive\Livedrive.exe
17:48:38.0575 0x1f04  Livedrive - ok
17:48:38.0622 0x1f04  [ 9DFDDB86952846EAD3E00F9399724CBE, 800A3C55D9D166F80068A265A389A335F7105312429CC9983909DC46B242A8C7 ] C:\Users\*****\AppData\Local\Apps\2.0\GVMK0YCA.VLY\LNA98ORP.YRE\dell..tion_0f612f649c4a10af_0005.0009_14e1a3fbfbaf942c\DellSystemDetect.exe
17:48:38.0637 0x1f04  DellSystemDetect - detected UnsignedFile.Multi.Generic ( 1 )
17:48:41.0149 0x1f04  Detect skipped due to KSN trusted
17:48:41.0149 0x1f04  DellSystemDetect - ok
17:48:41.0149 0x1f04  Waiting for KSN requests completion. In queue: 10
17:48:42.0163 0x1f04  Waiting for KSN requests completion. In queue: 10
17:48:43.0193 0x1f04  AV detected via SS2: ESET Smart Security 8.0, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 8.0.304.0 ), 0x41000 ( enabled : updated )
17:48:43.0208 0x1f04  FW detected via SS2: ESET Personal Firewall, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 8.0.304.0 ), 0x40010 ( disabled )
17:48:43.0208 0x1f04  Win FW state via NFP2: enabled
17:48:45.0626 0x1f04  ============================================================
17:48:45.0626 0x1f04  Scan finished
17:48:45.0626 0x1f04  ============================================================
17:48:45.0626 0x0d98  Detected object count: 0
17:48:45.0626 0x0d98  Actual detected object count: 0
17:49:19.0728 0x118c  Deinitialize success

Gleich geht's weiter...

HonigDieter · 03.12.2014, 18:42

Logs (2 von 3)

Fixlog PC_2

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-12-2014
Ran by ***** at 2014-12-03 17:33:01 Run:1
Running from C:\Users\*****\Desktop
Loaded Profile: ***** (Available profiles: *****)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
AlternateDataStreams: C:\ProgramData\TEMP:01C66DD9
AlternateDataStreams: C:\ProgramData\TEMP:0B9FB94D
AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8
*****************

C:\ProgramData\TEMP => ":01C66DD9" ADS removed successfully.
C:\ProgramData\TEMP => ":0B9FB94D" ADS removed successfully.
C:\ProgramData\TEMP => ":0FF263E8" ADS removed successfully.

==== End of Fixlog ====

MBAR PC_2

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org

Database version: v2014.12.03.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17420
***** :: ***** [administrator]

03.12.2014 16:50:31
mbar-log-2014-12-03 (16-50-31).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 340668
Time elapsed: 19 minute(s), 29 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

TDSSK PC_2

Code:

