Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
DHL Virus oder Trojaner warscheinlich eingefangen

DHL Virus oder Trojaner warscheinlich eingefangen


Plagegeister aller Art und deren Bekämpfung: DHL Virus oder Trojaner warscheinlich eingefangen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 6 1 23 Letzte »
Alt 22.05.2015, 13:55   #1
Koeppi1969
 
DHL Virus oder Trojaner warscheinlich eingefangen - Standard

DHL Virus oder Trojaner warscheinlich eingefangen


Ich habe mir warscheinlich vor ca. 3 Tagen etwas eingefangen. Da ich auf 3 Pakete von DHL wartete, habe ich eine Mail von Dhl angeklickt und auch auf den Link geklickt. Später habe ich im Downloadordner auch nochmal auf öffnen geklickt. Wenn ich mit dem Mauszeiger auf den Link ging, zeigte er mir an www.Helenicfarm.gr . Ich war dann auch auf der Website , da meine Frau viel und überall Wolle bestellt.
Seit dieser Zeit läuft mein Internet unter firefox total verzögert. Also wirklich extrem. vom gefühl her würde ich sagen, das der I.Explorer etwas zügiger läuft aber auch nicht normal.
Ich habe daraufhin den Antivir durchlaufen lassen, den esetsmartinstaller, Emsisoft Anti Malware, und Malwarebytes. Habe unerwünschte Software in Quarantäne gestellt (bei allen)
Malwarebyte hat 2 Trojaner gefunden:Trojan.SpyEyes.WC und Trojan SpyEyes.
Ich brauche Hilfe!
Lieben Dank Jörg

Alt 22.05.2015, 13:59   #2
M-K-D-B
/// TB-Ausbilder
 
DHL Virus oder Trojaner warscheinlich eingefangen - Standard

DHL Virus oder Trojaner warscheinlich eingefangen





Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:


Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________
Alt 22.05.2015, 14:33   #3
Koeppi1969
 
DHL Virus oder Trojaner warscheinlich eingefangen - Standard

DHL Virus oder Trojaner warscheinlich eingefangen


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-05-2015
Ran by sandraundjörg at 2015-05-22 15:17:39
Running from C:\Users\sandraundjörg\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3250271813-2252980563-3190364089-500 - Administrator - Disabled)
Gast (S-1-5-21-3250271813-2252980563-3190364089-501 - Limited - Enabled)
sandraundjörg (S-1-5-21-3250271813-2252980563-3190364089-1000 - Administrator - Enabled) => C:\Users\sandraundjörg

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Emsisoft Anti-Malware (Enabled - Up to date) {2F44E1F9-850B-1C7A-0E56-EB2E0A3E20C9}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {9425001D-A331-13F4-34E6-D05C71B96A74}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spyware Doctor (Disabled - Up to date) {94076BB2-F3DA-227F-9A1E-F060FF73600F}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
Acer Arcade Live Main Page (HKLM\...\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}) (Version: 1.1.1331 - Acer Inc.)
Acer DV Magician (HKLM\...\{F6EFFB76-4A07-11DA-9D78-000129760D75}) (Version: 1.5.0920 - Acer Inc.)
Acer DVDivine (HKLM\...\{B145EC69-66F5-11D8-9D75-000129760D75}) (Version: 3.2.1109 - Acer Inc.)
Acer eDataSecurity Management (HKLM\...\{A5633652-3795-4829-BB0B-644F0279E279}) (Version: 2.8.4360 - Egis Inc.)
Acer Empowering Technology (HKLM\...\{AB6097D9-D722-4987-BD9E-A076E2848EE2}) (Version: 2.5.4301 - Acer Inc.)
Acer ePerformance Management (HKLM\...\{D462BF9E-0C35-4705-BF9B-3DF9F3816643}) (Version: 2.5.4002 - Acer Inc.)
Acer eSettings Management (HKLM\...\{CE65A9A0-9686-45C6-9098-3C9543A412F0}) (Version: 2.5.4302 - Acer Inc.)
Acer GameZone Console DTV 2.0.1.1 (HKLM\...\Acer GameZone Console_is1) (Version:  - Oberon Media, Inc.)
Acer HomeMedia (HKLM\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 1.4.1331 - Acer Inc.)
Acer HomeMedia Connect (HKLM\...\{132888AE-EF67-41C5-BCA2-7D5D2488AB63}) (Version: 1.4.4931 - Acer Inc.)
Acer HomeMedia Trial Creator (HKLM\...\{B580C409-E16F-44FF-904D-3AE94E113BE0}) (Version: 1.4.1331 - Acer Inc.)
Acer ScreenSaver (HKLM\...\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}) (Version: 4.01.20070419 - Acer Inc.)
Acer SlideShow DVD (HKLM\...\{41581EF5-45A7-11DA-9D78-000129760D75}) (Version: 1.5.1109 - Acer Inc.)
Acer VideoMagician (HKLM\...\{F79A208D-D929-11D9-9D77-000129760D75}) (Version: 1.4.1017 - Acer Inc.)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Digital Editions (HKLM\...\Digital Editions) (Version:  - )
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 9 ActiveX (HKLM\...\ShockwaveFlash) (Version: 9 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 9.0.115.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.14) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)
Agatha Christie Death on the Nile (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}) (Version:  - Oberon Media)
Alice Greenfingers (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
Ask Toolbar Updater (HKU\S-1-5-21-3250271813-2252980563-3190364089-1000\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.4.36191 - Ask.com) <==== ATTENTION
ATI Catalyst Install Manager (HKLM\...\{01358C56-44F4-B8B3-8757-06F2A864A863}) (Version: 3.0.634.0 - ATI Technologies, Inc.)
Avery Wizard 4.0 (HKLM\...\{F5D84887-8A6F-4993-8560-B3AA44CB620D}) (Version: 4.0.201 - Avery)
Avira (HKLM\...\{df495620-2ba9-412d-828d-b27f020d9fc8}) (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.18.28431 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
AVM FRITZ!WLAN (HKLM\...\AVMWLANCLI) (Version:  - AVM Berlin)
Azada (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}) (Version:  - Oberon Media)
Backspin Billiards (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111543617}) (Version:  - Oberon Media)
Belkin Range Extender (HKLM\...\Belkin Range Extender) (Version:  - )
Big Kahuna Reef (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}) (Version:  - Oberon Media)
Bing Bar (HKLM\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Bricks of Egypt (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}) (Version:  - Oberon Media)
Browser Defender 3.0 (HKLM\...\Browser Defender_is1) (Version: 3.0.0.210 - Threat Expert Ltd.)
Cake Mania (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version:  - Oberon Media)
Chicken Invaders 3 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}) (Version:  - Oberon Media)
Chuzzle (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}) (Version:  - Oberon Media)
CorelDRAW Graphics Suite X4 - Capture (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Content (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Draw (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Extra Content (Version: 14.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Filters (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - FontNav (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics SUite X4 - ICA (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - IPM (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang BR (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang CZ (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang DE (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang EN (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang ES (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang FR (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang IT (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang NL (Version: 14.2 - Uw bedrijfsnaam) Hidden
CorelDRAW Graphics Suite X4 - Lang PL (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - Lang SU (Version: 14.2 - Yrityksen nimi) Hidden
CorelDRAW Graphics Suite X4 - Lang SV (Version: 14.2 - Ditt företagsnamn) Hidden
CorelDRAW Graphics Suite X4 - PP (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 - VBA (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X4 (Version: 14.2 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 - Extra Content (HKLM\...\_{80FDAE30-CDB6-4015-AFC7-86A762A5AD9B}) (Version:  - Corel Corporation)
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (HKLM\...\_{CE2DA11A-917F-4CF5-AB55-755EC115DD10}) (Version:  - Corel Corporation)
CorelDRAW(R) Graphics Suite X4 - Windows Shell Extension (Version: 1.1 - Corel Corporation) Hidden
CorelDRAW(R) Graphics Suite X4 (HKLM\...\_{7F05E704-30A6-421A-97A7-8EEB1C7FF010}) (Version:  - Corel Corporation)
cyberJack Base Components (HKLM\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.9.6 - REINER SCT)
devolo dLAN Cockpit (HKLM\...\dlancockpit) (Version: 3.0.0.0 - devolo AG)
Digitizer EXjr (HKLM\...\{DC221834-9956-4ABB-ACEA-9373FBF42CBE}) (Version: 13.0.0246 - Digitizer)
Diner Dash Flo on the Go (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}) (Version:  - Oberon Media)
dLAN Cockpit (HKLM\...\Cockpit.92121A72F826FA9D0BD3A830E7F04987B31AFB22.1) (Version: 3 (23.12.2010) - devolo AG)
dLAN Cockpit (Version: 3.23.12 - devolo AG) Hidden
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 10.0 - Emsisoft Ltd.)
eSobi v2 (HKLM\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.2.000173 - esobi Inc.)
eSobi v2 (Version: 2.0.2.000173 - esobi Inc.) Hidden
Final Media Player 2011 (HKLM\...\FinalMediaPlayer_is1) (Version:  - Bitberry Software) <==== ATTENTION
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet 6600 - Grundlegende Software für das Gerät (HKLM\...\{48C5B91E-E794-4179-9FBF-A9A1635B9F66}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6600 Hilfe (HKLM\...\{2FA81482-5570-4CF0-9A10-D61D2F164916}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{E5F9BFAF-2FD9-4637-BA4E-5C2BC3A0763D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Hilfe (HKLM\...\{FDE820DD-CC88-4395-AD5C-801365B8F316}) (Version: 28.0.0 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.12412 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0001 - Microsoft) Hidden
HPDiagnosticCoreDll (HKLM\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard)
I.R.I.S. OCR (HKLM\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java(TM) 6 Update 23 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.230 - Oracle)
Jewel Quest Solitaire (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}) (Version:  - Oberon Media)
Kick N Rush (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}) (Version:  - Oberon Media)
LightScribe  1.4.142.1 (Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden
Mahjong Escape Ancient China (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version:  - Oberon Media)
Mahjongg Artifacts (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111692950}) (Version:  - Oberon Media)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Mystery Case Files - Huntsville (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}) (Version:  - Oberon Media)
Mystery Solitaire - Secret Island (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}) (Version:  - Oberon Media)
NTI Backup NOW! 4.7 (HKLM\...\InstallShield_{1598034D-7147-432C-8CA8-888E0632D124}) (Version: 1.00.0000 - NewTech Infosystems)
NTI Backup NOW! 4.7 (Version: 1.00.0000 - NewTech Infosystems) Hidden
NTI CD & DVD-Maker (HKLM\...\InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}) (Version: 7 - NewTech Infosystems)
NTI CD & DVD-Maker (Version: 7 - NewTech Infosystems) Hidden
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version:  - )
OLYMPUS Digital Camera Updater (HKLM\...\{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}) (Version: 1.0.3 - OLYMPUS IMAGING CORP.)
OLYMPUS Viewer 2 (HKLM\...\{7177EE4E-3D1D-4F45-85B5-B93DC758BA0B}) (Version: 1.1.1 - OLYMPUS IMAGING CORP.)
ParetoLogic PC Health Advisor (HKLM\...\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}) (Version: 3.1.7.0 - ParetoLogic, Inc.)
PDF Reader (HKU\S-1-5-21-3250271813-2252980563-3190364089-1000\...\PDF Reader) (Version:  - )
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.1.0 - Frank Heindörfer, Philip Chinery)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5497 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Spyware Doctor 8.0 (HKLM\...\Spyware Doctor) (Version: 8.0 - PC Tools)
StarMoney (Version: 2.0 - StarFinanz) Hidden
StarMoney (Version: 3.0.5.8 - StarFinanz) Hidden
StarMoney (Version: 4.0.0.203 - StarFinanz) Hidden
StarMoney 8.0  (HKLM\...\{1C9C4CDC-6EC0-4F24-8EAE-55D4CD4D7F4A}) (Version: 8.0 - Star Finanz GmbH)
StarMoney 9.0  (HKLM\...\{805C752C-E8A9-489D-8EFE-4F672A73DD0B}) (Version: 9.0 - Star Finanz GmbH)
Studie zur Verbesserung von HP Officejet 6600 Produkten (HKLM\...\{81EFD067-B84F-423C-85BF-5CC11DFB0A3E}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Studie zur Verbesserung von HP Officejet Pro 8600 Produkten (HKLM\...\{4033E880-B959-49E7-A1B0-BF2E81BBC2AA}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Turbo Pizza (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}) (Version:  - Oberon Media)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\E77704EF5E71F4F18CADFBFA68595AFE036D5D97) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Zuma Deluxe (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}) (Version:  - Oberon Media)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3250271813-2252980563-3190364089-1000_Classes\CLSID\{49BBAA3C-C574-419E-8378-783C362E9C15}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO2.dll (Hewlett-Packard Co.)

==================== Restore Points =========================

26-04-2015 01:54:58 Windows Defender Checkpoint
28-04-2015 20:10:11 Windows Update
30-04-2015 20:06:54 Geplanter Prüfpunkt
06-05-2015 02:12:25 Windows Update
13-05-2015 09:50:46 Windows Update
14-05-2015 03:01:31 Windows Update
19-05-2015 16:25:45 Configured Microsoft Office Home and Student 2007
19-05-2015 16:27:23 Configured Microsoft Office Home and Student 2007
19-05-2015 16:46:02 Windows Update
20-05-2015 14:17:30 Wiederherstellungsvorgang
20-05-2015 14:41:15 Windows Update
20-05-2015 15:50:54 PC Health Advisor Backup
20-05-2015 16:56:36 PC Health Advisor Backup
21-05-2015 10:28:55 Windows Update
22-05-2015 07:57:16 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1B6B68EF-8D1B-43A5-B369-B14E6E06CDC4} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe [2013-02-08] () <==== ATTENTION
Task: {20FDA149-BA56-4AEF-98B2-03F6982B97E5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {2FC2A1D2-08AC-4A11-B377-16FE5E0D78B4} - System32\Tasks\HP AR Program Upload - 7ab846c1b03645beb38c57abf37fd35550c1b8cdda8740afb0029fa6c0abb022 => C:\Program Files\HP\HP Officejet Pro 8600\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {35C43633-6C18-4CBF-812C-D5C7305882FA} - \RegClean Pro_DEFAULT No Task File <==== ATTENTION
Task: {39474AC4-A0E9-4B81-838A-824F314F8CDC} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - sandraundjörg => C:\Program Files\Windows Calendar\WinCal.exe [2009-04-11] (Microsoft Corporation)
Task: {43913D56-7747-4F03-8AD6-4C45415FE39A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {625289A0-7E19-4727-86C6-B0303965AB81} - System32\Tasks\PC Health Advisor => C:\Program Files\ParetoLogic\PCHA\PCHA.exe [2015-01-21] (ParetoLogic, Inc.)
Task: {69464635-BF03-4870-B6E6-29BC91541C53} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08] ()
Task: {AB976230-8B6B-4A87-9864-831C6A6CB919} - System32\Tasks\PC Health Advisor Defrag => C:\Program Files\ParetoLogic\PCHA\PCHA.exe [2015-01-21] (ParetoLogic, Inc.)
Task: {B73CE638-131D-4AD8-9E16-B894D53DB915} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2013-11-20] ()
Task: {BC198B87-7696-4E6A-9A17-BD2B0B81B625} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08] ()
Task: {C3A61287-A0A5-41C0-B64E-79A30AFB074C} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {C8C487FB-76D0-4D2A-AE4B-E11EDFAE314F} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {D4124E72-ABA6-4DB1-A37C-CD8252A62FBA} - System32\Tasks\HPCustParticipation HP Officejet 6600 => C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {F082948F-6CD3-4CB5-9ACC-7368595D8DBA} - System32\Tasks\Final Media Player Update Checker => C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe [2011-03-11] (Bitberry Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Final Media Player Update Checker.job => C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Windows\system32\rundll32.exeAC:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\PC Health Advisor Defrag.job => C:\Program Files\ParetoLogic\PCHA\PCHA.exe
Task: C:\Windows\Tasks\PC Health Advisor.job => C:\Program Files\ParetoLogic\PCHA\PCHA.exe

==================== Loaded Modules (Whitelisted) ==============

2010-12-06 16:59 - 2001-10-28 17:42 - 00116224 _____ () C:\Windows\System32\pdfcmnnt.dll
2008-03-21 15:56 - 2008-01-25 19:49 - 00098304 _____ () C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLSchRecordMonitor.dll
2008-03-21 15:56 - 2008-01-25 19:49 - 00260096 _____ () C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\sqlite3.dll
2008-03-21 15:53 - 2007-10-17 11:38 - 00028672 _____ () C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
2008-03-21 15:53 - 2007-10-17 10:55 - 00016384 _____ () C:\Acer\Empowering Technology\ePerformance\MemCheck.Interface.dll
2008-03-21 15:53 - 2007-10-17 11:37 - 00040960 _____ () C:\Acer\Empowering Technology\ePerformance\ePerformance.Library.dll
2010-10-20 07:46 - 2007-05-31 08:38 - 00167936 _____ () C:\Windows\system32\SerialXP.dll
2008-03-21 15:57 - 2006-07-19 20:36 - 00262247 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2013-02-20 18:45 - 2011-01-13 10:44 - 00232800 ____N () C:\Program Files\StarMoney 8.0\ouservice\PATCHW32.dll
2014-07-31 10:27 - 2011-01-13 12:44 - 00232800 _____ () C:\Program Files\StarMoney 9.0\ouservice\PATCHW32.dll
2010-10-17 15:22 - 2007-02-13 06:26 - 00016384 _____ () C:\Acer\Empowering Technology\eRecovery\ServiceInterface.dll
2010-10-17 15:22 - 2007-02-13 06:26 - 00016384 _____ () C:\Acer\Empowering Technology\eRecovery\IERYETF.dll
2010-10-17 15:22 - 2007-06-28 18:15 - 00081920 _____ () C:\Acer\Empowering Technology\eRecovery\INT15.dll
2008-03-21 16:18 - 2007-12-19 19:09 - 00024576 _____ () C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
2008-03-21 16:18 - 2007-12-19 19:09 - 00118784 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.Computer.dll
2008-03-21 16:18 - 2007-12-19 19:08 - 00032768 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.ComputerInterfaces.dll
2008-03-21 16:18 - 2007-12-19 19:08 - 00118784 _____ () C:\Acer\Empowering Technology\eSettings\Service\eSettings.Model.Library.dll
2008-03-21 16:18 - 2007-11-06 10:30 - 00024576 _____ () C:\Acer\Empowering Technology\eSettings\Service\iteio.dll
2008-03-21 16:18 - 2007-12-19 19:09 - 00006656 _____ () C:\Acer\Empowering Technology\eSettings\Service\CPUID.dll
2008-03-21 15:51 - 2008-01-09 19:43 - 00326176 _____ () C:\Acer\Empowering Technology\SysMonitor.exe
2008-03-05 00:38 - 2008-03-05 00:38 - 00227888 _____ () C:\Acer\Empowering Technology\eDataSecurity\x86\ShowErrMsg.dll
2015-05-20 18:08 - 2014-07-14 16:49 - 00049744 _____ () C:\Users\sandraundjörg\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2008-03-21 15:51 - 2008-01-09 19:43 - 00057344 _____ () C:\Acer\Empowering Technology\Acer.Empowering.Framework.DialogManager.dll
2008-03-21 15:51 - 2008-01-09 19:42 - 00024576 _____ () C:\Acer\Empowering Technology\Acer.Empowering.Framework.PasswordSetting.dll
2008-03-21 16:18 - 2007-12-19 19:09 - 00028672 _____ () C:\Acer\Empowering Technology\eSettings\eSettings.Plugin.dll
2008-03-21 16:18 - 2007-12-19 19:08 - 00032768 _____ () C:\Acer\Empowering Technology\eSettings.Model.ComputerInterfaces.dll
2008-03-21 16:18 - 2007-12-19 19:08 - 03420160 _____ () C:\Acer\Empowering Technology\eSettings\eSettings.View.dll
2008-03-21 16:18 - 2007-12-19 19:08 - 00155648 _____ () C:\Acer\Empowering Technology\eSettings\eSettings.Presenter.dll
2008-03-21 15:53 - 2007-10-17 11:38 - 00045056 _____ () C:\Acer\Empowering Technology\ePerformance\ePerformance.Plugin.dll
2008-03-21 15:53 - 2007-10-17 11:38 - 00024576 _____ () C:\Acer\Empowering Technology\ePerformance\ePerformance.Presenter.dll
2008-03-21 15:53 - 2007-10-17 10:55 - 00020480 _____ () C:\Acer\Empowering Technology\ePerformance\ePerformance.Model.Interface.dll
2008-03-21 15:53 - 2007-10-17 11:38 - 00028672 _____ () C:\Acer\Empowering Technology\ePerformance\ePerformance.Model.dll
2008-03-21 15:53 - 2007-10-17 10:55 - 00016384 _____ () C:\Acer\Empowering Technology\MemCheck.Interface.dll
2008-03-21 15:53 - 2007-10-17 11:38 - 00003584 _____ () C:\Acer\Empowering Technology\ePerformance\de\ePerformance.Plugin.resources.dll
2008-03-21 16:18 - 2007-12-19 19:09 - 00003584 _____ () C:\Acer\Empowering Technology\eSettings\de\eSettings.Plugin.resources.dll
2008-03-21 16:18 - 2007-12-19 19:08 - 00010752 _____ () C:\Acer\Empowering Technology\eSettings\de\eSettings.Presenter.resources.dll
2013-11-20 13:43 - 2013-11-20 13:43 - 00185920 _____ () C:\ProgramData\HP Photo Creations\Communicator.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3250271813-2252980563-3190364089-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\img34.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER Error getting ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{4D56D392-50C7-48E8-8CE2-A2FEC81D8D05}] => (Allow) C:\Program Files\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe
FirewallRules: [{C8366C07-2131-473C-BBED-D27222D02A87}] => (Allow) C:\Program Files\Acer Arcade Live\Acer DVDivine\Acer DVDivine.exe
FirewallRules: [{2D937DCC-89DF-408A-B5B0-485337D6B49C}] => (Allow) C:\Program Files\Acer Arcade Live\Acer HomeMedia\Acer HomeMedia.exe
FirewallRules: [{D64B9BE2-AD71-472C-9DB8-D2D6810FAB82}] => (Allow) C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe
FirewallRules: [{C00FD3C5-4BC7-4880-A82F-9A48F7ABA477}] => (Allow) C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.EXE
FirewallRules: [{35D53898-57BE-4F42-B36A-0743BE2F1468}] => (Allow) C:\Program Files\Acer Arcade Live\Acer SlideShow DVD\Acer SlideShow DVD.exe
FirewallRules: [{A3B416BD-6980-4235-BE55-1B9529AE5EBB}] => (Allow) C:\Program Files\Acer Arcade Live\Acer VideoMagician\Acer VideoMagician.exe
FirewallRules: [{077D2931-DB4D-4CCD-99C5-11DB2FC33C10}] => (Allow) C:\Program Files\Acer Arcade Live\Acer HomeMedia Trial Creator\Acer HomeMedia Trial Creator.exe
FirewallRules: [{BCCE2808-3651-42B2-B6C0-3FC7A8BC2D36}] => (Allow) C:\Program Files\Acer Arcade Live\Acer DV Magician\Acer DV Magician.exe
FirewallRules: [{C22D7DA3-415D-4D65-94F0-67B9668CC4E7}] => (Allow) LPort=80
FirewallRules: [{1822518B-0C24-41D9-AA52-A42E07859256}] => (Allow) LPort=80
FirewallRules: [{E0039AB4-7FD7-4380-92C5-36C6A95DB444}] => (Allow) LPort=80
FirewallRules: [{53FDB7F4-4C6B-41CF-9771-7B042D576D3A}] => (Allow) C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe
FirewallRules: [{2B689ED8-9F33-48F0-8257-6346EFA445F0}] => (Allow) C:\Program Files\Windows iLivid Toolbar\Datamngr\ToolBar\dtUser.exe
FirewallRules: [{8D968A10-36F1-4B09-913C-816B3A4050BF}] => (Allow) C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe
FirewallRules: [{55166DF1-4437-4E7C-B427-B6786FAA56F8}] => (Allow) C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe
FirewallRules: [{1FF9E6EC-0EE4-4159-A1BD-04C37ECF0C6A}] => (Allow) C:\Program Files\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{07D95271-3B21-4032-BE25-FC357BD0E7C8}] => (Allow) C:\Program Files\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{E4590D48-1D3A-4ADA-B9E3-DECCE066B929}] => (Allow) C:\Program Files\StarMoney 8.0\app\StarMoney.exe
FirewallRules: [{8DDEF2A9-67F9-456C-ABDA-E74DCF2F7592}] => (Allow) C:\Program Files\StarMoney 8.0\app\StarMoney.exe
FirewallRules: [{9B7C1AE6-A05C-477A-85B3-7C4E12F45F93}] => (Allow) C:\Program Files\devolo\dlan\devolonetsvc.exe
FirewallRules: [{BF099F55-76E2-4C3A-97F3-E76AF4530500}] => (Allow) C:\Program Files\devolo\dlan\devolonetsvc.exe
FirewallRules: [{EFB5050F-5469-436C-8659-A39D333E1FCE}] => (Allow) C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe
FirewallRules: [{936FEA07-5E6D-49D3-BEFA-790A91E8764D}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft68C3.tmp\fsetup.exe
FirewallRules: [{95CC7AC7-347E-486C-9329-76FC4286D3A6}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft68C3.tmp\fsetup.exe
FirewallRules: [{60294871-B68A-4CF8-A255-0D7F020E5DDC}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pftA1FC.tmp\fsetup.exe
FirewallRules: [{60560AB4-D0F5-4026-ABBD-15F8F396C3E8}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pftA1FC.tmp\fsetup.exe
FirewallRules: [{CA5ECD15-D147-44AF-9BE6-609EB4866416}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft61FF.tmp\fsetup.exe
FirewallRules: [{6BE9585B-E7BA-4E9B-B3B2-9FC193D90BA5}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft61FF.tmp\fsetup.exe
FirewallRules: [{8C3687F0-7351-48E9-9F42-5D69622EC857}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft9677.tmp\fsetup.exe
FirewallRules: [{735DB9CF-40C1-4A00-BA48-C05E2FE50F69}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft9677.tmp\fsetup.exe
FirewallRules: [{47D2BB10-30BE-4808-887B-83C782E1870D}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft43B6.tmp\fsetup.exe
FirewallRules: [{798696EF-BEF4-4B1C-8604-EAF50D017E0B}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft43B6.tmp\fsetup.exe
FirewallRules: [{6581A3E5-FF54-4DDD-A284-8BF1481AA8A6}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pftE6C8.tmp\fsetup.exe
FirewallRules: [{2B852820-B3F4-4C29-A7D5-9BC57897783D}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pftE6C8.tmp\fsetup.exe
FirewallRules: [{B533B785-920D-43BD-8C25-D4A224B7D5B8}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft3111.tmp\fsetup.exe
FirewallRules: [{58144B00-6448-458A-9FAE-474AFBECB695}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft3111.tmp\fsetup.exe
FirewallRules: [{26DB5833-381C-4FDB-9677-500B45C6C6F6}] => (Allow) C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
FirewallRules: [{BF22BF65-9BF4-45B5-8C66-263F7D88E90D}] => (Allow) C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
FirewallRules: [{9789F3D3-0454-4A4E-BA5E-1FCB9C98FEF9}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\FaxApplications.exe
FirewallRules: [{C9247011-C679-4472-86AE-9408B761E650}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\DigitalWizards.exe
FirewallRules: [{ADC9B78D-ACE3-4BEB-A404-1EB3CC35C9EC}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\SendAFax.exe
FirewallRules: [{283B2F21-BB0F-464E-8D57-E46153018C9D}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\DeviceSetup.exe
FirewallRules: [{207E33D1-D3E2-4E8B-BC18-0A6083CAE07F}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{651B6401-D77B-4683-A322-C42422EE3EE5}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{C424AD80-1470-46B3-A89A-934DC4A747CE}] => (Allow) C:\Program Files\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{B5F440F9-25B1-4655-B49C-764362343BA2}] => (Allow) C:\Program Files\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{59DD6F66-9CDB-4405-A31D-E1EDE9402AF3}] => (Allow) C:\Program Files\StarMoney 9.0\app\StarMoney.exe
FirewallRules: [{DEDB617E-F197-4805-B719-55F4F5482160}] => (Allow) C:\Program Files\StarMoney 9.0\app\StarMoney.exe
FirewallRules: [{96E3777B-F6F5-419A-A336-79DDE5505C3C}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft2ECF.tmp\fsetup.exe
FirewallRules: [{43A4986C-92E9-46B4-8403-0161C0A809B3}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft2ECF.tmp\fsetup.exe
FirewallRules: [{5D9E5138-38E6-4EF3-802F-DC087AB694AA}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft3A44.tmp\fsetup.exe
FirewallRules: [{73F8F574-A45A-4FFA-8E9E-AB3B538DCEB7}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft3A44.tmp\fsetup.exe
FirewallRules: [{F55E6217-9E36-40B8-942C-5C51B97A72D6}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\DTAG_DVD\DVD-Start.exe
FirewallRules: [{0A4CBBC3-884F-4CD9-BDCA-48459C262411}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\DTAG_DVD\DVD-Start.exe
FirewallRules: [{31F94A12-85E2-4331-8A91-25D4A15B1ADF}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pftB86A.tmp\fsetup.exe
FirewallRules: [{C7BD972B-0886-49F5-92B2-8D07D45B222D}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pftB86A.tmp\fsetup.exe
FirewallRules: [{FE6297EB-C6A1-4886-B2C2-AFBA41119CAE}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft34F9.tmp\fsetup.exe
FirewallRules: [{CD5D0953-3DCB-4F09-BF2C-4A82474C570E}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft34F9.tmp\fsetup.exe
FirewallRules: [{9B77B186-4B19-4628-A9B8-41A7081DA66B}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft5320.tmp\fsetup.exe
FirewallRules: [{106CE323-5517-4474-B4F2-ECDBC1DACFAF}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft5320.tmp\fsetup.exe
FirewallRules: [{C0722D25-4F3A-4CD9-84B9-5EE849F3C831}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pftDC7B.tmp\fsetup.exe
FirewallRules: [{02AB1929-902B-4208-BBC6-5A22A2C13E59}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pftDC7B.tmp\fsetup.exe
FirewallRules: [{92557158-2F64-4468-B837-6F66E2E81EEB}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft789E.tmp\fsetup.exe
FirewallRules: [{60DB50C8-E707-4387-9684-EEE843EE9C81}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft789E.tmp\fsetup.exe
FirewallRules: [{0B60084A-405D-4E17-8201-D10FD367488C}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft3104.tmp\fsetup.exe
FirewallRules: [{4171D0CD-5B53-42BD-966D-38BA8EA6C2FF}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft3104.tmp\fsetup.exe
FirewallRules: [{B40FBBC5-C30D-4B25-B008-5D3BBD156E5E}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft1C1E.tmp\fsetup.exe
FirewallRules: [{56AD19CA-1130-47AC-8A98-2E03EB19CF1B}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft1C1E.tmp\fsetup.exe
FirewallRules: [{9119E7BC-6916-418F-921F-A4A29488C867}] => (Allow) LPort=25
FirewallRules: [{74A32C57-CECD-4D38-95F6-9700D8741FD6}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{41AD5CEA-0330-4C0D-8C39-94E9F519DF9A}] => (Allow) C:\Windows\system32\hasplms.exe
FirewallRules: [{FCDA337B-D96F-4483-823D-174482B1A7AF}] => (Allow) C:\Program Files\Digitizer\Digitizer EXjr\BIN\DESLOADR.EXE
FirewallRules: [{98E216A3-88B5-428D-B516-F60196EFF672}] => (Allow) C:\Program Files\Digitizer\Digitizer EXjr\BIN\DESLOADR.EXE
FirewallRules: [{F1B44C56-DE7D-490B-BF22-A51561577B49}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{70659370-191D-4AF6-AD26-9DA0AC4D84CC}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{EE8050AB-3231-4E23-BB32-1DC7D0E2146E}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{50E7829A-9B60-4BDC-80D1-26324E3DBA7C}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{05E69F1C-A66B-4188-8A36-33A075D1DBA1}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7B202B69-DAA3-4C52-AD87-741BA09F566D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AA16E07B-4F2D-4EAC-957B-85F5E0399688}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{51415032-00C6-4102-8FD3-F0C8366DF70D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{69BBEB1E-A6A7-46AD-B66A-5FAFECA938F2}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{BF5C8AE3-4EDA-447C-99AA-11D433F6E9C1}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{0B6B1119-BC16-4ED9-868A-18AE6A4AF708}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{F5B40490-A4DB-40FF-8A61-B37825645D79}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{27F19ED2-BAC0-4366-8839-6CCD0A3C54CF}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{B89631F1-C5CB-4589-8621-4CC12D2CFDF8}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetupLauncher.exe
FirewallRules: [{D1881204-F013-46EB-AD5B-492A29715C15}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetupLauncher.exe
FirewallRules: [{5A4DEA6D-FBFC-4BEB-A6B0-6F585C09ED10}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPScan.exe
FirewallRules: [{E7C5FF97-EEFD-4D7E-9715-99E805DFFBD8}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPScan.exe
FirewallRules: [{543080DA-7301-443D-B1C9-4A24CF6BCF5F}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\DeviceSetup.exe
FirewallRules: [{036E84F9-CF96-4AC5-9CE3-E06D86E97234}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{878F095A-A741-4831-9D88-D2446613969D}] => (Allow) C:\Program Files\HP\HP Officejet 6600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{454A489B-C4D8-4B15-AF3A-F0E7E4EDC521}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\DigitalWizards.exe
FirewallRules: [{EF456839-C9D4-43A0-8400-0733787DD491}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\FaxApplications.exe
FirewallRules: [{2471A7B1-B26B-490A-917D-94676A8D509C}] => (Allow) C:\Program Files\HP\HP Officejet 6600\bin\SendAFax.exe
FirewallRules: [{128793B8-1D11-4AA5-8CB5-1228978FDB1C}] => (Allow) C:\Program Files\HP\HP Software Update\hpwucli.exe
FirewallRules: [{3AC90389-62B4-42CB-8946-151EE2E933F7}] => (Allow) C:\Program Files\HP\HP Software Update\hpwucli.exe
FirewallRules: [{C92E490B-596E-445E-A1F2-53D3C2F802BE}] => (Allow) C:\Program Files\StarMoney 9.0\app\smkonv.exe
FirewallRules: [{6FE0DB55-84C3-4537-BA79-01C27924AF87}] => (Allow) C:\Program Files\StarMoney 9.0\app\smkonv.exe
FirewallRules: [{DB52F350-15C2-4A6C-A01C-8AAE53D57889}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{32AC3312-85EF-4FD1-B3BB-82791631187A}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8FFAFAA5-6D65-4A47-8059-1AC1E4BA4576}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{41E5C4FD-467E-4D27-B4DE-30538DEDD82D}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{B7A7590E-770B-4341-BA3A-09D62DB4B703}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{160EBEF2-27DA-4147-9ED7-8C35B9B42B9E}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{3F9E96EA-BCDA-4C77-A098-B90AFFA58019}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1ACE8E17-97D3-44CE-93E3-5CC823F727FA}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8088EECC-83DD-4038-928C-540BC07EB457}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{1F8DDA90-9C63-4C11-8725-24F38295700C}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{376EDBA6-46D5-42A3-93BB-C238C86AD3A7}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{7E7F40DF-F799-4620-9DB2-C3FBD6E17B14}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{689CD766-9640-4E68-8FCE-41FA8A78D6FC}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BEA44B9A-96F7-402E-A51A-F755FB0FA4B9}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{EAD8B25C-8C9B-4FB1-92B3-48CAABD2FE9A}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A7C9BE41-F44F-43B8-8A66-D3379D116D3C}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{88D6F2FB-678D-4B40-B3E2-2BFBF529E4BA}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{6A86F6C8-BE83-42A0-A2F2-8DA56FF8D9EF}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{8188461A-D114-48EC-83AF-5ABEA20B1B13}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5F0B94A4-D994-4CFC-8F6D-DCE02E5130A4}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{2A60E0B6-2B7A-4A58-AAED-A01A0E793FC0}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{ED9D529C-7EAA-4AB2-B02A-175D5599DA96}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CB4FC13B-6E7A-4E50-BEDD-11C244B20489}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{AC9DA22B-63F7-49B5-951F-3736BD3B2D91}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{0E4288AC-5486-4003-BA7A-200E49634017}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{125B99EE-B94A-4582-9F04-81453411D1DD}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{A6C5DF3F-7F4B-46A3-9B31-3BE7B8C61AF8}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{BC424627-E3EA-41F3-B8C0-8D0155770301}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5246EE49-9AD3-46FA-84C1-442F4BF14AE4}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{52DB1A19-3444-40D0-8AA2-395282DAA3A7}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{417E7BCA-2E25-48BB-BA8F-C811A0EECCCF}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{18E3AFE7-A3A6-4795-BF94-056ABF784AE0}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{5F500E02-94CB-4366-AA01-D1209EDE35D0}] => (Allow) C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4251D29B-D29F-4282-81B8-790EDF490FE0}] => (Allow) C:\Program Files\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{15DFBCB9-BA07-4DF0-AD94-5E0D8D0E5641}] => (Allow) C:\Program Files\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{6386C86D-8C32-4D71-ADE6-D70AF56CE9F9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B45D76DB-2FEF-4132-BE4C-D1A32C6C65EB}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\7zS3AE5\HPDiagnosticCoreUI.exe
FirewallRules: [{936480B7-E5B5-4D3A-826A-8E23BA347055}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\7zS3AE5\HPDiagnosticCoreUI.exe
FirewallRules: [{8DDE520F-E631-43B4-BA1B-994B3EE1D6C3}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft7DDA.tmp\fsetup.exe
FirewallRules: [{532E4317-C70F-468D-AADD-BF20E47A4BB1}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft7DDA.tmp\fsetup.exe
FirewallRules: [{76FC6514-F5E2-4C58-8F0C-3D201070B212}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft5B0E.tmp\fsetup.exe
FirewallRules: [{1DF9626E-9337-4150-AF4D-B16D1B79D684}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft5B0E.tmp\fsetup.exe
FirewallRules: [{3E2B74ED-D272-4E31-9ECB-A4A4EAEEC051}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft9763.tmp\fsetup.exe
FirewallRules: [{3C48C81F-F65A-43F8-B86A-F78EF569D62D}] => (Allow) C:\Users\sandraundjörg\AppData\Local\Temp\pft9763.tmp\fsetup.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard-VGA-Grafikkarte
Description: Standard-VGA-Grafikkarte
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardgrafikkartentypen)
Service: vga
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/22/2015 09:02:44 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (05/22/2015 09:02:15 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (05/22/2015 09:01:40 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
   bei System.Linq.Enumerable.First[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>)
   bei Avira.OE.BrowserExtensionConnector.FirefoxProductInfo.ExtensionIsInstalled(System.String)
   bei System.Linq.Enumerable.Any[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Collections.Generic.IEnumerable`1<System.__Canon>, System.Func`2<System.__Canon,Boolean>)
   bei Avira.OE.BrowserExtensionConnector.FirefoxProductInfo.ExtensionIsInstalled(System.Collections.Generic.List`1<System.String>)
   bei Avira.OE.BrowserExtensionConnector.SafeSearchProductInfo.IsInstalled(Avira.OE.WinCore.Browser)
   bei Avira.OE.WinCore.BrowserInfo.GetBrowsersData(System.Func`2<Avira.OE.WinCore.Browser,Boolean>)
   bei Avira.OE.BrowserExtensionConnector.AviraSafeSearchStatusConnector.GetBrowserInfo()
   bei Avira.OE.ServiceHost.ComputerAndServicesInfo.SetPayloadForSafeSearch(Avira.OE.WinCore.Interface.DevCheckUpdatePayload)
   bei Avira.OE.ServiceHost.ComputerAndServicesInfo.CreateMessagePayload()
   bei Avira.OE.ServiceHost.UpdateAvailabilityChecker.CheckForUpdate()
   bei Avira.OE.ServiceHost.UpdateAvailabilityChecker.OnRecurrentUpdateCheck(System.Object)
   bei System.Threading.TimerQueueTimer.CallCallbackInContext(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.TimerQueueTimer.CallCallback()
   bei System.Threading.TimerQueueTimer.Fire()
   bei System.Threading.TimerQueue.FireNextTimers()
   bei System.Threading.TimerQueue.AppDomainTimerCallback()