ATTFilter

17:39:22.0167 0x11ec  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
17:39:24.0039 0x11ec  ============================================================
17:39:24.0039 0x11ec  Current date / time: 2014/12/03 17:39:24.0039
17:39:24.0039 0x11ec  SystemInfo:
17:39:24.0039 0x11ec  
17:39:24.0039 0x11ec  OS Version: 6.1.7601 ServicePack: 1.0
17:39:24.0039 0x11ec  Product type: Workstation
17:39:24.0039 0x11ec  ComputerName: *****
17:39:24.0039 0x11ec  UserName: *****
17:39:24.0039 0x11ec  Windows directory: C:\Windows
17:39:24.0039 0x11ec  System windows directory: C:\Windows
17:39:24.0039 0x11ec  Running under WOW64
17:39:24.0039 0x11ec  Processor architecture: Intel x64
17:39:24.0039 0x11ec  Number of processors: 2
17:39:24.0039 0x11ec  Page size: 0x1000
17:39:24.0039 0x11ec  Boot type: Normal boot
17:39:24.0039 0x11ec  ============================================================
17:39:26.0021 0x11ec  KLMD registered as C:\Windows\system32\drivers\01549264.sys
17:39:26.0161 0x11ec  System UUID: {F313EC12-FCD3-215F-3C2F-4B1872B56C83}
17:39:26.0489 0x11ec  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:39:26.0504 0x11ec  Drive \Device\Harddisk1\DR2 - Size: 0x1E3000000 ( 7.55 Gb ), SectorSize: 0x200, Cylinders: 0x3D9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:39:26.0504 0x11ec  ============================================================
17:39:26.0504 0x11ec  \Device\Harddisk0\DR0:
17:39:26.0504 0x11ec  MBR partitions:
17:39:26.0504 0x11ec  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x38FFD000
17:39:26.0504 0x11ec  \Device\Harddisk1\DR2:
17:39:26.0504 0x11ec  MBR partitions:
17:39:26.0504 0x11ec  \Device\Harddisk1\DR2\Partition1: MBR, Type 0xB, StartLBA 0x800, BlocksNum 0xF17800
17:39:26.0504 0x11ec  ============================================================
17:39:26.0535 0x11ec  C: <-> \Device\Harddisk0\DR0\Partition1
17:39:26.0535 0x11ec  ============================================================
17:39:26.0535 0x11ec  Initialize success
17:39:26.0535 0x11ec  ============================================================
17:41:17.0077 0x05e4  ============================================================
17:41:17.0077 0x05e4  Scan started
17:41:17.0077 0x05e4  Mode: Manual; SigCheck; TDLFS; 
17:41:17.0077 0x05e4  ============================================================
17:41:17.0077 0x05e4  KSN ping started
17:41:19.0573 0x05e4  KSN ping finished: true
17:41:21.0274 0x05e4  ================ Scan system memory ========================
17:41:21.0274 0x05e4  System memory - ok
17:41:21.0289 0x05e4  ================ Scan services =============================
17:41:21.0398 0x05e4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:41:21.0476 0x05e4  1394ohci - ok
17:41:21.0508 0x05e4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:41:21.0539 0x05e4  ACPI - ok
17:41:21.0570 0x05e4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:41:21.0632 0x05e4  AcpiPmi - ok
17:41:21.0742 0x05e4  [ 249386D5903657326265C996B32A0EDB, AE0BCB06FB96B0CF50D5D6ED8F08E7AF333775911CABF828BFAA8FF5724310F8 ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
17:41:21.0773 0x05e4  AcrSch2Svc - ok
17:41:21.0851 0x05e4  [ F79623288F2A357AB20288B5DC4F452A, AA6F70A4C12E390E08074D6FD0EA0D1856D8274DA833E56A8811BF820A2D41D4 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:41:21.0866 0x05e4  AdobeFlashPlayerUpdateSvc - ok
17:41:21.0913 0x05e4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
17:41:21.0944 0x05e4  adp94xx - ok
17:41:21.0976 0x05e4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
17:41:22.0007 0x05e4  adpahci - ok
17:41:22.0038 0x05e4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
17:41:22.0054 0x05e4  adpu320 - ok
17:41:22.0085 0x05e4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:41:22.0116 0x05e4  AeLookupSvc - ok
17:41:22.0256 0x05e4  [ AE1FCE2CD1E99BEA89183BA8CD320872, 96F14BCA0C2479F39A5027A71922907D0F35CAD8E9A5037674DF7995BBDB2B51 ] afcdp           C:\Windows\system32\DRIVERS\afcdp.sys
17:41:22.0288 0x05e4  afcdp - ok
17:41:22.0397 0x05e4  [ AF44F7E027037628F1FAC3C13CDE73E6, 56A95EBF2241C275FD401487C5F0E86859F8637D8B1BD01B7157EE9BC22B1907 ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
17:41:22.0459 0x05e4  afcdpsrv - ok
17:41:22.0537 0x05e4  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
17:41:22.0584 0x05e4  AFD - ok
17:41:22.0631 0x05e4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
17:41:22.0662 0x05e4  agp440 - ok
17:41:22.0693 0x05e4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
17:41:22.0740 0x05e4  ALG - ok
17:41:22.0771 0x05e4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:41:22.0771 0x05e4  aliide - ok
17:41:22.0802 0x05e4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:41:22.0802 0x05e4  amdide - ok
17:41:22.0849 0x05e4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
17:41:22.0865 0x05e4  AmdK8 - ok
17:41:22.0896 0x05e4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
17:41:22.0927 0x05e4  AmdPPM - ok
17:41:22.0943 0x05e4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:41:22.0958 0x05e4  amdsata - ok
17:41:22.0990 0x05e4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
17:41:23.0005 0x05e4  amdsbs - ok
17:41:23.0036 0x05e4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:41:23.0036 0x05e4  amdxata - ok
17:41:23.0192 0x05e4  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
17:41:23.0317 0x05e4  AppID - ok
17:41:23.0348 0x05e4  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:41:23.0395 0x05e4  AppIDSvc - ok
17:41:23.0426 0x05e4  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
17:41:23.0473 0x05e4  Appinfo - ok
17:41:23.0504 0x05e4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
17:41:23.0504 0x05e4  arc - ok
17:41:23.0536 0x05e4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:41:23.0551 0x05e4  arcsas - ok
17:41:23.0645 0x05e4  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:41:23.0660 0x05e4  aspnet_state - ok
17:41:23.0676 0x05e4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:41:23.0723 0x05e4  AsyncMac - ok
17:41:23.0738 0x05e4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:41:23.0754 0x05e4  atapi - ok
17:41:23.0816 0x05e4  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:41:23.0879 0x05e4  AudioEndpointBuilder - ok
17:41:23.0926 0x05e4  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:41:23.0941 0x05e4  AudioSrv - ok
17:41:23.0972 0x05e4  [ 43744F1D3CDE20F3925F10927C9036C2, 47374A71D1A38572B8C247E924C0F3F063A6281743C9B7D818D63CA576B5D289 ] AVMCOWAN        C:\Windows\system32\DRIVERS\AVMCOWAN.sys
17:41:24.0066 0x05e4  AVMCOWAN - ok
17:41:24.0113 0x05e4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:41:24.0191 0x05e4  AxInstSV - ok
17:41:24.0222 0x05e4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
17:41:24.0284 0x05e4  b06bdrv - ok
17:41:24.0331 0x05e4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:41:24.0347 0x05e4  b57nd60a - ok
17:41:24.0378 0x05e4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:41:24.0409 0x05e4  BDESVC - ok
17:41:24.0425 0x05e4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:41:24.0456 0x05e4  Beep - ok
17:41:24.0503 0x05e4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
17:41:24.0581 0x05e4  BFE - ok
17:41:24.0612 0x05e4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
17:41:24.0721 0x05e4  BITS - ok
17:41:24.0752 0x05e4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:41:24.0768 0x05e4  blbdrive - ok
17:41:24.0799 0x05e4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:41:24.0830 0x05e4  bowser - ok
17:41:24.0862 0x05e4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
17:41:24.0877 0x05e4  BrFiltLo - ok
17:41:24.0893 0x05e4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
17:41:24.0908 0x05e4  BrFiltUp - ok
17:41:24.0940 0x05e4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
17:41:24.0971 0x05e4  Browser - ok
17:41:24.0986 0x05e4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:41:25.0049 0x05e4  Brserid - ok
17:41:25.0080 0x05e4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:41:25.0096 0x05e4  BrSerWdm - ok
17:41:25.0127 0x05e4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:41:25.0158 0x05e4  BrUsbMdm - ok
17:41:25.0189 0x05e4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:41:25.0205 0x05e4  BrUsbSer - ok
17:41:25.0267 0x05e4  [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
17:41:25.0283 0x05e4  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
17:41:27.0763 0x05e4  Detect skipped due to KSN trusted
17:41:27.0763 0x05e4  BrYNSvc - ok
17:41:27.0794 0x05e4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:41:27.0826 0x05e4  BTHMODEM - ok
17:41:27.0872 0x05e4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
17:41:27.0919 0x05e4  bthserv - ok
17:41:27.0950 0x05e4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:41:28.0013 0x05e4  cdfs - ok
17:41:28.0044 0x05e4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:41:28.0091 0x05e4  cdrom - ok
17:41:28.0106 0x05e4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:41:28.0153 0x05e4  CertPropSvc - ok
17:41:28.0184 0x05e4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
17:41:28.0216 0x05e4  circlass - ok
17:41:28.0247 0x05e4  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
17:41:28.0278 0x05e4  CLFS - ok
17:41:28.0340 0x05e4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:41:28.0356 0x05e4  clr_optimization_v2.0.50727_32 - ok
17:41:28.0387 0x05e4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:41:28.0387 0x05e4  clr_optimization_v2.0.50727_64 - ok
17:41:28.0450 0x05e4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:41:28.0465 0x05e4  clr_optimization_v4.0.30319_32 - ok
17:41:28.0496 0x05e4  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:41:28.0543 0x05e4  clr_optimization_v4.0.30319_64 - ok
17:41:28.0559 0x05e4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
17:41:28.0606 0x05e4  CmBatt - ok
17:41:28.0637 0x05e4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:41:28.0637 0x05e4  cmdide - ok
17:41:28.0684 0x05e4  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
17:41:28.0730 0x05e4  CNG - ok
17:41:28.0746 0x05e4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
17:41:28.0762 0x05e4  Compbatt - ok
17:41:28.0777 0x05e4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
17:41:28.0824 0x05e4  CompositeBus - ok
17:41:28.0840 0x05e4  COMSysApp - ok
17:41:28.0855 0x05e4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
17:41:28.0855 0x05e4  crcdisk - ok
17:41:28.0918 0x05e4  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:41:28.0964 0x05e4  CryptSvc - ok
17:41:29.0011 0x05e4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:41:29.0105 0x05e4  DcomLaunch - ok
17:41:29.0261 0x05e4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
17:41:29.0308 0x05e4  defragsvc - ok
17:41:29.0339 0x05e4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:41:29.0370 0x05e4  DfsC - ok
17:41:29.0401 0x05e4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:41:29.0448 0x05e4  Dhcp - ok
17:41:29.0464 0x05e4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
17:41:29.0510 0x05e4  discache - ok
17:41:29.0542 0x05e4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
17:41:29.0557 0x05e4  Disk - ok
17:41:29.0588 0x05e4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:41:29.0635 0x05e4  Dnscache - ok
17:41:29.0682 0x05e4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:41:29.0729 0x05e4  dot3svc - ok
17:41:29.0760 0x05e4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
17:41:29.0807 0x05e4  DPS - ok
17:41:29.0869 0x05e4  [ 208AA207BB4D69C940268ED7E36667C2, 2D500E01D15B5F7CFDFC89E6EB3B3D1324239758418C496F7F32FDDBC81313A3 ] DragonLoggerService C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe
17:41:29.0885 0x05e4  DragonLoggerService - ok
17:41:29.0916 0x05e4  [ AFF6D13B6B3135E3B71498C7896F6A01, 589B85A62D5AF463D721EE906934F01B703553CE3330BD814FCD6D7406F25A72 ] DragonSvc       C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
17:41:29.0932 0x05e4  DragonSvc - ok
17:41:29.0947 0x05e4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:41:29.0994 0x05e4  drmkaud - ok
17:41:30.0072 0x05e4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:41:30.0119 0x05e4  DXGKrnl - ok
17:41:30.0150 0x05e4  [ 711405DA1FBC40B820DB5A2B4DD939F0, 64B6D59BFF6DD0B8D2177C58A56F5AF719ACD01DD5F598E183C4BB81D949678B ] e1kexpress      C:\Windows\system32\DRIVERS\e1k62x64.sys
17:41:30.0181 0x05e4  e1kexpress - ok
17:41:30.0212 0x05e4  [ FE96AA1A36E76588C80DF1040286DDE1, 86EED8A0B59CD1930E6282997537ED94333FC7D45E3FE5A4D82057E1C8E5C2CD ] eamonm          C:\Windows\system32\DRIVERS\eamonm.sys
17:41:30.0244 0x05e4  eamonm - ok
17:41:30.0275 0x05e4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
17:41:30.0337 0x05e4  EapHost - ok
17:41:30.0431 0x05e4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
17:41:30.0571 0x05e4  ebdrv - ok
17:41:30.0602 0x05e4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
17:41:30.0680 0x05e4  EFS - ok
17:41:30.0743 0x05e4  [ 807BA90D47F8885C09E1D6AFBB706E18, A803FE639C9C87733CA73D8F6C04A8CEB28DC45EEEA6CEC01ED3D4124C8E48EA ] ehdrv           C:\Windows\system32\DRIVERS\ehdrv.sys
17:41:30.0774 0x05e4  ehdrv - ok
17:41:30.0883 0x05e4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:41:30.0946 0x05e4  ehRecvr - ok
17:41:30.0992 0x05e4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
17:41:31.0024 0x05e4  ehSched - ok
17:41:31.0117 0x05e4  [ 4CB575D97653FA91FFB02DA3105EB084, 59FB4D2485EEDBCC56D92C1F5DF3FEAE67D751F3AD7AEA7590F3C73107C829E8 ] ekrn            C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
17:41:31.0148 0x05e4  ekrn - ok
17:41:31.0195 0x05e4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
17:41:31.0226 0x05e4  elxstor - ok
17:41:31.0273 0x05e4  [ 00A81DC02BA17FB4BFCFA026DC47458F, 1B95BD51727E66B023BA4F2C9F57E69496790582CB272D57FE4BC15BA64952D8 ] epfw            C:\Windows\system32\DRIVERS\epfw.sys
17:41:31.0289 0x05e4  epfw - ok
17:41:31.0320 0x05e4  [ 3B085449438B2BCFD09CC84A0B90D1DB, 098DD64CC446E3960F93C0CDA495069DB6E7D9397CAC857E09E9FA323F5D31B2 ] EpfwLWF         C:\Windows\system32\DRIVERS\EpfwLWF.sys
17:41:31.0320 0x05e4  EpfwLWF - ok
17:41:31.0351 0x05e4  [ 91D54747A07F56ADCE1B6CFD3387AF60, 6F27AC896EA360284F6868BA1FEB55AE9325C914E54D73AECC5EBC8328650D41 ] epfwwfp         C:\Windows\system32\DRIVERS\epfwwfp.sys
17:41:31.0367 0x05e4  epfwwfp - ok
17:41:31.0398 0x05e4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:41:31.0429 0x05e4  ErrDev - ok
17:41:31.0476 0x05e4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
17:41:31.0523 0x05e4  EventSystem - ok
17:41:31.0554 0x05e4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:41:31.0601 0x05e4  exfat - ok
17:41:31.0616 0x05e4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:41:31.0663 0x05e4  fastfat - ok
17:41:31.0710 0x05e4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
17:41:31.0757 0x05e4  Fax - ok
17:41:31.0788 0x05e4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
17:41:31.0819 0x05e4  fdc - ok
17:41:31.0835 0x05e4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
17:41:31.0882 0x05e4  fdPHost - ok
17:41:31.0913 0x05e4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:41:31.0960 0x05e4  FDResPub - ok
17:41:31.0975 0x05e4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:41:31.0991 0x05e4  FileInfo - ok
17:41:32.0006 0x05e4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:41:32.0069 0x05e4  Filetrace - ok
17:41:32.0084 0x05e4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
17:41:32.0084 0x05e4  flpydisk - ok
17:41:32.0147 0x05e4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:41:32.0162 0x05e4  FltMgr - ok
17:41:32.0209 0x05e4  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
17:41:32.0287 0x05e4  FontCache - ok
17:41:32.0334 0x05e4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:41:32.0334 0x05e4  FontCache3.0.0.0 - ok
17:41:32.0365 0x05e4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:41:32.0381 0x05e4  FsDepends - ok
17:41:32.0412 0x05e4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:41:32.0428 0x05e4  Fs_Rec - ok
17:41:32.0474 0x05e4  [ 3D0F2C8B86BCAB9A2BC5D5A725F45DCC, 45ABA7D6B08803D59D6F56698223E1B8A6365471EDAA041FA6434BE9FE140260 ] FUS2BASE        C:\Windows\system32\DRIVERS\fus2base.sys
17:41:32.0521 0x05e4  FUS2BASE - ok
17:41:32.0568 0x05e4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:41:32.0599 0x05e4  fvevol - ok
17:41:32.0630 0x05e4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:41:32.0630 0x05e4  gagp30kx - ok
17:41:32.0677 0x05e4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:41:32.0740 0x05e4  gpsvc - ok
17:41:32.0786 0x05e4  Gupta SQLBase Advoware - ok
17:41:32.0786 0x05e4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:41:32.0833 0x05e4  hcw85cir - ok
17:41:32.0864 0x05e4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:41:32.0911 0x05e4  HdAudAddService - ok
17:41:32.0927 0x05e4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:41:32.0958 0x05e4  HDAudBus - ok
17:41:32.0989 0x05e4  [ 62FB29642745DD290910BFD79537FCE0, 56206F936958082B3A2AD93E4E5C7EDA9518A6F12670C6F26EC7A35D0D5305DF ] HH10Help.sys    C:\Windows\system32\drivers\HH10Help.sys
17:41:33.0005 0x05e4  HH10Help.sys - ok
17:41:33.0020 0x05e4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
17:41:33.0052 0x05e4  HidBatt - ok
17:41:33.0083 0x05e4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:41:33.0114 0x05e4  HidBth - ok
17:41:33.0130 0x05e4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
17:41:33.0145 0x05e4  HidIr - ok
17:41:33.0192 0x05e4  [ 949900BBF7015CCD877D20DB6C2628BE, 7D39DFF56FD17A3054324F2BC260F72DC8C3AD5063AA5056A2FCA52F3AAF880E ] hidkmdf         C:\Windows\system32\DRIVERS\hidkmdf.sys
17:41:33.0208 0x05e4  hidkmdf - ok
17:41:33.0239 0x05e4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
17:41:33.0286 0x05e4  hidserv - ok
17:41:33.0317 0x05e4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:41:33.0348 0x05e4  HidUsb - ok
17:41:33.0379 0x05e4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:41:33.0426 0x05e4  hkmsvc - ok
17:41:33.0457 0x05e4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:41:33.0504 0x05e4  HomeGroupListener - ok
17:41:33.0535 0x05e4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:41:33.0566 0x05e4  HomeGroupProvider - ok
17:41:33.0598 0x05e4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:41:33.0613 0x05e4  HpSAMD - ok
17:41:33.0660 0x05e4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:41:33.0738 0x05e4  HTTP - ok
17:41:33.0754 0x05e4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:41:33.0754 0x05e4  hwpolicy - ok
17:41:33.0816 0x05e4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:41:33.0832 0x05e4  i8042prt - ok
17:41:33.0878 0x05e4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:41:33.0910 0x05e4  iaStorV - ok
17:41:33.0972 0x05e4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:41:34.0019 0x05e4  idsvc - ok
17:41:34.0034 0x05e4  IEEtwCollectorService - ok
17:41:34.0315 0x05e4  [ C6238C6ABD6AC99F5D152DA4E9439A3D, 6FC490B94CEF523C7C099AEA3D36AB75C9896B1D83D4467D237E698A8E0D9E7B ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
17:41:34.0674 0x05e4  igfx - ok
17:41:34.0705 0x05e4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
17:41:34.0721 0x05e4  iirsp - ok
17:41:34.0768 0x05e4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
17:41:34.0830 0x05e4  IKEEXT - ok
17:41:34.0846 0x05e4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:41:34.0861 0x05e4  intelide - ok
17:41:34.0892 0x05e4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:41:34.0908 0x05e4  intelppm - ok
17:41:34.0939 0x05e4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:41:34.0986 0x05e4  IPBusEnum - ok
17:41:35.0002 0x05e4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:41:35.0033 0x05e4  IpFilterDriver - ok
17:41:35.0080 0x05e4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:41:35.0126 0x05e4  iphlpsvc - ok