Error: (05/22/2015 08:56:53 AM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Fehler beim Verarbeiten von Sitzungsänderung. System.InvalidOperationException: Die Sequenz enthält keine Elemente.
   bei System.Linq.Enumerable.First[TSource](IEnumerable`1 source)
   bei Avira.OE.BrowserExtensionConnector.FirefoxProductInfo.ExtensionIsInstalled(String extensionId)
   bei System.Linq.Enumerable.Any[TSource](IEnumerable`1 source, Func`2 predicate)
   bei Avira.OE.BrowserExtensionConnector.FirefoxProductInfo.ExtensionIsInstalled(List`1 extensionIds)
   bei Avira.OE.BrowserExtensionConnector.ExtensionStatusMonitor.StartWatching(TimeSpan timeSpan)
   bei Avira.OE.BrowserExtensionConnector.AviraBrowserSafetyStatusConnector.OnSessionChange(Int32 sessionId, SessionChangeReason reason)
   bei Avira.OE.ServiceHost.ServiceHost.OnSessionChange(SessionChangeDescription changeDescription)
   bei System.ServiceProcess.ServiceBase.DeferredSessionChange(Int32 eventType, Int32 sessionId)

Error: (05/22/2015 08:55:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/22/2015 08:25:07 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (05/22/2015 08:25:05 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (05/22/2015 07:51:31 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (05/22/2015 07:51:02 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (05/22/2015 07:50:16 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Avira.OE.ServiceHost.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException
Stapel:
   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)
   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()
   bei System.ComponentModel.Composition.Primitives.Export.get_Value()
   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)
   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValuesCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String)
   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()


System errors:
=============
Error: (05/22/2015 03:12:43 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.

Error: (05/22/2015 03:02:42 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.

Error: (05/22/2015 02:42:41 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.

Error: (05/22/2015 02:32:40 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.

Error: (05/22/2015 02:14:16 PM) (Source: SCardSvr) (EventID: 610) (User: )
Description: Kein Medium im Laufwerk.REINER SCT cyberJack pinpad/e-com USB 52POWER

Error: (05/22/2015 02:12:39 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.

Error: (05/22/2015 02:02:38 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.

Error: (05/22/2015 01:52:37 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.

Error: (05/22/2015 01:42:36 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.

Error: (05/22/2015 01:32:35 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.


Microsoft Office:
=========================

CodeIntegrity Errors:
===================================
  Date: 2015-05-22 15:17:29.394
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-22 15:17:29.058
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-22 15:17:28.754
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-22 15:17:28.434
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-22 15:17:27.979
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-22 15:17:27.670
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-22 15:17:27.375
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-22 15:17:27.081
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-22 15:16:53.398
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-22 15:16:53.103
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz
Percentage of memory in use: 63%
Total physical RAM: 3070.32 MB
Available physical RAM: 1125.53 MB
Total Pagefile: 6352.59 MB
Available Pagefile: 3712.76 MB
Total Virtual: 2047.88 MB
Available Virtual: 1918.54 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:293.33 GB) (Free:180.63 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (53_01_59) (Fixed) (Total:186.27 GB) (Free:63.15 GB) NTFS
Drive e: (DATA) (Fixed) (Total:293.08 GB) (Free:292.89 GB) NTFS
Drive h: (Iomega HDD) (Fixed) (Total:931.51 GB) (Free:927.68 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 4CD01D16)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=293.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=293.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 186.3 GB) (Disk ID: 29A5351E)
Partition 1: (Active) - (Size=186.3 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: 728699B6)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of log ============================
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-05-2015
Ran by sandraundjörg (administrator) on ARBEITSZIMMER on 22-05-2015 15:16:35
Running from C:\Users\sandraundjörg\Desktop
Loaded Profiles: sandraundjörg (Available profiles: sandraundjörg)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(CyberLink) C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
() C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanNetService.exe
(Threat Expert Ltd.) C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
(REINER SCT) C:\Windows\System32\cjpcsc.exe
(devolo AG) C:\Program Files\devolo\dlan\devolonetsvc.exe
(Egis Incorporated) C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(Acer Inc.) C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
() C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Acer\Empowering Technology\SysMonitor.exe
(Egis Incorporated) C:\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
(NVIDIA Corporation) C:\Windows\System32\nvraidservice.exe
(Threat Expert Ltd.) C:\Program Files\PC Tools Security\BDT\FGuard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(AVM Berlin) C:\Program Files\avmwlanstick\WLanGUI.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Acer Inc.) C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe
(Acer Inc.) C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
() C:\ProgramData\HP Photo Creations\Communicator.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4702208 2007-10-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [Acer Empowering Technology Monitor] => C:\Acer\Empowering Technology\SysMonitor.exe [326176 2008-01-09] ()
HKLM-x32\...\Run: [eDataSecurity Loader] => C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe [526896 2008-03-05] (Egis Incorporated)
HKLM-x32\...\Run: [PCMMediaSharing] => C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [204908 2008-01-25] ()
HKLM\...\Run: [eRecoveryService] => [X]
HKLM-x32\...\Run: [NVRaidService] => C:\Windows\system32\nvraidservice.exe [196128 2007-12-07] (NVIDIA Corporation)
HKLM-x32\...\Run: [PCTools FGuard] => C:\Program Files\PC Tools Security\BDT\FGuard.exe [108496 2010-09-24] (Threat Expert Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM\...\Run: [NvSvc] => RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft anti-malware\a2guard.exe [4923832 2015-05-10] (Emsisoft Ltd)
HKU\S-1-5-21-3250271813-2252980563-3190364089-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3250271813-2252980563-3190364089-1000\...\Run: [HP Officejet 6600 (NET)] => C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3250271813-2252980563-3190364089-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3250271813-2252980563-3190364089-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3250271813-2252980563-3190364089-1000\...\MountPoints2: {e7e258a7-fc14-11e2-99e7-0021853f0d32} - G:\pushinst.exe
HKU\S-1-5-21-3250271813-2252980563-3190364089-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\ACER(N~1.SCR [187392 2006-10-19] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk [2008-03-21]
ShortcutTarget: Empowering Technology Launcher.lnk -> C:\Acer\Empowering Technology\eAPLauncher.exe (Acer Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [2008-03-05] (Egis Incorporated)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://de.intl.acer.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3250271813-2252980563-3190364089-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3250271813-2252980563-3190364089-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://www.google.de/
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = 
SearchScopes: HKU\S-1-5-21-3250271813-2252980563-3190364089-1000 -> DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = 
SearchScopes: HKU\S-1-5-21-3250271813-2252980563-3190364089-1000 -> {4E8D9837-2267-4530-A8F9-8F909380D5EE} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=E59F4DBE-F29B-4B73-BE49-1F434BD05A0C&apn_sauid=4BA2864D-EEB2-44B8-BECA-DC569B61440B
SearchScopes: HKU\S-1-5-21-3250271813-2252980563-3190364089-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-acer
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO: PC Tools Browser Guard BHO -> {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} -> C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll [2010-09-24] (Threat Expert Ltd.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation)
BHO: ShowBarObj Class -> {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} -> C:\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll [2008-03-05] (Egis)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
BHO: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files\Ask.com\GenericAskToolbar.dll [2013-02-08] (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation)
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-03-05] (Egis Incorporated.)
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} -  No File
Toolbar: HKLM - PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll [2010-09-24] (Threat Expert Ltd.)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll [2013-02-08] (Ask)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKU\S-1-5-21-3250271813-2252980563-3190364089-1000 -> PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\PC Tools Security\BDT\PCTBrowserDefender.dll [2010-09-24] (Threat Expert Ltd.)
Toolbar: HKU\S-1-5-21-3250271813-2252980563-3190364089-1000 -> Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll [2013-02-08] (Ask)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2001-06-20] (Microsoft Corporation)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2013-01-08] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2013-01-08] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2013-01-08] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2013-01-08] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2013-01-08] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2013-01-08] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2013-01-08] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2013-01-08] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 21 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984 2013-01-08] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\sandraundjörg\AppData\Roaming\Mozilla\Firefox\Profiles\i8pj58n3.default-1404755239976
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\sandraundjörg\AppData\Roaming\Mozilla\Firefox\Profiles\i8pj58n3.default-1404755239976\Extensions\abs@avira.com [2015-04-28]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-10-19]
FF HKLM\...\Firefox\Extensions: [{cb84136f-9c44-433a-9048-c5cd9df1dc16}] - C:\Program Files\PC Tools Security\BDT\FireFox
FF Extension: Browser Defender Toolbar - C:\Program Files\PC Tools Security\BDT\FireFox [2010-11-13]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [5164328 2015-05-10] (Emsisoft Ltd)
R2 Acer HomeMedia Connect Service; C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [269448 2008-01-25] (CyberLink) [File not signed]
R2 AcerMemUsageCheckService; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [28672 2007-10-17] () [File not signed]
S2 AntiVirMailService; C:\Program Files\Avira\AntiVir Desktop\avmailc.exe [825856 2015-05-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [434424 2015-05-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-20] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1186040 2015-05-20] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-14] (Avira Operations GmbH & Co. KG)
R2 AVM WLAN Connection Service; C:\Program Files\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R2 Browser Defender Update Service; C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe [235472 2010-09-24] (Threat Expert Ltd.)
R2 cjpcsc; C:\Windows\system32\cjpcsc.exe [498096 2010-05-02] (REINER SCT)
R2 DevoloNetworkService; C:\Program Files\devolo\dlan\devolonetsvc.exe [3304768 2010-12-23] (devolo AG)
R2 eDataSecurity Service; C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [500784 2008-03-05] (Egis Incorporated)
R2 eRecoveryService; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [57344 2007-09-10] (Acer Inc.) [File not signed]
R2 eSettingsService; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [24576 2007-12-19] () [File not signed]
R2 hasplms; C:\Windows\system32\hasplms.exe [4609928 2013-08-09] (SafeNet Inc.)
R2 LightScribeService; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [262247 2006-07-19] () [File not signed]
S3 sdAuxService; C:\Program Files\PC Tools Security\pctsAuxs.exe [366840 2010-03-15] (PC Tools)
S3 sdCoreService; C:\Program Files\PC Tools Security\pctsSvc.exe [1145304 2010-09-29] (PC Tools)
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aksfridge; C:\Windows\System32\DRIVERS\aksfridge.sys [376200 2013-08-01] (SafeNet Inc.)
S3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [244040 2013-08-09] (SafeNet Inc.)
S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [53192 2013-08-09] (SafeNet Inc.)
S3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [296200 2013-08-09] (SafeNet Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107400 2015-05-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2015-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-20] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2010-10-01] (AVM Berlin) [File not signed]
R1 bizVSerial; C:\Windows\System32\drivers\bizVSerialNT.sys [14949 2007-05-31] (franson.biz) [File not signed]
R3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [28208 2010-02-08] (REINER SCT)
R1 epp32; C:\Windows\System32\DRIVERS\epp32.sys [111368 2015-03-24] (Emsisoft GmbH)
R3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [926080 2010-10-01] (AVM GmbH)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [608648 2013-08-01] (SafeNet Inc.)
R2 int15; C:\Acer\Empowering Technology\eRecovery\int15.sys [15392 2007-07-03] (Acer, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-05-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R2 NPF_devolo; C:\Windows\system32\drivers\npf_devolo.sys [35840 2010-06-10] (CACE Technologies) [File not signed]
R3 NTIDrvr; C:\Windows\System32\DRIVERS\NTIDrvr.sys [6144 2008-03-21] (NewTech Infosystems, Inc.) [File not signed]
R0 PCTCore; C:\Windows\System32\drivers\PCTCore.sys [237632 2010-08-18] (PC Tools)
R0 pctDS; C:\Windows\System32\drivers\pctDS.sys [338880 2010-07-16] (PC Tools)
R0 pctEFA; C:\Windows\System32\drivers\pctEFA.sys [656320 2010-07-16] (PC Tools)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2012-08-27] (Avira GmbH)
R2 tvicport; C:\Windows\system32\drivers\tvicport.sys [14544 2007-11-06] (EnTech Taiwan) [File not signed]
R2 zntport; C:\Windows\system32\drivers\zntport.sys [6080 2007-11-06] (Zeal SoftStudio) [File not signed]
S1 cqnkcwly; \??\C:\Windows\system32\drivers\cqnkcwly.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-22 15:16 - 2015-05-22 15:17 - 00021292 _____ () C:\Users\sandraundjörg\Desktop\FRST.txt
2015-05-22 15:16 - 2015-05-22 15:16 - 00000000 ____D () C:\FRST
2015-05-22 15:13 - 2015-05-22 15:13 - 01147392 _____ (Farbar) C:\Users\sandraundjörg\Desktop\FRST.exe
2015-05-22 09:30 - 2015-05-22 09:30 - 00000000 ____D () C:\Program Files\ESET
2015-05-22 09:26 - 2015-05-22 09:27 - 02347384 _____ (ESET) C:\Users\sandraundjörg\Desktop\esetsmartinstaller_deu.exe
2015-05-22 08:42 - 2015-04-30 18:03 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-22 08:28 - 2015-04-19 23:24 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-05-22 08:28 - 2015-04-19 23:24 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-05-22 08:28 - 2015-04-19 23:24 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-05-22 08:28 - 2015-04-19 23:24 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-05-22 08:28 - 2015-04-19 22:19 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-05-22 08:28 - 2015-04-19 22:18 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-05-22 08:28 - 2015-04-19 22:13 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-05-22 08:28 - 2015-04-19 22:12 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-22 08:28 - 2015-04-19 22:12 - 00801792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-22 08:28 - 2015-04-19 06:59 - 02065408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-22 08:26 - 2015-04-30 15:14 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-22 08:02 - 2015-04-11 01:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-21 14:09 - 2015-05-21 14:09 - 00000000 ____D () C:\ProgramData\Emsisoft
2015-05-21 14:00 - 2015-05-21 14:00 - 00000892 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2015-05-21 14:00 - 2015-05-21 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2015-05-21 13:59 - 2015-05-22 15:16 - 00000000 ____D () C:\Program Files\Emsisoft Anti-Malware
2015-05-21 13:59 - 2015-03-24 00:17 - 00111368 _____ (Emsisoft GmbH) C:\Windows\system32\Drivers\epp32.sys
2015-05-21 13:55 - 2015-05-21 13:59 - 161545808 _____ (Emsisoft Ltd. ) C:\Users\sandraundjörg\Downloads\EmsisoftAntiMalwareSetup.exe
2015-05-21 13:12 - 2015-05-22 14:21 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-21 13:12 - 2015-05-21 13:12 - 00000903 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-21 13:12 - 2015-05-21 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-05-21 13:12 - 2015-05-21 13:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-21 13:12 - 2015-05-21 13:12 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2015-05-21 13:12 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-21 13:12 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-21 13:12 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-21 13:10 - 2015-05-21 13:10 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\sandraundjörg\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-21 13:03 - 2015-05-21 13:03 - 00000862 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-21 13:03 - 2015-05-21 13:03 - 00000850 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-21 13:03 - 2015-05-21 13:03 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-05-21 10:46 - 2015-04-10 16:06 - 01214976 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-21 10:46 - 2015-04-10 16:06 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-21 10:46 - 2015-04-10 16:06 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-21 10:46 - 2015-04-10 16:06 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-05-21 10:46 - 2015-04-10 16:05 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-05-21 10:46 - 2015-04-10 16:04 - 06007808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-21 10:46 - 2015-04-10 16:04 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2015-05-21 10:46 - 2015-04-10 16:04 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-21 10:46 - 2015-04-10 16:04 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-21 10:46 - 2015-04-10 16:04 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-05-21 10:46 - 2015-04-10 16:03 - 11084800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-21 10:46 - 2015-04-10 16:03 - 02006016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-21 10:46 - 2015-04-10 16:03 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-21 10:46 - 2015-04-10 16:03 - 00727552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-21 10:46 - 2015-04-10 16:03 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-21 10:46 - 2015-04-10 16:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-21 10:46 - 2015-04-10 16:03 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-21 10:46 - 2015-04-10 16:03 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-05-21 10:46 - 2015-04-10 16:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-21 10:46 - 2015-04-10 16:03 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-21 10:46 - 2015-04-10 16:03 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-05-21 10:46 - 2015-04-10 16:03 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-21 10:46 - 2015-04-10 16:02 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-21 10:46 - 2015-04-10 16:02 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-21 10:46 - 2015-04-10 16:02 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2015-05-21 10:46 - 2015-04-10 08:45 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-21 10:46 - 2015-04-10 07:01 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-21 10:46 - 2015-04-10 07:01 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-21 10:46 - 2015-04-10 06:59 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-05-21 10:46 - 2015-04-10 06:58 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-19 09:47 - 2015-05-19 09:47 - 00000000 ____D () C:\Program Files\Mozilla Firefox(274)
2015-05-07 12:02 - 2015-05-07 12:02 - 00010752 _____ () C:\Users\sandraundjörg\Desktop\Betreungsgericht wg. Baksch Frenzel.wps
2015-05-07 10:50 - 2015-05-07 10:50 - 00576216 _____ () C:\Users\sandraundjörg\Desktop\Antje Spacek - Zeugnisse und Urkunden (1).zip
2015-04-28 12:57 - 2015-04-28 12:58 - 00000000 ____D () C:\Users\sandraundjörg\Desktop\SHOP
2015-04-25 09:22 - 2015-05-21 13:03 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-22 10:40 - 2015-04-22 10:40 - 00160906 _____ () C:\Users\sandraundjörg\Downloads\Anhänge_20150422(1).zip
2015-04-22 10:29 - 2015-04-22 10:29 - 00271801 _____ () C:\Users\sandraundjörg\Downloads\Anhänge_20150422.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-22 15:12 - 2013-04-19 08:33 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-22 15:11 - 2014-04-28 06:16 - 00000680 _____ () C:\Users\sandraundjörg\AppData\Local\d3d9caps.dat
2015-05-22 15:11 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-22 15:11 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-22 15:08 - 2013-11-20 13:43 - 00000340 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2015-05-22 14:44 - 2010-10-17 14:17 - 01329722 _____ () C:\Windows\WindowsUpdate.log
2015-05-22 14:13 - 2013-12-05 18:50 - 00000000 ____D () C:\Program Files\StarMoney 9.0
2015-05-22 14:10 - 2010-10-17 19:18 - 00000000 ___RD () C:\Users\sandraundjörg\Desktop\LOGOPÄDIE
2015-05-22 13:06 - 2012-01-22 13:47 - 00000402 _____ () C:\Windows\Tasks\Final Media Player Update Checker.job
2015-05-22 09:50 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-05-22 09:01 - 2008-01-21 09:16 - 01566088 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-22 08:57 - 2015-03-01 08:21 - 00000486 _____ () C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2015-05-22 08:56 - 2014-01-13 21:38 - 00000438 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2015-05-22 08:55 - 2010-11-13 11:53 - 00000000 ____D () C:\ProgramData\TEMP
2015-05-22 08:55 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-22 08:54 - 2006-11-02 14:47 - 00370056 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-22 08:48 - 2008-01-21 04:47 - 10368964 _____ () C:\Windows\PFRO.log
2015-05-22 08:47 - 2006-11-02 15:01 - 00032558 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-22 08:47 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\system32\XPSViewer
2015-05-22 08:47 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-22 08:45 - 2008-03-21 15:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-22 08:43 - 2010-11-13 12:02 - 02836924 _____ () C:\Windows\system32\Drivers\Cat.DB
2015-05-22 08:25 - 2013-08-16 08:22 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-22 08:15 - 2006-11-02 12:24 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-05-21 18:00 - 2014-01-14 19:51 - 00000460 _____ () C:\Windows\Tasks\ParetoLogic Registration3.job
2015-05-20 15:51 - 2011-04-06 10:09 - 00000000 ____D () C:\Users\sandraundjörg\Desktop\Jörg
2015-05-20 14:48 - 2013-01-08 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-20 14:44 - 2013-01-08 17:57 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-05-20 14:44 - 2013-01-08 17:57 - 00107400 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-05-20 14:44 - 2013-01-08 17:57 - 00037896 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-05-20 14:39 - 2012-11-02 10:28 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-05-20 14:25 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\Msdtc
2015-05-20 14:24 - 2006-11-02 12:22 - 57147392 _____ () C:\Windows\system32\config\software_previous
2015-05-20 14:24 - 2006-11-02 12:22 - 41680896 _____ () C:\Windows\system32\config\components_previous
2015-05-20 14:24 - 2006-11-02 12:22 - 179830784 _____ () C:\Windows\system32\config\system_previous
2015-05-20 14:24 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2015-05-20 14:24 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous
2015-05-20 14:24 - 2006-11-02 12:22 - 00262144 _____ () C:\Windows\system32\config\default_previous
2015-05-20 14:23 - 2010-10-17 15:20 - 00000000 ____D () C:\Users\sandraundjörg
2015-05-20 14:23 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\ShellNew
2015-05-20 14:23 - 2006-11-02 13:18 - 00000000 __RSD () C:\Windows\Media
2015-05-20 14:23 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\spool
2015-05-20 14:22 - 2012-01-19 20:46 - 00000000 ____D () C:\Users\sandraundjörg\AppData\Roaming\FinalMediaPlayer
2015-05-20 14:22 - 2008-03-21 15:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-05-20 14:22 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\registration
2015-05-19 16:43 - 2006-11-02 14:52 - 00139752 _____ () C:\Windows\setupact.log
2015-05-18 12:56 - 2010-10-27 11:55 - 00035428 _____ () C:\Users\sandraundjörg\AppData\Roaming\wklnhst.dat
2015-05-11 14:32 - 2012-01-22 13:01 - 00000000 ____D () C:\Users\sandraundjörg\Documents\My Digital Editions
2015-05-04 08:02 - 2014-09-27 10:02 - 00000000 ___RD () C:\Users\sandraundjörg\Desktop\wolllottes landhof
2015-04-30 09:42 - 2013-11-26 10:56 - 00000000 ____D () C:\Users\sandraundjörg\Desktop\ebay STRICK
2015-04-29 08:32 - 2014-01-14 19:50 - 00000392 _____ () C:\Windows\Tasks\PC Health Advisor Defrag.job
2015-04-28 12:54 - 2014-01-08 14:06 - 00000000 ___RD () C:\Users\sandraundjörg\Desktop\Wolllotte
2015-04-27 07:41 - 2014-01-14 19:50 - 00000374 _____ () C:\Windows\Tasks\PC Health Advisor.job
2015-04-26 10:59 - 2014-01-14 19:50 - 00000434 _____ () C:\Windows\Tasks\ParetoLogic Update Version3.job