17:41:35.0142 0x05e4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:41:35.0158 0x05e4  IPMIDRV - ok
17:41:35.0173 0x05e4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:41:35.0220 0x05e4  IPNAT - ok
17:41:35.0236 0x05e4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:41:35.0267 0x05e4  IRENUM - ok
17:41:35.0267 0x05e4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:41:35.0282 0x05e4  isapnp - ok
17:41:35.0314 0x05e4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:41:35.0360 0x05e4  iScsiPrt - ok
17:41:35.0392 0x05e4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:41:35.0392 0x05e4  kbdclass - ok
17:41:35.0423 0x05e4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:41:35.0438 0x05e4  kbdhid - ok
17:41:35.0454 0x05e4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
17:41:35.0470 0x05e4  KeyIso - ok
17:41:35.0501 0x05e4  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:41:35.0516 0x05e4  KSecDD - ok
17:41:35.0548 0x05e4  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:41:35.0563 0x05e4  KSecPkg - ok
17:41:35.0594 0x05e4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:41:35.0626 0x05e4  ksthunk - ok
17:41:35.0657 0x05e4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:41:35.0704 0x05e4  KtmRm - ok
17:41:35.0735 0x05e4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:41:35.0782 0x05e4  LanmanServer - ok
17:41:35.0797 0x05e4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:41:35.0844 0x05e4  LanmanWorkstation - ok
17:41:35.0875 0x05e4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:41:35.0906 0x05e4  lltdio - ok
17:41:35.0938 0x05e4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:41:35.0984 0x05e4  lltdsvc - ok
17:41:36.0000 0x05e4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:41:36.0031 0x05e4  lmhosts - ok
17:41:36.0062 0x05e4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:41:36.0078 0x05e4  LSI_FC - ok
17:41:36.0078 0x05e4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
17:41:36.0094 0x05e4  LSI_SAS - ok
17:41:36.0109 0x05e4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
17:41:36.0125 0x05e4  LSI_SAS2 - ok
17:41:36.0140 0x05e4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:41:36.0156 0x05e4  LSI_SCSI - ok
17:41:36.0187 0x05e4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
17:41:36.0218 0x05e4  luafv - ok
17:41:36.0250 0x05e4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:41:36.0281 0x05e4  Mcx2Svc - ok
17:41:36.0296 0x05e4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
17:41:36.0312 0x05e4  megasas - ok
17:41:36.0343 0x05e4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
17:41:36.0359 0x05e4  MegaSR - ok
17:41:36.0390 0x05e4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
17:41:36.0421 0x05e4  MMCSS - ok
17:41:36.0452 0x05e4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
17:41:36.0484 0x05e4  Modem - ok
17:41:36.0499 0x05e4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:41:36.0515 0x05e4  monitor - ok
17:41:36.0530 0x05e4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:41:36.0546 0x05e4  mouclass - ok
17:41:36.0577 0x05e4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:41:36.0593 0x05e4  mouhid - ok
17:41:36.0608 0x05e4  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:41:36.0624 0x05e4  mountmgr - ok
17:41:36.0671 0x05e4  [ DEA022193DF8C88F6E2B3E33D148A5DB, 97DFC47DB83E04A975A1969AA120385463FCAF4E1A9984FD3220442D7026B45A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:41:36.0686 0x05e4  MozillaMaintenance - ok
17:41:36.0702 0x05e4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:41:36.0718 0x05e4  mpio - ok
17:41:36.0764 0x05e4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:41:36.0796 0x05e4  mpsdrv - ok
17:41:36.0842 0x05e4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:41:36.0905 0x05e4  MpsSvc - ok
17:41:36.0936 0x05e4  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:41:36.0998 0x05e4  MRxDAV - ok
17:41:37.0014 0x05e4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:41:37.0045 0x05e4  mrxsmb - ok
17:41:37.0076 0x05e4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:41:37.0108 0x05e4  mrxsmb10 - ok
17:41:37.0123 0x05e4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:41:37.0139 0x05e4  mrxsmb20 - ok
17:41:37.0154 0x05e4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:41:37.0170 0x05e4  msahci - ok
17:41:37.0186 0x05e4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:41:37.0201 0x05e4  msdsm - ok
17:41:37.0232 0x05e4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
17:41:37.0264 0x05e4  MSDTC - ok
17:41:37.0295 0x05e4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:41:37.0342 0x05e4  Msfs - ok
17:41:37.0357 0x05e4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:41:37.0388 0x05e4  mshidkmdf - ok
17:41:37.0404 0x05e4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:41:37.0420 0x05e4  msisadrv - ok
17:41:37.0435 0x05e4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:41:37.0513 0x05e4  MSiSCSI - ok
17:41:37.0513 0x05e4  msiserver - ok
17:41:37.0529 0x05e4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:41:37.0560 0x05e4  MSKSSRV - ok
17:41:37.0576 0x05e4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:41:37.0591 0x05e4  MSPCLOCK - ok
17:41:37.0607 0x05e4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:41:37.0638 0x05e4  MSPQM - ok
17:41:37.0669 0x05e4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:41:37.0685 0x05e4  MsRPC - ok
17:41:37.0716 0x05e4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
17:41:37.0716 0x05e4  mssmbios - ok
17:41:37.0732 0x05e4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:41:37.0763 0x05e4  MSTEE - ok
17:41:37.0778 0x05e4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
17:41:37.0810 0x05e4  MTConfig - ok
17:41:37.0810 0x05e4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
17:41:37.0825 0x05e4  Mup - ok
17:41:37.0841 0x05e4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
17:41:37.0903 0x05e4  napagent - ok
17:41:37.0934 0x05e4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:41:37.0966 0x05e4  NativeWifiP - ok
17:41:38.0012 0x05e4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:41:38.0059 0x05e4  NDIS - ok
17:41:38.0075 0x05e4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:41:38.0106 0x05e4  NdisCap - ok
17:41:38.0122 0x05e4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:41:38.0153 0x05e4  NdisTapi - ok
17:41:38.0168 0x05e4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:41:38.0200 0x05e4  Ndisuio - ok
17:41:38.0215 0x05e4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:41:38.0262 0x05e4  NdisWan - ok
17:41:38.0278 0x05e4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:41:38.0324 0x05e4  NDProxy - ok
17:41:38.0340 0x05e4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:41:38.0371 0x05e4  NetBIOS - ok
17:41:38.0387 0x05e4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:41:38.0418 0x05e4  NetBT - ok
17:41:38.0434 0x05e4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
17:41:38.0449 0x05e4  Netlogon - ok
17:41:38.0480 0x05e4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
17:41:38.0543 0x05e4  Netman - ok
17:41:38.0574 0x05e4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:41:38.0636 0x05e4  NetMsmqActivator - ok
17:41:38.0714 0x05e4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:41:38.0730 0x05e4  NetPipeActivator - ok
17:41:38.0761 0x05e4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
17:41:38.0824 0x05e4  netprofm - ok
17:41:38.0839 0x05e4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:41:38.0855 0x05e4  NetTcpActivator - ok
17:41:38.0870 0x05e4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:41:38.0886 0x05e4  NetTcpPortSharing - ok
17:41:38.0917 0x05e4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
17:41:38.0948 0x05e4  nfrd960 - ok
17:41:38.0980 0x05e4  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:41:39.0011 0x05e4  NlaSvc - ok
17:41:39.0026 0x05e4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:41:39.0058 0x05e4  Npfs - ok
17:41:39.0089 0x05e4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
17:41:39.0136 0x05e4  nsi - ok
17:41:39.0151 0x05e4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:41:39.0182 0x05e4  nsiproxy - ok
17:41:39.0260 0x05e4  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:41:39.0323 0x05e4  Ntfs - ok
17:41:39.0354 0x05e4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
17:41:39.0432 0x05e4  Null - ok
17:41:39.0494 0x05e4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:41:39.0510 0x05e4  nvraid - ok
17:41:39.0541 0x05e4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:41:39.0557 0x05e4  nvstor - ok
17:41:39.0572 0x05e4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:41:39.0588 0x05e4  nv_agp - ok
17:41:39.0604 0x05e4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:41:39.0619 0x05e4  ohci1394 - ok
17:41:39.0666 0x05e4  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:41:39.0682 0x05e4  ose - ok
17:41:39.0838 0x05e4  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:41:39.0978 0x05e4  osppsvc - ok
17:41:40.0025 0x05e4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:41:40.0072 0x05e4  p2pimsvc - ok
17:41:40.0103 0x05e4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
17:41:40.0134 0x05e4  p2psvc - ok
17:41:40.0165 0x05e4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:41:40.0181 0x05e4  Parport - ok
17:41:40.0196 0x05e4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:41:40.0196 0x05e4  partmgr - ok
17:41:40.0212 0x05e4  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:41:40.0259 0x05e4  PcaSvc - ok
17:41:40.0274 0x05e4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
17:41:40.0306 0x05e4  pci - ok
17:41:40.0321 0x05e4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:41:40.0337 0x05e4  pciide - ok
17:41:40.0368 0x05e4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:41:40.0384 0x05e4  pcmcia - ok
17:41:40.0415 0x05e4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:41:40.0430 0x05e4  pcw - ok
17:41:40.0508 0x05e4  [ CA54B6236093ED0E18201D1EC34F61F3, 3D449CCAE86AAB3CFD905B96CFDB22390E98F502667DC05ACACF84B5ECCD038F ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
17:41:40.0524 0x05e4  PDFProFiltSrvPP - ok
17:41:40.0540 0x05e4  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:41:40.0602 0x05e4  PEAUTH - ok
17:41:40.0664 0x05e4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:41:40.0696 0x05e4  PerfHost - ok
17:41:40.0758 0x05e4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
17:41:40.0836 0x05e4  pla - ok
17:41:40.0867 0x05e4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:41:40.0945 0x05e4  PlugPlay - ok
17:41:40.0961 0x05e4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:41:40.0976 0x05e4  PNRPAutoReg - ok
17:41:40.0992 0x05e4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:41:41.0023 0x05e4  PNRPsvc - ok
17:41:41.0054 0x05e4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:41:41.0117 0x05e4  PolicyAgent - ok
17:41:41.0132 0x05e4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
17:41:41.0179 0x05e4  Power - ok
17:41:41.0226 0x05e4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:41:41.0273 0x05e4  PptpMiniport - ok
17:41:41.0288 0x05e4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
17:41:41.0320 0x05e4  Processor - ok
17:41:41.0335 0x05e4  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:41:41.0398 0x05e4  ProfSvc - ok
17:41:41.0413 0x05e4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:41:41.0413 0x05e4  ProtectedStorage - ok
17:41:41.0444 0x05e4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:41:41.0491 0x05e4  Psched - ok
17:41:41.0522 0x05e4  [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI             C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
17:41:41.0522 0x05e4  PSI - ok
17:41:41.0585 0x05e4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:41:41.0632 0x05e4  ql2300 - ok
17:41:41.0663 0x05e4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:41:41.0678 0x05e4  ql40xx - ok
17:41:41.0710 0x05e4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
17:41:41.0741 0x05e4  QWAVE - ok
17:41:41.0756 0x05e4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:41:41.0788 0x05e4  QWAVEdrv - ok
17:41:41.0881 0x05e4  [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
17:41:41.0897 0x05e4  RapiMgr - ok
17:41:41.0897 0x05e4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:41:41.0928 0x05e4  RasAcd - ok
17:41:41.0975 0x05e4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:41:42.0006 0x05e4  RasAgileVpn - ok
17:41:42.0022 0x05e4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
17:41:42.0068 0x05e4  RasAuto - ok
17:41:42.0084 0x05e4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:41:42.0115 0x05e4  Rasl2tp - ok
17:41:42.0131 0x05e4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
17:41:42.0178 0x05e4  RasMan - ok
17:41:42.0193 0x05e4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:41:42.0240 0x05e4  RasPppoe - ok
17:41:42.0256 0x05e4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:41:42.0302 0x05e4  RasSstp - ok
17:41:42.0334 0x05e4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:41:42.0365 0x05e4  rdbss - ok
17:41:42.0380 0x05e4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
17:41:42.0412 0x05e4  rdpbus - ok
17:41:42.0412 0x05e4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:41:42.0458 0x05e4  RDPCDD - ok
17:41:42.0474 0x05e4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:41:42.0521 0x05e4  RDPENCDD - ok
17:41:42.0536 0x05e4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:41:42.0568 0x05e4  RDPREFMP - ok
17:41:42.0646 0x05e4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:41:42.0692 0x05e4  RdpVideoMiniport - ok
17:41:42.0755 0x05e4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:41:42.0786 0x05e4  RDPWD - ok
17:41:42.0833 0x05e4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:41:42.0848 0x05e4  rdyboost - ok
17:41:42.0864 0x05e4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:41:42.0895 0x05e4  RemoteAccess - ok
17:41:42.0926 0x05e4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:41:42.0973 0x05e4  RemoteRegistry - ok
17:41:42.0989 0x05e4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:41:43.0020 0x05e4  RpcEptMapper - ok
17:41:43.0036 0x05e4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
17:41:43.0067 0x05e4  RpcLocator - ok
17:41:43.0082 0x05e4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
17:41:43.0114 0x05e4  RpcSs - ok
17:41:43.0160 0x05e4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:41:43.0192 0x05e4  rspndr - ok
17:41:43.0207 0x05e4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
17:41:43.0207 0x05e4  SamSs - ok
17:41:43.0238 0x05e4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:41:43.0254 0x05e4  sbp2port - ok
17:41:43.0270 0x05e4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:41:43.0301 0x05e4  SCardSvr - ok
17:41:43.0316 0x05e4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:41:43.0363 0x05e4  scfilter - ok
17:41:43.0394 0x05e4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
17:41:43.0457 0x05e4  Schedule - ok
17:41:43.0488 0x05e4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:41:43.0519 0x05e4  SCPolicySvc - ok
17:41:43.0535 0x05e4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:41:43.0566 0x05e4  SDRSVC - ok
17:41:43.0597 0x05e4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:41:43.0628 0x05e4  secdrv - ok
17:41:43.0644 0x05e4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
17:41:43.0675 0x05e4  seclogon - ok
17:41:43.0738 0x05e4  [ 86C9FD4982D0BEAEDF0C8BBF02AA148B, BC1BC52D88372CF6B84C3FFFB28B0ADCC7F1D24C0114504AAA6A116880837DE3 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
17:41:43.0753 0x05e4  Secunia PSI Agent - ok
17:41:43.0800 0x05e4  [ 808E07BBD5C68BEB844F46F164F8509E, 96B2C3D3F9D29269A210CDEFAD1FE88EDCA4EF8C3825A22A9932772FA2AB060B ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
17:41:43.0816 0x05e4  Secunia Update Agent - ok
17:41:43.0816 0x05e4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
17:41:43.0862 0x05e4  SENS - ok
17:41:43.0878 0x05e4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:41:43.0909 0x05e4  SensrSvc - ok
17:41:43.0940 0x05e4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:41:43.0956 0x05e4  Serenum - ok
17:41:43.0987 0x05e4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:41:44.0003 0x05e4  Serial - ok
17:41:44.0018 0x05e4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:41:44.0050 0x05e4  sermouse - ok
17:41:44.0065 0x05e4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
17:41:44.0112 0x05e4  SessionEnv - ok
17:41:44.0143 0x05e4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:41:44.0143 0x05e4  sffdisk - ok
17:41:44.0159 0x05e4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:41:44.0190 0x05e4  sffp_mmc - ok
17:41:44.0190 0x05e4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:41:44.0221 0x05e4  sffp_sd - ok
17:41:44.0237 0x05e4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
17:41:44.0252 0x05e4  sfloppy - ok
17:41:44.0284 0x05e4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:41:44.0346 0x05e4  SharedAccess - ok
17:41:44.0377 0x05e4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:41:44.0440 0x05e4  ShellHWDetection - ok
17:41:44.0486 0x05e4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
17:41:44.0518 0x05e4  SiSRaid2 - ok
17:41:44.0533 0x05e4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:41:44.0549 0x05e4  SiSRaid4 - ok
17:41:44.0580 0x05e4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:41:44.0611 0x05e4  Smb - ok
17:41:44.0642 0x05e4  [ 10450F432811D7FDA60A97FCC674D7B2, FD6245B06DD81C6E287DA47173D622357D86D84E3A5444CD34645973FE2E8BF5 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
17:41:44.0658 0x05e4  snapman - ok
17:41:44.0705 0x05e4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:41:44.0720 0x05e4  SNMPTRAP - ok
17:41:44.0736 0x05e4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:41:44.0752 0x05e4  spldr - ok
17:41:44.0798 0x05e4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
17:41:44.0830 0x05e4  Spooler - ok
17:41:44.0923 0x05e4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
17:41:45.0079 0x05e4  sppsvc - ok
17:41:45.0095 0x05e4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:41:45.0126 0x05e4  sppuinotify - ok
17:41:45.0157 0x05e4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:41:45.0220 0x05e4  srv - ok
17:41:45.0235 0x05e4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:41:45.0266 0x05e4  srv2 - ok
17:41:45.0282 0x05e4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:41:45.0298 0x05e4  srvnet - ok
17:41:45.0329 0x05e4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:41:45.0360 0x05e4  SSDPSRV - ok
17:41:45.0376 0x05e4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:41:45.0407 0x05e4  SstpSvc - ok
17:41:45.0422 0x05e4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
17:41:45.0438 0x05e4  stexstor - ok
17:41:45.0485 0x05e4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
17:41:45.0516 0x05e4  stisvc - ok
17:41:45.0532 0x05e4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
17:41:45.0547 0x05e4  swenum - ok
17:41:45.0578 0x05e4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
17:41:45.0625 0x05e4  swprv - ok
17:41:45.0672 0x05e4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
17:41:45.0766 0x05e4  SysMain - ok
17:41:45.0781 0x05e4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:41:45.0812 0x05e4  TabletInputService - ok
17:41:45.0828 0x05e4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:41:45.0875 0x05e4  TapiSrv - ok
17:41:45.0890 0x05e4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
17:41:45.0937 0x05e4  TBS - ok
17:41:46.0015 0x05e4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:41:46.0078 0x05e4  Tcpip - ok
17:41:46.0140 0x05e4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:41:46.0187 0x05e4  TCPIP6 - ok