==================== Files in the root of some directories =======

2014-05-17 10:47 - 2014-05-17 12:33 - 0000318 _____ () C:\Users\sandraundjörg\AppData\Roaming\aps.uninstall.scan.results
2010-10-27 11:55 - 2015-05-18 12:56 - 0035428 _____ () C:\Users\sandraundjörg\AppData\Roaming\wklnhst.dat
2011-12-16 22:36 - 2011-12-16 22:36 - 0000552 _____ () C:\Users\sandraundjörg\AppData\Local\d3d8caps.dat
2014-04-28 06:16 - 2015-05-22 15:11 - 0000680 _____ () C:\Users\sandraundjörg\AppData\Local\d3d9caps.dat
2010-11-28 18:08 - 2013-07-09 17:29 - 0015360 _____ () C:\Users\sandraundjörg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-08 13:02 - 2013-09-08 13:02 - 0000057 _____ () C:\ProgramData\Ament.ini

Some files in TEMP:
====================
C:\Users\sandraundjörg\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-22 09:00

==================== End of log ============================
__________________
Alt 22.05.2015, 15:01   #4
Koeppi1969
 
DHL Virus oder Trojaner warscheinlich eingefangen - Standard

DHL Virus oder Trojaner warscheinlich eingefangen


Code:
ATTFilter
15:58:01.0396 0x1d50  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
15:58:06.0742 0x1d50  ============================================================
15:58:06.0742 0x1d50  Current date / time: 2015/05/22 15:58:06.0742
15:58:06.0742 0x1d50  SystemInfo:
15:58:06.0742 0x1d50  
15:58:06.0742 0x1d50  OS Version: 6.0.6002 ServicePack: 2.0
15:58:06.0742 0x1d50  Product type: Workstation
15:58:06.0742 0x1d50  ComputerName: ARBEITSZIMMER
15:58:06.0743 0x1d50  UserName: sandraundjörg
15:58:06.0743 0x1d50  Windows directory: C:\Windows
15:58:06.0743 0x1d50  System windows directory: C:\Windows
15:58:06.0743 0x1d50  Processor architecture: Intel x86
15:58:06.0743 0x1d50  Number of processors: 4
15:58:06.0743 0x1d50  Page size: 0x1000
15:58:06.0743 0x1d50  Boot type: Normal boot
15:58:06.0743 0x1d50  ============================================================
15:58:07.0311 0x1d50  KLMD registered as C:\Windows\system32\drivers\27512443.sys
15:58:07.0612 0x1d50  System UUID: {95E80644-04DF-47AF-49B3-6A5DDD74BAD1}
15:58:08.0631 0x1d50  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:58:08.0644 0x1d50  Drive \Device\Harddisk1\DR1 - Size: 0x2E93E36000 ( 186.31 Gb ), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:58:08.0653 0x1d50  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:58:08.0738 0x1d50  ============================================================
15:58:08.0738 0x1d50  \Device\Harddisk0\DR0:
15:58:08.0738 0x1d50  MBR partitions:
15:58:08.0738 0x1d50  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1385000, BlocksNum 0x24AAB000
15:58:08.0738 0x1d50  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x25E30000, BlocksNum 0x24A27800
15:58:08.0738 0x1d50  \Device\Harddisk1\DR1:
15:58:08.0739 0x1d50  MBR partitions:
15:58:08.0739 0x1d50  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1748A3FC
15:58:08.0739 0x1d50  \Device\Harddisk2\DR2:
15:58:08.0739 0x1d50  MBR partitions:
15:58:08.0739 0x1d50  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
15:58:08.0739 0x1d50  ============================================================
15:58:08.0763 0x1d50  C: <-> \Device\Harddisk0\DR0\Partition1
15:58:08.0796 0x1d50  D: <-> \Device\Harddisk1\DR1\Partition1
15:58:08.0819 0x1d50  E: <-> \Device\Harddisk0\DR0\Partition2
15:58:08.0842 0x1d50  H: <-> \Device\Harddisk2\DR2\Partition1
15:58:08.0844 0x1d50  ============================================================
15:58:08.0844 0x1d50  Initialize success
15:58:08.0844 0x1d50  ============================================================
15:58:17.0920 0x20e8  ============================================================
15:58:17.0920 0x20e8  Scan started
15:58:17.0920 0x20e8  Mode: Manual; SigCheck; TDLFS; 
15:58:17.0920 0x20e8  ============================================================
15:58:17.0920 0x20e8  KSN ping started
15:58:18.0283 0x20e8  KSN ping finished: true
15:58:18.0628 0x20e8  ================ Scan system memory ========================
15:58:18.0628 0x20e8  System memory - ok
15:58:18.0628 0x20e8  ================ Scan services =============================
15:58:18.0945 0x20e8  [ CFD73F07AAC72D23CD926A3F4FBE8863, BC9E01D65789FF6600DAA80643BFF903789029CAC261C5B2FBCCCD32B61AAC74 ] a2AntiMalware   C:\Program Files\Emsisoft Anti-Malware\a2service.exe
15:58:19.0434 0x20e8  a2AntiMalware - ok
15:58:19.0515 0x20e8  [ 517D30057C726C797764BFD70A55D82A, F1F48EF16DB9F7B5C6F8D0C595DE2E4ABD26FAF19372C1AA598F6988709D2170 ] Acer HomeMedia Connect Service C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
15:58:19.0567 0x20e8  Acer HomeMedia Connect Service - detected UnsignedFile.Multi.Generic ( 1 )
15:58:19.0822 0x20e8  Detect skipped due to KSN trusted
15:58:19.0822 0x20e8  Acer HomeMedia Connect Service - ok
15:58:19.0861 0x20e8  [ E91F2444DF54E725DDBBDDB7FBCE71F5, 28895DF44A4E7D959ACBBAA6AFC4B70515D87D40F5F74EB296BB2D5FFC5C2765 ] AcerMemUsageCheckService C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
15:58:19.0874 0x20e8  AcerMemUsageCheckService - detected UnsignedFile.Multi.Generic ( 1 )
15:58:20.0117 0x20e8  Detect skipped due to KSN trusted
15:58:20.0117 0x20e8  AcerMemUsageCheckService - ok
15:58:20.0221 0x20e8  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
15:58:20.0269 0x20e8  ACPI - ok
15:58:20.0324 0x20e8  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:58:20.0366 0x20e8  AdobeARMservice - ok
15:58:20.0414 0x20e8  [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:58:20.0457 0x20e8  AdobeFlashPlayerUpdateSvc - ok
15:58:20.0500 0x20e8  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:58:20.0551 0x20e8  adp94xx - ok
15:58:20.0581 0x20e8  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:58:20.0625 0x20e8  adpahci - ok
15:58:20.0640 0x20e8  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
15:58:20.0680 0x20e8  adpu160m - ok
15:58:20.0703 0x20e8  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:58:20.0744 0x20e8  adpu320 - ok
15:58:20.0764 0x20e8  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:58:20.0813 0x20e8  AeLookupSvc - ok
15:58:20.0848 0x20e8  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys
15:58:20.0893 0x20e8  AFD - ok
15:58:20.0922 0x20e8  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:58:20.0954 0x20e8  agp440 - ok
15:58:20.0977 0x20e8  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
15:58:21.0010 0x20e8  aic78xx - ok
15:58:21.0053 0x20e8  [ FA9B4921088981A0E44DEA8A605E58C8, 18DD501C056660F868A212E6F96DB0A4394602A2B608EB6830F580008031016A ] aksfridge       C:\Windows\system32\DRIVERS\aksfridge.sys
15:58:21.0093 0x20e8  aksfridge - ok
15:58:21.0120 0x20e8  [ 5EA155A2E7633C02E80CE855E06145A7, 3E3C89432F8D6FF6F0AAF9ECE8C2C3EC2B9E7159F21113A8A8C0235446A984DA ] akshasp         C:\Windows\system32\DRIVERS\akshasp.sys
15:58:21.0156 0x20e8  akshasp - ok
15:58:21.0173 0x20e8  [ DDCCFF5E81FDE1A869D71C48BB4D763F, E029ED7BDF1E329A8F5CA6AA6187911C6BECD13973F1C4692E2AAA427A131E2F ] akshhl          C:\Windows\system32\DRIVERS\akshhl.sys
15:58:21.0205 0x20e8  akshhl - ok
15:58:21.0243 0x20e8  [ 75DDDBC36E9845F290694BCA6D24AC90, DA96063E97963C5AF58CCA3C2C1B3FA42E0346F3276296B62A93B6A3A101889C ] aksusb          C:\Windows\system32\DRIVERS\aksusb.sys
15:58:21.0279 0x20e8  aksusb - ok
15:58:21.0292 0x20e8  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
15:58:21.0344 0x20e8  ALG - ok
15:58:21.0366 0x20e8  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
15:58:21.0398 0x20e8  aliide - ok
15:58:21.0423 0x20e8  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
15:58:21.0456 0x20e8  amdagp - ok
15:58:21.0472 0x20e8  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
15:58:21.0504 0x20e8  amdide - ok
15:58:21.0521 0x20e8  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
15:58:21.0570 0x20e8  AmdK7 - ok
15:58:21.0588 0x20e8  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:58:21.0638 0x20e8  AmdK8 - ok
15:58:21.0716 0x20e8  [ 4428DC966DD5D0659AA7CA913D1D7652, 267D0F64354A105A2A64AB41607E3EB22CF8B448D2EBEC62C31829F03736836D ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
15:58:21.0772 0x20e8  AntiVirMailService - ok
15:58:21.0811 0x20e8  [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
15:58:21.0854 0x20e8  AntiVirSchedulerService - ok
15:58:21.0899 0x20e8  [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
15:58:21.0939 0x20e8  AntiVirService - ok
15:58:22.0011 0x20e8  [ 266C0506DF8BA3990E12885E64EE4420, 60995CFE54B8594179BEAB06C4498CBF997B0C85147E5DD747CE238C89F6979D ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
15:58:22.0083 0x20e8  AntiVirWebService - ok
15:58:22.0123 0x20e8  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
15:58:22.0168 0x20e8  Appinfo - ok
15:58:22.0183 0x20e8  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
15:58:22.0224 0x20e8  arc - ok
15:58:22.0251 0x20e8  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:58:22.0289 0x20e8  arcsas - ok
15:58:22.0370 0x20e8  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:58:22.0406 0x20e8  aspnet_state - ok
15:58:22.0432 0x20e8  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:58:22.0481 0x20e8  AsyncMac - ok
15:58:22.0500 0x20e8  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
15:58:22.0532 0x20e8  atapi - ok
15:58:22.0575 0x20e8  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:58:22.0624 0x20e8  AudioEndpointBuilder - ok
15:58:22.0642 0x20e8  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:58:22.0695 0x20e8  Audiosrv - ok
15:58:22.0721 0x20e8  [ EC17E91BC9026C5ED580FB2B13E341AB, 2D9421AE05F3D4A8DBD69D73B4B562EA4F93FBD12AB2F77C52DA8B411626EBF1 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
15:58:22.0759 0x20e8  avgntflt - ok
15:58:22.0780 0x20e8  [ 7BAA36ED6C6098899D9E1269A61085C3, 2D101F1C6C79B0BD722BDB5939344F65728EC2F5B747B6619640775E6FDEFC0A ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
15:58:22.0817 0x20e8  avipbb - ok
15:58:22.0873 0x20e8  [ B127AC7651D0C088E4A239EED92F8AF8, 2958F81C06C46E147E8022F3B7E9C26F1D47C729ADD336D68DCCFEB363CB09FF ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
15:58:22.0904 0x20e8  Avira.OE.ServiceHost - ok
15:58:22.0931 0x20e8  [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
15:58:22.0962 0x20e8  avkmgr - ok
15:58:23.0019 0x20e8  [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files\avmwlanstick\WlanNetService.exe
15:58:23.0043 0x20e8  AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
15:58:23.0290 0x20e8  Detect skipped due to KSN trusted
15:58:23.0290 0x20e8  AVM WLAN Connection Service - ok
15:58:23.0328 0x20e8  [ 263CF9D248FD5E020A1333ED4F7EAA88, 04F944C2B284172A7917389A83C525FA9A3ACB026F370EB886B48759FE81A5E1 ] avmeject        C:\Windows\system32\drivers\avmeject.sys
15:58:23.0338 0x20e8  avmeject - detected UnsignedFile.Multi.Generic ( 1 )
15:58:23.0587 0x20e8  Detect skipped due to KSN trusted
15:58:23.0587 0x20e8  avmeject - ok
15:58:23.0649 0x20e8  [ 4BEFF67C1775D353A16A62347E727874, 62363C5E5F4BF049A3E49FADA8CB17269945056ACADB319FDC4F05B74E2553C8 ] BBSvc           C:\Program Files\Microsoft\BingBar\7.1.355.0\BBSvc.exe
15:58:23.0692 0x20e8  BBSvc - ok
15:58:23.0714 0x20e8  [ A6DAAD3EA93DBDBD07FA821BCED133F6, 8F33D4E4B82091D09E62FD5487C88F3DF0DAC31FCBB846183CC4020533A131DE ] BBUpdate        C:\Program Files\Microsoft\BingBar\7.1.355.0\SeaPort.exe
15:58:23.0757 0x20e8  BBUpdate - ok
15:58:23.0782 0x20e8  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:58:23.0836 0x20e8  Beep - ok
15:58:23.0886 0x20e8  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
15:58:23.0941 0x20e8  BFE - ok
15:58:24.0001 0x20e8  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
15:58:24.0081 0x20e8  BITS - ok
15:58:24.0113 0x20e8  [ 66F655B08EED3230E059D197C8A1969B, 04236F559DDFF72DDA29D71D2C554D7126A56A39367596E8C04EE7CCE205821C ] bizVSerial      C:\Windows\system32\drivers\bizVSerialNT.sys
15:58:24.0125 0x20e8  bizVSerial - detected UnsignedFile.Multi.Generic ( 1 )
15:58:24.0368 0x20e8  Detect skipped due to KSN trusted
15:58:24.0368 0x20e8  bizVSerial - ok
15:58:24.0381 0x20e8  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
15:58:24.0431 0x20e8  blbdrive - ok
15:58:24.0456 0x20e8  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:58:24.0496 0x20e8  bowser - ok
15:58:24.0516 0x20e8  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
15:58:24.0566 0x20e8  BrFiltLo - ok
15:58:24.0582 0x20e8  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
15:58:24.0629 0x20e8  BrFiltUp - ok
15:58:24.0663 0x20e8  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
15:58:24.0719 0x20e8  Browser - ok
15:58:24.0784 0x20e8  [ 7E104343A9F28CAE50EE2F388FEC049E, 7286B866B424FDF7F76128DC51C7B3AA5ACE799041043C150CF608850455DA8A ] Browser Defender Update Service C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
15:58:24.0821 0x20e8  Browser Defender Update Service - ok
15:58:24.0840 0x20e8  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
15:58:24.0912 0x20e8  Brserid - ok
15:58:24.0928 0x20e8  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
15:58:25.0001 0x20e8  BrSerWdm - ok
15:58:25.0017 0x20e8  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
15:58:25.0090 0x20e8  BrUsbMdm - ok
15:58:25.0102 0x20e8  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
15:58:25.0168 0x20e8  BrUsbSer - ok
15:58:25.0187 0x20e8  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:58:25.0253 0x20e8  BTHMODEM - ok
15:58:25.0288 0x20e8  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:58:25.0337 0x20e8  cdfs - ok
15:58:25.0360 0x20e8  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:58:25.0407 0x20e8  cdrom - ok
15:58:25.0433 0x20e8  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
15:58:25.0479 0x20e8  CertPropSvc - ok
15:58:25.0492 0x20e8  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:58:25.0548 0x20e8  circlass - ok
15:58:25.0588 0x20e8  [ EBF03DB02CDB10724498AA1660047138, DF03F91FDCD86F3D0AD5FCA440BBA990DFA49074DEF945B42B7292D38E9BF9F5 ] cjpcsc          C:\Windows\system32\cjpcsc.exe
15:58:25.0635 0x20e8  cjpcsc - ok
15:58:25.0667 0x20e8  [ 46241991510A23DC759291918178FFF9, 86286ECC38456173B4E738A58B1B2BB6EA800814E8E1C4EE8DF863B05D2FF322 ] cjusb           C:\Windows\system32\DRIVERS\cjusb.sys
15:58:25.0702 0x20e8  cjusb - ok
15:58:25.0739 0x20e8  [ 5D9311526801643000D7032A83B18B12, C5A98868A41446617B3A27C6C4AAFA4E7C093E253E8C1DD5DBFE6FAE21991209 ] CLFS            C:\Windows\system32\CLFS.sys
15:58:25.0795 0x20e8  CLFS - ok
15:58:25.0835 0x20e8  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:58:25.0874 0x20e8  clr_optimization_v2.0.50727_32 - ok
15:58:25.0906 0x20e8  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:58:25.0948 0x20e8  clr_optimization_v4.0.30319_32 - ok
15:58:25.0968 0x20e8  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:58:26.0005 0x20e8  cmdide - ok
15:58:26.0028 0x20e8  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:58:26.0064 0x20e8  Compbatt - ok
15:58:26.0071 0x20e8  COMSysApp - ok
15:58:26.0101 0x20e8  cqnkcwly - ok
15:58:26.0117 0x20e8  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:58:26.0153 0x20e8  crcdisk - ok
15:58:26.0168 0x20e8  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
15:58:26.0227 0x20e8  Crusoe - ok
15:58:26.0261 0x20e8  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:58:26.0307 0x20e8  CryptSvc - ok
15:58:26.0363 0x20e8  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:58:26.0429 0x20e8  DcomLaunch - ok
15:58:26.0583 0x20e8  [ D17845A5385BFCB838CDC532AF5E3E47, 2FC6E23267F8DF4B78FD8DE011184A26AD92DE8D0CCD4C2E4BF067F49A3989FB ] DevoloNetworkService C:\Program Files\devolo\dlan\devolonetsvc.exe
15:58:26.0751 0x20e8  DevoloNetworkService - ok
15:58:26.0787 0x20e8  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:58:26.0842 0x20e8  DfsC - ok
15:58:26.0932 0x20e8  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
15:58:27.0068 0x20e8  DFSR - ok
15:58:27.0116 0x20e8  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
15:58:27.0172 0x20e8  Dhcp - ok
15:58:27.0194 0x20e8  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
15:58:27.0235 0x20e8  disk - ok
15:58:27.0269 0x20e8  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:58:27.0314 0x20e8  Dnscache - ok
15:58:27.0350 0x20e8  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
15:58:27.0399 0x20e8  dot3svc - ok
15:58:27.0437 0x20e8  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
15:58:27.0491 0x20e8  DPS - ok
15:58:27.0518 0x20e8  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:58:27.0556 0x20e8  drmkaud - ok
15:58:27.0604 0x20e8  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:58:27.0667 0x20e8  DXGKrnl - ok
15:58:27.0694 0x20e8  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
15:58:27.0748 0x20e8  E1G60 - ok
15:58:27.0781 0x20e8  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
15:58:27.0828 0x20e8  EapHost - ok
15:58:27.0858 0x20e8  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
15:58:27.0894 0x20e8  Ecache - ok
15:58:27.0947 0x20e8  [ B7DC2580425225C320CEDA78DE55A3D0, 93D05D3743416442ED1378FE8A6F107F74B963781A61A36DF072E05228B2F030 ] eDataSecurity Service C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
15:58:27.0995 0x20e8  eDataSecurity Service - ok
15:58:28.0042 0x20e8  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:58:28.0087 0x20e8  ehRecvr - ok
15:58:28.0097 0x20e8  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
15:58:28.0138 0x20e8  ehSched - ok
15:58:28.0149 0x20e8  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
15:58:28.0186 0x20e8  ehstart - ok
15:58:28.0213 0x20e8  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:58:28.0255 0x20e8  elxstor - ok
15:58:28.0306 0x20e8  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
15:58:28.0365 0x20e8  EMDMgmt - ok
15:58:28.0391 0x20e8  [ 85319F7514100FCBA9A92ACA232BA2F9, 213B5DBF85C60F06681EA66BCC6CFF8A8A84302DC52A3D2DC0D41EEC667D9CC7 ] epp32           C:\Windows\system32\DRIVERS\epp32.sys
15:58:28.0425 0x20e8  epp32 - ok
15:58:28.0460 0x20e8  [ 59FCCAF915BA89DD98CADF08DA91AFEE, 1286481DF42EBBE13C0FC18ABA514393544CDA17420E71518EF87ADD82D224CB ] eRecoveryService C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
15:58:28.0472 0x20e8  eRecoveryService - detected UnsignedFile.Multi.Generic ( 1 )
15:58:28.0715 0x20e8  Detect skipped due to KSN trusted
15:58:28.0715 0x20e8  eRecoveryService - ok
15:58:28.0745 0x20e8  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:58:28.0800 0x20e8  ErrDev - ok
15:58:28.0826 0x20e8  [ A9745687A57CDD71237915859ABA8DAC, DE21C397EBC822622B61189EC6CCF720C76AB6A249188987A10086252A9F26FD ] eSettingsService C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
15:58:28.0838 0x20e8  eSettingsService - detected UnsignedFile.Multi.Generic ( 1 )
15:58:29.0086 0x20e8  Detect skipped due to KSN trusted
15:58:29.0086 0x20e8  eSettingsService - ok
15:58:29.0124 0x20e8  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
15:58:29.0178 0x20e8  EventSystem - ok
15:58:29.0224 0x20e8  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:58:29.0266 0x20e8  exfat - ok
15:58:29.0298 0x20e8  [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:58:29.0344 0x20e8  fastfat - ok
15:58:29.0358 0x20e8  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:58:29.0407 0x20e8  fdc - ok
15:58:29.0427 0x20e8  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
15:58:29.0484 0x20e8  fdPHost - ok
15:58:29.0493 0x20e8  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:58:29.0564 0x20e8  FDResPub - ok
15:58:29.0581 0x20e8  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:58:29.0614 0x20e8  FileInfo - ok
15:58:29.0633 0x20e8  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:58:29.0683 0x20e8  Filetrace - ok
15:58:29.0697 0x20e8  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:58:29.0749 0x20e8  flpydisk - ok
15:58:29.0786 0x20e8  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:58:29.0823 0x20e8  FltMgr - ok
15:58:29.0878 0x20e8  [ 7417E869AE5AAC3026329E7749698110, 14545202D90C23EE6A2ADC5627791A3B43B5EEA6F78F44021C9AE2B5B8A351DD ] FontCache       C:\Windows\system32\FntCache.dll
15:58:29.0944 0x20e8  FontCache - ok
15:58:29.0976 0x20e8  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:58:30.0007 0x20e8  FontCache3.0.0.0 - ok
15:58:30.0028 0x20e8  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:58:30.0070 0x20e8  Fs_Rec - ok
15:58:30.0137 0x20e8  [ 7AD4C281CB1661086B05E087230D4B76, 13DE6654EBAE4CB980E6ED8C4FB66BE413A9429662E300D2DC2A42ED85C051A2 ] fwlanusb4       C:\Windows\system32\DRIVERS\fwlanusb4.sys
15:58:30.0207 0x20e8  fwlanusb4 - ok
15:58:30.0235 0x20e8  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:58:30.0268 0x20e8  gagp30kx - ok
15:58:30.0306 0x20e8  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
15:58:30.0371 0x20e8  gpsvc - ok
15:58:30.0422 0x20e8  [ 99FCD7CE9894C241FB98A7811D2D8813, 713E9D6E1AA98AC4D7644872C988082870BC23FEE70C5831FB26159608E7E00A ] hardlock        C:\Windows\system32\drivers\hardlock.sys
15:58:30.0487 0x20e8  hardlock - ok
15:58:30.0497 0x20e8  hasplms - ok
15:58:30.0535 0x20e8  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:58:30.0579 0x20e8  HdAudAddService - ok
15:58:30.0618 0x20e8  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:58:30.0680 0x20e8  HDAudBus - ok
15:58:30.0703 0x20e8  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:58:30.0771 0x20e8  HidBth - ok
15:58:30.0784 0x20e8  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:58:30.0850 0x20e8  HidIr - ok
15:58:30.0867 0x20e8  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
15:58:30.0905 0x20e8  hidserv - ok
15:58:30.0929 0x20e8  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:58:30.0968 0x20e8  HidUsb - ok
15:58:31.0001 0x20e8  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:58:31.0051 0x20e8  hkmsvc - ok
15:58:31.0066 0x20e8  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
15:58:31.0099 0x20e8  HpCISSs - ok
15:58:31.0130 0x20e8  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:58:31.0198 0x20e8  HTTP - ok
15:58:31.0227 0x20e8  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
15:58:31.0259 0x20e8  i2omp - ok
15:58:31.0290 0x20e8  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:58:31.0335 0x20e8  i8042prt - ok
15:58:31.0366 0x20e8  [ 580BFEC487C55264BFE3D60C3C24EEE1, 0EA6D0C92C94E9597F3C063F7636710CC1CBECE5A57A5B1C463B2BA5ACB4F061 ] iaStor          C:\Windows\system32\drivers\iastor.sys
15:58:31.0419 0x20e8  iaStor - ok
15:58:31.0452 0x20e8  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
15:58:31.0490 0x20e8  iaStorV - ok
15:58:31.0558 0x20e8  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:58:31.0639 0x20e8  idsvc - ok
15:58:31.0663 0x20e8  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:58:31.0696 0x20e8  iirsp - ok
15:58:31.0729 0x20e8  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
15:58:31.0783 0x20e8  IKEEXT - ok
15:58:31.0850 0x20e8  [ C6E5276C00EBDEB096BB5EF4B797D1B6, 2620D2F7B5242E9DD0217FB4E0CBACF1DB8AB1B92187AD2847904948E1ABFEC1 ] int15           C:\Acer\Empowering Technology\eRecovery\int15.sys
15:58:31.0883 0x20e8  int15 - ok
15:58:31.0978 0x20e8  [ F6E17C275666A4402588A30E36565910, 708438A37C8E1FD5107224494FE31A3571347471E5EDB812C7A50A8858F62606 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:58:32.0077 0x20e8  IntcAzAudAddService - ok
15:58:32.0119 0x20e8  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
15:58:32.0155 0x20e8  intelide - ok
15:58:32.0176 0x20e8  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:58:32.0234 0x20e8  intelppm - ok
15:58:32.0266 0x20e8  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:58:32.0324 0x20e8  IPBusEnum - ok
15:58:32.0346 0x20e8  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:58:32.0404 0x20e8  IpFilterDriver - ok
15:58:32.0433 0x20e8  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:58:32.0483 0x20e8  iphlpsvc - ok
15:58:32.0494 0x20e8  IpInIp - ok
15:58:32.0516 0x20e8  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
15:58:32.0573 0x20e8  IPMIDRV - ok
15:58:32.0594 0x20e8  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
15:58:32.0652 0x20e8  IPNAT - ok
15:58:32.0673 0x20e8  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:58:32.0728 0x20e8  IRENUM - ok
15:58:32.0755 0x20e8  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:58:32.0793 0x20e8  isapnp - ok
15:58:32.0833 0x20e8  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
15:58:32.0874 0x20e8  iScsiPrt - ok
15:58:32.0895 0x20e8  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
15:58:32.0928 0x20e8  iteatapi - ok
15:58:32.0952 0x20e8  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
15:58:32.0983 0x20e8  iteraid - ok
15:58:33.0002 0x20e8  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:58:33.0034 0x20e8  kbdclass - ok
15:58:33.0056 0x20e8  [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
15:58:33.0106 0x20e8  kbdhid - ok
15:58:33.0138 0x20e8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
15:58:33.0179 0x20e8  KeyIso - ok
15:58:33.0228 0x20e8  [ 5035EDF1F2E72F78BB1EC5BD9B97463F, 8AFAD580A96F002FFB22761B65D4B414917895C45B11B53089BB3E0331995EF7 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:58:33.0280 0x20e8  KSecDD - ok
15:58:33.0327 0x20e8  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:58:33.0387 0x20e8  KtmRm - ok
15:58:33.0411 0x20e8  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:58:33.0462 0x20e8  LanmanServer - ok
15:58:33.0503 0x20e8  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:58:33.0555 0x20e8  LanmanWorkstation - ok
15:58:33.0624 0x20e8  [ 793FF718477345CD5D232C50BED1E452, 1D39CF9F10742C79FF99B9B4E0361EAEA63B4FC545C58B54B55537D18C802941 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
15:58:33.0637 0x20e8  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
15:58:33.0882 0x20e8  Detect skipped due to KSN trusted
15:58:33.0882 0x20e8  LightScribeService - ok
15:58:33.0900 0x20e8  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:58:33.0958 0x20e8  lltdio - ok
15:58:33.0986 0x20e8  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:58:34.0059 0x20e8  lltdsvc - ok
15:58:34.0072 0x20e8  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:58:34.0149 0x20e8  lmhosts - ok
15:58:34.0179 0x20e8  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:58:34.0217 0x20e8  LSI_FC - ok
15:58:34.0242 0x20e8  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:58:34.0277 0x20e8  LSI_SAS - ok
15:58:34.0300 0x20e8  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:58:34.0337 0x20e8  LSI_SCSI - ok
15:58:34.0363 0x20e8  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:58:34.0413 0x20e8  luafv - ok
15:58:34.0453 0x20e8  [ 3C21F7E95FFCA33EF1A83AA33D9663CF, C843116969E1CDBA45AEF98B33BEDBA9200C62CDB52CD7056CE6768A1EF3A637 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:58:34.0484 0x20e8  MBAMProtector - ok
15:58:34.0581 0x20e8  [ 516E29AD03BDF610CC36A95AE692FE42, 09F913B169AD775FF587AE59AEC5DD2A2D8646803F48BF616C74EEC0DE3BE7A2 ] MBAMScheduler   C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
15:58:34.0684 0x20e8  MBAMScheduler - ok
15:58:34.0748 0x20e8  [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService     C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
15:58:34.0826 0x20e8  MBAMService - ok
15:58:34.0847 0x20e8  [ 04B309A1A653177994630C2773E659F1, 1D9F81D2DF513FE177E5308E3DE0CE416109F87FDBD00FE7453FEB6074216C3C ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
15:58:34.0881 0x20e8  MBAMSwissArmy - ok
15:58:34.0908 0x20e8  [ 3F435B1E9F5B3EF95669344FD8E9DCF9, 61D0E9CA8B86603C910B0454102C41D305FC002196BF5C221CDE2D9B460DBCA4 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
15:58:34.0941 0x20e8  MBAMWebAccessControl - ok
15:58:34.0962 0x20e8  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:58:35.0002 0x20e8  Mcx2Svc - ok
15:58:35.0024 0x20e8  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
15:58:35.0057 0x20e8  megasas - ok
15:58:35.0106 0x20e8  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
15:58:35.0160 0x20e8  MegaSR - ok
15:58:35.0196 0x20e8  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
15:58:35.0248 0x20e8  MMCSS - ok
15:58:35.0266 0x20e8  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
15:58:35.0316 0x20e8  Modem - ok
15:58:35.0340 0x20e8  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:58:35.0390 0x20e8  monitor - ok
15:58:35.0412 0x20e8  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:58:35.0446 0x20e8  mouclass - ok
15:58:35.0466 0x20e8  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:58:35.0516 0x20e8  mouhid - ok
15:58:35.0530 0x20e8  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
15:58:35.0563 0x20e8  MountMgr - ok
15:58:35.0615 0x20e8  [ DD370A8148862150BA81A3F5C56A1E40, F56B84297BDC32266CB69D10FB2D66B8B332D60CAB7E64E4E3AC2BB749BBD31B ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:58:35.0651 0x20e8  MozillaMaintenance - ok
15:58:35.0688 0x20e8  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:58:35.0728 0x20e8  mpio - ok
15:58:35.0754 0x20e8  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:58:35.0806 0x20e8  mpsdrv - ok
15:58:35.0851 0x20e8  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:58:35.0915 0x20e8  MpsSvc - ok
15:58:35.0933 0x20e8  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
15:58:35.0966 0x20e8  Mraid35x - ok
15:58:35.0991 0x20e8  [ B0584CA7DEF55929FDB5169BD28B2484, AF6A7E404FEB29F7F3428D0AF6682195E5E8ED106996A04E6947DBD575696546 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:58:36.0034 0x20e8  MRxDAV - ok
15:58:36.0059 0x20e8  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:58:36.0100 0x20e8  mrxsmb - ok
15:58:36.0138 0x20e8  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:58:36.0184 0x20e8  mrxsmb10 - ok
15:58:36.0208 0x20e8  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:58:36.0248 0x20e8  mrxsmb20 - ok
15:58:36.0271 0x20e8  [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:58:36.0304 0x20e8  msahci - ok
15:58:36.0326 0x20e8  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:58:36.0361 0x20e8  msdsm - ok
15:58:36.0388 0x20e8  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
15:58:36.0440 0x20e8  MSDTC - ok
15:58:36.0476 0x20e8  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:58:36.0525 0x20e8  Msfs - ok
15:58:36.0542 0x20e8  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:58:36.0574 0x20e8  msisadrv - ok
15:58:36.0606 0x20e8  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:58:36.0661 0x20e8  MSiSCSI - ok
15:58:36.0673 0x20e8  msiserver - ok
15:58:36.0695 0x20e8  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:58:36.0743 0x20e8  MSKSSRV - ok
15:58:36.0771 0x20e8  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:58:36.0819 0x20e8  MSPCLOCK - ok
15:58:36.0838 0x20e8  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:58:36.0887 0x20e8  MSPQM - ok
15:58:36.0909 0x20e8  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:58:36.0946 0x20e8  MsRPC - ok
15:58:36.0973 0x20e8  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:58:37.0005 0x20e8  mssmbios - ok
15:58:37.0037 0x20e8  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:58:37.0086 0x20e8  MSTEE - ok
15:58:37.0110 0x20e8  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:58:37.0147 0x20e8  Mup - ok
15:58:37.0186 0x20e8  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
15:58:37.0249 0x20e8  napagent - ok
15:58:37.0295 0x20e8  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:58:37.0342 0x20e8  NativeWifiP - ok
15:58:37.0392 0x20e8  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:58:37.0441 0x20e8  NDIS - ok
15:58:37.0466 0x20e8  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:58:37.0510 0x20e8  NdisTapi - ok
15:58:37.0532 0x20e8  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:58:37.0581 0x20e8  Ndisuio - ok
15:58:37.0606 0x20e8  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:58:37.0657 0x20e8  NdisWan - ok
15:58:37.0710 0x20e8  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:58:37.0755 0x20e8  NDProxy - ok
15:58:37.0776 0x20e8  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:58:37.0824 0x20e8  NetBIOS - ok
15:58:37.0850 0x20e8  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
15:58:37.0903 0x20e8  netbt - ok
15:58:37.0922 0x20e8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