17:41:46.0218 0x05e4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:41:46.0234 0x05e4  tcpipreg - ok
17:41:46.0249 0x05e4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:41:46.0280 0x05e4  TDPIPE - ok
17:41:46.0343 0x05e4  [ 99527D49EE0A96FC25537C61B270A372, 519E23F86EC86349F92C4A88DBD19C097AEE0A6E152776B32B45D293ED14946B ] tdrpman273      C:\Windows\system32\DRIVERS\tdrpm273.sys
17:41:46.0374 0x05e4  tdrpman273 - ok
17:41:46.0390 0x05e4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:41:46.0405 0x05e4  TDTCP - ok
17:41:46.0436 0x05e4  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:41:46.0468 0x05e4  tdx - ok
17:41:46.0483 0x05e4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
17:41:46.0499 0x05e4  TermDD - ok
17:41:46.0546 0x05e4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
17:41:46.0608 0x05e4  TermService - ok
17:41:46.0624 0x05e4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
17:41:46.0639 0x05e4  Themes - ok
17:41:46.0670 0x05e4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
17:41:46.0702 0x05e4  THREADORDER - ok
17:41:46.0748 0x05e4  [ EBBAEA02F0095A798000C7E06B16D41B, CBEAC6CBF0F8D5B72ACCBADA6BD1DF1EB31F84B0D973DA955337991D4DBBDF7E ] timounter       C:\Windows\system32\DRIVERS\timntr.sys
17:41:46.0780 0x05e4  timounter - ok
17:41:46.0904 0x05e4  [ 28ED2CF224B1D61E8B5CBCA8F47B1DC8, 0A4960E6D728A3B7E85D5D58EED89F6B2CF8294A79FF9973E1606659F3C2AB59 ] tksock          C:\Program Files (x86)\AGFEO\Tk-Suite-Basic\tkserver\tksock.exe
17:41:46.0967 0x05e4  tksock - detected UnsignedFile.Multi.Generic ( 1 )
17:41:49.0447 0x05e4  Detect skipped due to KSN trusted
17:41:49.0447 0x05e4  tksock - ok
17:41:49.0494 0x05e4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
17:41:49.0525 0x05e4  TrkWks - ok
17:41:49.0572 0x05e4  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt       C:\Windows\system32\drivers\truecrypt.sys
17:41:49.0588 0x05e4  truecrypt - ok
17:41:49.0634 0x05e4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:41:49.0666 0x05e4  TrustedInstaller - ok
17:41:49.0697 0x05e4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:41:49.0728 0x05e4  tssecsrv - ok
17:41:49.0759 0x05e4  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:41:49.0790 0x05e4  TsUsbFlt - ok
17:41:49.0806 0x05e4  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
17:41:49.0837 0x05e4  TsUsbGD - ok
17:41:49.0868 0x05e4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:41:49.0900 0x05e4  tunnel - ok
17:41:49.0915 0x05e4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:41:49.0931 0x05e4  uagp35 - ok
17:41:49.0946 0x05e4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:41:49.0993 0x05e4  udfs - ok
17:41:50.0009 0x05e4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:41:50.0024 0x05e4  UI0Detect - ok
17:41:50.0040 0x05e4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:41:50.0056 0x05e4  uliagpkx - ok
17:41:50.0087 0x05e4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:41:50.0118 0x05e4  umbus - ok
17:41:50.0134 0x05e4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
17:41:50.0149 0x05e4  UmPass - ok
17:41:50.0180 0x05e4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
17:41:50.0227 0x05e4  upnphost - ok
17:41:50.0274 0x05e4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:41:50.0305 0x05e4  usbccgp - ok
17:41:50.0336 0x05e4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:41:50.0383 0x05e4  usbcir - ok
17:41:50.0399 0x05e4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:41:50.0414 0x05e4  usbehci - ok
17:41:50.0446 0x05e4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:41:50.0477 0x05e4  usbhub - ok
17:41:50.0508 0x05e4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:41:50.0508 0x05e4  usbohci - ok
17:41:50.0539 0x05e4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
17:41:50.0570 0x05e4  usbprint - ok
17:41:50.0602 0x05e4  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
17:41:50.0680 0x05e4  usbscan - ok
17:41:50.0711 0x05e4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:41:50.0726 0x05e4  USBSTOR - ok
17:41:50.0758 0x05e4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
17:41:50.0789 0x05e4  usbuhci - ok
17:41:50.0804 0x05e4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
17:41:50.0851 0x05e4  UxSms - ok
17:41:50.0867 0x05e4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
17:41:50.0867 0x05e4  VaultSvc - ok
17:41:50.0914 0x05e4  [ 197AF90E01A473A1862BB5381BE77877, 5E7D219F7A982356D09F9742501267D38F96F2A493BBF1D59643B314A23C0573 ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
17:41:50.0929 0x05e4  VBoxDrv - ok
17:41:50.0976 0x05e4  [ 9AFB83D5E465E7F3C2C20F968C774756, 232B35E10FCCD40C3D9A0CAC37D0B0256C39F999696647B70070FF1438AED95E ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
17:41:51.0007 0x05e4  VBoxNetAdp - ok
17:41:51.0023 0x05e4  [ 1205DFE6DF344DF80FB3AF10F6E9AC77, 2F5CF70E16963C10E3A484EFBF33C809C3719D1E3A5B3ACF52D1AF8350CF14C0 ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
17:41:51.0038 0x05e4  VBoxNetFlt - ok
17:41:51.0085 0x05e4  [ 132DFA8D09CE78952259D1A9B480C335, A172B67034F17EFA24151587BD1B9240C98543555DCA7DF7CB0430EB6068093D ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
17:41:51.0101 0x05e4  VBoxUSBMon - ok
17:41:51.0163 0x05e4  [ EB73C0C918F281D52C5993288A02569F, D65C5406B97DDEE0658AD23CDF6D8BC8131930907A5BD158E2581E487527997D ] VC10SecS        C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
17:41:51.0163 0x05e4  VC10SecS - ok
17:41:51.0194 0x05e4  [ F0FAF3FB9B138F8CAFB65ECFFE9F4AB6, E0869E4E9271B484209BB44E6E17D99BE6CEA08A983132C0D69FA373202B14D7 ] vcd10bus        C:\Windows\system32\DRIVERS\vcd10bus.sys
17:41:51.0210 0x05e4  vcd10bus - ok
17:41:51.0210 0x05e4  Suspicious service (NoAccess): vdrv1000
17:41:51.0226 0x05e4  [ B61BDFD94D4C7B37BF4C898B32BA6396, 4D4DAAFCFDCA6495FE50D77988067023262AE0448148E899AC1C8FAA20A18437 ] vdrv1000        C:\Windows\system32\DRIVERS\vdrv1000.sys
17:41:51.0226 0x05e4  vdrv1000 - detected LockedService.Multi.Generic ( 1 )
17:41:53.0722 0x05e4  Detect skipped due to KSN trusted
17:41:53.0722 0x05e4  vdrv1000 - ok
17:41:53.0753 0x05e4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:41:53.0768 0x05e4  vdrvroot - ok
17:41:53.0800 0x05e4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
17:41:53.0878 0x05e4  vds - ok
17:41:53.0909 0x05e4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:41:53.0924 0x05e4  vga - ok
17:41:53.0940 0x05e4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:41:53.0987 0x05e4  VgaSave - ok
17:41:54.0002 0x05e4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:41:54.0018 0x05e4  vhdmp - ok
17:41:54.0049 0x05e4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:41:54.0049 0x05e4  viaide - ok
17:41:54.0080 0x05e4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:41:54.0080 0x05e4  volmgr - ok
17:41:54.0096 0x05e4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:41:54.0112 0x05e4  volmgrx - ok
17:41:54.0143 0x05e4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:41:54.0158 0x05e4  volsnap - ok
17:41:54.0190 0x05e4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
17:41:54.0205 0x05e4  vsmraid - ok
17:41:54.0268 0x05e4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
17:41:54.0361 0x05e4  VSS - ok
17:41:54.0377 0x05e4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
17:41:54.0392 0x05e4  vwifibus - ok
17:41:54.0424 0x05e4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
17:41:54.0470 0x05e4  W32Time - ok
17:41:54.0517 0x05e4  [ 5E5704A38928D8452246867D94AEDC39, 7430301107C05785F197EDFF165CF0884C425F74609CB2EA23516B255D9F29FE ] WacHidRouter    C:\Windows\system32\DRIVERS\wachidrouter.sys
17:41:54.0533 0x05e4  WacHidRouter - ok
17:41:54.0533 0x05e4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:41:54.0564 0x05e4  WacomPen - ok
17:41:54.0564 0x05e4  [ 056891AD9FB65EEE3A927C9FB5131FC7, 5CEC0E460A7A247672357E04E1B6B11A6F22FBB65DE533E0216CE3B2A33EF438 ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
17:41:54.0580 0x05e4  wacomrouterfilter - ok
17:41:54.0611 0x05e4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:41:54.0642 0x05e4  WANARP - ok
17:41:54.0658 0x05e4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:41:54.0689 0x05e4  Wanarpv6 - ok
17:41:54.0782 0x05e4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:41:54.0829 0x05e4  WatAdminSvc - ok
17:41:54.0892 0x05e4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
17:41:54.0970 0x05e4  wbengine - ok
17:41:54.0985 0x05e4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:41:55.0016 0x05e4  WbioSrvc - ok
17:41:55.0079 0x05e4  [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
17:41:55.0110 0x05e4  WcesComm - ok
17:41:55.0141 0x05e4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:41:55.0188 0x05e4  wcncsvc - ok
17:41:55.0204 0x05e4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:41:55.0250 0x05e4  WcsPlugInService - ok
17:41:55.0282 0x05e4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
17:41:55.0297 0x05e4  Wd - ok
17:41:55.0344 0x05e4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:41:55.0375 0x05e4  Wdf01000 - ok
17:41:55.0406 0x05e4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:41:55.0500 0x05e4  WdiServiceHost - ok
17:41:55.0516 0x05e4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:41:55.0531 0x05e4  WdiSystemHost - ok
17:41:55.0578 0x05e4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
17:41:55.0625 0x05e4  WebClient - ok
17:41:55.0640 0x05e4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:41:55.0687 0x05e4  Wecsvc - ok
17:41:55.0718 0x05e4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:41:55.0750 0x05e4  wercplsupport - ok
17:41:55.0781 0x05e4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:41:55.0812 0x05e4  WerSvc - ok
17:41:55.0843 0x05e4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:41:55.0874 0x05e4  WfpLwf - ok
17:41:55.0890 0x05e4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:41:55.0890 0x05e4  WIMMount - ok
17:41:55.0921 0x05e4  WinDefend - ok
17:41:55.0921 0x05e4  WinHttpAutoProxySvc - ok
17:41:55.0984 0x05e4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:41:56.0015 0x05e4  Winmgmt - ok
17:41:56.0093 0x05e4  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
17:41:56.0171 0x05e4  WinRM - ok
17:41:56.0249 0x05e4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WINUSB          C:\Windows\system32\DRIVERS\WinUSB.SYS
17:41:56.0280 0x05e4  WINUSB - ok
17:41:56.0311 0x05e4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:41:56.0358 0x05e4  Wlansvc - ok
17:41:56.0405 0x05e4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
17:41:56.0405 0x05e4  WmiAcpi - ok
17:41:56.0436 0x05e4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:41:56.0467 0x05e4  wmiApSrv - ok
17:41:56.0498 0x05e4  WMPNetworkSvc - ok
17:41:56.0514 0x05e4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:41:56.0530 0x05e4  WPCSvc - ok
17:41:56.0545 0x05e4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:41:56.0576 0x05e4  WPDBusEnum - ok
17:41:56.0576 0x05e4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:41:56.0623 0x05e4  ws2ifsl - ok
17:41:56.0639 0x05e4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
17:41:56.0670 0x05e4  wscsvc - ok
17:41:56.0701 0x05e4  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
17:41:56.0717 0x05e4  WSDPrintDevice - ok
17:41:56.0732 0x05e4  WSearch - ok
17:41:56.0857 0x05e4  [ A9A00EF2ABF60694A559A8DB4F4C4875, 787DEB7A96A2A4B255E4E2DAF04E4F52537CF9F70B40042FC6D5DE3AD0BA8CCD ] WTabletServicePro C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
17:41:56.0873 0x05e4  WTabletServicePro - ok
17:41:56.0966 0x05e4  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:41:57.0044 0x05e4  wuauserv - ok
17:41:57.0060 0x05e4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:41:57.0091 0x05e4  WudfPf - ok
17:41:57.0122 0x05e4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:41:57.0154 0x05e4  WUDFRd - ok
17:41:57.0169 0x05e4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:41:57.0200 0x05e4  wudfsvc - ok
17:41:57.0232 0x05e4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:41:57.0278 0x05e4  WwanSvc - ok
17:41:57.0294 0x05e4  ================ Scan global ===============================
17:41:57.0310 0x05e4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:41:57.0356 0x05e4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:41:57.0372 0x05e4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:41:57.0403 0x05e4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:41:57.0419 0x05e4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
17:41:57.0434 0x05e4  [ Global ] - ok
17:41:57.0434 0x05e4  ================ Scan MBR ==================================
17:41:57.0450 0x05e4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:41:57.0653 0x05e4  \Device\Harddisk0\DR0 - ok
17:41:57.0668 0x05e4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR2
17:41:57.0778 0x05e4  \Device\Harddisk1\DR2 - ok
17:41:57.0778 0x05e4  ================ Scan VBR ==================================
17:41:57.0793 0x05e4  [ BA409937E6F90AD7E2D7C6119D163AB3 ] \Device\Harddisk0\DR0\Partition1
17:41:57.0793 0x05e4  \Device\Harddisk0\DR0\Partition1 - ok
17:41:57.0793 0x05e4  [ 1837DF63DDB19374B8429E38FDECA69F ] \Device\Harddisk1\DR2\Partition1
17:41:57.0793 0x05e4  \Device\Harddisk1\DR2\Partition1 - ok
17:41:57.0793 0x05e4  ================ Scan generic autorun ======================
17:41:57.0824 0x05e4  [ 87A4570E9D15A2821015B7FB6B821654, BDF5266905DC3F9ED0DBE41798D9907FC9E8D030DD5C28975BBF9BFD8BD9DA71 ] C:\Windows\system32\igfxtray.exe
17:41:57.0840 0x05e4  IgfxTray - ok
17:41:57.0856 0x05e4  [ 842683D8F1A58A76E5A03DA35B4962EE, 7D1B1918D69566694D7D0E82A8A1C7537A5C3A1533DC80F60FE212DD2DBC6099 ] C:\Windows\system32\hkcmd.exe
17:41:57.0856 0x05e4  HotKeysCmds - ok
17:41:57.0887 0x05e4  [ 99F8C1060BFB20D2039716BBF741D6C2, 8C578E288D88697E88AB9BEAE79D33AF23AD6176D830D5916BD2DD42EC6FADC5 ] C:\Windows\system32\igfxpers.exe
17:41:57.0902 0x05e4  Persistence - ok
17:41:57.0965 0x05e4  [ 2078AE5DF5876F58124CDC2B4F972CD3, 59023E6A595950BFA611502AA9AA68C1AD48114DDCBD6BA7FDE4CDC86A7170B1 ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
17:41:57.0965 0x05e4  Acronis Scheduler2 Service - ok
17:41:58.0136 0x05e4  [ 5A2772DA712495F2A60348DE9F32D0A6, 8AAFB215D5EB5262B5606ACF6127A3F508361B15FD56AFE0D936DB25BFAE0886 ] C:\Program Files\ESET\ESET Smart Security\egui.exe
17:41:58.0246 0x05e4  egui - ok
17:41:58.0308 0x05e4  [ C4642DD25768D4F8088DF9D2FC4EC380, CDC1F6A66E638F63C40DBD061AFC71AE2A5FD6CC4C2FDCE3BD9E71892213AC34 ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
17:41:58.0324 0x05e4  Classic Start Menu - ok
17:41:58.0370 0x05e4  [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdc.exe
17:41:58.0386 0x05e4  Windows Mobile Device Center - ok
17:41:58.0542 0x05e4  [ A7D3BA9573C2BD5DDCA2A87140915D6A, 2D36D01A10B5F988FB6ED2204FAB3F05B7E31373B7A16B13E3CE5E8EB81420EA ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
17:41:58.0651 0x05e4  TrueImageMonitor.exe - ok
17:41:58.0698 0x05e4  [ 53C2A97A95567DF950FEFD78884970E2, AFEB4FD42E7C793FA48AC0054C3F1EFDB8EE098504889531B96226DF83DFE8EF ] C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe
17:41:58.0714 0x05e4  VC10Player - ok
17:41:58.0807 0x05e4  [ 50B4BD30A102B5E7BFAEB87629C94466, A6AA1097A77F5AA84111F98C84E51B7219B893308E16D909D8915AB46C6E71EE ] C:\Program Files (x86)\Common Files\Lexware\Update Manager\LxUpdateManager.exe
17:41:58.0823 0x05e4  LexwareInfoService - ok
17:41:58.0932 0x05e4  [ 7F42FFCD6FF7CA558C2D95DADCD5EFA9, CD9E71A718AD3FF465950A7D3937884154F021A296C301BE2FECD0AE69F04713 ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
17:41:59.0026 0x05e4  BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
17:42:01.0600 0x05e4  Detect skipped due to KSN trusted
17:42:01.0600 0x05e4  BrStsMon00 - ok
17:42:01.0662 0x05e4  [ ECBDE4CBB830AF638400BA19740CD357, F9C9EC5CE40C177A5C1FD7C3A9C8FB3556325EAD97BA41795C90091BFD73E7E9 ] C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\DocuAction.exe
17:42:01.0678 0x05e4  DocAction_656U - detected UnsignedFile.Multi.Generic ( 1 )
17:42:04.0127 0x05e4  DocAction_656U ( UnsignedFile.Multi.Generic ) - warning
17:42:04.0127 0x05e4  Force sending object to P2P due to detect: C:\Program Files (x86)\Plustek\Plustek SmartOffice PS286 Plus\DocuAction.exe
17:42:06.0685 0x05e4  Object send P2P result: true
17:42:09.0197 0x05e4  [ 9F189ECF3274CAE0093C5D57DAC97DB5, D7D42A91362376A36518A5F641CE3562A254455D6CF7077B1746CDA370C16B1E ] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe
17:42:09.0212 0x05e4  IndexSearch - ok
17:42:09.0228 0x05e4  [ 50FDD7825F93DFE0A22A6554D8D0A5AF, 0E5FCBD919DBBD64E225F87A9512144C3CCCD73B2E226A474C67316E480D70F9 ] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
17:42:09.0228 0x05e4  PaperPort PTD - ok
17:42:09.0244 0x05e4  [ 0D1D2FBAE112BDDB9F77B7BC7A956D3A, BD833CF275B4EC4EC12E868EB2EE049A6F9F0792A326BEAEB1433586257C098F ] C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe
17:42:09.0275 0x05e4  PPort12reminder - ok
17:42:09.0337 0x05e4  [ 034387AC85CE422E380A039E4DA4BD60, BB5861FC926AA12D18FA596A23A3230AB94288D60109CDB38D1DFB7721302B4B ] C:\Program Files (x86)\Nuance\PDFViewerPlus\pdfpro5hook.exe
17:42:09.0368 0x05e4  PDFHook - ok
17:42:09.0384 0x05e4  [ 4DD34DB7C24C91176E673B4AFEDF4E7C, D08459973C8D6C0CE8FEF0674A3784E8C36597D84C5CE2B076860FD4BFA320B5 ] C:\Program Files (x86)\Nuance\PDFViewerPlus\RegistryController.exe
17:42:09.0384 0x05e4  PDF5 Registry Controller - ok
17:42:09.0509 0x05e4  [ 6F5C9785C05D23DABE407653C12B8A05, 3EC2AACE39D47BC3C34CC8F53DA652A5FFE3A09304AB77AFCF17D4E5CC10F82E ] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe
17:42:09.0540 0x05e4  ISUSPM - ok
17:42:09.0587 0x05e4  [ 3877796DD64F51B3DFEFBCBBF0B28178, 1C7B73407160A8D901C0BECD13D5B2657014D1FD75D44674063E71ED38573916 ] C:\Program Files (x86)\Nuance\NaturallySpeaking13\Ereg\Ereg.exe
17:42:09.0618 0x05e4  DNS7reminder - ok
17:42:09.0680 0x05e4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:42:09.0758 0x05e4  Sidebar - ok
17:42:09.0790 0x05e4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:42:09.0805 0x05e4  mctadmin - ok
17:42:09.0852 0x05e4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:42:09.0883 0x05e4  Sidebar - ok
17:42:09.0899 0x05e4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:42:09.0914 0x05e4  mctadmin - ok
17:42:09.0977 0x05e4  [ 6F5C9785C05D23DABE407653C12B8A05, 3EC2AACE39D47BC3C34CC8F53DA652A5FFE3A09304AB77AFCF17D4E5CC10F82E ] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
17:42:10.0008 0x05e4  ISUSPM - ok
17:42:10.0148 0x05e4  [ 49ABBB2B8EF50AA7A91C6B722C63944F, 3041419C5626D49A9557135AFD383977CE01A62B96235021860677FC99AA04C0 ] C:\Program Files (x86)\WinSplit Revolution\WinSplit.exe
17:42:10.0289 0x05e4  Winsplit - detected UnsignedFile.Multi.Generic ( 1 )
17:42:12.0769 0x05e4  Detect skipped due to KSN trusted
17:42:12.0769 0x05e4  Winsplit - ok
17:42:12.0769 0x05e4  Waiting for KSN requests completion. In queue: 12
17:42:13.0783 0x05e4  Waiting for KSN requests completion. In queue: 12
17:42:14.0797 0x05e4  Waiting for KSN requests completion. In queue: 12
17:42:15.0827 0x05e4  AV detected via SS2: ESET Smart Security 7.0, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 7.0.302.0 ), 0x41000 ( enabled : updated )
17:42:15.0827 0x05e4  FW detected via SS2: ESET Personal Firewall, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 7.0.302.0 ), 0x40010 ( disabled )
17:42:15.0842 0x05e4  Win FW state via NFP2: enabled
17:42:18.0245 0x05e4  ============================================================
17:42:18.0245 0x05e4  Scan finished
17:42:18.0245 0x05e4  ============================================================
17:42:18.0245 0x0ea4  Detected object count: 1
17:42:18.0245 0x0ea4  Actual detected object count: 1
17:42:56.0995 0x0ea4  DocAction_656U ( UnsignedFile.Multi.Generic ) - skipped by user
17:42:56.0995 0x0ea4  DocAction_656U ( UnsignedFile.Multi.Generic ) - User select action: Skip