15:58:37.0964 0x20e8  Netlogon - ok
15:58:37.0990 0x20e8  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
15:58:38.0048 0x20e8  Netman - ok
15:58:38.0083 0x20e8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:58:38.0121 0x20e8  NetMsmqActivator - ok
15:58:38.0141 0x20e8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:58:38.0179 0x20e8  NetPipeActivator - ok
15:58:38.0218 0x20e8  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
15:58:38.0274 0x20e8  netprofm - ok
15:58:38.0291 0x20e8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:58:38.0328 0x20e8  NetTcpActivator - ok
15:58:38.0342 0x20e8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:58:38.0380 0x20e8  NetTcpPortSharing - ok
15:58:38.0401 0x20e8  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:58:38.0433 0x20e8  nfrd960 - ok
15:58:38.0464 0x20e8  [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:58:38.0507 0x20e8  NlaSvc - ok
15:58:38.0531 0x20e8  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:58:38.0575 0x20e8  Npfs - ok
15:58:38.0615 0x20e8  [ 75AC610A7481CB1F343DC971249BCB19, F1DC7478F0219D88DEA5BAC95D11A6C3CA418D5BCB730EB0BC2D80247C39AC67 ] NPF_devolo      C:\Windows\system32\drivers\npf_devolo.sys
15:58:38.0626 0x20e8  NPF_devolo - detected UnsignedFile.Multi.Generic ( 1 )
15:58:38.0879 0x20e8  Detect skipped due to KSN trusted
15:58:38.0879 0x20e8  NPF_devolo - ok
15:58:38.0897 0x20e8  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
15:58:38.0954 0x20e8  nsi - ok
15:58:38.0971 0x20e8  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:58:39.0028 0x20e8  nsiproxy - ok
15:58:39.0108 0x20e8  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:58:39.0190 0x20e8  Ntfs - ok
15:58:39.0234 0x20e8  [ 7F1C1F78D709C4A54CBB46EDE7E0B48D, 52135D41983A9E9E1DCA250A63017076AE22AA06D77CCF2E5EF41154F958584A ] NTIDrvr         C:\Windows\system32\DRIVERS\NTIDrvr.sys
15:58:39.0245 0x20e8  NTIDrvr - detected UnsignedFile.Multi.Generic ( 1 )
15:58:39.0485 0x20e8  Detect skipped due to KSN trusted
15:58:39.0486 0x20e8  NTIDrvr - ok
15:58:39.0503 0x20e8  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
15:58:39.0577 0x20e8  ntrigdigi - ok
15:58:39.0591 0x20e8  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
15:58:39.0643 0x20e8  Null - ok
15:58:39.0703 0x20e8  [ B896FB556B4DC1E1D2943559EA79C5C5, 8819716153ACFF8F05AAA33F7E6CF24A09C8D2C78E4B5C5FF9F978CCA0AE1CB3 ] NVENETFD        C:\Windows\system32\DRIVERS\nvmfdx32.sys
15:58:39.0775 0x20e8  NVENETFD - ok
15:58:39.0801 0x20e8  [ F3EF6CB754C908C5E79FE5BB4A7E39BA, CE41E0FBEA6E8D4A659A2B1D38E6C76BF4A195A1D86DE825879F5A69D7A857D4 ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
15:58:39.0832 0x20e8  NVHDA - ok
15:58:40.0089 0x20e8  [ 23C24FDBC46B61A828DB3779A808A68B, CFB189CCACDD260811C34E86E515DF597DE2D2E4D0F50D6E070650BB8ED015CC ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:58:40.0716 0x20e8  nvlddmkm - ok
15:58:40.0773 0x20e8  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:58:40.0811 0x20e8  nvraid - ok
15:58:40.0840 0x20e8  [ 6F5BB0B40D251351A913B61BA9D64B3F, 69004AA640F59FF44F3EEAD3A0F9BF50850B161675BA9B837299649F92FBC0F6 ] nvrd32          C:\Windows\system32\drivers\nvrd32.sys
15:58:40.0872 0x20e8  nvrd32 - ok
15:58:40.0890 0x20e8  [ 7EC12A73067BACA25A8E3E2A58AE83D8, CB562872E951B599FDCCE27727F2329DC1031574A5A5CEF238D3DF1786E7D12A ] nvsmu           C:\Windows\system32\DRIVERS\nvsmu.sys
15:58:40.0925 0x20e8  nvsmu - ok
15:58:40.0949 0x20e8  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:58:40.0981 0x20e8  nvstor - ok
15:58:41.0007 0x20e8  [ 689A2160B851F8BF88F20728FD2F30BD, 9038C4B036EBD93E9150FA39165DB1E829A1018298BACF920FFD65B53A30EFD5 ] nvstor32        C:\Windows\system32\drivers\nvstor32.sys
15:58:41.0040 0x20e8  nvstor32 - ok
15:58:41.0064 0x20e8  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:58:41.0099 0x20e8  nv_agp - ok
15:58:41.0119 0x20e8  NwlnkFlt - ok
15:58:41.0133 0x20e8  NwlnkFwd - ok
15:58:41.0198 0x20e8  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:58:41.0241 0x20e8  odserv - ok
15:58:41.0299 0x20e8  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
15:58:41.0349 0x20e8  ohci1394 - ok
15:58:41.0399 0x20e8  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:58:41.0440 0x20e8  ose - ok
15:58:41.0652 0x20e8  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:58:41.0902 0x20e8  osppsvc - ok
15:58:41.0968 0x20e8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
15:58:42.0031 0x20e8  p2pimsvc - ok
15:58:42.0077 0x20e8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:58:42.0142 0x20e8  p2psvc - ok
15:58:42.0174 0x20e8  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
15:58:42.0249 0x20e8  Parport - ok
15:58:42.0277 0x20e8  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:58:42.0312 0x20e8  partmgr - ok
15:58:42.0340 0x20e8  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
15:58:42.0408 0x20e8  Parvdm - ok
15:58:42.0454 0x20e8  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:58:42.0495 0x20e8  PcaSvc - ok
15:58:42.0528 0x20e8  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
15:58:42.0568 0x20e8  pci - ok
15:58:42.0599 0x20e8  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
15:58:42.0635 0x20e8  pciide - ok
15:58:42.0662 0x20e8  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:58:42.0705 0x20e8  pcmcia - ok
15:58:42.0741 0x20e8  [ 8F93FB300DEAC55C553C2255F1D0342D, B50119D4AB86E5E5EA4E48F2F5FD5CC2CF8F461A6F1435119E77B2462D493BE5 ] PCTCore         C:\Windows\system32\drivers\PCTCore.sys
15:58:42.0784 0x20e8  PCTCore - ok
15:58:42.0814 0x20e8  [ F820B4C61D1E591325B679D479D4EEA4, 7AE393C2E31CA92083842563C8E887B473D64FD5BC10168FDD1822DF782DB854 ] pctDS           C:\Windows\system32\drivers\pctDS.sys
15:58:42.0867 0x20e8  pctDS - ok
15:58:42.0913 0x20e8  [ ACC8C15F3D59F17C5D903FF1DE3B43D3, C0451359864FD9E59DBDD12C55D84C9019EAD14B17D88785B111A738E542E616 ] pctEFA          C:\Windows\system32\drivers\pctEFA.sys
15:58:42.0975 0x20e8  pctEFA - ok
15:58:43.0037 0x20e8  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:58:43.0135 0x20e8  PEAUTH - ok
15:58:43.0259 0x20e8  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
15:58:43.0355 0x20e8  pla - ok
15:58:43.0394 0x20e8  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:58:43.0447 0x20e8  PlugPlay - ok
15:58:43.0477 0x20e8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
15:58:43.0540 0x20e8  PNRPAutoReg - ok
15:58:43.0572 0x20e8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
15:58:43.0633 0x20e8  PNRPsvc - ok
15:58:43.0670 0x20e8  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:58:43.0728 0x20e8  PolicyAgent - ok
15:58:43.0771 0x20e8  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:58:43.0821 0x20e8  PptpMiniport - ok
15:58:43.0847 0x20e8  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
15:58:43.0897 0x20e8  Processor - ok
15:58:43.0927 0x20e8  [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:58:43.0973 0x20e8  ProfSvc - ok
15:58:43.0997 0x20e8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
15:58:44.0036 0x20e8  ProtectedStorage - ok
15:58:44.0067 0x20e8  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
15:58:44.0113 0x20e8  PSched - ok
15:58:44.0134 0x20e8  [ AB94285FF6C6BC5433407D8D182A4BB4, FEEED76008F5FFE3E55791B4EF96FF5D7A81151E406AFF0C353343CABFBA4038 ] PSDFilter       C:\Windows\system32\DRIVERS\psdfilter.sys
15:58:44.0168 0x20e8  PSDFilter - ok
15:58:44.0192 0x20e8  [ 2AAF9A5D7A63D26BFAEA853C5F2292BC, EF5CB105F487F3AECC83C743D77CE4CCFD8D4DFD342DE696B89250A65C654307 ] PSDNServ        C:\Windows\system32\DRIVERS\PSDNServ.sys
15:58:44.0224 0x20e8  PSDNServ - ok
15:58:44.0247 0x20e8  [ 0EB8CEC99855BEAE5B0D02C2302619EF, E708FCAEA004D61AA107A392F637CF564F25634BC483134FC79032D0E17F5FEF ] psdvdisk        C:\Windows\system32\DRIVERS\PSDVdisk.sys
15:58:44.0278 0x20e8  psdvdisk - ok
15:58:44.0414 0x20e8  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:58:44.0502 0x20e8  ql2300 - ok
15:58:44.0536 0x20e8  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:58:44.0572 0x20e8  ql40xx - ok
15:58:44.0602 0x20e8  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
15:58:44.0653 0x20e8  QWAVE - ok
15:58:44.0698 0x20e8  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:58:44.0739 0x20e8  QWAVEdrv - ok
15:58:44.0760 0x20e8  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:58:44.0816 0x20e8  RasAcd - ok
15:58:44.0841 0x20e8  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
15:58:44.0902 0x20e8  RasAuto - ok
15:58:44.0928 0x20e8  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:58:44.0984 0x20e8  Rasl2tp - ok
15:58:45.0021 0x20e8  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
15:58:45.0079 0x20e8  RasMan - ok
15:58:45.0113 0x20e8  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:58:45.0157 0x20e8  RasPppoe - ok
15:58:45.0183 0x20e8  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:58:45.0226 0x20e8  RasSstp - ok
15:58:45.0249 0x20e8  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:58:45.0311 0x20e8  rdbss - ok
15:58:45.0332 0x20e8  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:58:45.0380 0x20e8  RDPCDD - ok
15:58:45.0424 0x20e8  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
15:58:45.0510 0x20e8  rdpdr - ok
15:58:45.0532 0x20e8  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:58:45.0600 0x20e8  RDPENCDD - ok
15:58:45.0650 0x20e8  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:58:45.0703 0x20e8  RDPWD - ok
15:58:45.0756 0x20e8  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:58:45.0814 0x20e8  RemoteAccess - ok
15:58:45.0853 0x20e8  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:58:45.0913 0x20e8  RemoteRegistry - ok
15:58:45.0963 0x20e8  [ C1C132455200AD4704142442C89D0FA4, 2A2F9484CB818DBB783552B128B5E5AFB544FA488C0EE7A60C322111F16FCD16 ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
15:58:45.0982 0x20e8  RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
15:58:46.0235 0x20e8  Detect skipped due to KSN trusted
15:58:46.0235 0x20e8  RichVideo - ok
15:58:46.0296 0x20e8  [ EEC7EE5675294B03E88AA868540007C1, 4FA2DFD007ED0B6276D80D7948E5A676620BB120BAF2BDB22D2D1E6ABA08F1B4 ] RMCAST          C:\Windows\system32\DRIVERS\RMCAST.sys
15:58:46.0351 0x20e8  RMCAST - ok
15:58:46.0383 0x20e8  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
15:58:46.0420 0x20e8  RpcLocator - ok
15:58:46.0456 0x20e8  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
15:58:46.0532 0x20e8  RpcSs - ok
15:58:46.0556 0x20e8  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:58:46.0607 0x20e8  rspndr - ok
15:58:46.0630 0x20e8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
15:58:46.0671 0x20e8  SamSs - ok
15:58:46.0702 0x20e8  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:58:46.0736 0x20e8  sbp2port - ok
15:58:46.0765 0x20e8  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:58:46.0815 0x20e8  SCardSvr - ok
15:58:46.0864 0x20e8  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
15:58:46.0927 0x20e8  Schedule - ok
15:58:46.0960 0x20e8  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:58:47.0006 0x20e8  SCPolicySvc - ok
15:58:47.0050 0x20e8  [ A1089AC7683826E6C7C9FAB9723DD80F, 8C8E29DA3A53CAC5B4294276DB50D44D7C90209EF40A0CD955D5BE25C0CF9985 ] sdAuxService    C:\Program Files\PC Tools Security\pctsAuxs.exe
15:58:47.0091 0x20e8  sdAuxService - ok
15:58:47.0157 0x20e8  [ 2E5651BEB5C4C23757723DACFD230246, 333C3851850F6F63174D87DB4C45EA86F85F5559FF70B6237F393D44BF824F88 ] sdCoreService   C:\Program Files\PC Tools Security\pctsSvc.exe
15:58:47.0245 0x20e8  sdCoreService - ok
15:58:47.0288 0x20e8  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:58:47.0339 0x20e8  SDRSVC - ok
15:58:47.0361 0x20e8  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:58:47.0432 0x20e8  secdrv - ok
15:58:47.0456 0x20e8  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
15:58:47.0509 0x20e8  seclogon - ok
15:58:47.0531 0x20e8  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
15:58:47.0583 0x20e8  SENS - ok
15:58:47.0602 0x20e8  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:58:47.0650 0x20e8  Serenum - ok
15:58:47.0682 0x20e8  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:58:47.0736 0x20e8  Serial - ok
15:58:47.0763 0x20e8  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:58:47.0812 0x20e8  sermouse - ok
15:58:47.0886 0x20e8  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:58:47.0939 0x20e8  SessionEnv - ok
15:58:47.0966 0x20e8  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:58:48.0009 0x20e8  sffdisk - ok
15:58:48.0033 0x20e8  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:58:48.0081 0x20e8  sffp_mmc - ok
15:58:48.0102 0x20e8  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:58:48.0152 0x20e8  sffp_sd - ok
15:58:48.0178 0x20e8  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:58:48.0244 0x20e8  sfloppy - ok
15:58:48.0288 0x20e8  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:58:48.0347 0x20e8  SharedAccess - ok
15:58:48.0379 0x20e8  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:58:48.0426 0x20e8  ShellHWDetection - ok
15:58:48.0453 0x20e8  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
15:58:48.0486 0x20e8  sisagp - ok
15:58:48.0507 0x20e8  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
15:58:48.0540 0x20e8  SiSRaid2 - ok
15:58:48.0566 0x20e8  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:58:48.0599 0x20e8  SiSRaid4 - ok
15:58:48.0738 0x20e8  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
15:58:48.0916 0x20e8  slsvc - ok
15:58:48.0977 0x20e8  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
15:58:49.0024 0x20e8  SLUINotify - ok
15:58:49.0054 0x20e8  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:58:49.0099 0x20e8  Smb - ok
15:58:49.0150 0x20e8  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:58:49.0193 0x20e8  SNMPTRAP - ok
15:58:49.0218 0x20e8  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:58:49.0250 0x20e8  spldr - ok
15:58:49.0290 0x20e8  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
15:58:49.0334 0x20e8  Spooler - ok
15:58:49.0384 0x20e8  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:58:49.0432 0x20e8  srv - ok
15:58:49.0465 0x20e8  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:58:49.0507 0x20e8  srv2 - ok
15:58:49.0535 0x20e8  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:58:49.0575 0x20e8  srvnet - ok
15:58:49.0610 0x20e8  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:58:49.0667 0x20e8  SSDPSRV - ok
15:58:49.0697 0x20e8  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
15:58:49.0727 0x20e8  ssmdrv - ok
15:58:49.0768 0x20e8  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:58:49.0812 0x20e8  SstpSvc - ok
15:58:49.0885 0x20e8  [ 98CC6BDCB5F593394CE2000EC454AEE4, 13973E69DDFB5A0494141C60ABF0E6F7EF555B476AC4171B18A31FF04618D54B ] StarMoney 8.0 OnlineUpdate C:\Program Files\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe
15:58:49.0937 0x20e8  StarMoney 8.0 OnlineUpdate - ok
15:58:50.0023 0x20e8  [ 3BF022F8064A83A23DF90971DD78CA83, 85754DF1C6DE745ADF9A0BAB1948AFF2CA16C4569128DA90AF610D199E621BF4 ] StarMoney 9.0 OnlineUpdate C:\Program Files\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
15:58:50.0082 0x20e8  StarMoney 9.0 OnlineUpdate - ok
15:58:50.0128 0x20e8  [ EF70B3D22B4BFFDA6EA851ECB063EFAA, 1666572F8F988805C3A2E949FA6B060B35B72DBB115B86F4CFC710FB6A86C3E3 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
15:58:50.0170 0x20e8  StillCam - ok
15:58:50.0224 0x20e8  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
15:58:50.0293 0x20e8  stisvc - ok
15:58:50.0321 0x20e8  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:58:50.0354 0x20e8  swenum - ok
15:58:50.0396 0x20e8  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
15:58:50.0454 0x20e8  swprv - ok
15:58:50.0486 0x20e8  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
15:58:50.0518 0x20e8  Symc8xx - ok
15:58:50.0546 0x20e8  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
15:58:50.0578 0x20e8  Sym_hi - ok
15:58:50.0601 0x20e8  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
15:58:50.0634 0x20e8  Sym_u3 - ok
15:58:50.0683 0x20e8  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
15:58:50.0749 0x20e8  SysMain - ok
15:58:50.0782 0x20e8  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:58:50.0826 0x20e8  TabletInputService - ok
15:58:50.0867 0x20e8  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:58:50.0922 0x20e8  TapiSrv - ok
15:58:50.0953 0x20e8  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
15:58:51.0006 0x20e8  TBS - ok
15:58:51.0060 0x20e8  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:58:51.0121 0x20e8  Tcpip - ok
15:58:51.0177 0x20e8  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
15:58:51.0237 0x20e8  Tcpip6 - ok
15:58:51.0289 0x20e8  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:58:51.0331 0x20e8  tcpipreg - ok
15:58:51.0364 0x20e8  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:58:51.0414 0x20e8  TDPIPE - ok
15:58:51.0437 0x20e8  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:58:51.0498 0x20e8  TDTCP - ok
15:58:51.0531 0x20e8  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:58:51.0581 0x20e8  tdx - ok
15:58:51.0614 0x20e8  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:58:51.0651 0x20e8  TermDD - ok
15:58:51.0694 0x20e8  [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService     C:\Windows\System32\termsrv.dll
15:58:51.0766 0x20e8  TermService - ok
15:58:51.0804 0x20e8  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
15:58:51.0863 0x20e8  Themes - ok
15:58:51.0922 0x20e8  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
15:58:51.0974 0x20e8  THREADORDER - ok
15:58:52.0014 0x20e8  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
15:58:52.0068 0x20e8  TrkWks - ok
15:58:52.0124 0x20e8  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:58:52.0169 0x20e8  TrustedInstaller - ok
15:58:52.0222 0x20e8  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:58:52.0259 0x20e8  tssecsrv - ok
15:58:52.0309 0x20e8  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
15:58:52.0348 0x20e8  tunmp - ok
15:58:52.0369 0x20e8  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:58:52.0410 0x20e8  tunnel - ok
15:58:52.0453 0x20e8  [ 97DD70FECA64FB4F63DE7BB7E66A80B1, 3C045B227C1D3AC7DE68D666CE51A0BB18226683AE40AACCBF4CE74152C33CAC ] tvicport        C:\Windows\system32\drivers\tvicport.sys
15:58:52.0464 0x20e8  tvicport - detected UnsignedFile.Multi.Generic ( 1 )
15:58:52.0708 0x20e8  Detect skipped due to KSN trusted
15:58:52.0708 0x20e8  tvicport - ok
15:58:52.0748 0x20e8  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:58:52.0787 0x20e8  uagp35 - ok
15:58:52.0854 0x20e8  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:58:52.0912 0x20e8  udfs - ok
15:58:52.0983 0x20e8  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:58:53.0038 0x20e8  UI0Detect - ok
15:58:53.0066 0x20e8  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:58:53.0100 0x20e8  uliagpkx - ok
15:58:53.0127 0x20e8  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
15:58:53.0184 0x20e8  uliahci - ok
15:58:53.0221 0x20e8  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
15:58:53.0255 0x20e8  UlSata - ok
15:58:53.0283 0x20e8  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
15:58:53.0319 0x20e8  ulsata2 - ok
15:58:53.0340 0x20e8  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:58:53.0390 0x20e8  umbus - ok
15:58:53.0423 0x20e8  [ 88BD96A1BAEED33EE8BDF9499C07A841, 1C4DA1B34FE52B8022AB23CBF18D6B16635283625BB2D08E6524292E6009773A ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:58:53.0472 0x20e8  UmPass - ok
15:58:53.0501 0x20e8  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
15:58:53.0560 0x20e8  upnphost - ok
15:58:53.0632 0x20e8  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:58:53.0672 0x20e8  usbccgp - ok
15:58:53.0707 0x20e8  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:58:53.0776 0x20e8  usbcir - ok
15:58:53.0809 0x20e8  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:58:53.0854 0x20e8  usbehci - ok
15:58:53.0894 0x20e8  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:58:53.0946 0x20e8  usbhub - ok
15:58:53.0990 0x20e8  [ D457EBD0C3A8B3A3A144355B5EE91CBC, 6AD52BDBB1607A48F0B02E663B97C3A00E3345B1B12C259608A5AE728C1C06B2 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
15:58:54.0031 0x20e8  usbohci - ok
15:58:54.0063 0x20e8  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:58:54.0117 0x20e8  usbprint - ok
15:58:54.0165 0x20e8  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:58:54.0214 0x20e8  usbscan - ok
15:58:54.0270 0x20e8  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:58:54.0316 0x20e8  USBSTOR - ok
15:58:54.0344 0x20e8  [ 814D653EFC4D48BE3B04A307ECEFF56F, D73D62F51AEFE2F8F2B938B20107C246F2AC2F62ED49112DBD092A5D2E4024B3 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:58:54.0388 0x20e8  usbuhci - ok
15:58:54.0425 0x20e8  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
15:58:54.0475 0x20e8  UxSms - ok
15:58:54.0566 0x20e8  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
15:58:54.0625 0x20e8  vds - ok
15:58:54.0648 0x20e8  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:58:54.0698 0x20e8  vga - ok
15:58:54.0725 0x20e8  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:58:54.0776 0x20e8  VgaSave - ok
15:58:54.0805 0x20e8  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
15:58:54.0839 0x20e8  viaagp - ok
15:58:54.0868 0x20e8  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
15:58:54.0920 0x20e8  ViaC7 - ok
15:58:54.0953 0x20e8  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
15:58:54.0986 0x20e8  viaide - ok
15:58:55.0054 0x20e8  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:58:55.0088 0x20e8  volmgr - ok
15:58:55.0138 0x20e8  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:58:55.0200 0x20e8  volmgrx - ok
15:58:55.0283 0x20e8  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:58:55.0336 0x20e8  volsnap - ok
15:58:55.0394 0x20e8  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:58:55.0441 0x20e8  vsmraid - ok
15:58:56.0104 0x20e8  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
15:58:56.0216 0x20e8  VSS - ok
15:58:56.0451 0x20e8  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
15:58:56.0514 0x20e8  W32Time - ok
15:58:56.0576 0x20e8  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:58:56.0650 0x20e8  WacomPen - ok
15:58:56.0702 0x20e8  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
15:58:56.0754 0x20e8  Wanarp - ok
15:58:56.0802 0x20e8  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:58:56.0854 0x20e8  Wanarpv6 - ok
15:58:57.0130 0x20e8  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:58:57.0192 0x20e8  wcncsvc - ok
15:58:57.0282 0x20e8  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:58:57.0339 0x20e8  WcsPlugInService - ok
15:58:57.0420 0x20e8  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
15:58:57.0457 0x20e8  Wd - ok
15:58:57.0606 0x20e8  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:58:57.0692 0x20e8  Wdf01000 - ok
15:58:57.0731 0x20e8  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:58:57.0794 0x20e8  WdiServiceHost - ok
15:58:57.0846 0x20e8  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:58:57.0908 0x20e8  WdiSystemHost - ok
15:58:58.0103 0x20e8  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
15:58:58.0157 0x20e8  WebClient - ok
15:58:58.0262 0x20e8  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:58:58.0313 0x20e8  Wecsvc - ok
15:58:58.0424 0x20e8  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:58:58.0479 0x20e8  wercplsupport - ok
15:58:58.0594 0x20e8  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:58:58.0693 0x20e8  WerSvc - ok
15:58:58.0827 0x20e8  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
15:58:58.0909 0x20e8  WinDefend - ok
15:58:58.0967 0x20e8  WinHttpAutoProxySvc - ok
15:58:59.0109 0x20e8  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:58:59.0163 0x20e8  Winmgmt - ok
15:58:59.0233 0x20e8  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:58:59.0326 0x20e8  WinRM - ok
15:58:59.0406 0x20e8  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:58:59.0465 0x20e8  Wlansvc - ok
15:58:59.0490 0x20e8  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:58:59.0541 0x20e8  WmiAcpi - ok
15:58:59.0605 0x20e8  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:58:59.0658 0x20e8  wmiApSrv - ok
15:59:00.0019 0x20e8  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
15:59:00.0095 0x20e8  WMPNetworkSvc - ok
15:59:00.0149 0x20e8  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:59:00.0202 0x20e8  WPCSvc - ok
15:59:00.0280 0x20e8  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:59:00.0323 0x20e8  WPDBusEnum - ok
15:59:00.0385 0x20e8  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
15:59:00.0424 0x20e8  WpdUsb - ok
15:59:00.0517 0x20e8  [ C108DC20ACE05072350DBB6934E277FB, 548E6ABE4C4ADE48260FFDC7BADFD1697972EA3AE94D6576498C8A183D8CE0C8 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:59:00.0582 0x20e8  WPFFontCache_v0400 - ok
15:59:00.0633 0x20e8  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:59:00.0688 0x20e8  ws2ifsl - ok
15:59:00.0808 0x20e8  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
15:59:00.0851 0x20e8  wscsvc - ok
15:59:00.0910 0x20e8  [ 4422AC5ED8D4C2F0DB63E71D4C069DD7, B010DCC7B802C26A701A7DE1CA1B21D6B43D99FE88524D015C9228376B0BDA6E ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
15:59:00.0961 0x20e8  WSDPrintDevice - ok
15:59:00.0984 0x20e8  WSearch - ok
15:59:01.0189 0x20e8  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:59:01.0321 0x20e8  wuauserv - ok
15:59:01.0403 0x20e8  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:59:01.0450 0x20e8  WudfPf - ok
15:59:01.0502 0x20e8  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:59:01.0550 0x20e8  WUDFRd - ok
15:59:01.0593 0x20e8  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:59:01.0642 0x20e8  wudfsvc - ok
15:59:01.0722 0x20e8  [ 40AC8590CC9006DBB99FFCB37879D4C6, 3EBC1379503C1E65034A25660FB634813926B0918FCB6A3E6F36CEBB57DA9E20 ] zntport         C:\Windows\system32\drivers\zntport.sys
15:59:01.0732 0x20e8  zntport - detected UnsignedFile.Multi.Generic ( 1 )
15:59:01.0977 0x20e8  Detect skipped due to KSN trusted
15:59:01.0978 0x20e8  zntport - ok
15:59:02.0035 0x20e8  ================ Scan global ===============================
15:59:02.0063 0x20e8  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
15:59:02.0098 0x20e8  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
15:59:02.0137 0x20e8  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
15:59:02.0176 0x20e8  [ 4F0A7910FC7D8A66433FA9961EEF8BB5, 2086EDEE8CF9CC9BDBDC03018F7C28BB56172F941CB4D6F3D857BCF82B32FB6B ] C:\Windows\system32\services.exe
15:59:02.0187 0x20e8  [ Global ] - ok
15:59:02.0187 0x20e8  ================ Scan MBR ==================================
15:59:02.0207 0x20e8  [ A863475757CC50891AA8458C415E4B25 ] \Device\Harddisk0\DR0
15:59:04.0656 0x20e8  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
15:59:04.0656 0x20e8  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:59:04.0837 0x20e8  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk1\DR1
15:59:05.0083 0x20e8  \Device\Harddisk1\DR1 - ok
15:59:05.0089 0x20e8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
15:59:05.0178 0x20e8  \Device\Harddisk2\DR2 - ok
15:59:05.0179 0x20e8  ================ Scan VBR ==================================
15:59:05.0190 0x20e8  [ 822D9364935B33E0AFAFA4B383F98723 ] \Device\Harddisk0\DR0\Partition1
15:59:05.0214 0x20e8  \Device\Harddisk0\DR0\Partition1 - ok
15:59:05.0232 0x20e8  [ 29023B611AE8AA5B883D2155B87646B2 ] \Device\Harddisk0\DR0\Partition2
15:59:05.0272 0x20e8  \Device\Harddisk0\DR0\Partition2 - ok
15:59:05.0277 0x20e8  [ 4AA35A2A5952AF226B39591A9DAEE269 ] \Device\Harddisk1\DR1\Partition1
15:59:05.0306 0x20e8  \Device\Harddisk1\DR1\Partition1 - ok
15:59:05.0311 0x20e8  [ DD12B7B2A7C7BF190649EF8407FE9A07 ] \Device\Harddisk2\DR2\Partition1
15:59:05.0353 0x20e8  \Device\Harddisk2\DR2\Partition1 - ok
15:59:05.0353 0x20e8  ================ Scan generic autorun ======================
15:59:05.0427 0x20e8  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
15:59:05.0521 0x20e8  Windows Defender - ok
15:59:05.0773 0x20e8  [ 905A44230F1A7CFF23BBA670B247E6AA, 0A63A42F4942E1E9D568186F07F2EA3AB377132E075B18C486BD746DE6E0F419 ] C:\Windows\RtHDVCpl.exe
15:59:06.0058 0x20e8  RtHDVCpl - ok
15:59:06.0111 0x20e8  [ 712FC805D0DD5C41A0C364BF5B49AA91, 30CF527DBE1B2070BBB19BA4BE058ED95B99841301470413A6301D74A338AE75 ] C:\Acer\Empowering Technology\SysMonitor.exe
15:59:06.0162 0x20e8  Acer Empowering Technology Monitor - ok
15:59:06.0230 0x20e8  [ 4BC8167722B6C79B1B13F1F2076B9EEC, 662E214F02735D40C0DB00AFB9FB943F93FCFD739779340C3B87E140B8AD2384 ] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
15:59:06.0315 0x20e8  eDataSecurity Loader - ok
15:59:06.0361 0x20e8  [ 37728F6DB0A8D31B0A1C49A7228E1D34, 6F545DF31523E41CA90C4277B544BE7A132D0CCAAFB5F621916E7FC4083D47A9 ] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
15:59:06.0380 0x20e8  PCMMediaSharing - detected UnsignedFile.Multi.Generic ( 1 )
15:59:06.0615 0x20e8  Detect skipped due to KSN trusted
15:59:06.0616 0x20e8  PCMMediaSharing - ok
15:59:06.0663 0x20e8  [ 4F42FAB0A6E4A9AD8606AEF8C4D78722, 2264D01EC2E315038AD72C4B01847A9FEFD2C25DFA760C8D00D9633BD756DB8E ] C:\Windows\system32\nvraidservice.exe
15:59:06.0704 0x20e8  NVRaidService - ok
15:59:06.0736 0x20e8  [ 88132DEEBC4282ABDEAC30D3625BAFF3, 20BC57511527B4312B1335C37121EDE488E1F0E9EC4C3DAEBA7D8C9DF5877623 ] C:\Program Files\PC Tools Security\BDT\FGuard.exe
15:59:06.0772 0x20e8  PCTools FGuard - ok
15:59:06.0852 0x20e8  [ 66177D4C99FD8B578C7C56DE445E4D5D, 003D0254D7C693A72DE84CB76858F8D67D9FD62206F1B56DF7F5D0FA834C3BA7 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
15:59:06.0938 0x20e8  avgnt - ok
15:59:07.0052 0x20e8  [ 504C916D52ABA407FD4DC1E709AEA71E, 8F279620247481F28DF7D9FD4A81173396E39EB807E24587E89CAF1172CC846C ] C:\Program Files\avmwlanstick\wlangui.exe
15:59:07.0192 0x20e8  AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
15:59:07.0446 0x20e8  Detect skipped due to KSN trusted
15:59:07.0446 0x20e8  AVMWlanClient - ok
15:59:07.0453 0x20e8  NvSvc - ok
15:59:07.0458 0x20e8  NvCplDaemon - ok
15:59:07.0463 0x20e8  NvMediaCenter - ok
15:59:07.0611 0x20e8  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
15:59:07.0712 0x20e8  Sidebar - ok
15:59:07.0725 0x20e8  WindowsWelcomeCenter - ok
15:59:07.0811 0x20e8  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
15:59:07.0893 0x20e8  Sidebar - ok
15:59:07.0902 0x20e8  WindowsWelcomeCenter - ok
15:59:07.0982 0x20e8  [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
15:59:08.0025 0x20e8  ehTray.exe - ok
15:59:08.0515 0x20e8  [ 395BCC9122E705F6586217E32CD01CC9, 0A2E3BF0E626A65B9FF1BEFB35FFBC9CCAA3C75DB395D175AAE2DD014A8E8A34 ] C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
15:59:08.0623 0x20e8  HP Officejet 6600 (NET) - ok
15:59:08.0686 0x20e8  [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\WMPNSCFG.exe
15:59:08.0733 0x20e8  WMPNSCFG - ok
15:59:08.0842 0x20e8  [ 395BCC9122E705F6586217E32CD01CC9, 0A2E3BF0E626A65B9FF1BEFB35FFBC9CCAA3C75DB395D175AAE2DD014A8E8A34 ] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
15:59:08.0971 0x20e8  HP Officejet Pro 8600 (NET) - ok
15:59:08.0978 0x20e8  Waiting for KSN requests completion. In queue: 13
15:59:10.0054 0x20e8  AV detected via SS2: Avira Antivirus, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 15.0.10.414 ), 0x41000 ( enabled : updated )
15:59:10.0058 0x20e8  AV detected via SS2: Emsisoft Anti-Malware, C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2start.exe ( 10.0.0.5366 ), 0x41000 ( enabled : updated )
15:59:10.0143 0x20e8  Win FW state via NFP2: enabled
15:59:10.0296 0x20e8  ============================================================
15:59:10.0296 0x20e8  Scan finished
15:59:10.0296 0x20e8  ============================================================
15:59:10.0311 0x265c  Detected object count: 1
15:59:10.0311 0x265c  Actual detected object count: 1
15:59:39.0089 0x265c  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:59:39.0089 0x265c  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Alt 22.05.2015, 20:16   #5
M-K-D-B
/// TB-Ausbilder
 
DHL Virus oder Trojaner warscheinlich eingefangen - Standard

DHL Virus oder Trojaner warscheinlich eingefangen


Servus,





Schritt 1
Mehrere Anti-Virus-Programme

Code:
ATTFilter
Emsisoft
Avira
Mir ist aufgefallen, dass Du mehr als ein Anti-Virus-Programm mit Hintergrundwächter laufen hast. Das ist gefährlich, da sich die Programme in die Quere kommen können und dadurch Viren erst recht auf dem Rechner landen können. Ausserdem bremst es auch das System aus. Entscheide Dich für eine Variante und deinstalliere die andere über Systemsteuerung => Software.
Berichte, für welches Anti-Virus-Programm Du Dich entschieden hast.





Schritt 2
TDSS-Killer nochmal scannen lassen und dieses Mal bei dem Fund
Zitat:
15:59:39.0089 0x265c \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:59:39.0089 0x265c \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: skip
Cure wählen und den Rechner über TDSS-Killer neu starten.





Schritt 3
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
Alt 23.05.2015, 10:10   #6
Koeppi1969
 
DHL Virus oder Trojaner warscheinlich eingefangen - Standard

DHL Virus oder Trojaner warscheinlich eingefangen


Hallo Matthias,
danke erst einmal für dein Bemühen mein Problem hinzubekommen.
Ich habe heute früh die Virenprogramme gelöscht und mich für Antivir entschieden. Danach habe ich den TDSSKiller gestartet, doch leider hat sich der PC aufgehangen und ging auch nicht mehr runterzufahren. Habe ihn dann aus gemacht und nach einer Weile wieder hochfahren lassen. Dann TDSS wieder ausgeführt. Er hat dann nur noch ein gefundenes Objekt angezeigt. Desweiteren habe ich auch keine "cure" gefunden. soll ich dir den Report dennoch posten und so weiter machen wie von Dir beschrieben?
Hier der Report:
Code:
ATTFilter
10:56:29.0477 0x14e4  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
10:56:32.0504 0x14e4  ============================================================
10:56:32.0504 0x14e4  Current date / time: 2015/05/23 10:56:32.0504
10:56:32.0504 0x14e4  SystemInfo:
10:56:32.0504 0x14e4  
10:56:32.0504 0x14e4  OS Version: 6.0.6002 ServicePack: 2.0
10:56:32.0504 0x14e4  Product type: Workstation
10:56:32.0504 0x14e4  ComputerName: ARBEITSZIMMER
10:56:32.0504 0x14e4  UserName: sandraundjörg
10:56:32.0504 0x14e4  Windows directory: C:\Windows
10:56:32.0504 0x14e4  System windows directory: C:\Windows
10:56:32.0504 0x14e4  Processor architecture: Intel x86
10:56:32.0504 0x14e4  Number of processors: 4
10:56:32.0504 0x14e4  Page size: 0x1000
10:56:32.0504 0x14e4  Boot type: Normal boot
10:56:32.0504 0x14e4  ============================================================
10:56:35.0202 0x14e4  KLMD registered as C:\Windows\system32\drivers\10854710.sys
10:56:35.0358 0x14e4  System UUID: {95E80644-04DF-47AF-49B3-6A5DDD74BAD1}
10:56:35.0982 0x14e4  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:56:35.0982 0x14e4  Drive \Device\Harddisk1\DR1 - Size: 0x2E93E36000 ( 186.31 Gb ), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:56:35.0998 0x14e4  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:56:36.0060 0x14e4  ============================================================
10:56:36.0060 0x14e4  \Device\Harddisk0\DR0:
10:56:36.0060 0x14e4  MBR partitions:
10:56:36.0060 0x14e4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1385000, BlocksNum 0x24AAB000
10:56:36.0060 0x14e4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x25E30000, BlocksNum 0x24A27800
10:56:36.0060 0x14e4  \Device\Harddisk1\DR1:
10:56:36.0060 0x14e4  MBR partitions:
10:56:36.0060 0x14e4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1748A3FC
10:56:36.0060 0x14e4  \Device\Harddisk2\DR2:
10:56:36.0060 0x14e4  MBR partitions:
10:56:36.0060 0x14e4  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
10:56:36.0060 0x14e4  ============================================================
10:56:36.0123 0x14e4  C: <-> \Device\Harddisk0\DR0\Partition1
10:56:36.0154 0x14e4  D: <-> \Device\Harddisk1\DR1\Partition1
10:56:36.0185 0x14e4  E: <-> \Device\Harddisk0\DR0\Partition2
10:56:36.0201 0x14e4  H: <-> \Device\Harddisk2\DR2\Partition1
10:56:36.0201 0x14e4  ============================================================
10:56:36.0201 0x14e4  Initialize success
10:56:36.0201 0x14e4  ============================================================
10:56:45.0342 0x073c  ============================================================
10:56:45.0342 0x073c  Scan started
10:56:45.0342 0x073c  Mode: Manual; SigCheck; TDLFS; 
10:56:45.0342 0x073c  ============================================================
10:56:45.0342 0x073c  KSN ping started
10:56:45.0888 0x073c  KSN ping finished: true
10:56:46.0856 0x073c  ================ Scan system memory ========================
10:56:46.0856 0x073c  System memory - ok
10:56:46.0856 0x073c  ================ Scan services =============================
10:56:47.0058 0x073c  [ 517D30057C726C797764BFD70A55D82A, F1F48EF16DB9F7B5C6F8D0C595DE2E4ABD26FAF19372C1AA598F6988709D2170 ] Acer HomeMedia Connect Service C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
10:56:47.0402 0x073c  Acer HomeMedia Connect Service - detected UnsignedFile.Multi.Generic ( 1 )
10:56:47.0651 0x073c  Detect skipped due to KSN trusted
10:56:47.0651 0x073c  Acer HomeMedia Connect Service - ok
10:56:47.0792 0x073c  [ E91F2444DF54E725DDBBDDB7FBCE71F5, 28895DF44A4E7D959ACBBAA6AFC4B70515D87D40F5F74EB296BB2D5FFC5C2765 ] AcerMemUsageCheckService C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
10:56:47.0854 0x073c  AcerMemUsageCheckService - detected UnsignedFile.Multi.Generic ( 1 )
10:56:48.0072 0x073c  Detect skipped due to KSN trusted
10:56:48.0072 0x073c  AcerMemUsageCheckService - ok
10:56:48.0322 0x073c  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
10:56:48.0384 0x073c  ACPI - ok
10:56:48.0462 0x073c  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
10:56:48.0478 0x073c  AdobeARMservice - ok
10:56:48.0525 0x073c  [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:56:48.0540 0x073c  AdobeFlashPlayerUpdateSvc - ok
10:56:48.0587 0x073c  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
10:56:48.0650 0x073c  adp94xx - ok
10:56:48.0696 0x073c  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
10:56:48.0743 0x073c  adpahci - ok
10:56:48.0759 0x073c  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
10:56:48.0790 0x073c  adpu160m - ok
10:56:48.0821 0x073c  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
10:56:48.0852 0x073c  adpu320 - ok
10:56:48.0899 0x073c  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:56:48.0962 0x073c  AeLookupSvc - ok
10:56:49.0008 0x073c  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys
10:56:49.0071 0x073c  AFD - ok
10:56:49.0118 0x073c  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
10:56:49.0133 0x073c  agp440 - ok
10:56:49.0164 0x073c  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
10:56:49.0180 0x073c  aic78xx - ok
10:56:49.0242 0x073c  [ FA9B4921088981A0E44DEA8A605E58C8, 18DD501C056660F868A212E6F96DB0A4394602A2B608EB6830F580008031016A ] aksfridge       C:\Windows\system32\DRIVERS\aksfridge.sys
10:56:49.0336 0x073c  aksfridge - ok
10:56:49.0430 0x073c  [ 5EA155A2E7633C02E80CE855E06145A7, 3E3C89432F8D6FF6F0AAF9ECE8C2C3EC2B9E7159F21113A8A8C0235446A984DA ] akshasp         C:\Windows\system32\DRIVERS\akshasp.sys
10:56:49.0461 0x073c  akshasp - ok
10:56:49.0492 0x073c  [ DDCCFF5E81FDE1A869D71C48BB4D763F, E029ED7BDF1E329A8F5CA6AA6187911C6BECD13973F1C4692E2AAA427A131E2F ] akshhl          C:\Windows\system32\DRIVERS\akshhl.sys
10:56:49.0508 0x073c  akshhl - ok
10:56:49.0539 0x073c  [ 75DDDBC36E9845F290694BCA6D24AC90, DA96063E97963C5AF58CCA3C2C1B3FA42E0346F3276296B62A93B6A3A101889C ] aksusb          C:\Windows\system32\DRIVERS\aksusb.sys
10:56:49.0586 0x073c  aksusb - ok
10:56:49.0617 0x073c  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
10:56:49.0726 0x073c  ALG - ok
10:56:49.0757 0x073c  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
10:56:49.0788 0x073c  aliide - ok
10:56:49.0820 0x073c  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
10:56:49.0851 0x073c  amdagp - ok
10:56:49.0882 0x073c  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
10:56:49.0898 0x073c  amdide - ok
10:56:49.0929 0x073c  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
10:56:49.0976 0x073c  AmdK7 - ok
10:56:50.0007 0x073c  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
10:56:50.0069 0x073c  AmdK8 - ok
10:56:50.0225 0x073c  [ 4428DC966DD5D0659AA7CA913D1D7652, 267D0F64354A105A2A64AB41607E3EB22CF8B448D2EBEC62C31829F03736836D ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
10:56:50.0272 0x073c  AntiVirMailService - ok
10:56:50.0444 0x073c  [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
10:56:50.0506 0x073c  AntiVirSchedulerService - ok
10:56:50.0631 0x073c  [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
10:56:50.0662 0x073c  AntiVirService - ok
10:56:50.0787 0x073c  [ 266C0506DF8BA3990E12885E64EE4420, 60995CFE54B8594179BEAB06C4498CBF997B0C85147E5DD747CE238C89F6979D ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
10:56:50.0820 0x073c  AntiVirWebService - ok
10:56:50.0879 0x073c  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
10:56:50.0909 0x073c  Appinfo - ok
10:56:50.0947 0x073c  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
10:56:50.0973 0x073c  arc - ok
10:56:51.0006 0x073c  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:56:51.0033 0x073c  arcsas - ok
10:56:51.0151 0x073c  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:56:51.0224 0x073c  aspnet_state - ok
10:56:51.0255 0x073c  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:56:51.0317 0x073c  AsyncMac - ok
10:56:51.0355 0x073c  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
10:56:51.0382 0x073c  atapi - ok
10:56:51.0472 0x073c  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:56:51.0532 0x073c  AudioEndpointBuilder - ok
10:56:51.0555 0x073c  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
10:56:51.0582 0x073c  Audiosrv - ok
10:56:51.0602 0x073c  [ EC17E91BC9026C5ED580FB2B13E341AB, 2D9421AE05F3D4A8DBD69D73B4B562EA4F93FBD12AB2F77C52DA8B411626EBF1 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
10:56:51.0636 0x073c  avgntflt - ok
10:56:51.0669 0x073c  [ 7BAA36ED6C6098899D9E1269A61085C3, 2D101F1C6C79B0BD722BDB5939344F65728EC2F5B747B6619640775E6FDEFC0A ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
10:56:51.0700 0x073c  avipbb - ok
10:56:51.0762 0x073c  [ B127AC7651D0C088E4A239EED92F8AF8, 2958F81C06C46E147E8022F3B7E9C26F1D47C729ADD336D68DCCFEB363CB09FF ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
10:56:51.0779 0x073c  Avira.OE.ServiceHost - ok
10:56:51.0812 0x073c  [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
10:56:51.0840 0x073c  avkmgr - ok
10:56:51.0918 0x073c  [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files\avmwlanstick\WlanNetService.exe
10:56:51.0984 0x073c  AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
10:56:52.0382 0x073c  Detect skipped due to KSN trusted
10:56:52.0382 0x073c  AVM WLAN Connection Service - ok
10:56:52.0444 0x073c  [ 263CF9D248FD5E020A1333ED4F7EAA88, 04F944C2B284172A7917389A83C525FA9A3ACB026F370EB886B48759FE81A5E1 ] avmeject        C:\Windows\system32\drivers\avmeject.sys
10:56:52.0476 0x073c  avmeject - detected UnsignedFile.Multi.Generic ( 1 )
10:56:52.0694 0x073c  Detect skipped due to KSN trusted
10:56:52.0694 0x073c  avmeject - ok
10:56:52.0772 0x073c  [ 4BEFF67C1775D353A16A62347E727874, 62363C5E5F4BF049A3E49FADA8CB17269945056ACADB319FDC4F05B74E2553C8 ] BBSvc           C:\Program Files\Microsoft\BingBar\7.1.355.0\BBSvc.exe
10:56:52.0788 0x073c  BBSvc - ok
10:56:52.0819 0x073c  [ A6DAAD3EA93DBDBD07FA821BCED133F6, 8F33D4E4B82091D09E62FD5487C88F3DF0DAC31FCBB846183CC4020533A131DE ] BBUpdate        C:\Program Files\Microsoft\BingBar\7.1.355.0\SeaPort.exe
10:56:52.0881 0x073c  BBUpdate - ok
10:56:52.0912 0x073c  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:56:52.0959 0x073c  Beep - ok
10:56:53.0006 0x073c  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
10:56:53.0068 0x073c  BFE - ok
10:56:53.0115 0x073c  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
10:56:53.0193 0x073c  BITS - ok
10:56:53.0224 0x073c  [ 66F655B08EED3230E059D197C8A1969B, 04236F559DDFF72DDA29D71D2C554D7126A56A39367596E8C04EE7CCE205821C ] bizVSerial      C:\Windows\system32\drivers\bizVSerialNT.sys
10:56:53.0256 0x073c  bizVSerial - detected UnsignedFile.Multi.Generic ( 1 )
10:56:53.0458 0x073c  Detect skipped due to KSN trusted
10:56:53.0458 0x073c  bizVSerial - ok
10:56:53.0505 0x073c  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
10:56:53.0536 0x073c  blbdrive - ok
10:56:53.0568 0x073c  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:56:53.0614 0x073c  bowser - ok
10:56:53.0630 0x073c  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
10:56:53.0661 0x073c  BrFiltLo - ok
10:56:53.0677 0x073c  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
10:56:53.0708 0x073c  BrFiltUp - ok
10:56:53.0755 0x073c  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
10:56:53.0802 0x073c  Browser - ok
10:56:53.0864 0x073c  [ 7E104343A9F28CAE50EE2F388FEC049E, 7286B866B424FDF7F76128DC51C7B3AA5ACE799041043C150CF608850455DA8A ] Browser Defender Update Service C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
10:56:53.0880 0x073c  Browser Defender Update Service - ok
10:56:53.0911 0x073c  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
10:56:53.0973 0x073c  Brserid - ok
10:56:54.0004 0x073c  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
10:56:54.0051 0x073c  BrSerWdm - ok
10:56:54.0082 0x073c  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
10:56:54.0192 0x073c  BrUsbMdm - ok
10:56:54.0207 0x073c  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
10:56:54.0254 0x073c  BrUsbSer - ok
10:56:54.0270 0x073c  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
10:56:54.0332 0x073c  BTHMODEM - ok
10:56:54.0363 0x073c  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:56:54.0410 0x073c  cdfs - ok
10:56:54.0426 0x073c  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:56:54.0472 0x073c  cdrom - ok
10:56:54.0488 0x073c  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
10:56:54.0519 0x073c  CertPropSvc - ok
10:56:54.0535 0x073c  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
10:56:54.0597 0x073c  circlass - ok
10:56:54.0644 0x073c  [ EBF03DB02CDB10724498AA1660047138, DF03F91FDCD86F3D0AD5FCA440BBA990DFA49074DEF945B42B7292D38E9BF9F5 ] cjpcsc          C:\Windows\system32\cjpcsc.exe
10:56:54.0660 0x073c  cjpcsc - ok
10:56:54.0691 0x073c  [ 46241991510A23DC759291918178FFF9, 86286ECC38456173B4E738A58B1B2BB6EA800814E8E1C4EE8DF863B05D2FF322 ] cjusb           C:\Windows\system32\DRIVERS\cjusb.sys
10:56:54.0706 0x073c  cjusb - ok
10:56:54.0738 0x073c  [ 5D9311526801643000D7032A83B18B12, C5A98868A41446617B3A27C6C4AAFA4E7C093E253E8C1DD5DBFE6FAE21991209 ] CLFS            C:\Windows\system32\CLFS.sys
10:56:54.0769 0x073c  CLFS - ok
10:56:54.0816 0x073c  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:56:54.0847 0x073c  clr_optimization_v2.0.50727_32 - ok
10:56:54.0878 0x073c  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:56:54.0956 0x073c  clr_optimization_v4.0.30319_32 - ok
10:56:54.0972 0x073c  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:56:55.0003 0x073c  cmdide - ok
10:56:55.0018 0x073c  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
10:56:55.0050 0x073c  Compbatt - ok
10:56:55.0050 0x073c  COMSysApp - ok
10:56:55.0081 0x073c  cqnkcwly - ok
10:56:55.0096 0x073c  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
10:56:55.0112 0x073c  crcdisk - ok
10:56:55.0143 0x073c  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
10:56:55.0190 0x073c  Crusoe - ok
10:56:55.0206 0x073c  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:56:55.0237 0x073c  CryptSvc - ok
10:56:55.0284 0x073c  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:56:55.0393 0x073c  DcomLaunch - ok
10:56:55.0642 0x073c  [ D17845A5385BFCB838CDC532AF5E3E47, 2FC6E23267F8DF4B78FD8DE011184A26AD92DE8D0CCD4C2E4BF067F49A3989FB ] DevoloNetworkService C:\Program Files\devolo\dlan\devolonetsvc.exe
10:56:55.0798 0x073c  DevoloNetworkService - ok
10:56:55.0861 0x073c  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:56:55.0908 0x073c  DfsC - ok
10:56:56.0001 0x073c  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
10:56:56.0157 0x073c  DFSR - ok
10:56:56.0188 0x073c  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
10:56:56.0235 0x073c  Dhcp - ok
10:56:56.0266 0x073c  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
10:56:56.0282 0x073c  disk - ok
10:56:56.0313 0x073c  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:56:56.0344 0x073c  Dnscache - ok
10:56:56.0376 0x073c  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
10:56:56.0422 0x073c  dot3svc - ok
10:56:56.0454 0x073c  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
10:56:56.0500 0x073c  DPS - ok
10:56:56.0516 0x073c  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:56:56.0563 0x073c  drmkaud - ok
10:56:56.0610 0x073c  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:56:56.0688 0x073c  DXGKrnl - ok
10:56:56.0719 0x073c  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
10:56:56.0781 0x073c  E1G60 - ok
10:56:56.0797 0x073c  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
10:56:56.0828 0x073c  EapHost - ok
10:56:56.0875 0x073c  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
10:56:56.0906 0x073c  Ecache - ok
10:56:56.0968 0x073c  [ B7DC2580425225C320CEDA78DE55A3D0, 93D05D3743416442ED1378FE8A6F107F74B963781A61A36DF072E05228B2F030 ] eDataSecurity Service C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
10:56:57.0000 0x073c  eDataSecurity Service - ok
10:56:57.0046 0x073c  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:56:57.0109 0x073c  ehRecvr - ok
10:56:57.0156 0x073c  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
10:56:57.0187 0x073c  ehSched - ok
10:56:57.0202 0x073c  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
10:56:57.0234 0x073c  ehstart - ok
10:56:57.0265 0x073c  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
10:56:57.0327 0x073c  elxstor - ok
10:56:57.0405 0x073c  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
10:56:57.0483 0x073c  EMDMgmt - ok
10:56:57.0561 0x073c  [ 59FCCAF915BA89DD98CADF08DA91AFEE, 1286481DF42EBBE13C0FC18ABA514393544CDA17420E71518EF87ADD82D224CB ] eRecoveryService C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
10:56:57.0624 0x073c  eRecoveryService - detected UnsignedFile.Multi.Generic ( 1 )
10:56:57.0842 0x073c  Detect skipped due to KSN trusted
10:56:57.0842 0x073c  eRecoveryService - ok
10:56:57.0858 0x073c  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:56:57.0904 0x073c  ErrDev - ok
10:56:57.0951 0x073c  [ A9745687A57CDD71237915859ABA8DAC, DE21C397EBC822622B61189EC6CCF720C76AB6A249188987A10086252A9F26FD ] eSettingsService C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
10:56:57.0967 0x073c  eSettingsService - detected UnsignedFile.Multi.Generic ( 1 )
10:56:58.0216 0x073c  Detect skipped due to KSN trusted
10:56:58.0216 0x073c  eSettingsService - ok
10:56:58.0294 0x073c  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
10:56:58.0326 0x073c  EventSystem - ok
10:56:58.0404 0x073c  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:56:58.0450 0x073c  exfat - ok
10:56:58.0466 0x073c  [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:56:58.0497 0x073c  fastfat - ok
10:56:58.0528 0x073c  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:56:58.0560 0x073c  fdc - ok
10:56:58.0591 0x073c  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
10:56:58.0622 0x073c  fdPHost - ok
10:56:58.0638 0x073c  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:56:58.0684 0x073c  FDResPub - ok
10:56:58.0700 0x073c  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:56:58.0731 0x073c  FileInfo - ok
10:56:58.0747 0x073c  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:56:58.0794 0x073c  Filetrace - ok
10:56:58.0809 0x073c  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:56:58.0872 0x073c  flpydisk - ok
10:56:58.0918 0x073c  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:56:58.0950 0x073c  FltMgr - ok
10:56:59.0012 0x073c  [ 7417E869AE5AAC3026329E7749698110, 14545202D90C23EE6A2ADC5627791A3B43B5EEA6F78F44021C9AE2B5B8A351DD ] FontCache       C:\Windows\system32\FntCache.dll
10:56:59.0074 0x073c  FontCache - ok
10:56:59.0137 0x073c  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:56:59.0152 0x073c  FontCache3.0.0.0 - ok
10:56:59.0184 0x073c  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:56:59.0308 0x073c  Fs_Rec - ok
10:56:59.0386 0x073c  [ 7AD4C281CB1661086B05E087230D4B76, 13DE6654EBAE4CB980E6ED8C4FB66BE413A9429662E300D2DC2A42ED85C051A2 ] fwlanusb4       C:\Windows\system32\DRIVERS\fwlanusb4.sys
10:56:59.0480 0x073c  fwlanusb4 - ok
10:56:59.0496 0x073c  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:56:59.0527 0x073c  gagp30kx - ok
10:56:59.0574 0x073c  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
10:56:59.0667 0x073c  gpsvc - ok
10:56:59.0698 0x073c  [ 99FCD7CE9894C241FB98A7811D2D8813, 713E9D6E1AA98AC4D7644872C988082870BC23FEE70C5831FB26159608E7E00A ] hardlock        C:\Windows\system32\drivers\hardlock.sys
10:56:59.0776 0x073c  hardlock - ok
10:56:59.0792 0x073c  hasplms - ok
10:56:59.0870 0x073c  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:56:59.0932 0x073c  HdAudAddService - ok
10:56:59.0964 0x073c  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
10:57:00.0073 0x073c  HDAudBus - ok
10:57:00.0104 0x073c  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:57:00.0151 0x073c  HidBth - ok
10:57:00.0182 0x073c  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
10:57:00.0244 0x073c  HidIr - ok
10:57:00.0276 0x073c  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
10:57:00.0307 0x073c  hidserv - ok
10:57:00.0322 0x073c  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:57:00.0369 0x073c  HidUsb - ok
10:57:00.0400 0x073c  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:57:00.0463 0x073c  hkmsvc - ok
10:57:00.0463 0x073c  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
10:57:00.0494 0x073c  HpCISSs - ok
10:57:00.0525 0x073c  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:57:00.0634 0x073c  HTTP - ok
10:57:00.0666 0x073c  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
10:57:00.0681 0x073c  i2omp - ok
10:57:00.0712 0x073c  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
10:57:00.0759 0x073c  i8042prt - ok
10:57:00.0790 0x073c  [ 580BFEC487C55264BFE3D60C3C24EEE1, 0EA6D0C92C94E9597F3C063F7636710CC1CBECE5A57A5B1C463B2BA5ACB4F061 ] iaStor          C:\Windows\system32\drivers\iastor.sys
10:57:00.0837 0x073c  iaStor - ok
10:57:00.0853 0x073c  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
10:57:00.0900 0x073c  iaStorV - ok
10:57:01.0056 0x073c  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:57:01.0196 0x073c  idsvc - ok
10:57:01.0227 0x073c  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
10:57:01.0243 0x073c  iirsp - ok
10:57:01.0305 0x073c  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
10:57:01.0352 0x073c  IKEEXT - ok
10:57:01.0492 0x073c  [ C6E5276C00EBDEB096BB5EF4B797D1B6, 2620D2F7B5242E9DD0217FB4E0CBACF1DB8AB1B92187AD2847904948E1ABFEC1 ] int15           C:\Acer\Empowering Technology\eRecovery\int15.sys
10:57:01.0508 0x073c  int15 - ok
10:57:01.0586 0x073c  [ F6E17C275666A4402588A30E36565910, 708438A37C8E1FD5107224494FE31A3571347471E5EDB812C7A50A8858F62606 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
10:57:01.0742 0x073c  IntcAzAudAddService - ok
10:57:01.0820 0x073c  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
10:57:01.0836 0x073c  intelide - ok
10:57:01.0867 0x073c  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:57:01.0898 0x073c  intelppm - ok
10:57:01.0929 0x073c  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:57:01.0976 0x073c  IPBusEnum - ok
10:57:01.0992 0x073c  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:57:02.0038 0x073c  IpFilterDriver - ok
10:57:02.0101 0x073c  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:57:02.0163 0x073c  iphlpsvc - ok
10:57:02.0163 0x073c  IpInIp - ok
10:57:02.0179 0x073c  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
10:57:02.0226 0x073c  IPMIDRV - ok
10:57:02.0241 0x073c  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
10:57:02.0288 0x073c  IPNAT - ok
10:57:02.0319 0x073c  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:57:02.0366 0x073c  IRENUM - ok
10:57:02.0397 0x073c  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:57:02.0413 0x073c  isapnp - ok
10:57:02.0444 0x073c  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
10:57:02.0491 0x073c  iScsiPrt - ok
10:57:02.0506 0x073c  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
10:57:02.0522 0x073c  iteatapi - ok
10:57:02.0538 0x073c  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
10:57:02.0553 0x073c  iteraid - ok
10:57:02.0569 0x073c  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:57:02.0584 0x073c  kbdclass - ok
10:57:02.0616 0x073c  [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
10:57:02.0647 0x073c  kbdhid - ok
10:57:02.0678 0x073c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
10:57:02.0709 0x073c  KeyIso - ok
10:57:02.0740 0x073c  [ 5035EDF1F2E72F78BB1EC5BD9B97463F, 8AFAD580A96F002FFB22761B65D4B414917895C45B11B53089BB3E0331995EF7 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:57:02.0818 0x073c  KSecDD - ok
10:57:02.0865 0x073c  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:57:02.0928 0x073c  KtmRm - ok
10:57:02.0943 0x073c  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:57:02.0990 0x073c  LanmanServer - ok
10:57:03.0052 0x073c  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:57:03.0084 0x073c  LanmanWorkstation - ok
10:57:03.0162 0x073c  [ 793FF718477345CD5D232C50BED1E452, 1D39CF9F10742C79FF99B9B4E0361EAEA63B4FC545C58B54B55537D18C802941 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
10:57:03.0162 0x073c  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
10:57:03.0364 0x073c  Detect skipped due to KSN trusted
10:57:03.0364 0x073c  LightScribeService - ok
10:57:03.0411 0x073c  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:57:03.0458 0x073c  lltdio - ok
10:57:03.0489 0x073c  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:57:03.0552 0x073c  lltdsvc - ok
10:57:03.0583 0x073c  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:57:03.0630 0x073c  lmhosts - ok
10:57:03.0661 0x073c  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:57:03.0676 0x073c  LSI_FC - ok
10:57:03.0692 0x073c  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:57:03.0723 0x073c  LSI_SAS - ok
10:57:03.0739 0x073c  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:57:03.0770 0x073c  LSI_SCSI - ok
10:57:03.0801 0x073c  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
10:57:03.0848 0x073c  luafv - ok
10:57:03.0848 0x073c  MBAMSwissArmy - ok
10:57:03.0895 0x073c  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:57:03.0926 0x073c  Mcx2Svc - ok
10:57:03.0957 0x073c  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
10:57:03.0973 0x073c  megasas - ok
10:57:04.0004 0x073c  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
10:57:04.0051 0x073c  MegaSR - ok
10:57:04.0098 0x073c  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
10:57:04.0144 0x073c  MMCSS - ok
10:57:04.0176 0x073c  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
10:57:04.0238 0x073c  Modem - ok
10:57:04.0269 0x073c  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:57:04.0316 0x073c  monitor - ok
10:57:04.0332 0x073c  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:57:04.0347 0x073c  mouclass - ok
10:57:04.0363 0x073c  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:57:04.0425 0x073c  mouhid - ok
10:57:04.0441 0x073c  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
10:57:04.0472 0x073c  MountMgr - ok
10:57:04.0550 0x073c  [ DD370A8148862150BA81A3F5C56A1E40, F56B84297BDC32266CB69D10FB2D66B8B332D60CAB7E64E4E3AC2BB749BBD31B ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:57:04.0581 0x073c  MozillaMaintenance - ok
10:57:04.0628 0x073c  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:57:04.0659 0x073c  mpio - ok
10:57:04.0675 0x073c  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:57:04.0737 0x073c  mpsdrv - ok
10:57:04.0753 0x073c  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:57:04.0862 0x073c  MpsSvc - ok
10:57:04.0878 0x073c  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
10:57:04.0893 0x073c  Mraid35x - ok
10:57:04.0940 0x073c  [ B0584CA7DEF55929FDB5169BD28B2484, AF6A7E404FEB29F7F3428D0AF6682195E5E8ED106996A04E6947DBD575696546 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:57:04.0971 0x073c  MRxDAV - ok
10:57:05.0002 0x073c  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:57:05.0034 0x073c  mrxsmb - ok
10:57:05.0065 0x073c  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:57:05.0127 0x073c  mrxsmb10 - ok
10:57:05.0158 0x073c  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:57:05.0190 0x073c  mrxsmb20 - ok
10:57:05.0205 0x073c  [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:57:05.0236 0x073c  msahci - ok
10:57:05.0252 0x073c  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:57:05.0268 0x073c  msdsm - ok
10:57:05.0299 0x073c  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
10:57:05.0346 0x073c  MSDTC - ok
10:57:05.0361 0x073c  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:57:05.0408 0x073c  Msfs - ok
10:57:05.0424 0x073c  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:57:05.0455 0x073c  msisadrv - ok
10:57:05.0470 0x073c  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:57:05.0533 0x073c  MSiSCSI - ok
10:57:05.0533 0x073c  msiserver - ok
10:57:05.0564 0x073c  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:57:05.0611 0x073c  MSKSSRV - ok
10:57:05.0626 0x073c  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:57:05.0673 0x073c  MSPCLOCK - ok
10:57:05.0689 0x073c  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:57:05.0736 0x073c  MSPQM - ok
10:57:05.0767 0x073c  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:57:05.0798 0x073c  MsRPC - ok
10:57:05.0814 0x073c  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
10:57:05.0845 0x073c  mssmbios - ok
10:57:05.0860 0x073c  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:57:05.0907 0x073c  MSTEE - ok
10:57:05.0923 0x073c  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
10:57:05.0938 0x073c  Mup - ok
10:57:05.0970 0x073c  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
10:57:06.0016 0x073c  napagent - ok
10:57:06.0048 0x073c  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:57:06.0094 0x073c  NativeWifiP - ok
10:57:06.0188 0x073c  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:57:06.0219 0x073c  NDIS - ok
10:57:06.0266 0x073c  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:57:06.0297 0x073c  NdisTapi - ok
10:57:06.0313 0x073c  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:57:06.0360 0x073c  Ndisuio - ok
10:57:06.0360 0x073c  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:57:06.0406 0x073c  NdisWan - ok
10:57:06.0422 0x073c  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:57:06.0469 0x073c  NDProxy - ok
10:57:06.0500 0x073c  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:57:06.0547 0x073c  NetBIOS - ok
10:57:06.0578 0x073c  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
10:57:06.0656 0x073c  netbt - ok
10:57:06.0672 0x073c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
10:57:06.0687 0x073c  Netlogon - ok
10:57:06.0718 0x073c  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
10:57:06.0765 0x073c  Netman - ok
10:57:06.0796 0x073c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:57:06.0874 0x073c  NetMsmqActivator - ok