Gleich geht's weiter...

HonigDieter · 03.12.2014, 18:44

Logs (3 von 3)

MBAR PC_3

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org

Database version: v2014.12.03.07

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.17420
***** :: ***** [administrator]

03.12.2014 16:08:48
mbar-log-2014-12-03 (16-08-48).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 319046
Time elapsed: 8 minute(s), 

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

TDSSK PC_3

Code:

ATTFilter

18:06:03.0186 0x1204  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
18:06:04.0948 0x1204  ============================================================
18:06:04.0948 0x1204  Current date / time: 2014/12/03 18:06:04.0948
18:06:04.0948 0x1204  SystemInfo:
18:06:04.0948 0x1204  
18:06:04.0948 0x1204  OS Version: 6.1.7601 ServicePack: 1.0
18:06:04.0948 0x1204  Product type: Workstation
18:06:04.0948 0x1204  ComputerName: *****
18:06:04.0949 0x1204  UserName: *****
18:06:04.0949 0x1204  Windows directory: C:\Windows
18:06:04.0949 0x1204  System windows directory: C:\Windows
18:06:04.0949 0x1204  Processor architecture: Intel x86
18:06:04.0949 0x1204  Number of processors: 2
18:06:04.0949 0x1204  Page size: 0x1000
18:06:04.0949 0x1204  Boot type: Normal boot
18:06:04.0949 0x1204  ============================================================
18:06:05.0214 0x1204  KLMD registered as C:\Windows\system32\drivers\53403294.sys
18:06:05.0350 0x1204  System UUID: {6889B95F-44CE-0AA3-9F07-817587662931}
18:06:05.0802 0x1204  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:06:05.0824 0x1204  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:06:05.0838 0x1204  Drive \Device\Harddisk2\DR5 - Size: 0x1E3000000 ( 7.55 Gb ), SectorSize: 0x200, Cylinders: 0x3D9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:06:05.0839 0x1204  ============================================================
18:06:05.0839 0x1204  \Device\Harddisk0\DR0:
18:06:05.0839 0x1204  MBR partitions:
18:06:05.0839 0x1204  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:06:05.0839 0x1204  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC90A800
18:06:05.0839 0x1204  \Device\Harddisk1\DR1:
18:06:05.0839 0x1204  MBR partitions:
18:06:05.0839 0x1204  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385800
18:06:05.0839 0x1204  \Device\Harddisk2\DR5:
18:06:05.0840 0x1204  MBR partitions:
18:06:05.0840 0x1204  \Device\Harddisk2\DR5\Partition1: MBR, Type 0xB, StartLBA 0x800, BlocksNum 0xF17800
18:06:05.0840 0x1204  ============================================================
18:06:05.0841 0x1204  C: <-> \Device\Harddisk0\DR0\Partition2
18:06:05.0862 0x1204  D: <-> \Device\Harddisk1\DR1\Partition1
18:06:05.0862 0x1204  ============================================================
18:06:05.0862 0x1204  Initialize success
18:06:05.0862 0x1204  ============================================================
18:06:12.0453 0x1dc4  ============================================================
18:06:12.0453 0x1dc4  Scan started
18:06:12.0453 0x1dc4  Mode: Manual; SigCheck; TDLFS; 
18:06:12.0453 0x1dc4  ============================================================
18:06:12.0453 0x1dc4  KSN ping started
18:06:15.0180 0x1dc4  KSN ping finished: true
18:06:15.0563 0x1dc4  ================ Scan system memory ========================
18:06:15.0563 0x1dc4  System memory - ok
18:06:15.0563 0x1dc4  ================ Scan services =============================
18:06:15.0604 0x1dc4  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:06:15.0680 0x1dc4  1394ohci - ok
18:06:15.0696 0x1dc4  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:06:15.0714 0x1dc4  ACPI - ok
18:06:15.0720 0x1dc4  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:06:15.0743 0x1dc4  AcpiPmi - ok
18:06:15.0773 0x1dc4  [ B1118FFFD0DC1A30FB72649F4328A8AB, 5FD6119817ABDE9CC19EA4459D0AD487A370A63E6A4E943A5115BE78CAEFF794 ] AcrSch2Svc      C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
18:06:15.0811 0x1dc4  AcrSch2Svc - ok
18:06:15.0819 0x1dc4  [ 27A563BEEFCE364823EAAA789A3F7EAE, 371EF141AEBDD00F9CCAD62B742B59A4D0C97EA449E9C14E3BE66EC7FFFF9D2C ] acsock          C:\Windows\system32\DRIVERS\acsock.sys
18:06:15.0836 0x1dc4  acsock - ok
18:06:15.0841 0x1dc4  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:06:15.0852 0x1dc4  AdobeARMservice - ok
18:06:15.0862 0x1dc4  [ F79623288F2A357AB20288B5DC4F452A, AA6F70A4C12E390E08074D6FD0EA0D1856D8274DA833E56A8811BF820A2D41D4 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:06:15.0877 0x1dc4  AdobeFlashPlayerUpdateSvc - ok
18:06:15.0904 0x1dc4  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:06:15.0936 0x1dc4  adp94xx - ok
18:06:15.0957 0x1dc4  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:06:15.0984 0x1dc4  adpahci - ok
18:06:15.0994 0x1dc4  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:06:16.0009 0x1dc4  adpu320 - ok
18:06:16.0017 0x1dc4  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:06:16.0069 0x1dc4  AeLookupSvc - ok
18:06:16.0081 0x1dc4  [ DF139E5866C19E0B3217EF210198D875, 746BC21FF091C5E666DBFD5BCF93498F52ECA1EAA07FA75990D8B8DBB42043E0 ] afcdp           C:\Windows\system32\DRIVERS\afcdp.sys
18:06:16.0098 0x1dc4  afcdp - ok
18:06:16.0220 0x1dc4  [ 3B1C11CB7006495F799F8A2AB8B2D530, B7B0C4922A1843BBF8104CDC705C4FEA1F1A760C1CC2BD6BC5E4213A0E4ED9FD ] afcdpsrv        C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
18:06:16.0363 0x1dc4  afcdpsrv - ok
18:06:16.0387 0x1dc4  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
18:06:16.0414 0x1dc4  AFD - ok
18:06:16.0421 0x1dc4  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
18:06:16.0434 0x1dc4  agp440 - ok
18:06:16.0442 0x1dc4  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
18:06:16.0456 0x1dc4  aic78xx - ok
18:06:16.0462 0x1dc4  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
18:06:16.0480 0x1dc4  ALG - ok
18:06:16.0486 0x1dc4  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:06:16.0496 0x1dc4  aliide - ok
18:06:16.0504 0x1dc4  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
18:06:16.0517 0x1dc4  amdagp - ok
18:06:16.0522 0x1dc4  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:06:16.0532 0x1dc4  amdide - ok
18:06:16.0539 0x1dc4  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
18:06:16.0555 0x1dc4  AmdK8 - ok
18:06:16.0563 0x1dc4  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
18:06:16.0579 0x1dc4  AmdPPM - ok
18:06:16.0585 0x1dc4  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:06:16.0599 0x1dc4  amdsata - ok
18:06:16.0611 0x1dc4  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:06:16.0630 0x1dc4  amdsbs - ok
18:06:16.0635 0x1dc4  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:06:16.0647 0x1dc4  amdxata - ok
18:06:16.0654 0x1dc4  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
18:06:16.0678 0x1dc4  AppID - ok
18:06:16.0682 0x1dc4  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:06:16.0707 0x1dc4  AppIDSvc - ok
18:06:16.0712 0x1dc4  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
18:06:16.0728 0x1dc4  Appinfo - ok
18:06:16.0735 0x1dc4  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:06:16.0745 0x1dc4  Apple Mobile Device - ok
18:06:16.0752 0x1dc4  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
18:06:16.0771 0x1dc4  AppMgmt - ok
18:06:16.0778 0x1dc4  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
18:06:16.0792 0x1dc4  arc - ok
18:06:16.0800 0x1dc4  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:06:16.0814 0x1dc4  arcsas - ok
18:06:16.0830 0x1dc4  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:06:16.0846 0x1dc4  aspnet_state - ok
18:06:16.0850 0x1dc4  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:06:16.0892 0x1dc4  AsyncMac - ok
18:06:16.0899 0x1dc4  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:06:16.0908 0x1dc4  atapi - ok
18:06:16.0922 0x1dc4  [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:06:16.0949 0x1dc4  AudioEndpointBuilder - ok
18:06:16.0962 0x1dc4  [ F4157B3CECF19B1C266C83AFF051C97A, 26728B59B6003EB36BC322D189254574E94790CE23637228A669FAD6ED76ECE3 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
18:06:16.0982 0x1dc4  Audiosrv - ok
18:06:16.0989 0x1dc4  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:06:17.0015 0x1dc4  AxInstSV - ok
18:06:17.0039 0x1dc4  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
18:06:17.0075 0x1dc4  b06bdrv - ok
18:06:17.0091 0x1dc4  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
18:06:17.0114 0x1dc4  b57nd60x - ok
18:06:17.0123 0x1dc4  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
18:06:17.0139 0x1dc4  BDESVC - ok
18:06:17.0143 0x1dc4  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:06:17.0166 0x1dc4  Beep - ok
18:06:17.0182 0x1dc4  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
18:06:17.0210 0x1dc4  BFE - ok
18:06:17.0229 0x1dc4  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
18:06:17.0270 0x1dc4  BITS - ok
18:06:17.0276 0x1dc4  [ 66F655B08EED3230E059D197C8A1969B, 04236F559DDFF72DDA29D71D2C554D7126A56A39367596E8C04EE7CCE205821C ] bizVSerial      C:\Windows\system32\drivers\bizVSerialNT.sys
18:06:17.0284 0x1dc4  bizVSerial - detected UnsignedFile.Multi.Generic ( 1 )
18:06:19.0724 0x1dc4  Detect skipped due to KSN trusted
18:06:19.0724 0x1dc4  bizVSerial - ok
18:06:19.0733 0x1dc4  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:06:19.0753 0x1dc4  blbdrive - ok
18:06:19.0762 0x1dc4  [ D2F8D15F4852920E1F6B769E982414AD, FFF12AE3DB086AB1634FEE56C77BE36030BA9DB71C72DFD6AC0C1EFAFA7AAF2B ] Blfp            C:\Windows\system32\DRIVERS\basp.sys
18:06:19.0778 0x1dc4  Blfp - ok
18:06:19.0800 0x1dc4  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:06:19.0828 0x1dc4  Bonjour Service - ok
18:06:19.0835 0x1dc4  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:06:19.0851 0x1dc4  bowser - ok
18:06:19.0857 0x1dc4  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
18:06:19.0882 0x1dc4  BrFiltLo - ok
18:06:19.0886 0x1dc4  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
18:06:19.0899 0x1dc4  BrFiltUp - ok
18:06:19.0906 0x1dc4  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
18:06:19.0923 0x1dc4  Browser - ok
18:06:19.0940 0x1dc4  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:06:19.0968 0x1dc4  Brserid - ok
18:06:19.0976 0x1dc4  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:06:19.0994 0x1dc4  BrSerWdm - ok
18:06:20.0000 0x1dc4  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:06:20.0013 0x1dc4  BrUsbMdm - ok
18:06:20.0020 0x1dc4  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:06:20.0036 0x1dc4  BrUsbSer - ok
18:06:20.0043 0x1dc4  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
18:06:20.0060 0x1dc4  BTHMODEM - ok
18:06:20.0067 0x1dc4  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
18:06:20.0092 0x1dc4  bthserv - ok
18:06:20.0101 0x1dc4  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:06:20.0128 0x1dc4  cdfs - ok
18:06:20.0134 0x1dc4  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:06:20.0149 0x1dc4  cdrom - ok
18:06:20.0155 0x1dc4  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:06:20.0178 0x1dc4  CertPropSvc - ok
18:06:20.0184 0x1dc4  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
18:06:20.0198 0x1dc4  circlass - ok
18:06:20.0216 0x1dc4  [ 690E0CA76895B27276A3A1FE2ECE050E, C1814938FA813783AD4322F9B4F3AC0E74A14EE9BD256D23BC89CB49C43806A2 ] cjpcsc          C:\Windows\system32\cjpcsc.exe
18:06:20.0240 0x1dc4  cjpcsc - ok
18:06:20.0247 0x1dc4  [ A6D0472FE3BD9FD9AB6A75DA9F4EFEDF, 04ACEC4446788DC10A061FA3CF1B65022DC3DCC93D8BE2A59B91B27C89EA7769 ] cjusb           C:\Windows\system32\DRIVERS\cjusb.sys
18:06:20.0257 0x1dc4  cjusb - ok
18:06:20.0266 0x1dc4  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
18:06:20.0282 0x1dc4  CLFS - ok
18:06:20.0324 0x1dc4  [ 21EFEE48F7A41A8B53409695C4A90929, 52846107E234239C4C8E2BEAA07610A20071572FC4FC4CAEDFDCAEEA85FF8953 ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe
18:06:20.0376 0x1dc4  ClickToRunSvc - ok
18:06:20.0385 0x1dc4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:06:20.0396 0x1dc4  clr_optimization_v2.0.50727_32 - ok
18:06:20.0408 0x1dc4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:06:20.0425 0x1dc4  clr_optimization_v4.0.30319_32 - ok
18:06:20.0430 0x1dc4  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
18:06:20.0443 0x1dc4  CmBatt - ok
18:06:20.0448 0x1dc4  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:06:20.0458 0x1dc4  cmdide - ok
18:06:20.0487 0x1dc4  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
18:06:20.0535 0x1dc4  CNG - ok
18:06:20.0543 0x1dc4  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
18:06:20.0558 0x1dc4  Compbatt - ok
18:06:20.0580 0x1dc4  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
18:06:20.0594 0x1dc4  CompositeBus - ok
18:06:20.0598 0x1dc4  COMSysApp - ok
18:06:20.0604 0x1dc4  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:06:20.0615 0x1dc4  crcdisk - ok
18:06:20.0626 0x1dc4  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:06:20.0643 0x1dc4  CryptSvc - ok
18:06:20.0658 0x1dc4  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
18:06:20.0682 0x1dc4  CSC - ok
18:06:20.0704 0x1dc4  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
18:06:20.0738 0x1dc4  CscService - ok
18:06:20.0755 0x1dc4  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:06:20.0789 0x1dc4  DcomLaunch - ok
18:06:20.0798 0x1dc4  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
18:06:20.0826 0x1dc4  defragsvc - ok
18:06:20.0834 0x1dc4  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:06:20.0865 0x1dc4  DfsC - ok
18:06:20.0877 0x1dc4  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:06:20.0902 0x1dc4  Dhcp - ok
18:06:20.0910 0x1dc4  [ 2A312D761AE650B1BF1296733E872AAC, A05BB3B3BF2DA68599E593BB4367774A74141DE327092C77BCDA3C0F36C8D6AD ] DirMngr         C:\Program Files\GNU\GnuPGv2\dirmngr.exe
18:06:20.0923 0x1dc4  DirMngr - detected UnsignedFile.Multi.Generic ( 1 )
18:06:23.0365 0x1dc4  Detect skipped due to KSN trusted
18:06:23.0365 0x1dc4  DirMngr - ok
18:06:23.0374 0x1dc4  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
18:06:23.0413 0x1dc4  discache - ok
18:06:23.0418 0x1dc4  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
18:06:23.0429 0x1dc4  Disk - ok
18:06:23.0437 0x1dc4  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
18:06:23.0455 0x1dc4  dmvsc - ok
18:06:23.0463 0x1dc4  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:06:23.0480 0x1dc4  Dnscache - ok
18:06:23.0489 0x1dc4  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:06:23.0517 0x1dc4  dot3svc - ok
18:06:23.0526 0x1dc4  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
18:06:23.0554 0x1dc4  DPS - ok
18:06:23.0558 0x1dc4  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:06:23.0574 0x1dc4  drmkaud - ok
18:06:23.0596 0x1dc4  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:06:23.0626 0x1dc4  DXGKrnl - ok
18:06:23.0639 0x1dc4  [ CECB58460674339202F79BA1345D8527, 1032E726D64C3432704FE90A7B63A37E854A83389AD3A997C0916628C452F71F ] eamonm          C:\Windows\system32\DRIVERS\eamonm.sys
18:06:23.0655 0x1dc4  eamonm - ok
18:06:23.0661 0x1dc4  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
18:06:23.0687 0x1dc4  EapHost - ok
18:06:23.0849 0x1dc4  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
18:06:24.0038 0x1dc4  ebdrv - ok
18:06:24.0052 0x1dc4  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] EFS             C:\Windows\System32\lsass.exe
18:06:24.0068 0x1dc4  EFS - ok
18:06:24.0077 0x1dc4  [ C79916F203E1A2CBBE99F22D6E5D21DA, 84749E7067927AD437D38BEFEA12B40C3E849216F26338F707694918206C4C2A ] ehdrv           C:\Windows\system32\DRIVERS\ehdrv.sys
18:06:24.0090 0x1dc4  ehdrv - ok
18:06:24.0127 0x1dc4  [ 4CB575D97653FA91FFB02DA3105EB084, 59FB4D2485EEDBCC56D92C1F5DF3FEAE67D751F3AD7AEA7590F3C73107C829E8 ] ekrn            C:\Program Files\ESET\ESET Smart Security\ekrn.exe
18:06:24.0172 0x1dc4  ekrn - ok
18:06:24.0200 0x1dc4  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:06:24.0232 0x1dc4  elxstor - ok
18:06:24.0243 0x1dc4  [ 4B6B2C930CD076F8BDEE683512EE05E8, 37C1182044047FBB98E208C8CFF36BDB47F1617A57F7F7B2331E0F7BDD0A653D ] epfw            C:\Windows\system32\DRIVERS\epfw.sys
18:06:24.0260 0x1dc4  epfw - ok
18:06:24.0265 0x1dc4  [ BDC856F11F2A8F4C9B4A59B29A33569B, ADD91A760F57C73FE6574EABBCB2F3F897A45C8DD0DE26BBFF2CCD5891FDBA6C ] EpfwLWF         C:\Windows\system32\DRIVERS\EpfwLWF.sys
18:06:24.0275 0x1dc4  EpfwLWF - ok
18:06:24.0282 0x1dc4  [ 6EB4485DDAFCA013D35ED4E158ADE05B, FCB62340EF7E4472BDA04C97FB9DD68E79A06606CFB6C1CE93DDFFFDE1E44D06 ] epfwwfp         C:\Windows\system32\DRIVERS\epfwwfp.sys
18:06:24.0292 0x1dc4  epfwwfp - ok
18:06:24.0296 0x1dc4  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:06:24.0310 0x1dc4  ErrDev - ok
18:06:24.0325 0x1dc4  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
18:06:24.0354 0x1dc4  EventSystem - ok
18:06:24.0360 0x1dc4  [ 303963824454474ABD478C215F58C690, 195F6E5D2A5D46815826F4A7F14036C551767D8819DC930083F0C7978061B129 ] EvoMouseDriverFilterHidUsb C:\Windows\system32\DRIVERS\EvoMouseDriverFilterHidUsb.sys
18:06:24.0369 0x1dc4  EvoMouseDriverFilterHidUsb - ok
18:06:24.0375 0x1dc4  [ D7060D296061A1BD79A1F66D39EE0076, 6D44CEF40EA09CB33B76E712C8A5D7DB7436FA930E0C597FAE365B758C4FFD67 ] EvoMouseDriverMini C:\Windows\system32\drivers\EvoMouseDriverMini.sys
18:06:24.0383 0x1dc4  EvoMouseDriverMini - ok
18:06:24.0395 0x1dc4  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:06:24.0426 0x1dc4  exfat - ok
18:06:24.0439 0x1dc4  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:06:24.0471 0x1dc4  fastfat - ok
18:06:24.0506 0x1dc4  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
18:06:24.0551 0x1dc4  Fax - ok
18:06:24.0558 0x1dc4  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys
18:06:24.0571 0x1dc4  fdc - ok
18:06:24.0576 0x1dc4  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
18:06:24.0598 0x1dc4  fdPHost - ok
18:06:24.0603 0x1dc4  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:06:24.0627 0x1dc4  FDResPub - ok
18:06:24.0632 0x1dc4  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:06:24.0644 0x1dc4  FileInfo - ok
18:06:24.0649 0x1dc4  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:06:24.0672 0x1dc4  Filetrace - ok
18:06:24.0678 0x1dc4  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
18:06:24.0691 0x1dc4  flpydisk - ok
18:06:24.0701 0x1dc4  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:06:24.0716 0x1dc4  FltMgr - ok
18:06:24.0724 0x1dc4  [ 25A6A4FE918BE28B75C5CD3F32A46B3C, B9DAC7FD860CA67F5E10709EF6607D0F3CC5D6D05F8065A37E9D996FF7C83B93 ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys
18:06:24.0736 0x1dc4  fltsrv - ok
18:06:24.0793 0x1dc4  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
18:06:24.0887 0x1dc4  FontCache - ok
18:06:24.0897 0x1dc4  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:06:24.0914 0x1dc4  FontCache3.0.0.0 - ok
18:06:24.0924 0x1dc4  [ 26EABEEA7F30DCF21DA0577C4EE26FAA, 20C3CD2579ED6853249B1EAEF23DF2904779BA2E806D00C30F81EA9A1612AE0F ] FoxitCloudUpdateService C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
18:06:24.0939 0x1dc4  FoxitCloudUpdateService - ok
18:06:24.0945 0x1dc4  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:06:24.0957 0x1dc4  FsDepends - ok
18:06:24.0962 0x1dc4  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:06:24.0974 0x1dc4  Fs_Rec - ok
18:06:24.0983 0x1dc4  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:06:25.0002 0x1dc4  fvevol - ok
18:06:25.0009 0x1dc4  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:06:25.0021 0x1dc4  gagp30kx - ok
18:06:25.0026 0x1dc4  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:06:25.0037 0x1dc4  GEARAspiWDM - ok
18:06:25.0041 0x1dc4  [ 77EBF3E9386DAA51551AF429052D88D0, 94C3294BB9E14B07448734AE65B37801D3FF15BEC987D182A929A017FEF7B276 ] giveio          C:\Windows\system32\giveio.sys
18:06:25.0049 0x1dc4  giveio - detected UnsignedFile.Multi.Generic ( 1 )
18:06:27.0439 0x1dc4  Detect skipped due to KSN trusted
18:06:27.0439 0x1dc4  giveio - ok
18:06:27.0466 0x1dc4  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:06:27.0513 0x1dc4  gpsvc - ok
18:06:27.0520 0x1dc4  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:06:27.0536 0x1dc4  hcw85cir - ok
18:06:27.0548 0x1dc4  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:06:27.0570 0x1dc4  HdAudAddService - ok
18:06:27.0577 0x1dc4  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:06:27.0592 0x1dc4  HDAudBus - ok
18:06:27.0598 0x1dc4  [ 4598E747284210CCC572FC304D0C687F, 6B3D2560B4F6951B613FADCB1449A189F7065070061D3C45DC77BA6E2DC5D523 ] HH10Help.sys    C:\Windows\system32\drivers\HH10Help.sys
18:06:27.0606 0x1dc4  HH10Help.sys - detected UnsignedFile.Multi.Generic ( 1 )
18:06:30.0046 0x1dc4  Detect skipped due to KSN trusted
18:06:30.0047 0x1dc4  HH10Help.sys - ok
18:06:30.0054 0x1dc4  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
18:06:30.0076 0x1dc4  HidBatt - ok
18:06:30.0086 0x1dc4  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:06:30.0113 0x1dc4  HidBth - ok
18:06:30.0122 0x1dc4  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
18:06:30.0140 0x1dc4  HidIr - ok
18:06:30.0146 0x1dc4  [ 3ECDCDC7CFE63BF2F2F736703CCD7628, AE124D27B89ACAB5BF0ED0F26C15047AC0F8546FE5108B898B0D7797C4514158 ] hidkmdf         C:\Windows\system32\DRIVERS\hidkmdf.sys
18:06:30.0157 0x1dc4  hidkmdf - ok
18:06:30.0162 0x1dc4  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
18:06:30.0186 0x1dc4  hidserv - ok
18:06:30.0190 0x1dc4  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:06:30.0205 0x1dc4  HidUsb - ok
18:06:30.0211 0x1dc4  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:06:30.0236 0x1dc4  hkmsvc - ok
18:06:30.0247 0x1dc4  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:06:30.0268 0x1dc4  HomeGroupListener - ok
18:06:30.0277 0x1dc4  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:06:30.0294 0x1dc4  HomeGroupProvider - ok
18:06:30.0301 0x1dc4  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:06:30.0315 0x1dc4  HpSAMD - ok
18:06:30.0332 0x1dc4  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:06:30.0366 0x1dc4  HTTP - ok
18:06:30.0372 0x1dc4  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:06:30.0383 0x1dc4  hwpolicy - ok
18:06:30.0391 0x1dc4  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:06:30.0407 0x1dc4  i8042prt - ok
18:06:30.0424 0x1dc4  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:06:30.0444 0x1dc4  iaStorV - ok
18:06:30.0472 0x1dc4  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:06:30.0513 0x1dc4  idsvc - ok
18:06:30.0518 0x1dc4  IEEtwCollectorService - ok
18:06:30.0708 0x1dc4  [ C7FEE838FD0216EE0AD3D765AB4F40F4, 1D74F66FBBC619FBAAB1055CA4F528F3D39E7ADD2C5B327349F1BC9AFF1F4272 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
18:06:30.0945 0x1dc4  igfx - ok
18:06:30.0965 0x1dc4  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:06:30.0976 0x1dc4  iirsp - ok
18:06:31.0010 0x1dc4  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
18:06:31.0057 0x1dc4  IKEEXT - ok
18:06:31.0149 0x1dc4  [ 2D8D9516281E27A721897A388F17DEFB, BD287534D9FE6D36800348320E61B632CBF672C0ABE739D60C519EC8144A3543 ] IntcAzAudAddService C:\Windows\system32\drivers\RTDVHDA.sys
18:06:31.0257 0x1dc4  IntcAzAudAddService - ok