10:57:06.0890 0x073c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:57:06.0906 0x073c  NetPipeActivator - ok
10:57:06.0937 0x073c  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
10:57:06.0984 0x073c  netprofm - ok
10:57:06.0999 0x073c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:57:07.0015 0x073c  NetTcpActivator - ok
10:57:07.0030 0x073c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
10:57:07.0062 0x073c  NetTcpPortSharing - ok
10:57:07.0093 0x073c  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
10:57:07.0108 0x073c  nfrd960 - ok
10:57:07.0140 0x073c  [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:57:07.0171 0x073c  NlaSvc - ok
10:57:07.0218 0x073c  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:57:07.0264 0x073c  Npfs - ok
10:57:07.0296 0x073c  [ 75AC610A7481CB1F343DC971249BCB19, F1DC7478F0219D88DEA5BAC95D11A6C3CA418D5BCB730EB0BC2D80247C39AC67 ] NPF_devolo      C:\Windows\system32\drivers\npf_devolo.sys
10:57:07.0311 0x073c  NPF_devolo - detected UnsignedFile.Multi.Generic ( 1 )
10:57:07.0576 0x073c  Detect skipped due to KSN trusted
10:57:07.0576 0x073c  NPF_devolo - ok
10:57:07.0592 0x073c  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
10:57:07.0639 0x073c  nsi - ok
10:57:07.0686 0x073c  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:57:07.0717 0x073c  nsiproxy - ok
10:57:07.0935 0x073c  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:57:08.0029 0x073c  Ntfs - ok
10:57:08.0060 0x073c  [ 7F1C1F78D709C4A54CBB46EDE7E0B48D, 52135D41983A9E9E1DCA250A63017076AE22AA06D77CCF2E5EF41154F958584A ] NTIDrvr         C:\Windows\system32\DRIVERS\NTIDrvr.sys
10:57:08.0091 0x073c  NTIDrvr - detected UnsignedFile.Multi.Generic ( 1 )
10:57:08.0325 0x073c  Detect skipped due to KSN trusted
10:57:08.0325 0x073c  NTIDrvr - ok
10:57:08.0403 0x073c  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
10:57:08.0466 0x073c  ntrigdigi - ok
10:57:08.0466 0x073c  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
10:57:08.0512 0x073c  Null - ok
10:57:08.0559 0x073c  [ B896FB556B4DC1E1D2943559EA79C5C5, 8819716153ACFF8F05AAA33F7E6CF24A09C8D2C78E4B5C5FF9F978CCA0AE1CB3 ] NVENETFD        C:\Windows\system32\DRIVERS\nvmfdx32.sys
10:57:08.0606 0x073c  NVENETFD - ok
10:57:08.0637 0x073c  [ F3EF6CB754C908C5E79FE5BB4A7E39BA, CE41E0FBEA6E8D4A659A2B1D38E6C76BF4A195A1D86DE825879F5A69D7A857D4 ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
10:57:08.0653 0x073c  NVHDA - ok
10:57:09.0308 0x073c  [ 23C24FDBC46B61A828DB3779A808A68B, CFB189CCACDD260811C34E86E515DF597DE2D2E4D0F50D6E070650BB8ED015CC ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:57:09.0792 0x073c  nvlddmkm - ok
10:57:09.0838 0x073c  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:57:09.0870 0x073c  nvraid - ok
10:57:09.0885 0x073c  [ 6F5BB0B40D251351A913B61BA9D64B3F, 69004AA640F59FF44F3EEAD3A0F9BF50850B161675BA9B837299649F92FBC0F6 ] nvrd32          C:\Windows\system32\drivers\nvrd32.sys
10:57:09.0901 0x073c  nvrd32 - ok
10:57:09.0916 0x073c  [ 7EC12A73067BACA25A8E3E2A58AE83D8, CB562872E951B599FDCCE27727F2329DC1031574A5A5CEF238D3DF1786E7D12A ] nvsmu           C:\Windows\system32\DRIVERS\nvsmu.sys
10:57:09.0932 0x073c  nvsmu - ok
10:57:09.0948 0x073c  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:57:09.0979 0x073c  nvstor - ok
10:57:09.0994 0x073c  [ 689A2160B851F8BF88F20728FD2F30BD, 9038C4B036EBD93E9150FA39165DB1E829A1018298BACF920FFD65B53A30EFD5 ] nvstor32        C:\Windows\system32\drivers\nvstor32.sys
10:57:10.0010 0x073c  nvstor32 - ok
10:57:10.0026 0x073c  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:57:10.0041 0x073c  nv_agp - ok
10:57:10.0057 0x073c  NwlnkFlt - ok
10:57:10.0057 0x073c  NwlnkFwd - ok
10:57:10.0291 0x073c  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:57:10.0353 0x073c  odserv - ok
10:57:10.0384 0x073c  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
10:57:10.0431 0x073c  ohci1394 - ok
10:57:10.0462 0x073c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:57:10.0494 0x073c  ose - ok
10:57:10.0712 0x073c  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:57:11.0040 0x073c  osppsvc - ok
10:57:11.0102 0x073c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
10:57:11.0180 0x073c  p2pimsvc - ok
10:57:11.0211 0x073c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
10:57:11.0242 0x073c  p2psvc - ok
10:57:11.0320 0x073c  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
10:57:11.0398 0x073c  Parport - ok
10:57:11.0414 0x073c  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:57:11.0445 0x073c  partmgr - ok
10:57:11.0461 0x073c  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
10:57:11.0508 0x073c  Parvdm - ok
10:57:11.0539 0x073c  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:57:11.0570 0x073c  PcaSvc - ok
10:57:11.0632 0x073c  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
10:57:11.0664 0x073c  pci - ok
10:57:11.0679 0x073c  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
10:57:11.0710 0x073c  pciide - ok
10:57:11.0726 0x073c  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:57:11.0757 0x073c  pcmcia - ok
10:57:11.0788 0x073c  [ 8F93FB300DEAC55C553C2255F1D0342D, B50119D4AB86E5E5EA4E48F2F5FD5CC2CF8F461A6F1435119E77B2462D493BE5 ] PCTCore         C:\Windows\system32\drivers\PCTCore.sys
10:57:11.0835 0x073c  PCTCore - ok
10:57:11.0851 0x073c  [ F820B4C61D1E591325B679D479D4EEA4, 7AE393C2E31CA92083842563C8E887B473D64FD5BC10168FDD1822DF782DB854 ] pctDS           C:\Windows\system32\drivers\pctDS.sys
10:57:11.0882 0x073c  pctDS - ok
10:57:11.0929 0x073c  [ ACC8C15F3D59F17C5D903FF1DE3B43D3, C0451359864FD9E59DBDD12C55D84C9019EAD14B17D88785B111A738E542E616 ] pctEFA          C:\Windows\system32\drivers\pctEFA.sys
10:57:11.0976 0x073c  pctEFA - ok
10:57:12.0038 0x073c  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:57:12.0163 0x073c  PEAUTH - ok
10:57:12.0241 0x073c  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
10:57:12.0366 0x073c  pla - ok
10:57:12.0397 0x073c  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:57:12.0459 0x073c  PlugPlay - ok
10:57:12.0490 0x073c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
10:57:12.0537 0x073c  PNRPAutoReg - ok
10:57:12.0584 0x073c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
10:57:12.0631 0x073c  PNRPsvc - ok
10:57:12.0709 0x073c  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:57:12.0756 0x073c  PolicyAgent - ok
10:57:12.0787 0x073c  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:57:12.0834 0x073c  PptpMiniport - ok
10:57:12.0849 0x073c  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
10:57:12.0896 0x073c  Processor - ok
10:57:12.0927 0x073c  [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:57:12.0958 0x073c  ProfSvc - ok
10:57:12.0974 0x073c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
10:57:12.0990 0x073c  ProtectedStorage - ok
10:57:13.0021 0x073c  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
10:57:13.0068 0x073c  PSched - ok
10:57:13.0083 0x073c  [ AB94285FF6C6BC5433407D8D182A4BB4, FEEED76008F5FFE3E55791B4EF96FF5D7A81151E406AFF0C353343CABFBA4038 ] PSDFilter       C:\Windows\system32\DRIVERS\psdfilter.sys
10:57:13.0099 0x073c  PSDFilter - ok
10:57:13.0114 0x073c  [ 2AAF9A5D7A63D26BFAEA853C5F2292BC, EF5CB105F487F3AECC83C743D77CE4CCFD8D4DFD342DE696B89250A65C654307 ] PSDNServ        C:\Windows\system32\DRIVERS\PSDNServ.sys
10:57:13.0130 0x073c  PSDNServ - ok
10:57:13.0161 0x073c  [ 0EB8CEC99855BEAE5B0D02C2302619EF, E708FCAEA004D61AA107A392F637CF564F25634BC483134FC79032D0E17F5FEF ] psdvdisk        C:\Windows\system32\DRIVERS\PSDVdisk.sys
10:57:13.0192 0x073c  psdvdisk - ok
10:57:13.0255 0x073c  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:57:13.0364 0x073c  ql2300 - ok
10:57:13.0395 0x073c  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:57:13.0411 0x073c  ql40xx - ok
10:57:13.0458 0x073c  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
10:57:13.0504 0x073c  QWAVE - ok
10:57:13.0520 0x073c  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:57:13.0536 0x073c  QWAVEdrv - ok
10:57:13.0551 0x073c  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:57:13.0598 0x073c  RasAcd - ok
10:57:13.0614 0x073c  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
10:57:13.0660 0x073c  RasAuto - ok
10:57:13.0676 0x073c  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:57:13.0707 0x073c  Rasl2tp - ok
10:57:13.0754 0x073c  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
10:57:13.0801 0x073c  RasMan - ok
10:57:13.0816 0x073c  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:57:13.0848 0x073c  RasPppoe - ok
10:57:13.0863 0x073c  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:57:13.0894 0x073c  RasSstp - ok
10:57:13.0926 0x073c  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:57:13.0988 0x073c  rdbss - ok
10:57:13.0988 0x073c  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:57:14.0035 0x073c  RDPCDD - ok
10:57:14.0066 0x073c  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
10:57:14.0113 0x073c  rdpdr - ok
10:57:14.0113 0x073c  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:57:14.0160 0x073c  RDPENCDD - ok
10:57:14.0191 0x073c  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:57:14.0222 0x073c  RDPWD - ok
10:57:14.0269 0x073c  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:57:14.0316 0x073c  RemoteAccess - ok
10:57:14.0331 0x073c  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:57:14.0378 0x073c  RemoteRegistry - ok
10:57:14.0518 0x073c  [ C1C132455200AD4704142442C89D0FA4, 2A2F9484CB818DBB783552B128B5E5AFB544FA488C0EE7A60C322111F16FCD16 ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
10:57:14.0534 0x073c  RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
10:57:14.0877 0x073c  Detect skipped due to KSN trusted
10:57:14.0877 0x073c  RichVideo - ok
10:57:14.0908 0x073c  [ EEC7EE5675294B03E88AA868540007C1, 4FA2DFD007ED0B6276D80D7948E5A676620BB120BAF2BDB22D2D1E6ABA08F1B4 ] RMCAST          C:\Windows\system32\DRIVERS\RMCAST.sys
10:57:14.0955 0x073c  RMCAST - ok
10:57:14.0971 0x073c  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
10:57:15.0002 0x073c  RpcLocator - ok
10:57:15.0049 0x073c  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
10:57:15.0096 0x073c  RpcSs - ok
10:57:15.0127 0x073c  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:57:15.0189 0x073c  rspndr - ok
10:57:15.0205 0x073c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
10:57:15.0236 0x073c  SamSs - ok
10:57:15.0267 0x073c  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:57:15.0283 0x073c  sbp2port - ok
10:57:15.0314 0x073c  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:57:15.0345 0x073c  SCardSvr - ok
10:57:15.0408 0x073c  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
10:57:15.0439 0x073c  Schedule - ok
10:57:15.0470 0x073c  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:57:15.0486 0x073c  SCPolicySvc - ok
10:57:15.0532 0x073c  [ A1089AC7683826E6C7C9FAB9723DD80F, 8C8E29DA3A53CAC5B4294276DB50D44D7C90209EF40A0CD955D5BE25C0CF9985 ] sdAuxService    C:\Program Files\PC Tools Security\pctsAuxs.exe
10:57:15.0579 0x073c  sdAuxService - ok
10:57:15.0610 0x073c  [ 2E5651BEB5C4C23757723DACFD230246, 333C3851850F6F63174D87DB4C45EA86F85F5559FF70B6237F393D44BF824F88 ] sdCoreService   C:\Program Files\PC Tools Security\pctsSvc.exe
10:57:15.0704 0x073c  sdCoreService - ok
10:57:15.0735 0x073c  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:57:15.0782 0x073c  SDRSVC - ok
10:57:15.0798 0x073c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:57:15.0860 0x073c  secdrv - ok
10:57:15.0876 0x073c  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
10:57:15.0907 0x073c  seclogon - ok
10:57:15.0922 0x073c  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
10:57:15.0985 0x073c  SENS - ok
10:57:16.0000 0x073c  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:57:16.0047 0x073c  Serenum - ok
10:57:16.0094 0x073c  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:57:16.0141 0x073c  Serial - ok
10:57:16.0172 0x073c  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:57:16.0203 0x073c  sermouse - ok
10:57:16.0234 0x073c  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
10:57:16.0266 0x073c  SessionEnv - ok
10:57:16.0312 0x073c  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:57:16.0344 0x073c  sffdisk - ok
10:57:16.0375 0x073c  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:57:16.0406 0x073c  sffp_mmc - ok
10:57:16.0422 0x073c  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:57:16.0468 0x073c  sffp_sd - ok
10:57:16.0484 0x073c  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
10:57:16.0546 0x073c  sfloppy - ok
10:57:16.0609 0x073c  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:57:16.0671 0x073c  SharedAccess - ok
10:57:16.0718 0x073c  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:57:16.0749 0x073c  ShellHWDetection - ok
10:57:16.0765 0x073c  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
10:57:16.0780 0x073c  sisagp - ok
10:57:16.0796 0x073c  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
10:57:16.0827 0x073c  SiSRaid2 - ok
10:57:16.0843 0x073c  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:57:16.0874 0x073c  SiSRaid4 - ok
10:57:17.0155 0x073c  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
10:57:17.0373 0x073c  slsvc - ok
10:57:17.0436 0x073c  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
10:57:17.0467 0x073c  SLUINotify - ok
10:57:17.0482 0x073c  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:57:17.0529 0x073c  Smb - ok
10:57:17.0545 0x073c  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:57:17.0576 0x073c  SNMPTRAP - ok
10:57:17.0623 0x073c  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:57:17.0638 0x073c  spldr - ok
10:57:17.0654 0x073c  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
10:57:17.0685 0x073c  Spooler - ok
10:57:17.0748 0x073c  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:57:17.0794 0x073c  srv - ok
10:57:17.0826 0x073c  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:57:17.0872 0x073c  srv2 - ok
10:57:17.0904 0x073c  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:57:17.0935 0x073c  srvnet - ok
10:57:17.0950 0x073c  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:57:17.0982 0x073c  SSDPSRV - ok
10:57:18.0044 0x073c  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
10:57:18.0060 0x073c  ssmdrv - ok
10:57:18.0091 0x073c  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:57:18.0122 0x073c  SstpSvc - ok
10:57:18.0184 0x073c  [ 98CC6BDCB5F593394CE2000EC454AEE4, 13973E69DDFB5A0494141C60ABF0E6F7EF555B476AC4171B18A31FF04618D54B ] StarMoney 8.0 OnlineUpdate C:\Program Files\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe
10:57:18.0216 0x073c  StarMoney 8.0 OnlineUpdate - ok
10:57:18.0325 0x073c  [ 3BF022F8064A83A23DF90971DD78CA83, 85754DF1C6DE745ADF9A0BAB1948AFF2CA16C4569128DA90AF610D199E621BF4 ] StarMoney 9.0 OnlineUpdate C:\Program Files\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
10:57:18.0356 0x073c  StarMoney 9.0 OnlineUpdate - ok
10:57:18.0418 0x073c  [ EF70B3D22B4BFFDA6EA851ECB063EFAA, 1666572F8F988805C3A2E949FA6B060B35B72DBB115B86F4CFC710FB6A86C3E3 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
10:57:18.0450 0x073c  StillCam - ok
10:57:18.0496 0x073c  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
10:57:18.0543 0x073c  stisvc - ok
10:57:18.0559 0x073c  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
10:57:18.0590 0x073c  swenum - ok
10:57:18.0699 0x073c  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
10:57:18.0730 0x073c  swprv - ok
10:57:18.0746 0x073c  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
10:57:18.0762 0x073c  Symc8xx - ok
10:57:18.0777 0x073c  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
10:57:18.0808 0x073c  Sym_hi - ok
10:57:18.0808 0x073c  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
10:57:18.0824 0x073c  Sym_u3 - ok
10:57:18.0871 0x073c  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
10:57:18.0964 0x073c  SysMain - ok
10:57:18.0980 0x073c  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:57:19.0011 0x073c  TabletInputService - ok
10:57:19.0042 0x073c  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:57:19.0074 0x073c  TapiSrv - ok
10:57:19.0089 0x073c  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
10:57:19.0136 0x073c  TBS - ok
10:57:19.0214 0x073c  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:57:19.0308 0x073c  Tcpip - ok
10:57:19.0339 0x073c  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
10:57:19.0386 0x073c  Tcpip6 - ok
10:57:19.0417 0x073c  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:57:19.0479 0x073c  tcpipreg - ok
10:57:19.0495 0x073c  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:57:19.0542 0x073c  TDPIPE - ok
10:57:19.0557 0x073c  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:57:19.0604 0x073c  TDTCP - ok
10:57:19.0620 0x073c  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:57:19.0666 0x073c  tdx - ok
10:57:19.0682 0x073c  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
10:57:19.0713 0x073c  TermDD - ok
10:57:19.0900 0x073c  [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService     C:\Windows\System32\termsrv.dll
10:57:19.0963 0x073c  TermService - ok
10:57:19.0978 0x073c  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
10:57:20.0010 0x073c  Themes - ok
10:57:20.0056 0x073c  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
10:57:20.0088 0x073c  THREADORDER - ok
10:57:20.0134 0x073c  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
10:57:20.0181 0x073c  TrkWks - ok
10:57:20.0228 0x073c  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:57:20.0259 0x073c  TrustedInstaller - ok
10:57:20.0290 0x073c  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:57:20.0322 0x073c  tssecsrv - ok
10:57:20.0337 0x073c  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
10:57:20.0368 0x073c  tunmp - ok
10:57:20.0400 0x073c  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:57:20.0415 0x073c  tunnel - ok
10:57:20.0431 0x073c  [ 97DD70FECA64FB4F63DE7BB7E66A80B1, 3C045B227C1D3AC7DE68D666CE51A0BB18226683AE40AACCBF4CE74152C33CAC ] tvicport        C:\Windows\system32\drivers\tvicport.sys
10:57:20.0446 0x073c  tvicport - detected UnsignedFile.Multi.Generic ( 1 )
10:57:20.0774 0x073c  Detect skipped due to KSN trusted
10:57:20.0774 0x073c  tvicport - ok
10:57:20.0821 0x073c  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:57:20.0852 0x073c  uagp35 - ok
10:57:20.0868 0x073c  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:57:20.0930 0x073c  udfs - ok
10:57:20.0946 0x073c  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:57:21.0008 0x073c  UI0Detect - ok
10:57:21.0024 0x073c  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:57:21.0039 0x073c  uliagpkx - ok
10:57:21.0070 0x073c  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
10:57:21.0102 0x073c  uliahci - ok
10:57:21.0117 0x073c  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
10:57:21.0133 0x073c  UlSata - ok
10:57:21.0148 0x073c  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
10:57:21.0180 0x073c  ulsata2 - ok
10:57:21.0195 0x073c  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:57:21.0226 0x073c  umbus - ok
10:57:21.0258 0x073c  [ 88BD96A1BAEED33EE8BDF9499C07A841, 1C4DA1B34FE52B8022AB23CBF18D6B16635283625BB2D08E6524292E6009773A ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
10:57:21.0289 0x073c  UmPass - ok
10:57:21.0304 0x073c  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
10:57:21.0351 0x073c  upnphost - ok
10:57:21.0398 0x073c  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:57:21.0429 0x073c  usbccgp - ok
10:57:21.0445 0x073c  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:57:21.0523 0x073c  usbcir - ok
10:57:21.0554 0x073c  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:57:21.0570 0x073c  usbehci - ok
10:57:21.0601 0x073c  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:57:21.0632 0x073c  usbhub - ok
10:57:21.0648 0x073c  [ D457EBD0C3A8B3A3A144355B5EE91CBC, 6AD52BDBB1607A48F0B02E663B97C3A00E3345B1B12C259608A5AE728C1C06B2 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
10:57:21.0679 0x073c  usbohci - ok
10:57:21.0694 0x073c  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:57:21.0726 0x073c  usbprint - ok
10:57:21.0788 0x073c  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
10:57:21.0804 0x073c  usbscan - ok
10:57:21.0835 0x073c  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:57:21.0866 0x073c  USBSTOR - ok
10:57:21.0882 0x073c  [ 814D653EFC4D48BE3B04A307ECEFF56F, D73D62F51AEFE2F8F2B938B20107C246F2AC2F62ED49112DBD092A5D2E4024B3 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
10:57:21.0913 0x073c  usbuhci - ok
10:57:21.0944 0x073c  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
10:57:21.0975 0x073c  UxSms - ok
10:57:22.0038 0x073c  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
10:57:22.0100 0x073c  vds - ok
10:57:22.0131 0x073c  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:57:22.0162 0x073c  vga - ok
10:57:22.0162 0x073c  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:57:22.0209 0x073c  VgaSave - ok
10:57:22.0225 0x073c  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
10:57:22.0240 0x073c  viaagp - ok
10:57:22.0256 0x073c  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
10:57:22.0303 0x073c  ViaC7 - ok
10:57:22.0318 0x073c  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
10:57:22.0350 0x073c  viaide - ok
10:57:22.0350 0x073c  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:57:22.0381 0x073c  volmgr - ok
10:57:22.0412 0x073c  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:57:22.0474 0x073c  volmgrx - ok
10:57:22.0506 0x073c  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:57:22.0552 0x073c  volsnap - ok
10:57:22.0568 0x073c  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:57:22.0584 0x073c  vsmraid - ok
10:57:22.0662 0x073c  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
10:57:22.0818 0x073c  VSS - ok
10:57:22.0864 0x073c  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
10:57:22.0911 0x073c  W32Time - ok
10:57:22.0927 0x073c  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:57:22.0989 0x073c  WacomPen - ok
10:57:22.0989 0x073c  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
10:57:23.0036 0x073c  Wanarp - ok
10:57:23.0052 0x073c  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:57:23.0067 0x073c  Wanarpv6 - ok
10:57:23.0098 0x073c  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:57:23.0145 0x073c  wcncsvc - ok
10:57:23.0192 0x073c  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:57:23.0239 0x073c  WcsPlugInService - ok
10:57:23.0254 0x073c  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
10:57:23.0270 0x073c  Wd - ok
10:57:23.0395 0x073c  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:57:23.0442 0x073c  Wdf01000 - ok
10:57:23.0473 0x073c  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:57:23.0535 0x073c  WdiServiceHost - ok
10:57:23.0535 0x073c  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:57:23.0582 0x073c  WdiSystemHost - ok
10:57:23.0598 0x073c  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
10:57:23.0644 0x073c  WebClient - ok
10:57:23.0676 0x073c  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:57:23.0707 0x073c  Wecsvc - ok
10:57:23.0722 0x073c  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:57:23.0754 0x073c  wercplsupport - ok
10:57:23.0800 0x073c  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:57:23.0832 0x073c  WerSvc - ok
10:57:23.0863 0x073c  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
10:57:23.0894 0x073c  WinDefend - ok
10:57:23.0910 0x073c  WinHttpAutoProxySvc - ok
10:57:23.0941 0x073c  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:57:23.0972 0x073c  Winmgmt - ok
10:57:24.0034 0x073c  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:57:24.0159 0x073c  WinRM - ok
10:57:24.0206 0x073c  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:57:24.0253 0x073c  Wlansvc - ok
10:57:24.0268 0x073c  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
10:57:24.0300 0x073c  WmiAcpi - ok
10:57:24.0362 0x073c  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:57:24.0393 0x073c  wmiApSrv - ok
10:57:24.0456 0x073c  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
10:57:24.0518 0x073c  WMPNetworkSvc - ok
10:57:24.0565 0x073c  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:57:24.0612 0x073c  WPCSvc - ok
10:57:24.0643 0x073c  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:57:24.0674 0x073c  WPDBusEnum - ok
10:57:24.0705 0x073c  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
10:57:24.0752 0x073c  WpdUsb - ok
10:57:24.0814 0x073c  [ C108DC20ACE05072350DBB6934E277FB, 548E6ABE4C4ADE48260FFDC7BADFD1697972EA3AE94D6576498C8A183D8CE0C8 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:57:24.0861 0x073c  WPFFontCache_v0400 - ok
10:57:24.0908 0x073c  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:57:24.0939 0x073c  ws2ifsl - ok
10:57:24.0955 0x073c  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
10:57:24.0986 0x073c  wscsvc - ok
10:57:25.0033 0x073c  [ 4422AC5ED8D4C2F0DB63E71D4C069DD7, B010DCC7B802C26A701A7DE1CA1B21D6B43D99FE88524D015C9228376B0BDA6E ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
10:57:25.0064 0x073c  WSDPrintDevice - ok
10:57:25.0080 0x073c  WSearch - ok
10:57:25.0158 0x073c  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:57:25.0267 0x073c  wuauserv - ok
10:57:25.0329 0x073c  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:57:25.0360 0x073c  WudfPf - ok
10:57:25.0392 0x073c  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:57:25.0423 0x073c  WUDFRd - ok
10:57:25.0438 0x073c  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:57:25.0485 0x073c  wudfsvc - ok
10:57:25.0516 0x073c  [ 40AC8590CC9006DBB99FFCB37879D4C6, 3EBC1379503C1E65034A25660FB634813926B0918FCB6A3E6F36CEBB57DA9E20 ] zntport         C:\Windows\system32\drivers\zntport.sys
10:57:25.0532 0x073c  zntport - detected UnsignedFile.Multi.Generic ( 1 )
10:57:25.0844 0x073c  Detect skipped due to KSN trusted
10:57:25.0844 0x073c  zntport - ok
10:57:25.0875 0x073c  ================ Scan global ===============================
10:57:25.0906 0x073c  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
10:57:25.0938 0x073c  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
10:57:25.0969 0x073c  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
10:57:26.0078 0x073c  [ 4F0A7910FC7D8A66433FA9961EEF8BB5, 2086EDEE8CF9CC9BDBDC03018F7C28BB56172F941CB4D6F3D857BCF82B32FB6B ] C:\Windows\system32\services.exe
10:57:26.0094 0x073c  [ Global ] - ok
10:57:26.0094 0x073c  ================ Scan MBR ==================================
10:57:26.0109 0x073c  [ A863475757CC50891AA8458C415E4B25 ] \Device\Harddisk0\DR0
10:57:28.0402 0x073c  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
10:57:28.0402 0x073c  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
10:57:28.0590 0x073c  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk1\DR1
10:57:28.0824 0x073c  \Device\Harddisk1\DR1 - ok
10:57:28.0839 0x073c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
10:57:28.0902 0x073c  \Device\Harddisk2\DR2 - ok
10:57:28.0902 0x073c  ================ Scan VBR ==================================
10:57:28.0917 0x073c  [ 822D9364935B33E0AFAFA4B383F98723 ] \Device\Harddisk0\DR0\Partition1
10:57:28.0964 0x073c  \Device\Harddisk0\DR0\Partition1 - ok
10:57:28.0980 0x073c  [ 29023B611AE8AA5B883D2155B87646B2 ] \Device\Harddisk0\DR0\Partition2
10:57:29.0042 0x073c  \Device\Harddisk0\DR0\Partition2 - ok
10:57:29.0058 0x073c  [ 4AA35A2A5952AF226B39591A9DAEE269 ] \Device\Harddisk1\DR1\Partition1
10:57:29.0089 0x073c  \Device\Harddisk1\DR1\Partition1 - ok
10:57:29.0104 0x073c  [ DD12B7B2A7C7BF190649EF8407FE9A07 ] \Device\Harddisk2\DR2\Partition1
10:57:29.0136 0x073c  \Device\Harddisk2\DR2\Partition1 - ok
10:57:29.0136 0x073c  ================ Scan generic autorun ======================
10:57:29.0182 0x073c  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
10:57:29.0229 0x073c  Windows Defender - ok
10:57:29.0448 0x073c  [ 905A44230F1A7CFF23BBA670B247E6AA, 0A63A42F4942E1E9D568186F07F2EA3AB377132E075B18C486BD746DE6E0F419 ] C:\Windows\RtHDVCpl.exe
10:57:29.0713 0x073c  RtHDVCpl - ok
10:57:29.0791 0x073c  [ 712FC805D0DD5C41A0C364BF5B49AA91, 30CF527DBE1B2070BBB19BA4BE058ED95B99841301470413A6301D74A338AE75 ] C:\Acer\Empowering Technology\SysMonitor.exe
10:57:29.0806 0x073c  Acer Empowering Technology Monitor - ok
10:57:29.0869 0x073c  [ 4BC8167722B6C79B1B13F1F2076B9EEC, 662E214F02735D40C0DB00AFB9FB943F93FCFD739779340C3B87E140B8AD2384 ] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
10:57:29.0900 0x073c  eDataSecurity Loader - ok
10:57:29.0994 0x073c  [ 37728F6DB0A8D31B0A1C49A7228E1D34, 6F545DF31523E41CA90C4277B544BE7A132D0CCAAFB5F621916E7FC4083D47A9 ] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
10:57:30.0025 0x073c  PCMMediaSharing - detected UnsignedFile.Multi.Generic ( 1 )
10:57:30.0321 0x073c  Detect skipped due to KSN trusted
10:57:30.0321 0x073c  PCMMediaSharing - ok
10:57:30.0352 0x073c  [ 4F42FAB0A6E4A9AD8606AEF8C4D78722, 2264D01EC2E315038AD72C4B01847A9FEFD2C25DFA760C8D00D9633BD756DB8E ] C:\Windows\system32\nvraidservice.exe
10:57:30.0368 0x073c  NVRaidService - ok
10:57:30.0399 0x073c  [ 88132DEEBC4282ABDEAC30D3625BAFF3, 20BC57511527B4312B1335C37121EDE488E1F0E9EC4C3DAEBA7D8C9DF5877623 ] C:\Program Files\PC Tools Security\BDT\FGuard.exe
10:57:30.0415 0x073c  PCTools FGuard - ok
10:57:30.0493 0x073c  [ 66177D4C99FD8B578C7C56DE445E4D5D, 003D0254D7C693A72DE84CB76858F8D67D9FD62206F1B56DF7F5D0FA834C3BA7 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
10:57:30.0524 0x073c  avgnt - ok
10:57:30.0696 0x073c  [ 504C916D52ABA407FD4DC1E709AEA71E, 8F279620247481F28DF7D9FD4A81173396E39EB807E24587E89CAF1172CC846C ] C:\Program Files\avmwlanstick\wlangui.exe
10:57:30.0820 0x073c  AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
10:57:31.0117 0x073c  Detect skipped due to KSN trusted
10:57:31.0117 0x073c  AVMWlanClient - ok
10:57:31.0132 0x073c  NvSvc - ok
10:57:31.0132 0x073c  NvCplDaemon - ok
10:57:31.0132 0x073c  NvMediaCenter - ok
10:57:31.0210 0x073c  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
10:57:31.0320 0x073c  Sidebar - ok
10:57:31.0320 0x073c  WindowsWelcomeCenter - ok
10:57:31.0382 0x073c  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
10:57:31.0444 0x073c  Sidebar - ok
10:57:31.0444 0x073c  WindowsWelcomeCenter - ok
10:57:31.0476 0x073c  [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
10:57:31.0522 0x073c  ehTray.exe - ok
10:57:31.0647 0x073c  [ 395BCC9122E705F6586217E32CD01CC9, 0A2E3BF0E626A65B9FF1BEFB35FFBC9CCAA3C75DB395D175AAE2DD014A8E8A34 ] C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
10:57:31.0741 0x073c  HP Officejet 6600 (NET) - ok
10:57:31.0788 0x073c  [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\WMPNSCFG.exe
10:57:31.0803 0x073c  WMPNSCFG - ok
10:57:31.0912 0x073c  [ 395BCC9122E705F6586217E32CD01CC9, 0A2E3BF0E626A65B9FF1BEFB35FFBC9CCAA3C75DB395D175AAE2DD014A8E8A34 ] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
10:57:32.0006 0x073c  HP Officejet Pro 8600 (NET) - ok
10:57:32.0022 0x073c  Waiting for KSN requests completion. In queue: 13
10:57:33.0082 0x073c  AV detected via SS2: Avira Antivirus, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 15.0.10.414 ), 0x41000 ( enabled : updated )
10:57:33.0098 0x073c  Win FW state via NFP2: enabled
10:57:33.0223 0x073c  ============================================================
10:57:33.0223 0x073c  Scan finished
10:57:33.0223 0x073c  ============================================================
10:57:33.0223 0x13e0  Detected object count: 1
10:57:33.0223 0x13e0  Actual detected object count: 1
11:00:43.0207 0x13e0  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:00:43.0208 0x13e0  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Alt 23.05.2015, 11:10   #7
M-K-D-B
/// TB-Ausbilder
 