18:06:31.0267 0x1dc4  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:06:31.0277 0x1dc4  intelide - ok
18:06:31.0284 0x1dc4  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:06:31.0296 0x1dc4  intelppm - ok
18:06:31.0303 0x1dc4  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:06:31.0329 0x1dc4  IPBusEnum - ok
18:06:31.0335 0x1dc4  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:06:31.0360 0x1dc4  IpFilterDriver - ok
18:06:31.0376 0x1dc4  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:06:31.0406 0x1dc4  iphlpsvc - ok
18:06:31.0414 0x1dc4  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:06:31.0429 0x1dc4  IPMIDRV - ok
18:06:31.0439 0x1dc4  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:06:31.0466 0x1dc4  IPNAT - ok
18:06:31.0480 0x1dc4  [ 4D800977F7EB0C310AF04BF5B517985A, DD4EC347D4759AC401BD08739DE012E5F1903DF2EDEBEA17CCD3C19FF1F6005E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:06:31.0500 0x1dc4  iPod Service - ok
18:06:31.0507 0x1dc4  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:06:31.0521 0x1dc4  IRENUM - ok
18:06:31.0528 0x1dc4  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:06:31.0541 0x1dc4  isapnp - ok
18:06:31.0551 0x1dc4  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:06:31.0567 0x1dc4  iScsiPrt - ok
18:06:31.0586 0x1dc4  [ 62632763D9B2B7F92D2968D40406E7AA, EC11B3CF6E0DF6515B3879E98F894A43855EE21115C4F305D9857ACAA538F6E5 ] k57nd60x        C:\Windows\system32\DRIVERS\k57nd60x.sys
18:06:31.0608 0x1dc4  k57nd60x - ok
18:06:31.0614 0x1dc4  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:06:31.0624 0x1dc4  kbdclass - ok
18:06:31.0629 0x1dc4  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:06:31.0643 0x1dc4  kbdhid - ok
18:06:31.0647 0x1dc4  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] KeyIso          C:\Windows\system32\lsass.exe
18:06:31.0660 0x1dc4  KeyIso - ok
18:06:31.0665 0x1dc4  [ 4120DA10AA42A9996F4575DB9E3E6E6E, 1C6E790772EA327ACB885D731A030408160534997DD56FEE4D6CEE6929873BB8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:06:31.0678 0x1dc4  KSecDD - ok
18:06:31.0685 0x1dc4  [ 1E1845606C5A4579F7F3D95796CC1ED1, 26A478A0B5417CBC880A7F2D977AAC5FBF40EC4296426B757D6ACCBBC09486CC ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:06:31.0698 0x1dc4  KSecPkg - ok
18:06:31.0714 0x1dc4  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:06:31.0751 0x1dc4  KtmRm - ok
18:06:31.0760 0x1dc4  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:06:31.0787 0x1dc4  LanmanServer - ok
18:06:31.0794 0x1dc4  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:06:31.0821 0x1dc4  LanmanWorkstation - ok
18:06:31.0829 0x1dc4  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:06:31.0852 0x1dc4  lltdio - ok
18:06:31.0866 0x1dc4  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:06:31.0901 0x1dc4  lltdsvc - ok
18:06:31.0906 0x1dc4  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:06:31.0928 0x1dc4  lmhosts - ok
18:06:31.0939 0x1dc4  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:06:31.0954 0x1dc4  LSI_FC - ok
18:06:31.0962 0x1dc4  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:06:31.0976 0x1dc4  LSI_SAS - ok
18:06:31.0984 0x1dc4  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:06:31.0998 0x1dc4  LSI_SAS2 - ok
18:06:32.0008 0x1dc4  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:06:32.0022 0x1dc4  LSI_SCSI - ok
18:06:32.0029 0x1dc4  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:06:32.0055 0x1dc4  luafv - ok
18:06:32.0061 0x1dc4  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
18:06:32.0073 0x1dc4  megasas - ok
18:06:32.0086 0x1dc4  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
18:06:32.0108 0x1dc4  MegaSR - ok
18:06:32.0115 0x1dc4  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
18:06:32.0141 0x1dc4  MMCSS - ok
18:06:32.0147 0x1dc4  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
18:06:32.0171 0x1dc4  Modem - ok
18:06:32.0178 0x1dc4  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:06:32.0190 0x1dc4  monitor - ok
18:06:32.0196 0x1dc4  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:06:32.0207 0x1dc4  mouclass - ok
18:06:32.0212 0x1dc4  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:06:32.0225 0x1dc4  mouhid - ok
18:06:32.0232 0x1dc4  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:06:32.0245 0x1dc4  mountmgr - ok
18:06:32.0250 0x1dc4  [ DEA022193DF8C88F6E2B3E33D148A5DB, 97DFC47DB83E04A975A1969AA120385463FCAF4E1A9984FD3220442D7026B45A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:06:32.0264 0x1dc4  MozillaMaintenance - ok
18:06:32.0274 0x1dc4  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:06:32.0290 0x1dc4  mpio - ok
18:06:32.0295 0x1dc4  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:06:32.0318 0x1dc4  mpsdrv - ok
18:06:32.0337 0x1dc4  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:06:32.0376 0x1dc4  MpsSvc - ok
18:06:32.0387 0x1dc4  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:06:32.0406 0x1dc4  MRxDAV - ok
18:06:32.0416 0x1dc4  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:06:32.0434 0x1dc4  mrxsmb - ok
18:06:32.0447 0x1dc4  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:06:32.0469 0x1dc4  mrxsmb10 - ok
18:06:32.0477 0x1dc4  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:06:32.0492 0x1dc4  mrxsmb20 - ok
18:06:32.0498 0x1dc4  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:06:32.0510 0x1dc4  msahci - ok
18:06:32.0519 0x1dc4  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:06:32.0535 0x1dc4  msdsm - ok
18:06:32.0547 0x1dc4  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
18:06:32.0568 0x1dc4  MSDTC - ok
18:06:32.0577 0x1dc4  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:06:32.0600 0x1dc4  Msfs - ok
18:06:32.0604 0x1dc4  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:06:32.0627 0x1dc4  mshidkmdf - ok
18:06:32.0632 0x1dc4  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:06:32.0643 0x1dc4  msisadrv - ok
18:06:32.0654 0x1dc4  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:06:32.0682 0x1dc4  MSiSCSI - ok
18:06:32.0686 0x1dc4  msiserver - ok
18:06:32.0691 0x1dc4  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:06:32.0713 0x1dc4  MSKSSRV - ok
18:06:32.0717 0x1dc4  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:06:32.0739 0x1dc4  MSPCLOCK - ok
18:06:32.0744 0x1dc4  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:06:32.0767 0x1dc4  MSPQM - ok
18:06:32.0775 0x1dc4  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:06:32.0790 0x1dc4  MsRPC - ok
18:06:32.0797 0x1dc4  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:06:32.0807 0x1dc4  mssmbios - ok
18:06:32.0811 0x1dc4  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:06:32.0833 0x1dc4  MSTEE - ok
18:06:32.0839 0x1dc4  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
18:06:32.0852 0x1dc4  MTConfig - ok
18:06:32.0857 0x1dc4  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:06:32.0869 0x1dc4  Mup - ok
18:06:32.0880 0x1dc4  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
18:06:32.0912 0x1dc4  napagent - ok
18:06:32.0929 0x1dc4  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:06:32.0960 0x1dc4  NativeWifiP - ok
18:06:32.0983 0x1dc4  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:06:33.0014 0x1dc4  NDIS - ok
18:06:33.0022 0x1dc4  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:06:33.0045 0x1dc4  NdisCap - ok
18:06:33.0050 0x1dc4  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:06:33.0071 0x1dc4  NdisTapi - ok
18:06:33.0077 0x1dc4  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:06:33.0099 0x1dc4  Ndisuio - ok
18:06:33.0107 0x1dc4  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:06:33.0130 0x1dc4  NdisWan - ok
18:06:33.0136 0x1dc4  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:06:33.0158 0x1dc4  NDProxy - ok
18:06:33.0163 0x1dc4  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:06:33.0187 0x1dc4  NetBIOS - ok
18:06:33.0197 0x1dc4  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:06:33.0223 0x1dc4  NetBT - ok
18:06:33.0228 0x1dc4  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] Netlogon        C:\Windows\system32\lsass.exe
18:06:33.0239 0x1dc4  Netlogon - ok
18:06:33.0250 0x1dc4  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
18:06:33.0284 0x1dc4  Netman - ok
18:06:33.0296 0x1dc4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:06:33.0315 0x1dc4  NetMsmqActivator - ok
18:06:33.0325 0x1dc4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:06:33.0337 0x1dc4  NetPipeActivator - ok
18:06:33.0350 0x1dc4  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
18:06:33.0383 0x1dc4  netprofm - ok
18:06:33.0396 0x1dc4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:06:33.0408 0x1dc4  NetTcpActivator - ok
18:06:33.0417 0x1dc4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:06:33.0430 0x1dc4  NetTcpPortSharing - ok
18:06:33.0437 0x1dc4  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:06:33.0451 0x1dc4  nfrd960 - ok
18:06:33.0462 0x1dc4  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:06:33.0482 0x1dc4  NlaSvc - ok
18:06:33.0488 0x1dc4  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:06:33.0513 0x1dc4  Npfs - ok
18:06:33.0518 0x1dc4  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
18:06:33.0542 0x1dc4  nsi - ok
18:06:33.0546 0x1dc4  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:06:33.0569 0x1dc4  nsiproxy - ok
18:06:33.0600 0x1dc4  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:06:33.0639 0x1dc4  Ntfs - ok
18:06:33.0646 0x1dc4  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
18:06:33.0669 0x1dc4  Null - ok
18:06:33.0677 0x1dc4  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:06:33.0690 0x1dc4  nvraid - ok
18:06:33.0699 0x1dc4  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:06:33.0713 0x1dc4  nvstor - ok
18:06:33.0722 0x1dc4  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:06:33.0737 0x1dc4  nv_agp - ok
18:06:33.0745 0x1dc4  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:06:33.0760 0x1dc4  ohci1394 - ok
18:06:33.0767 0x1dc4  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:06:33.0780 0x1dc4  ose - ok
18:06:33.0883 0x1dc4  [ EE5756BDA5BE5891270E0CC6CEC44096, EA18073EEE0F461B14C539D49A7DD91D33AB0C503236F67F70A000835FAAC890 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:06:34.0006 0x1dc4  osppsvc - ok
18:06:34.0027 0x1dc4  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:06:34.0049 0x1dc4  p2pimsvc - ok
18:06:34.0063 0x1dc4  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:06:34.0086 0x1dc4  p2psvc - ok
18:06:34.0092 0x1dc4  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:06:34.0108 0x1dc4  Parport - ok
18:06:34.0113 0x1dc4  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:06:34.0125 0x1dc4  partmgr - ok
18:06:34.0130 0x1dc4  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
18:06:34.0141 0x1dc4  Parvdm - ok
18:06:34.0146 0x1dc4  [ 4088C1ECD1F54281A92FA663B0FDC36F, DF6EF6C6ACBF7604681D86D352773E8C11937995C512761C66D50DB126F581C2 ] PBADRV          C:\Windows\system32\DRIVERS\PBADRV.sys
18:06:34.0156 0x1dc4  PBADRV - ok
18:06:34.0164 0x1dc4  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:06:34.0185 0x1dc4  PcaSvc - ok
18:06:34.0194 0x1dc4  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
18:06:34.0208 0x1dc4  pci - ok
18:06:34.0213 0x1dc4  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:06:34.0224 0x1dc4  pciide - ok
18:06:34.0236 0x1dc4  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:06:34.0253 0x1dc4  pcmcia - ok
18:06:34.0259 0x1dc4  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:06:34.0271 0x1dc4  pcw - ok
18:06:34.0290 0x1dc4  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:06:34.0330 0x1dc4  PEAUTH - ok
18:06:34.0362 0x1dc4  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
18:06:34.0412 0x1dc4  PeerDistSvc - ok
18:06:34.0460 0x1dc4  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
18:06:34.0528 0x1dc4  pla - ok
18:06:34.0543 0x1dc4  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:06:34.0566 0x1dc4  PlugPlay - ok
18:06:34.0571 0x1dc4  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:06:34.0584 0x1dc4  PNRPAutoReg - ok
18:06:34.0595 0x1dc4  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:06:34.0611 0x1dc4  PNRPsvc - ok
18:06:34.0625 0x1dc4  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:06:34.0657 0x1dc4  PolicyAgent - ok
18:06:34.0667 0x1dc4  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
18:06:34.0693 0x1dc4  Power - ok
18:06:34.0700 0x1dc4  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:06:34.0725 0x1dc4  PptpMiniport - ok
18:06:34.0730 0x1dc4  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
18:06:34.0744 0x1dc4  Processor - ok
18:06:34.0753 0x1dc4  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:06:34.0774 0x1dc4  ProfSvc - ok
18:06:34.0779 0x1dc4  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:06:34.0790 0x1dc4  ProtectedStorage - ok
18:06:34.0797 0x1dc4  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:06:34.0823 0x1dc4  Psched - ok
18:06:34.0827 0x1dc4  [ 68B57D7C11277EA89F78255480376B4D, 5530B58126BF33E6BCDED99C73C41B90BA148587BDA3866FD4DAD12035B302B5 ] PSI             C:\Windows\system32\DRIVERS\psi_mf_x86.sys
18:06:34.0838 0x1dc4  PSI - ok
18:06:34.0851 0x1dc4  [ 543A4EF0923BF70D126625B034EF25AF, 9CC82C5221F11850419A796D48D5452B3DEE0C8E8E85A818F4AAA869673F9740 ] PSI_SVC_2       C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
18:06:34.0869 0x1dc4  PSI_SVC_2 - ok
18:06:34.0929 0x1dc4  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:06:35.0025 0x1dc4  ql2300 - ok
18:06:35.0035 0x1dc4  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:06:35.0048 0x1dc4  ql40xx - ok
18:06:35.0059 0x1dc4  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
18:06:35.0082 0x1dc4  QWAVE - ok
18:06:35.0086 0x1dc4  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:06:35.0101 0x1dc4  QWAVEdrv - ok
18:06:35.0106 0x1dc4  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:06:35.0127 0x1dc4  RasAcd - ok
18:06:35.0132 0x1dc4  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:06:35.0155 0x1dc4  RasAgileVpn - ok
18:06:35.0161 0x1dc4  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
18:06:35.0186 0x1dc4  RasAuto - ok
18:06:35.0192 0x1dc4  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:06:35.0217 0x1dc4  Rasl2tp - ok
18:06:35.0228 0x1dc4  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
18:06:35.0260 0x1dc4  RasMan - ok
18:06:35.0267 0x1dc4  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:06:35.0292 0x1dc4  RasPppoe - ok
18:06:35.0299 0x1dc4  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:06:35.0322 0x1dc4  RasSstp - ok
18:06:35.0331 0x1dc4  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:06:35.0363 0x1dc4  rdbss - ok
18:06:35.0367 0x1dc4  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:06:35.0380 0x1dc4  rdpbus - ok
18:06:35.0385 0x1dc4  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:06:35.0408 0x1dc4  RDPCDD - ok
18:06:35.0422 0x1dc4  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:06:35.0442 0x1dc4  RDPDR - ok
18:06:35.0446 0x1dc4  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:06:35.0467 0x1dc4  RDPENCDD - ok
18:06:35.0474 0x1dc4  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:06:35.0495 0x1dc4  RDPREFMP - ok
18:06:35.0504 0x1dc4  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:06:35.0520 0x1dc4  RdpVideoMiniport - ok
18:06:35.0527 0x1dc4  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:06:35.0544 0x1dc4  RDPWD - ok
18:06:35.0554 0x1dc4  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:06:35.0568 0x1dc4  rdyboost - ok
18:06:35.0575 0x1dc4  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:06:35.0600 0x1dc4  RemoteAccess - ok
18:06:35.0608 0x1dc4  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:06:35.0634 0x1dc4  RemoteRegistry - ok
18:06:35.0639 0x1dc4  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:06:35.0663 0x1dc4  RpcEptMapper - ok
18:06:35.0668 0x1dc4  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
18:06:35.0680 0x1dc4  RpcLocator - ok
18:06:35.0695 0x1dc4  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
18:06:35.0724 0x1dc4  RpcSs - ok
18:06:35.0731 0x1dc4  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:06:35.0754 0x1dc4  rspndr - ok
18:06:35.0761 0x1dc4  [ 1F561844318914E7EB6E54673A4CC54C, BAC5C62442D704DB035EA16D7BB7AF2AAF7C14D0C5708677B6F0D1D8D7F376E6 ] s117bus         C:\Windows\system32\DRIVERS\s117bus.sys
18:06:35.0773 0x1dc4  s117bus - ok
18:06:35.0777 0x1dc4  [ BA93EEC3CDF6A63B77AE66221AA4F902, AF5750F4C0F2753FB34D861C2310CD8D934E7F533EDBDC05BAF5CD980C18F549 ] s117mdfl        C:\Windows\system32\DRIVERS\s117mdfl.sys
18:06:35.0786 0x1dc4  s117mdfl - ok
18:06:35.0793 0x1dc4  [ CBA12FD8A8EE5B5CDFBBAE2381CD6703, FD76DFAAA01BC7B2C8A3D326ADF80D41C2FDD7D315FD36B760C4867C9CFBD3BE ] s117mdm         C:\Windows\system32\DRIVERS\s117mdm.sys
18:06:35.0804 0x1dc4  s117mdm - ok
18:06:35.0810 0x1dc4  [ BD6483E64B1DA17E812B34BCDEFD9459, 9933FBCD83A7B3EF5A73EC3F6A667F32DB4C96401A88E8E02A6C8EE68DD250AB ] s117mgmt        C:\Windows\system32\DRIVERS\s117mgmt.sys
18:06:35.0821 0x1dc4  s117mgmt - ok
18:06:35.0826 0x1dc4  [ C7CA36C3054B4CD47A1F6611B046E2F9, 047B61D5986EB7B9C57E6BC4EDA68D093E63CE9E158C1F0D4D196AFC5284C3E3 ] s117nd5         C:\Windows\system32\DRIVERS\s117nd5.sys
18:06:35.0834 0x1dc4  s117nd5 - ok
18:06:35.0841 0x1dc4  [ E290B3A6B58FB72CA97DD48D64E4FC1C, CEED0556C84614B17C308563FEBF03E28E6F877BE427BBEF0080DE8D360C7AC1 ] s117obex        C:\Windows\system32\DRIVERS\s117obex.sys
18:06:35.0852 0x1dc4  s117obex - ok
18:06:35.0859 0x1dc4  [ 5C4D1BA23C7511AC880E8BA7BAA80DBA, 7875F8B195CF2D7DD19D0951FEC4C567AB88384A5D6FE08A38E8BC3C622F4856 ] s117unic        C:\Windows\system32\DRIVERS\s117unic.sys
18:06:35.0870 0x1dc4  s117unic - ok
18:06:35.0876 0x1dc4  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
18:06:35.0889 0x1dc4  s3cap - ok
18:06:35.0893 0x1dc4  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] SamSs           C:\Windows\system32\lsass.exe
18:06:35.0904 0x1dc4  SamSs - ok
18:06:35.0914 0x1dc4  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:06:35.0928 0x1dc4  sbp2port - ok
18:06:35.0935 0x1dc4  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:06:35.0962 0x1dc4  SCardSvr - ok
18:06:35.0967 0x1dc4  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:06:35.0989 0x1dc4  scfilter - ok
18:06:36.0013 0x1dc4  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
18:06:36.0058 0x1dc4  Schedule - ok
18:06:36.0064 0x1dc4  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:06:36.0085 0x1dc4  SCPolicySvc - ok
18:06:36.0093 0x1dc4  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:06:36.0113 0x1dc4  SDRSVC - ok
18:06:36.0117 0x1dc4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:06:36.0142 0x1dc4  secdrv - ok
18:06:36.0147 0x1dc4  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
18:06:36.0173 0x1dc4  seclogon - ok
18:06:36.0214 0x1dc4  [ 398A81D590424441B2F5C5C08073CADB, 1E064DFCC49EB0D8A4150276BF796B9DFA030C451570A170EC940F8CBAAD80F3 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
18:06:36.0263 0x1dc4  Secunia PSI Agent - ok
18:06:36.0284 0x1dc4  [ 8C2D3A80FC90A860F0F24DEB67471481, CE4D17B63149C44B4CD5CB7776FD4705DC675F6D2D077D53BE15578294EBC9D4 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
18:06:36.0308 0x1dc4  Secunia Update Agent - ok
18:06:36.0359 0x1dc4  [ D7F978C1B6387544FE132EB5B915ED1A, A3DD9D8876CAD1843974492B45DCA8745ABB7ACCFA6CFA0565F4A1BA0212150F ] SecureStorageService C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe
18:06:36.0420 0x1dc4  SecureStorageService - detected UnsignedFile.Multi.Generic ( 1 )
18:06:38.0936 0x1dc4  Detect skipped due to KSN trusted
18:06:38.0936 0x1dc4  SecureStorageService - ok
18:06:38.0945 0x1dc4  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
18:06:38.0985 0x1dc4  SENS - ok
18:06:38.0991 0x1dc4  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:06:39.0008 0x1dc4  SensrSvc - ok
18:06:39.0012 0x1dc4  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:06:39.0025 0x1dc4  Serenum - ok
18:06:39.0031 0x1dc4  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:06:39.0045 0x1dc4  Serial - ok
18:06:39.0049 0x1dc4  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:06:39.0062 0x1dc4  sermouse - ok
18:06:39.0075 0x1dc4  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:06:39.0101 0x1dc4  SessionEnv - ok
18:06:39.0105 0x1dc4  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:06:39.0118 0x1dc4  sffdisk - ok
18:06:39.0123 0x1dc4  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:06:39.0137 0x1dc4  sffp_mmc - ok
18:06:39.0142 0x1dc4  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:06:39.0157 0x1dc4  sffp_sd - ok
18:06:39.0161 0x1dc4  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:06:39.0174 0x1dc4  sfloppy - ok
18:06:39.0187 0x1dc4  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:06:39.0218 0x1dc4  SharedAccess - ok
18:06:39.0231 0x1dc4  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:06:39.0262 0x1dc4  ShellHWDetection - ok
18:06:39.0268 0x1dc4  [ F5AAA8CDDA25B6387AF590D676D25BAD, 0485DC8206F0CFE9D920D8A6AC517EA2472E9267A86878FCB468D2D54D42E646 ] simptcp         C:\Windows\System32\tcpsvcs.exe
18:06:39.0282 0x1dc4  simptcp - ok
18:06:39.0288 0x1dc4  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
18:06:39.0301 0x1dc4  sisagp - ok
18:06:39.0308 0x1dc4  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:06:39.0320 0x1dc4  SiSRaid2 - ok
18:06:39.0328 0x1dc4  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:06:39.0341 0x1dc4  SiSRaid4 - ok
18:06:39.0349 0x1dc4  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:06:39.0377 0x1dc4  Smb - ok
18:06:39.0394 0x1dc4  [ AF0C80CBC0A2C29462F84FBF74BE59BD, 22741C103F8E85F1A4D3F17008048D22413E71941EFC78174DEC8445CA0A5F63 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
18:06:39.0410 0x1dc4  snapman - ok
18:06:39.0417 0x1dc4  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:06:39.0430 0x1dc4  SNMPTRAP - ok
18:06:39.0731 0x1dc4  [ 11BB0E11D42CC3A43D741D9B30839BE1, FDC35289D966A7CB318C5BD646148E1E2BCC0AB9F9FD4243C82FC567D72DDAE9 ] SNPSTD3         C:\Windows\system32\DRIVERS\snpstd3.sys
18:06:40.0123 0x1dc4  SNPSTD3 - ok
18:06:40.0148 0x1dc4  [ DC8D2952FB6FFBAEC67BD1B93A34DF11, 0BD1523A68900B80ED1BCCB967643525CCA55D4FF4622D0128913690E6BB619E ] speedfan        C:\Windows\system32\speedfan.sys
18:06:40.0161 0x1dc4  speedfan - ok
18:06:40.0166 0x1dc4  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:06:40.0178 0x1dc4  spldr - ok
18:06:40.0191 0x1dc4  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
18:06:40.0216 0x1dc4  Spooler - ok
18:06:40.0356 0x1dc4  [ 83B28F180140B86BBDACD4B2980F99BF, C3C2F4086FC7AB50F7507A8D299BD5508BB51328C92F4D8A7ACAC3D0F0FD6B79 ] sppsvc          C:\Windows\system32\sppsvc.exe
18:06:40.0523 0x1dc4  sppsvc - ok
18:06:40.0535 0x1dc4  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:06:40.0560 0x1dc4  sppuinotify - ok
18:06:40.0575 0x1dc4  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:06:40.0597 0x1dc4  srv - ok
18:06:40.0611 0x1dc4  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:06:40.0632 0x1dc4  srv2 - ok