DHL Virus oder Trojaner warscheinlich eingefangen - Standard

DHL Virus oder Trojaner warscheinlich eingefangen


Servus,


wähle bei diesem Fund
Zitat:
11:00:43.0207 0x13e0 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:00:43.0208 0x13e0 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
entweder Cure (oder wenn das nicht geht Delete) aus und lass den Rechner über TDSS-Killer neu starten.

Dann weiter mit ComboFix.

Alt 23.05.2015, 19:35   #8
Koeppi1969
 
DHL Virus oder Trojaner warscheinlich eingefangen - Standard

DHL Virus oder Trojaner warscheinlich eingefangen


Halo Matthias, leider ist mein PC bei den Sachen die du mir gesagt hast 3xabgestürzt. habe Combo durchlaufen lassen danach und habe kein Logfile gefundenden. Auch nicht über die "suchen " Funktion nicht. konnte also nicht so weiter machen wie du es gesagt hast. bin ziemlich hilflos.....
LG Jörg

Alt 24.05.2015, 09:21   #9
M-K-D-B
/// TB-Ausbilder
 
DHL Virus oder Trojaner warscheinlich eingefangen - Standard

DHL Virus oder Trojaner warscheinlich eingefangen


Servus,



Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).
Alt 24.05.2015, 19:30   #10
Koeppi1969
 
DHL Virus oder Trojaner warscheinlich eingefangen - Standard

DHL Virus oder Trojaner warscheinlich eingefangen


Code:
ATTFilter
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2015-05-24 20:21:31
-----------------------------
20:21:31.218    OS Version: Windows 6.0.6002 Service Pack 2
20:21:31.218    Number of processors: 4 586 0x1707
20:21:31.220    ComputerName: ARBEITSZIMMER  UserName: sandraundjörg
20:21:52.236    Initialize success
20:21:52.346    VM: initialized successfully
20:21:52.348    VM: Intel CPU virtualization not supported 
20:25:03.391    AVAST engine defs: 15052400
20:25:49.191    The log file has been saved successfully to "C:\Users\sandraundjörg\Desktop\aswMBR.txt"
nicht wundern wenn meine Antworten etwas dauern. bin Papa von 6 Kindern und kann deswegen nicht immer schnell reagieren. danke dir,.
Jörg

Alt 24.05.2015, 23:28   #11
M-K-D-B
/// TB-Ausbilder
 
DHL Virus oder Trojaner warscheinlich eingefangen - Standard

DHL Virus oder Trojaner warscheinlich eingefangen


Servus,


Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
Alt 25.05.2015, 11:21   #12
Koeppi1969
 
DHL Virus oder Trojaner warscheinlich eingefangen - Standard

DHL Virus oder Trojaner warscheinlich eingefangen


Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.05.25.02
  rootkit: v2015.05.24.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19621
sandraundjörg :: ARBEITSZIMMER [administrator]

25.05.2015 11:19:33
mbar-log-2015-05-25 (11-19-33).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 329793
Time elapsed: 16 minute(s), 21 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Alt 25.05.2015, 12:07   #13
M-K-D-B
/// TB-Ausbilder
 
DHL Virus oder Trojaner warscheinlich eingefangen - Standard

DHL Virus oder Trojaner warscheinlich eingefangen


Servus,



bitte nochmal einen Surchlauf mit TDSS-Killer durchführen, aber nichts entfernen lassen.