18:06:40.0640 0x1dc4  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:06:40.0655 0x1dc4  srvnet - ok
18:06:40.0663 0x1dc4  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:06:40.0693 0x1dc4  SSDPSRV - ok
18:06:40.0699 0x1dc4  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:06:40.0725 0x1dc4  SstpSvc - ok
18:06:40.0731 0x1dc4  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:06:40.0742 0x1dc4  stexstor - ok
18:06:40.0758 0x1dc4  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
18:06:40.0801 0x1dc4  StiSvc - ok
18:06:40.0806 0x1dc4  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
18:06:40.0817 0x1dc4  storflt - ok
18:06:40.0824 0x1dc4  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
18:06:40.0840 0x1dc4  StorSvc - ok
18:06:40.0845 0x1dc4  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
18:06:40.0857 0x1dc4  storvsc - ok
18:06:40.0861 0x1dc4  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:06:40.0872 0x1dc4  swenum - ok
18:06:40.0883 0x1dc4  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
18:06:40.0916 0x1dc4  swprv - ok
18:06:41.0133 0x1dc4  [ 0FE29D81F372CA2DCE9E49736A3BD3E6, 10ED93BEE7ECBD2AF5E7AB0197CC82A5424FD63A2ED90F0417B266AD06E5F32C ] syncagentsrv    C:\Program Files\Common Files\Acronis\SyncAgent\syncagentsrv.exe
18:06:41.0392 0x1dc4  syncagentsrv - ok
18:06:41.0435 0x1dc4  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
18:06:41.0484 0x1dc4  SysMain - ok
18:06:41.0491 0x1dc4  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
18:06:41.0511 0x1dc4  TabletInputService - ok
18:06:41.0556 0x1dc4  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:06:41.0592 0x1dc4  TapiSrv - ok
18:06:41.0598 0x1dc4  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
18:06:41.0624 0x1dc4  TBS - ok
18:06:41.0668 0x1dc4  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:06:41.0723 0x1dc4  Tcpip - ok
18:06:41.0767 0x1dc4  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:06:41.0801 0x1dc4  TCPIP6 - ok
18:06:41.0816 0x1dc4  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:06:41.0828 0x1dc4  tcpipreg - ok
18:06:41.0903 0x1dc4  [ 69F1A38A6DBFE682491CB61A596662E3, A1FD47C8D4331132806205756F5793F2602442B233CAA0628FD27D8766321CE0 ] tcsd_win32.exe  C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
18:06:42.0011 0x1dc4  tcsd_win32.exe - detected UnsignedFile.Multi.Generic ( 1 )
18:06:47.0403 0x1dc4  Detect skipped due to KSN trusted
18:06:47.0404 0x1dc4  tcsd_win32.exe - ok
18:06:47.0411 0x1dc4  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:06:47.0435 0x1dc4  TDPIPE - ok
18:06:47.0464 0x1dc4  [ D6755D59F40B082AD04109F34C909E04, 4D0236133C3227D79161549082EE3C5DB763285A4E8B47F1EFB2A9A94547DE6E ] tdrpman         C:\Windows\system32\DRIVERS\tdrpman.sys
18:06:47.0500 0x1dc4  tdrpman - ok
18:06:47.0507 0x1dc4  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:06:47.0518 0x1dc4  TDTCP - ok
18:06:47.0525 0x1dc4  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:06:47.0549 0x1dc4  tdx - ok
18:06:47.0555 0x1dc4  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:06:47.0566 0x1dc4  TermDD - ok
18:06:47.0580 0x1dc4  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
18:06:47.0608 0x1dc4  TermService - ok
18:06:47.0614 0x1dc4  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
18:06:47.0629 0x1dc4  Themes - ok
18:06:47.0635 0x1dc4  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
18:06:47.0658 0x1dc4  THREADORDER - ok
18:06:47.0683 0x1dc4  [ D8101E21C746F8234B3DB6AACC3A55BB, 24D1EAF7B7625A41FE4B0CF667D2A1CD3DA84A4E8EE1CAC36276D48703416E9D ] tib             C:\Windows\system32\DRIVERS\tib.sys
18:06:47.0715 0x1dc4  tib - ok
18:06:47.0725 0x1dc4  [ 02CF2A181BC2DEF83166CFF678575185, 3FEFF0C32E9890E0B69EBDA4CEECC64D7C7D4AF05EE9CBD18837E6C37955299C ] tib_mounter     C:\Windows\system32\DRIVERS\tib_mounter.sys
18:06:47.0739 0x1dc4  tib_mounter - ok
18:06:47.0744 0x1dc4  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
18:06:47.0770 0x1dc4  TrkWks - ok
18:06:47.0790 0x1dc4  [ ED5E4CE36C54F55E7698642E94D32EC7, 07BD324083D1784F8F716C528D530003369E6D87EFC7B79BCAA1767F80DA4FDC ] truecrypt       C:\Windows\system32\drivers\truecrypt.sys
18:06:47.0815 0x1dc4  truecrypt - ok
18:06:47.0827 0x1dc4  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:06:47.0857 0x1dc4  TrustedInstaller - ok
18:06:47.0864 0x1dc4  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:06:47.0876 0x1dc4  tssecsrv - ok
18:06:47.0884 0x1dc4  [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:06:47.0901 0x1dc4  TsUsbFlt - ok
18:06:47.0906 0x1dc4  [ 57C527AF84748B5C2F5178C499C0B81F, 2FF1F25BA16F8984E9F2CE4DE663F261BAF267EDF10D466A52BB211C567F763C ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
18:06:47.0920 0x1dc4  TsUsbGD - ok
18:06:47.0928 0x1dc4  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:06:47.0957 0x1dc4  tunnel - ok
18:06:47.0964 0x1dc4  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:06:47.0977 0x1dc4  uagp35 - ok
18:06:47.0987 0x1dc4  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:06:48.0017 0x1dc4  udfs - ok
18:06:48.0027 0x1dc4  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:06:48.0041 0x1dc4  UI0Detect - ok
18:06:48.0049 0x1dc4  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:06:48.0062 0x1dc4  uliagpkx - ok
18:06:48.0068 0x1dc4  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:06:48.0082 0x1dc4  umbus - ok
18:06:48.0087 0x1dc4  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
18:06:48.0100 0x1dc4  UmPass - ok
18:06:48.0110 0x1dc4  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
18:06:48.0129 0x1dc4  UmRdpService - ok
18:06:48.0133 0x1dc4  [ BB879DCFD22926EFBEB3298129898CBB, 2A24E6CD5D6E0CEA3082C0699A2371084CC1268B31BC714098EA0D0C11B3AFAC ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
18:06:48.0137 0x1dc4  UnlockerDriver5 - detected UnsignedFile.Multi.Generic ( 1 )
18:06:50.0575 0x1dc4  Detect skipped due to KSN trusted
18:06:50.0575 0x1dc4  UnlockerDriver5 - ok
18:06:50.0591 0x1dc4  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
18:06:50.0636 0x1dc4  upnphost - ok
18:06:50.0643 0x1dc4  [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:06:50.0659 0x1dc4  usbaudio - ok
18:06:50.0665 0x1dc4  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:06:50.0680 0x1dc4  usbccgp - ok
18:06:50.0686 0x1dc4  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:06:50.0701 0x1dc4  usbcir - ok
18:06:50.0707 0x1dc4  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:06:50.0720 0x1dc4  usbehci - ok
18:06:50.0732 0x1dc4  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:06:50.0754 0x1dc4  usbhub - ok
18:06:50.0759 0x1dc4  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:06:50.0772 0x1dc4  usbohci - ok
18:06:50.0778 0x1dc4  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
18:06:50.0791 0x1dc4  usbprint - ok
18:06:50.0798 0x1dc4  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:06:50.0814 0x1dc4  USBSTOR - ok
18:06:50.0819 0x1dc4  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
18:06:50.0831 0x1dc4  usbuhci - ok
18:06:50.0837 0x1dc4  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
18:06:50.0860 0x1dc4  UxSms - ok
18:06:50.0865 0x1dc4  [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] VaultSvc        C:\Windows\system32\lsass.exe
18:06:50.0877 0x1dc4  VaultSvc - ok
18:06:50.0886 0x1dc4  [ EB73C0C918F281D52C5993288A02569F, D65C5406B97DDEE0658AD23CDF6D8BC8131930907A5BD158E2581E487527997D ] VC10SecS        C:\Program Files\Virtual CD v10\System\VC10SecS.exe
18:06:50.0900 0x1dc4  VC10SecS - ok
18:06:50.0901 0x1dc4  Suspicious service (NoAccess): vdrv1000
18:06:50.0911 0x1dc4  [ 96593A92718CEB5A99A7C6647847F2F0, 7953247355B64836CC810284BA7D35ED9A694B10ED804C9E45EE38A128F6AD3F ] vdrv1000        C:\Windows\system32\DRIVERS\vdrv1000.sys
18:06:50.0919 0x1dc4  vdrv1000 - detected LockedService.Multi.Generic ( 1 )
18:06:53.0360 0x1dc4  Detect skipped due to KSN trusted
18:06:53.0360 0x1dc4  vdrv1000 - ok
18:06:53.0371 0x1dc4  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:06:53.0390 0x1dc4  vdrvroot - ok
18:06:53.0412 0x1dc4  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
18:06:53.0449 0x1dc4  vds - ok
18:06:53.0455 0x1dc4  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:06:53.0469 0x1dc4  vga - ok
18:06:53.0474 0x1dc4  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:06:53.0496 0x1dc4  VgaSave - ok
18:06:53.0507 0x1dc4  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:06:53.0525 0x1dc4  vhdmp - ok
18:06:53.0532 0x1dc4  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
18:06:53.0545 0x1dc4  viaagp - ok
18:06:53.0551 0x1dc4  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
18:06:53.0565 0x1dc4  ViaC7 - ok
18:06:53.0569 0x1dc4  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:06:53.0580 0x1dc4  viaide - ok
18:06:53.0587 0x1dc4  [ 32CE9263994A4C714FBA8AA5408741CD, BD99A51116A4A356EC8D1B95617E21DAD7EB1E0F76E639B0336EA61A215DCA88 ] vididr          C:\Windows\system32\DRIVERS\vididr.sys
18:06:53.0600 0x1dc4  vididr - ok
18:06:53.0606 0x1dc4  [ 1DD53BB11BDAB317E065FFE429831751, F384B7BEDA1EC4E4C801A41A1C9279F352F1BFEE2EA1AD1C3EE42F213B5970B3 ] vidsflt         C:\Windows\system32\DRIVERS\vidsflt.sys
18:06:53.0618 0x1dc4  vidsflt - ok
18:06:53.0633 0x1dc4  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
18:06:53.0653 0x1dc4  vmbus - ok
18:06:53.0659 0x1dc4  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
18:06:53.0672 0x1dc4  VMBusHID - ok
18:06:53.0677 0x1dc4  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:06:53.0689 0x1dc4  volmgr - ok
18:06:53.0700 0x1dc4  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:06:53.0718 0x1dc4  volmgrx - ok
18:06:53.0727 0x1dc4  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:06:53.0745 0x1dc4  volsnap - ok
18:06:53.0762 0x1dc4  [ 86C96C079293E2E06708E146A011F4C4, 10F8DBA78B76B304525FC72C83990F10133936010E26D2F9AEB2FB747F8B75C2 ] vpnagent        C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
18:06:53.0783 0x1dc4  vpnagent - ok
18:06:53.0789 0x1dc4  [ B4A71B5E7F83BE22064891D503BF82F6, 37872EABDB6D7CB60BC36FE4117BD4D5F83F35009BA2515BF2D15D3ECCED6957 ] vpnva           C:\Windows\system32\DRIVERS\vpnva-6.sys
18:06:53.0800 0x1dc4  vpnva - ok
18:06:53.0813 0x1dc4  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:06:53.0829 0x1dc4  vsmraid - ok
18:06:53.0857 0x1dc4  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
18:06:53.0909 0x1dc4  VSS - ok
18:06:53.0915 0x1dc4  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
18:06:53.0928 0x1dc4  vwifibus - ok
18:06:53.0938 0x1dc4  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
18:06:53.0970 0x1dc4  W32Time - ok
18:06:53.0983 0x1dc4  [ 2C405B2D6CFD8289BE10198B8DEE94EC, 69683519EBDA32F06C30DFFC6779AD75CF31132CBC8D74AB649C6C4B4BED5B02 ] WacHidRouter    C:\Windows\system32\DRIVERS\wachidrouter.sys
18:06:53.0996 0x1dc4  WacHidRouter - ok
18:06:54.0001 0x1dc4  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:06:54.0015 0x1dc4  WacomPen - ok
18:06:54.0020 0x1dc4  [ E4224671E773CCF3D5D386992B31A460, 310313701564D0D9220E0D3AF98180D852727B0A7FAB135419C8B5933CF13332 ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
18:06:54.0029 0x1dc4  wacomrouterfilter - ok
18:06:54.0033 0x1dc4  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:06:54.0055 0x1dc4  WANARP - ok
18:06:54.0059 0x1dc4  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:06:54.0081 0x1dc4  Wanarpv6 - ok
18:06:54.0113 0x1dc4  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
18:06:54.0161 0x1dc4  wbengine - ok
18:06:54.0172 0x1dc4  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:06:54.0192 0x1dc4  WbioSrvc - ok
18:06:54.0201 0x1dc4  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:06:54.0224 0x1dc4  wcncsvc - ok
18:06:54.0229 0x1dc4  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:06:54.0245 0x1dc4  WcsPlugInService - ok
18:06:54.0250 0x1dc4  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
18:06:54.0262 0x1dc4  Wd - ok
18:06:54.0289 0x1dc4  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:06:54.0325 0x1dc4  Wdf01000 - ok
18:06:54.0332 0x1dc4  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:06:54.0360 0x1dc4  WdiServiceHost - ok
18:06:54.0365 0x1dc4  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:06:54.0380 0x1dc4  WdiSystemHost - ok
18:06:54.0396 0x1dc4  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
18:06:54.0421 0x1dc4  WebClient - ok
18:06:54.0430 0x1dc4  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:06:54.0459 0x1dc4  Wecsvc - ok
18:06:54.0465 0x1dc4  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:06:54.0490 0x1dc4  wercplsupport - ok
18:06:54.0496 0x1dc4  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
18:06:54.0524 0x1dc4  WerSvc - ok
18:06:54.0528 0x1dc4  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:06:54.0551 0x1dc4  WfpLwf - ok
18:06:54.0556 0x1dc4  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:06:54.0568 0x1dc4  WIMMount - ok
18:06:54.0588 0x1dc4  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
18:06:54.0620 0x1dc4  WinDefend - ok
18:06:54.0629 0x1dc4  WinHttpAutoProxySvc - ok
18:06:54.0639 0x1dc4  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:06:54.0665 0x1dc4  Winmgmt - ok
18:06:54.0694 0x1dc4  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
18:06:54.0749 0x1dc4  WinRM - ok
18:06:54.0778 0x1dc4  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:06:54.0818 0x1dc4  Wlansvc - ok
18:06:54.0825 0x1dc4  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
18:06:54.0836 0x1dc4  WmiAcpi - ok
18:06:54.0846 0x1dc4  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:06:54.0860 0x1dc4  wmiApSrv - ok
18:06:54.0865 0x1dc4  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:06:54.0880 0x1dc4  WPCSvc - ok
18:06:54.0884 0x1dc4  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:06:54.0906 0x1dc4  ws2ifsl - ok
18:06:54.0912 0x1dc4  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
18:06:54.0929 0x1dc4  wscsvc - ok
18:06:54.0935 0x1dc4  [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
18:06:54.0949 0x1dc4  WSDPrintDevice - ok
18:06:54.0953 0x1dc4  WSearch - ok
18:06:54.0974 0x1dc4  [ 8B1B65A000810683F2CA04C434C24A6A, A673A1926E808DE76C45442AFFB74DC892C910F0E741AEEB5FAA27403B8D3171 ] WTabletServiceCon C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
18:06:54.0996 0x1dc4  WTabletServiceCon - ok
18:06:55.0047 0x1dc4  [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv        C:\Windows\system32\wuaueng.dll
18:06:55.0111 0x1dc4  wuauserv - ok
18:06:55.0120 0x1dc4  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:06:55.0136 0x1dc4  WudfPf - ok
18:06:55.0144 0x1dc4  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:06:55.0161 0x1dc4  wudfsvc - ok
18:06:55.0171 0x1dc4  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:06:55.0192 0x1dc4  WwanSvc - ok
18:06:55.0202 0x1dc4  ================ Scan global ===============================
18:06:55.0207 0x1dc4  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
18:06:55.0216 0x1dc4  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
18:06:55.0229 0x1dc4  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
18:06:55.0236 0x1dc4  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
18:06:55.0247 0x1dc4  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
18:06:55.0254 0x1dc4  [ Global ] - ok
18:06:55.0255 0x1dc4  ================ Scan MBR ==================================
18:06:55.0257 0x1dc4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:06:55.0321 0x1dc4  \Device\Harddisk0\DR0 - ok
18:06:55.0366 0x1dc4  [ 0792F22BCC85CFD3B28324561FFFCABB ] \Device\Harddisk1\DR1
18:06:57.0175 0x1dc4  \Device\Harddisk1\DR1 - ok
18:06:57.0181 0x1dc4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR5
18:06:57.0304 0x1dc4  \Device\Harddisk2\DR5 - ok
18:06:57.0304 0x1dc4  ================ Scan VBR ==================================
18:06:57.0310 0x1dc4  [ DC590EBED333F01A610EC8CE15F8506C ] \Device\Harddisk0\DR0\Partition1
18:06:57.0313 0x1dc4  \Device\Harddisk0\DR0\Partition1 - ok
18:06:57.0317 0x1dc4  [ 02989D5D7DA1BBB06D03076DCAB5EA7F ] \Device\Harddisk0\DR0\Partition2
18:06:57.0319 0x1dc4  \Device\Harddisk0\DR0\Partition2 - ok
18:06:57.0323 0x1dc4  [ EA081694EA77F625015C24739F0F0142 ] \Device\Harddisk1\DR1\Partition1
18:06:57.0354 0x1dc4  \Device\Harddisk1\DR1\Partition1 - ok
18:06:57.0360 0x1dc4  [ 1837DF63DDB19374B8429E38FDECA69F ] \Device\Harddisk2\DR5\Partition1
18:06:57.0362 0x1dc4  \Device\Harddisk2\DR5\Partition1 - ok
18:06:57.0362 0x1dc4  ================ Scan generic autorun ======================
18:06:57.0487 0x1dc4  [ 31B37D8376846E2A711CF13F78571E05, AAE9939CAB153F294F9C4DED12F0EA3E6E6AE31AD96285A9CD3A3D03387D6806 ] C:\Program Files\Realtek\Audio\HDA\RtDCpl.exe
18:06:57.0630 0x1dc4  RtHDVCpl - ok
18:06:57.0650 0x1dc4  [ 3E925B8A90561E1961ED548D48DF4E09, D48980E9456C065C63101F5A5B3A791538BDE8F0371CAF285CF2EC080F5382D2 ] C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe
18:06:57.0667 0x1dc4  ChangeTPMAuth - detected UnsignedFile.Multi.Generic ( 1 )
18:07:00.0059 0x1dc4  Detect skipped due to KSN trusted
18:07:00.0059 0x1dc4  ChangeTPMAuth - ok
18:07:00.0102 0x1dc4  [ 1395F0CA53289012BFA40278D974223D, 257F38BCD39927D5F1EBD8AA9C833D3066E1009594145816A3FC8EDEDE28E409 ] C:\Program Files\Dell\Dell ControlPoint\Dell.ControlPoint.exe
18:07:00.0154 0x1dc4  DellControlPoint - detected UnsignedFile.Multi.Generic ( 1 )
18:07:02.0549 0x1dc4  Detect skipped due to KSN trusted
18:07:02.0549 0x1dc4  DellControlPoint - ok
18:07:02.0555 0x1dc4  [ 80B56AA5008F5854CA4363BAA90A09E2, 5F143AF39C7D8215D75CA9E5A8A67D5A8D4DFB6146E2254C8490404EEA03DCB7 ] C:\Program Files\Dell\Dell ControlPoint\Security Manager\BcmDeviceAndTaskStatusService.exe
18:07:02.0562 0x1dc4  USCService - detected UnsignedFile.Multi.Generic ( 1 )
18:07:05.0106 0x1dc4  Detect skipped due to KSN trusted
18:07:05.0106 0x1dc4  USCService - ok
18:07:05.0121 0x1dc4  [ B01A25ED6E5BCA5DBFEF3B3846C7B280, 3AD056DE6AD1A320B88FF011C06A21AEB3935C14117326B62B0DF5AC34A66D2D ] C:\Windows\system32\igfxtray.exe
18:07:05.0146 0x1dc4  IgfxTray - ok
18:07:05.0160 0x1dc4  [ CD9E242C0523F156933C68275F3034CF, D24ADE3C463B3827104F43B905777881A025B0AB7074996A5EC09EAF7754DCDB ] C:\Windows\system32\hkcmd.exe
18:07:05.0183 0x1dc4  HotKeysCmds - ok
18:07:05.0197 0x1dc4  [ 9C1A47C1E1176D59E95990ADAB1EF6C2, 8E5F54C45F5DE7741A2FCCBD6BC5DCE95EC05BDC4EF2CE3941E8ECBC4970D7F7 ] C:\Windows\system32\igfxpers.exe
18:07:05.0214 0x1dc4  Persistence - ok
18:07:05.0239 0x1dc4  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
18:07:05.0270 0x1dc4  Adobe ARM - ok
18:07:05.0280 0x1dc4  [ 1EDDD9562180D2F17385846B7F89490B, 1E235EF5B3A3B4A9D39D77F0F8D1512574A39DA35A5802692439B25FE8C3DCD4 ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
18:07:05.0314 0x1dc4  Classic Start Menu - ok
18:07:05.0368 0x1dc4  [ C6352C29C56077749CEEDD08680D347D, DF520DA9E9F8D34004E497969FC4AB0D9F057EEE5D8A0BBB91C5EBC983011ABD ] C:\Program Files\Bamboo Dock\BambooCore.exe
18:07:05.0449 0x1dc4  BambooCore - ok
18:07:05.0657 0x1dc4  [ B8434467D90B65E5A2D697C7FF511802, A0F5D234A1CA1384160FB63AF40B169B4649DF7D77534DE1B16E1063EC922A87 ] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
18:07:05.0875 0x1dc4  TrueImageMonitor.exe - ok
18:07:05.0900 0x1dc4  [ 53320329D5D65E06D7C1F997CFD08E22, C8C9CB1A724876199E3E24607013D0E8F28F034E215334D04BC6F091CDD591EE ] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
18:07:05.0919 0x1dc4  Acronis Scheduler2 Service - ok
18:07:05.0938 0x1dc4  [ 81DE43CF2ECB6AFF58BBBB938BA0814C, 55E1229BCAC23D5F426043976B95907912F33DE8024F531E8F1373DF74227A7D ] C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
18:07:05.0963 0x1dc4  Cisco AnyConnect Secure Mobility Agent for Windows - ok
18:07:06.0182 0x1dc4  [ DE9BA389EB53B8A499FF0C12E8C8ABB4, 2C345965BD824EEB68FD5AC17492D79774666D50B0AF97148F9D0DA1BC540255 ] C:\Program Files\ESET\ESET Smart Security\egui.exe
18:07:06.0426 0x1dc4  egui - ok
18:07:06.0446 0x1dc4  [ 50B4BD30A102B5E7BFAEB87629C94466, A6AA1097A77F5AA84111F98C84E51B7219B893308E16D909D8915AB46C6E71EE ] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
18:07:06.0463 0x1dc4  LexwareInfoService - ok
18:07:06.0480 0x1dc4  [ 53C2A97A95567DF950FEFD78884970E2, AFEB4FD42E7C793FA48AC0054C3F1EFDB8EE098504889531B96226DF83DFE8EF ] C:\Program Files\Virtual CD v10\System\VC10Play.exe
18:07:06.0504 0x1dc4  VC10Player - ok
18:07:06.0508 0x1dc4  [ 6F9455F97D5D91FDEEC0F344E70A2D0E, 884B7237B1BC4386F21F0A8A5F2114E03720267930EEF78D4C3F154BB6CDB8A7 ] C:\Windows\FixCamera.exe
18:07:06.0514 0x1dc4  FixCamera - detected UnsignedFile.Multi.Generic ( 1 )
18:07:08.0906 0x1dc4  Detect skipped due to KSN trusted
18:07:08.0906 0x1dc4  FixCamera - ok
18:07:08.0906 0x1dc4  tsnpstd3 - ok
18:07:08.0935 0x1dc4  [ FB0C8699B87F7140BB6201BE7B4B6778, C5F9956374E59BB478FCBA457A0207AEA8B90EC8EB6C52F4F0D27A89FC7920EE ] C:\Windows\vsnpstd3.exe
18:07:08.0973 0x1dc4  snpstd3 - ok
18:07:09.0006 0x1dc4  [ 5FF9A79628D4A0BA3DCD6CF5EC8FD3BF, 9818AAF8F1F1C0CBD8B89352DBAF1ADBEA1F19928543517EB6473C112E95A38D ] C:\Program Files\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
18:07:09.0045 0x1dc4  AcronisTibMounterMonitor - ok
18:07:09.0056 0x1dc4  [ 14D6542607ACD4B2D1DDB1A36E0D8813, 3A270600549E8E7988D5AF3486C0F504269B9573393D87BF87BDB2287BF007B2 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
18:07:09.0070 0x1dc4  SunJavaUpdateSched - ok
18:07:09.0077 0x1dc4  [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files\iTunes\iTunesHelper.exe
18:07:09.0089 0x1dc4  iTunesHelper - ok
18:07:09.0137 0x1dc4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
18:07:09.0203 0x1dc4  Sidebar - ok
18:07:09.0212 0x1dc4  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
18:07:09.0230 0x1dc4  mctadmin - ok
18:07:09.0277 0x1dc4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
18:07:09.0312 0x1dc4  Sidebar - ok
18:07:09.0320 0x1dc4  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
18:07:09.0335 0x1dc4  mctadmin - ok
18:07:09.0388 0x1dc4  [ C0A710E038A8B3A31501A57138018792, 35A699539E119A4653424E7E6F3A9BBBB9AB8F4439D7C9180DFED68E16D1C6B0 ] C:\Program Files\FeedReader30\feedreader.exe
18:07:09.0456 0x1dc4  feedreader.exe - detected UnsignedFile.Multi.Generic ( 1 )
18:07:11.0893 0x1dc4  Detect skipped due to KSN trusted
18:07:11.0894 0x1dc4  feedreader.exe - ok
18:07:11.0895 0x1dc4  LAN Messenger - ok
18:07:11.0897 0x1dc4  Waiting for KSN requests completion. In queue: 20
18:07:12.0897 0x1dc4  Waiting for KSN requests completion. In queue: 20
18:07:13.0898 0x1dc4  Waiting for KSN requests completion. In queue: 20
18:07:14.0925 0x1dc4  AV detected via SS2: ESET Smart Security 7.0, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 7.0.302.0 ), 0x41000 ( enabled : updated )
18:07:14.0927 0x1dc4  FW detected via SS2: ESET Personal Firewall, C:\Program Files\ESET\ESET Smart Security\ecmd.exe ( 7.0.302.0 ), 0x40010 ( disabled )
18:07:14.0935 0x1dc4  Win FW state via NFP2: enabled
18:07:17.0315 0x1dc4  ============================================================
18:07:17.0315 0x1dc4  Scan finished
18:07:17.0315 0x1dc4  ============================================================
18:07:17.0329 0x1ba0  Detected object count: 0
18:07:17.0329 0x1ba0  Actual detected object count: 0
18:08:01.0683 0x1760  Deinitialize success

Das war's!

schrauber · 04.12.2014, 11:44

ADS an Bildern un Co in Ruhe lassen. Das sieht eigentlich alles echt sauber aus auf den drei Rechnern.

HonigDieter · 06.12.2014, 15:55

Hm, aber was soll ich denn dan nun machen? Wie sucht man denn auf Smartphones nach Malware?

Könntest du das mit den ADS etwas genauer erläutern, bitte? Denn man kann einen ADS ja dranhängen, wo man will, auch als Schadprogrammautor.

schrauber · 07.12.2014, 10:26

ich würde jetzt mal bei der Telekom anfragen ob dem immer noch so ist.

Zitat:

enn man kann einen ADS ja dranhängen, wo man will, auch als Schadprogrammautor.

mach aber an einer nicht ausführbaren datei wenig Sinn oder? Mal abgesehen davon dass es viele viele legitime ADS gibt.

04.12.2014, 11:44	#13
schrauber /// the machine /// TB-Ausbilder	T-Online schickt Abuse-Mail (Sinkhole) ohne Informationen + ich finde nur Adware ADS an Bildern un Co in Ruhe lassen. Das sieht eigentlich alles echt sauber aus auf den drei Rechnern. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

T-Online schickt Abuse-Mail (Sinkhole) ohne Informationen + ich finde nur Adware

Plagegeister aller Art und deren Bekämpfung: T-Online schickt Abuse-Mail (Sinkhole) ohne Informationen + ich finde nur Adware