Alt 25.05.2015, 14:51   #14
Koeppi1969
 
DHL Virus oder Trojaner warscheinlich eingefangen - Standard

DHL Virus oder Trojaner warscheinlich eingefangen


Bin auf Scip und dann Continue gegangen hoffe das war richtig???
Code:
ATTFilter
15:46:54.0331 0x2074  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
15:47:03.0897 0x2074  ============================================================
15:47:03.0897 0x2074  Current date / time: 2015/05/25 15:47:03.0897
15:47:03.0897 0x2074  SystemInfo:
15:47:03.0898 0x2074  
15:47:03.0898 0x2074  OS Version: 6.0.6002 ServicePack: 2.0
15:47:03.0898 0x2074  Product type: Workstation
15:47:03.0898 0x2074  ComputerName: ARBEITSZIMMER
15:47:03.0898 0x2074  UserName: sandraundjörg
15:47:03.0898 0x2074  Windows directory: C:\Windows
15:47:03.0898 0x2074  System windows directory: C:\Windows
15:47:03.0898 0x2074  Processor architecture: Intel x86
15:47:03.0898 0x2074  Number of processors: 4
15:47:03.0898 0x2074  Page size: 0x1000
15:47:03.0898 0x2074  Boot type: Normal boot
15:47:03.0898 0x2074  ============================================================
15:47:04.0098 0x2074  KLMD registered as C:\Windows\system32\drivers\99001639.sys
15:47:04.0211 0x2074  System UUID: {95E80644-04DF-47AF-49B3-6A5DDD74BAD1}
15:47:04.0635 0x2074  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:47:04.0646 0x2074  Drive \Device\Harddisk1\DR1 - Size: 0x2E93E36000 ( 186.31 Gb ), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:47:04.0648 0x2074  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:47:04.0705 0x2074  ============================================================
15:47:04.0705 0x2074  \Device\Harddisk0\DR0:
15:47:04.0706 0x2074  MBR partitions:
15:47:04.0706 0x2074  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1385000, BlocksNum 0x24AAB000
15:47:04.0706 0x2074  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x25E30000, BlocksNum 0x24A27800
15:47:04.0706 0x2074  \Device\Harddisk1\DR1:
15:47:04.0706 0x2074  MBR partitions:
15:47:04.0706 0x2074  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1748A3FC
15:47:04.0706 0x2074  \Device\Harddisk2\DR2:
15:47:04.0707 0x2074  MBR partitions:
15:47:04.0707 0x2074  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
15:47:04.0707 0x2074  ============================================================
15:47:04.0726 0x2074  C: <-> \Device\Harddisk0\DR0\Partition1
15:47:04.0757 0x2074  D: <-> \Device\Harddisk1\DR1\Partition1
15:47:04.0782 0x2074  E: <-> \Device\Harddisk0\DR0\Partition2
15:47:04.0797 0x2074  H: <-> \Device\Harddisk2\DR2\Partition1
15:47:04.0797 0x2074  ============================================================
15:47:04.0797 0x2074  Initialize success
15:47:04.0797 0x2074  ============================================================
15:47:13.0678 0x22f8  ============================================================
15:47:13.0678 0x22f8  Scan started
15:47:13.0678 0x22f8  Mode: Manual; SigCheck; TDLFS; 
15:47:13.0678 0x22f8  ============================================================
15:47:13.0678 0x22f8  KSN ping started
15:47:13.0943 0x22f8  KSN ping finished: true
15:47:14.0346 0x22f8  ================ Scan system memory ========================
15:47:14.0346 0x22f8  System memory - ok
15:47:14.0346 0x22f8  ================ Scan services =============================
15:47:14.0461 0x22f8  [ 517D30057C726C797764BFD70A55D82A, F1F48EF16DB9F7B5C6F8D0C595DE2E4ABD26FAF19372C1AA598F6988709D2170 ] Acer HomeMedia Connect Service C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
15:47:14.0608 0x22f8  Acer HomeMedia Connect Service - detected UnsignedFile.Multi.Generic ( 1 )
15:47:16.0286 0x22f8  Detect skipped due to KSN trusted
15:47:16.0287 0x22f8  Acer HomeMedia Connect Service - ok
15:47:16.0316 0x22f8  [ E91F2444DF54E725DDBBDDB7FBCE71F5, 28895DF44A4E7D959ACBBAA6AFC4B70515D87D40F5F74EB296BB2D5FFC5C2765 ] AcerMemUsageCheckService C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
15:47:16.0337 0x22f8  AcerMemUsageCheckService - detected UnsignedFile.Multi.Generic ( 1 )
15:47:16.0637 0x22f8  Detect skipped due to KSN trusted
15:47:16.0637 0x22f8  AcerMemUsageCheckService - ok
15:47:16.0742 0x22f8  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
15:47:16.0769 0x22f8  ACPI - ok
15:47:16.0828 0x22f8  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:47:16.0847 0x22f8  AdobeARMservice - ok
15:47:16.0918 0x22f8  [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:47:16.0939 0x22f8  AdobeFlashPlayerUpdateSvc - ok
15:47:16.0980 0x22f8  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:47:17.0012 0x22f8  adp94xx - ok
15:47:17.0044 0x22f8  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:47:17.0068 0x22f8  adpahci - ok
15:47:17.0087 0x22f8  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
15:47:17.0106 0x22f8  adpu160m - ok
15:47:17.0132 0x22f8  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:47:17.0149 0x22f8  adpu320 - ok
15:47:17.0169 0x22f8  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:47:17.0243 0x22f8  AeLookupSvc - ok
15:47:17.0278 0x22f8  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys
15:47:17.0319 0x22f8  AFD - ok
15:47:17.0343 0x22f8  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:47:17.0358 0x22f8  agp440 - ok
15:47:17.0381 0x22f8  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
15:47:17.0397 0x22f8  aic78xx - ok
15:47:17.0442 0x22f8  [ FA9B4921088981A0E44DEA8A605E58C8, 18DD501C056660F868A212E6F96DB0A4394602A2B608EB6830F580008031016A ] aksfridge       C:\Windows\system32\DRIVERS\aksfridge.sys
15:47:17.0467 0x22f8  aksfridge - ok
15:47:17.0492 0x22f8  [ 5EA155A2E7633C02E80CE855E06145A7, 3E3C89432F8D6FF6F0AAF9ECE8C2C3EC2B9E7159F21113A8A8C0235446A984DA ] akshasp         C:\Windows\system32\DRIVERS\akshasp.sys
15:47:17.0513 0x22f8  akshasp - ok
15:47:17.0536 0x22f8  [ DDCCFF5E81FDE1A869D71C48BB4D763F, E029ED7BDF1E329A8F5CA6AA6187911C6BECD13973F1C4692E2AAA427A131E2F ] akshhl          C:\Windows\system32\DRIVERS\akshhl.sys
15:47:17.0549 0x22f8  akshhl - ok
15:47:17.0580 0x22f8  [ 75DDDBC36E9845F290694BCA6D24AC90, DA96063E97963C5AF58CCA3C2C1B3FA42E0346F3276296B62A93B6A3A101889C ] aksusb          C:\Windows\system32\DRIVERS\aksusb.sys
15:47:17.0599 0x22f8  aksusb - ok
15:47:17.0613 0x22f8  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
15:47:17.0677 0x22f8  ALG - ok
15:47:17.0704 0x22f8  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
15:47:17.0718 0x22f8  aliide - ok
15:47:17.0745 0x22f8  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
15:47:17.0760 0x22f8  amdagp - ok
15:47:17.0777 0x22f8  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
15:47:17.0791 0x22f8  amdide - ok
15:47:17.0809 0x22f8  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
15:47:17.0858 0x22f8  AmdK7 - ok
15:47:17.0876 0x22f8  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:47:17.0917 0x22f8  AmdK8 - ok
15:47:18.0004 0x22f8  [ 4428DC966DD5D0659AA7CA913D1D7652, 267D0F64354A105A2A64AB41607E3EB22CF8B448D2EBEC62C31829F03736836D ] AntiVirMailService C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
15:47:18.0043 0x22f8  AntiVirMailService - ok
15:47:18.0093 0x22f8  [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
15:47:18.0121 0x22f8  AntiVirSchedulerService - ok
15:47:18.0163 0x22f8  [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
15:47:18.0189 0x22f8  AntiVirService - ok
15:47:18.0268 0x22f8  [ 266C0506DF8BA3990E12885E64EE4420, 60995CFE54B8594179BEAB06C4498CBF997B0C85147E5DD747CE238C89F6979D ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
15:47:18.0319 0x22f8  AntiVirWebService - ok
15:47:18.0361 0x22f8  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
15:47:18.0401 0x22f8  Appinfo - ok
15:47:18.0429 0x22f8  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
15:47:18.0447 0x22f8  arc - ok
15:47:18.0480 0x22f8  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:47:18.0498 0x22f8  arcsas - ok
15:47:18.0575 0x22f8  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:47:18.0596 0x22f8  aspnet_state - ok
15:47:18.0628 0x22f8  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:47:18.0675 0x22f8  AsyncMac - ok
15:47:18.0704 0x22f8  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
15:47:18.0722 0x22f8  atapi - ok
15:47:18.0772 0x22f8  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:47:18.0833 0x22f8  AudioEndpointBuilder - ok
15:47:18.0855 0x22f8  [ 8E98A99187FF17FC1D48E6FAFFD870BE, 7C935191A0A2BA95CA9A9E450F7C8802E6184F73BC297E91908B59F34C22AB06 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
15:47:18.0885 0x22f8  Audiosrv - ok
15:47:18.0909 0x22f8  [ EC17E91BC9026C5ED580FB2B13E341AB, 2D9421AE05F3D4A8DBD69D73B4B562EA4F93FBD12AB2F77C52DA8B411626EBF1 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
15:47:18.0951 0x22f8  avgntflt - ok
15:47:19.0002 0x22f8  [ 7BAA36ED6C6098899D9E1269A61085C3, 2D101F1C6C79B0BD722BDB5939344F65728EC2F5B747B6619640775E6FDEFC0A ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
15:47:19.0020 0x22f8  avipbb - ok
15:47:19.0094 0x22f8  [ B127AC7651D0C088E4A239EED92F8AF8, 2958F81C06C46E147E8022F3B7E9C26F1D47C729ADD336D68DCCFEB363CB09FF ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
15:47:19.0109 0x22f8  Avira.OE.ServiceHost - ok
15:47:19.0136 0x22f8  [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
15:47:19.0151 0x22f8  avkmgr - ok
15:47:19.0207 0x22f8  [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files\avmwlanstick\WlanNetService.exe
15:47:19.0253 0x22f8  AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
15:47:19.0564 0x22f8  Detect skipped due to KSN trusted
15:47:19.0564 0x22f8  AVM WLAN Connection Service - ok
15:47:19.0599 0x22f8  [ 263CF9D248FD5E020A1333ED4F7EAA88, 04F944C2B284172A7917389A83C525FA9A3ACB026F370EB886B48759FE81A5E1 ] avmeject        C:\Windows\system32\drivers\avmeject.sys
15:47:19.0615 0x22f8  avmeject - detected UnsignedFile.Multi.Generic ( 1 )
15:47:19.0914 0x22f8  Detect skipped due to KSN trusted
15:47:19.0914 0x22f8  avmeject - ok
15:47:19.0970 0x22f8  [ 4BEFF67C1775D353A16A62347E727874, 62363C5E5F4BF049A3E49FADA8CB17269945056ACADB319FDC4F05B74E2553C8 ] BBSvc           C:\Program Files\Microsoft\BingBar\7.1.355.0\BBSvc.exe
15:47:19.0993 0x22f8  BBSvc - ok
15:47:20.0011 0x22f8  [ A6DAAD3EA93DBDBD07FA821BCED133F6, 8F33D4E4B82091D09E62FD5487C88F3DF0DAC31FCBB846183CC4020533A131DE ] BBUpdate        C:\Program Files\Microsoft\BingBar\7.1.355.0\SeaPort.exe
15:47:20.0035 0x22f8  BBUpdate - ok
15:47:20.0061 0x22f8  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:47:20.0101 0x22f8  Beep - ok
15:47:20.0148 0x22f8  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
15:47:20.0208 0x22f8  BFE - ok
15:47:20.0256 0x22f8  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
15:47:20.0337 0x22f8  BITS - ok
15:47:20.0368 0x22f8  [ 66F655B08EED3230E059D197C8A1969B, 04236F559DDFF72DDA29D71D2C554D7126A56A39367596E8C04EE7CCE205821C ] bizVSerial      C:\Windows\system32\drivers\bizVSerialNT.sys
15:47:20.0385 0x22f8  bizVSerial - detected UnsignedFile.Multi.Generic ( 1 )
15:47:20.0685 0x22f8  Detect skipped due to KSN trusted
15:47:20.0686 0x22f8  bizVSerial - ok
15:47:20.0702 0x22f8  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
15:47:20.0736 0x22f8  blbdrive - ok
15:47:20.0769 0x22f8  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:47:20.0803 0x22f8  bowser - ok
15:47:20.0828 0x22f8  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
15:47:20.0858 0x22f8  BrFiltLo - ok
15:47:20.0878 0x22f8  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
15:47:20.0906 0x22f8  BrFiltUp - ok
15:47:20.0934 0x22f8  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
15:47:20.0969 0x22f8  Browser - ok
15:47:21.0031 0x22f8  [ 7E104343A9F28CAE50EE2F388FEC049E, 7286B866B424FDF7F76128DC51C7B3AA5ACE799041043C150CF608850455DA8A ] Browser Defender Update Service C:\Program Files\PC Tools Security\BDT\BDTUpdateService.exe
15:47:21.0051 0x22f8  Browser Defender Update Service - ok
15:47:21.0070 0x22f8  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
15:47:21.0191 0x22f8  Brserid - ok
15:47:21.0216 0x22f8  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
15:47:21.0268 0x22f8  BrSerWdm - ok
15:47:21.0280 0x22f8  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
15:47:21.0331 0x22f8  BrUsbMdm - ok
15:47:21.0348 0x22f8  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
15:47:21.0393 0x22f8  BrUsbSer - ok
15:47:21.0408 0x22f8  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:47:21.0462 0x22f8  BTHMODEM - ok
15:47:21.0540 0x22f8  catchme - ok
15:47:21.0567 0x22f8  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:47:21.0598 0x22f8  cdfs - ok
15:47:21.0614 0x22f8  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:47:21.0659 0x22f8  cdrom - ok
15:47:21.0680 0x22f8  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
15:47:21.0706 0x22f8  CertPropSvc - ok
15:47:21.0722 0x22f8  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:47:21.0760 0x22f8  circlass - ok
15:47:21.0807 0x22f8  [ EBF03DB02CDB10724498AA1660047138, DF03F91FDCD86F3D0AD5FCA440BBA990DFA49074DEF945B42B7292D38E9BF9F5 ] cjpcsc          C:\Windows\system32\cjpcsc.exe
15:47:21.0832 0x22f8  cjpcsc - ok
15:47:21.0863 0x22f8  [ 46241991510A23DC759291918178FFF9, 86286ECC38456173B4E738A58B1B2BB6EA800814E8E1C4EE8DF863B05D2FF322 ] cjusb           C:\Windows\system32\DRIVERS\cjusb.sys
15:47:21.0875 0x22f8  cjusb - ok
15:47:21.0901 0x22f8  [ 5D9311526801643000D7032A83B18B12, C5A98868A41446617B3A27C6C4AAFA4E7C093E253E8C1DD5DBFE6FAE21991209 ] CLFS            C:\Windows\system32\CLFS.sys
15:47:21.0934 0x22f8  CLFS - ok
15:47:21.0981 0x22f8  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:47:21.0999 0x22f8  clr_optimization_v2.0.50727_32 - ok
15:47:22.0027 0x22f8  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:47:22.0049 0x22f8  clr_optimization_v4.0.30319_32 - ok
15:47:22.0064 0x22f8  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:47:22.0080 0x22f8  cmdide - ok
15:47:22.0090 0x22f8  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:47:22.0106 0x22f8  Compbatt - ok
15:47:22.0114 0x22f8  COMSysApp - ok
15:47:22.0147 0x22f8  cqnkcwly - ok
15:47:22.0163 0x22f8  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:47:22.0177 0x22f8  crcdisk - ok
15:47:22.0189 0x22f8  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
15:47:22.0224 0x22f8  Crusoe - ok
15:47:22.0257 0x22f8  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:47:22.0294 0x22f8  CryptSvc - ok
15:47:22.0351 0x22f8  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:47:22.0421 0x22f8  DcomLaunch - ok
15:47:22.0559 0x22f8  [ D17845A5385BFCB838CDC532AF5E3E47, 2FC6E23267F8DF4B78FD8DE011184A26AD92DE8D0CCD4C2E4BF067F49A3989FB ] DevoloNetworkService C:\Program Files\devolo\dlan\devolonetsvc.exe
15:47:22.0722 0x22f8  DevoloNetworkService - ok
15:47:22.0758 0x22f8  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:47:22.0797 0x22f8  DfsC - ok
15:47:22.0888 0x22f8  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
15:47:23.0042 0x22f8  DFSR - ok
15:47:23.0078 0x22f8  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
15:47:23.0117 0x22f8  Dhcp - ok
15:47:23.0140 0x22f8  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
15:47:23.0159 0x22f8  disk - ok
15:47:23.0191 0x22f8  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:47:23.0234 0x22f8  Dnscache - ok
15:47:23.0263 0x22f8  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
15:47:23.0303 0x22f8  dot3svc - ok
15:47:23.0334 0x22f8  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
15:47:23.0371 0x22f8  DPS - ok
15:47:23.0389 0x22f8  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:47:23.0448 0x22f8  drmkaud - ok
15:47:23.0494 0x22f8  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:47:23.0540 0x22f8  DXGKrnl - ok
15:47:23.0557 0x22f8  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
15:47:23.0604 0x22f8  E1G60 - ok
15:47:23.0627 0x22f8  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
15:47:23.0662 0x22f8  EapHost - ok
15:47:23.0705 0x22f8  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
15:47:23.0726 0x22f8  Ecache - ok
15:47:23.0786 0x22f8  [ B7DC2580425225C320CEDA78DE55A3D0, 93D05D3743416442ED1378FE8A6F107F74B963781A61A36DF072E05228B2F030 ] eDataSecurity Service C:\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
15:47:23.0814 0x22f8  eDataSecurity Service - ok
15:47:23.0848 0x22f8  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:47:23.0876 0x22f8  ehRecvr - ok
15:47:23.0889 0x22f8  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
15:47:23.0927 0x22f8  ehSched - ok
15:47:23.0936 0x22f8  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
15:47:23.0963 0x22f8  ehstart - ok
15:47:23.0997 0x22f8  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:47:24.0025 0x22f8  elxstor - ok
15:47:24.0070 0x22f8  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
15:47:24.0140 0x22f8  EMDMgmt - ok
15:47:24.0165 0x22f8  [ 59FCCAF915BA89DD98CADF08DA91AFEE, 1286481DF42EBBE13C0FC18ABA514393544CDA17420E71518EF87ADD82D224CB ] eRecoveryService C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
15:47:24.0173 0x22f8  eRecoveryService - detected UnsignedFile.Multi.Generic ( 1 )
15:47:24.0471 0x22f8  Detect skipped due to KSN trusted
15:47:24.0471 0x22f8  eRecoveryService - ok
15:47:24.0499 0x22f8  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:47:24.0546 0x22f8  ErrDev - ok
15:47:24.0581 0x22f8  [ A9745687A57CDD71237915859ABA8DAC, DE21C397EBC822622B61189EC6CCF720C76AB6A249188987A10086252A9F26FD ] eSettingsService C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
15:47:24.0589 0x22f8  eSettingsService - detected UnsignedFile.Multi.Generic ( 1 )
15:47:24.0888 0x22f8  Detect skipped due to KSN trusted
15:47:24.0888 0x22f8  eSettingsService - ok
15:47:24.0921 0x22f8  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
15:47:24.0958 0x22f8  EventSystem - ok
15:47:25.0004 0x22f8  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:47:25.0048 0x22f8  exfat - ok
15:47:25.0070 0x22f8  [ 4E404505B3F62ECFBDBCBBCF0A72DBC5, 9F446ED06A31BFE52C4F1E8ACC400B8E3F47A3CC02FFC950DB861B2B3BA4C5B9 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:47:25.0104 0x22f8  fastfat - ok
15:47:25.0130 0x22f8  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:47:25.0169 0x22f8  fdc - ok
15:47:25.0195 0x22f8  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
15:47:25.0239 0x22f8  fdPHost - ok
15:47:25.0247 0x22f8  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:47:25.0307 0x22f8  FDResPub - ok
15:47:25.0323 0x22f8  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:47:25.0342 0x22f8  FileInfo - ok
15:47:25.0363 0x22f8  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:47:25.0402 0x22f8  Filetrace - ok
15:47:25.0418 0x22f8  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:47:25.0458 0x22f8  flpydisk - ok
15:47:25.0483 0x22f8  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:47:25.0504 0x22f8  FltMgr - ok
15:47:25.0552 0x22f8  [ 7417E869AE5AAC3026329E7749698110, 14545202D90C23EE6A2ADC5627791A3B43B5EEA6F78F44021C9AE2B5B8A351DD ] FontCache       C:\Windows\system32\FntCache.dll
15:47:25.0624 0x22f8  FontCache - ok
15:47:25.0664 0x22f8  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:47:25.0679 0x22f8  FontCache3.0.0.0 - ok
15:47:25.0699 0x22f8  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:47:25.0726 0x22f8  Fs_Rec - ok
15:47:25.0786 0x22f8  [ 7AD4C281CB1661086B05E087230D4B76, 13DE6654EBAE4CB980E6ED8C4FB66BE413A9429662E300D2DC2A42ED85C051A2 ] fwlanusb4       C:\Windows\system32\DRIVERS\fwlanusb4.sys
15:47:25.0883 0x22f8  fwlanusb4 - ok
15:47:25.0906 0x22f8  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:47:25.0925 0x22f8  gagp30kx - ok
15:47:25.0962 0x22f8  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
15:47:26.0050 0x22f8  gpsvc - ok
15:47:26.0101 0x22f8  [ 99FCD7CE9894C241FB98A7811D2D8813, 713E9D6E1AA98AC4D7644872C988082870BC23FEE70C5831FB26159608E7E00A ] hardlock        C:\Windows\system32\drivers\hardlock.sys
15:47:26.0145 0x22f8  hardlock - ok
15:47:26.0153 0x22f8  hasplms - ok
15:47:26.0182 0x22f8  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:47:26.0221 0x22f8  HdAudAddService - ok
15:47:26.0252 0x22f8  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:47:26.0300 0x22f8  HDAudBus - ok
15:47:26.0324 0x22f8  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:47:26.0386 0x22f8  HidBth - ok
15:47:26.0397 0x22f8  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:47:26.0447 0x22f8  HidIr - ok
15:47:26.0471 0x22f8  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\System32\hidserv.dll
15:47:26.0502 0x22f8  hidserv - ok
15:47:26.0525 0x22f8  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:47:26.0559 0x22f8  HidUsb - ok
15:47:26.0588 0x22f8  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:47:26.0625 0x22f8  hkmsvc - ok
15:47:26.0638 0x22f8  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
15:47:26.0653 0x22f8  HpCISSs - ok
15:47:26.0684 0x22f8  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:47:26.0745 0x22f8  HTTP - ok
15:47:26.0765 0x22f8  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
15:47:26.0782 0x22f8  i2omp - ok
15:47:26.0811 0x22f8  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:47:26.0864 0x22f8  i8042prt - ok
15:47:26.0887 0x22f8  [ 580BFEC487C55264BFE3D60C3C24EEE1, 0EA6D0C92C94E9597F3C063F7636710CC1CBECE5A57A5B1C463B2BA5ACB4F061 ] iaStor          C:\Windows\system32\drivers\iastor.sys
15:47:26.0926 0x22f8  iaStor - ok
15:47:26.0949 0x22f8  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
15:47:26.0971 0x22f8  iaStorV - ok
15:47:27.0051 0x22f8  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:47:27.0123 0x22f8  idsvc - ok
15:47:27.0143 0x22f8  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:47:27.0159 0x22f8  iirsp - ok
15:47:27.0193 0x22f8  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
15:47:27.0230 0x22f8  IKEEXT - ok
15:47:27.0271 0x22f8  [ C6E5276C00EBDEB096BB5EF4B797D1B6, 2620D2F7B5242E9DD0217FB4E0CBACF1DB8AB1B92187AD2847904948E1ABFEC1 ] int15           C:\Acer\Empowering Technology\eRecovery\int15.sys
15:47:27.0285 0x22f8  int15 - ok
15:47:27.0372 0x22f8  [ F6E17C275666A4402588A30E36565910, 708438A37C8E1FD5107224494FE31A3571347471E5EDB812C7A50A8858F62606 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
15:47:27.0469 0x22f8  IntcAzAudAddService - ok
15:47:27.0523 0x22f8  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
15:47:27.0541 0x22f8  intelide - ok
15:47:27.0555 0x22f8  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:47:27.0593 0x22f8  intelppm - ok
15:47:27.0620 0x22f8  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:47:27.0665 0x22f8  IPBusEnum - ok
15:47:27.0684 0x22f8  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:47:27.0727 0x22f8  IpFilterDriver - ok
15:47:27.0754 0x22f8  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:47:27.0795 0x22f8  iphlpsvc - ok
15:47:27.0802 0x22f8  IpInIp - ok
15:47:27.0821 0x22f8  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
15:47:27.0859 0x22f8  IPMIDRV - ok
15:47:27.0874 0x22f8  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
15:47:27.0918 0x22f8  IPNAT - ok
15:47:27.0935 0x22f8  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:47:27.0984 0x22f8  IRENUM - ok
15:47:28.0002 0x22f8  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:47:28.0019 0x22f8  isapnp - ok
15:47:28.0054 0x22f8  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
15:47:28.0079 0x22f8  iScsiPrt - ok
15:47:28.0099 0x22f8  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
15:47:28.0116 0x22f8  iteatapi - ok
15:47:28.0132 0x22f8  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
15:47:28.0146 0x22f8  iteraid - ok
15:47:28.0164 0x22f8  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:47:28.0180 0x22f8  kbdclass - ok
15:47:28.0194 0x22f8  [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
15:47:28.0223 0x22f8  kbdhid - ok
15:47:28.0259 0x22f8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
15:47:28.0289 0x22f8  KeyIso - ok
15:47:28.0323 0x22f8  [ 5035EDF1F2E72F78BB1EC5BD9B97463F, 8AFAD580A96F002FFB22761B65D4B414917895C45B11B53089BB3E0331995EF7 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:47:28.0358 0x22f8  KSecDD - ok
15:47:28.0390 0x22f8  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:47:28.0430 0x22f8  KtmRm - ok
15:47:28.0448 0x22f8  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\System32\srvsvc.dll
15:47:28.0482 0x22f8  LanmanServer - ok
15:47:28.0515 0x22f8  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:47:28.0551 0x22f8  LanmanWorkstation - ok
15:47:28.0603 0x22f8  [ 793FF718477345CD5D232C50BED1E452, 1D39CF9F10742C79FF99B9B4E0361EAEA63B4FC545C58B54B55537D18C802941 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
15:47:28.0612 0x22f8  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
15:47:28.0910 0x22f8  Detect skipped due to KSN trusted
15:47:28.0910 0x22f8  LightScribeService - ok
15:47:28.0921 0x22f8  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:47:28.0955 0x22f8  lltdio - ok
15:47:28.0983 0x22f8  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:47:29.0040 0x22f8  lltdsvc - ok
15:47:29.0048 0x22f8  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:47:29.0101 0x22f8  lmhosts - ok
15:47:29.0125 0x22f8  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:47:29.0145 0x22f8  LSI_FC - ok
15:47:29.0172 0x22f8  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:47:29.0193 0x22f8  LSI_SAS - ok
15:47:29.0213 0x22f8  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:47:29.0233 0x22f8  LSI_SCSI - ok
15:47:29.0251 0x22f8  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:47:29.0285 0x22f8  luafv - ok
15:47:29.0300 0x22f8  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:47:29.0326 0x22f8  Mcx2Svc - ok
15:47:29.0354 0x22f8  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
15:47:29.0370 0x22f8  megasas - ok
15:47:29.0412 0x22f8  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
15:47:29.0447 0x22f8  MegaSR - ok
15:47:29.0492 0x22f8  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
15:47:29.0531 0x22f8  MMCSS - ok
15:47:29.0545 0x22f8  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
15:47:29.0588 0x22f8  Modem - ok
15:47:29.0611 0x22f8  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:47:29.0648 0x22f8  monitor - ok
15:47:29.0666 0x22f8  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:47:29.0682 0x22f8  mouclass - ok
15:47:29.0689 0x22f8  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:47:29.0729 0x22f8  mouhid - ok
15:47:29.0743 0x22f8  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
15:47:29.0759 0x22f8  MountMgr - ok
15:47:29.0820 0x22f8  [ DD370A8148862150BA81A3F5C56A1E40, F56B84297BDC32266CB69D10FB2D66B8B332D60CAB7E64E4E3AC2BB749BBD31B ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:47:29.0838 0x22f8  MozillaMaintenance - ok
15:47:29.0868 0x22f8  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:47:29.0885 0x22f8  mpio - ok
15:47:29.0909 0x22f8  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:47:29.0942 0x22f8  mpsdrv - ok
15:47:29.0981 0x22f8  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:47:30.0036 0x22f8  MpsSvc - ok
15:47:30.0054 0x22f8  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
15:47:30.0067 0x22f8  Mraid35x - ok
15:47:30.0087 0x22f8  [ B0584CA7DEF55929FDB5169BD28B2484, AF6A7E404FEB29F7F3428D0AF6682195E5E8ED106996A04E6947DBD575696546 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:47:30.0119 0x22f8  MRxDAV - ok
15:47:30.0138 0x22f8  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:47:30.0168 0x22f8  mrxsmb - ok
15:47:30.0200 0x22f8  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:47:30.0230 0x22f8  mrxsmb10 - ok
15:47:30.0246 0x22f8  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:47:30.0272 0x22f8  mrxsmb20 - ok
15:47:30.0292 0x22f8  [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:47:30.0307 0x22f8  msahci - ok
15:47:30.0322 0x22f8  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:47:30.0341 0x22f8  msdsm - ok
15:47:30.0359 0x22f8  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
15:47:30.0396 0x22f8  MSDTC - ok
15:47:30.0431 0x22f8  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:47:30.0466 0x22f8  Msfs - ok
15:47:30.0479 0x22f8  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:47:30.0496 0x22f8  msisadrv - ok
15:47:30.0527 0x22f8  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:47:30.0564 0x22f8  MSiSCSI - ok
15:47:30.0570 0x22f8  msiserver - ok
15:47:30.0591 0x22f8  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:47:30.0629 0x22f8  MSKSSRV - ok
15:47:30.0650 0x22f8  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:47:30.0688 0x22f8  MSPCLOCK - ok
15:47:30.0701 0x22f8  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:47:30.0730 0x22f8  MSPQM - ok
15:47:30.0747 0x22f8  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:47:30.0767 0x22f8  MsRPC - ok
15:47:30.0785 0x22f8  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:47:30.0800 0x22f8  mssmbios - ok
15:47:30.0816 0x22f8  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:47:30.0859 0x22f8  MSTEE - ok
15:47:30.0873 0x22f8  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:47:30.0891 0x22f8  Mup - ok
15:47:30.0931 0x22f8  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
15:47:30.0974 0x22f8  napagent - ok
15:47:31.0016 0x22f8  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:47:31.0045 0x22f8  NativeWifiP - ok
15:47:31.0086 0x22f8  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:47:31.0120 0x22f8  NDIS - ok
15:47:31.0137 0x22f8  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:47:31.0162 0x22f8  NdisTapi - ok
15:47:31.0170 0x22f8  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:47:31.0203 0x22f8  Ndisuio - ok
15:47:31.0227 0x22f8  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:47:31.0262 0x22f8  NdisWan - ok
15:47:31.0281 0x22f8  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:47:31.0314 0x22f8  NDProxy - ok
15:47:31.0330 0x22f8  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:47:31.0373 0x22f8  NetBIOS - ok
15:47:31.0397 0x22f8  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
15:47:31.0442 0x22f8  netbt - ok
15:47:31.0459 0x22f8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
15:47:31.0482 0x22f8  Netlogon - ok
15:47:31.0504 0x22f8  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
15:47:31.0555 0x22f8  Netman - ok
15:47:31.0580 0x22f8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:47:31.0606 0x22f8  NetMsmqActivator - ok
15:47:31.0616 0x22f8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:47:31.0639 0x22f8  NetPipeActivator - ok
15:47:31.0673 0x22f8  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
15:47:31.0725 0x22f8  netprofm - ok
15:47:31.0734 0x22f8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:47:31.0757 0x22f8  NetTcpActivator - ok
15:47:31.0765 0x22f8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:47:31.0788 0x22f8  NetTcpPortSharing - ok
15:47:31.0806 0x22f8  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:47:31.0823 0x22f8  nfrd960 - ok
15:47:31.0845 0x22f8  [ C96411DD46AABC0D6F3CF06D0E0E7E14, 0D36F322AF1B923D96735BFFCAC3FDB0B282E59220BADAB8B49AC178A6765380 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:47:31.0887 0x22f8  NlaSvc - ok
15:47:31.0902 0x22f8  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:47:31.0936 0x22f8  Npfs - ok
15:47:31.0969 0x22f8  [ 75AC610A7481CB1F343DC971249BCB19, F1DC7478F0219D88DEA5BAC95D11A6C3CA418D5BCB730EB0BC2D80247C39AC67 ] NPF_devolo      C:\Windows\system32\drivers\npf_devolo.sys
15:47:31.0979 0x22f8  NPF_devolo - detected UnsignedFile.Multi.Generic ( 1 )
15:47:32.0281 0x22f8  Detect skipped due to KSN trusted
15:47:32.0281 0x22f8  NPF_devolo - ok
15:47:32.0293 0x22f8  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
15:47:32.0338 0x22f8  nsi - ok
15:47:32.0359 0x22f8  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:47:32.0391 0x22f8  nsiproxy - ok
15:47:32.0460 0x22f8  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:47:32.0533 0x22f8  Ntfs - ok
15:47:32.0556 0x22f8  [ 7F1C1F78D709C4A54CBB46EDE7E0B48D, 52135D41983A9E9E1DCA250A63017076AE22AA06D77CCF2E5EF41154F958584A ] NTIDrvr         C:\Windows\system32\DRIVERS\NTIDrvr.sys
15:47:32.0569 0x22f8  NTIDrvr - detected UnsignedFile.Multi.Generic ( 1 )
15:47:32.0872 0x22f8  Detect skipped due to KSN trusted
15:47:32.0872 0x22f8  NTIDrvr - ok
15:47:32.0882 0x22f8  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
15:47:32.0938 0x22f8  ntrigdigi - ok
15:47:32.0945 0x22f8  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
15:47:32.0979 0x22f8  Null - ok
15:47:33.0037 0x22f8  [ B896FB556B4DC1E1D2943559EA79C5C5, 8819716153ACFF8F05AAA33F7E6CF24A09C8D2C78E4B5C5FF9F978CCA0AE1CB3 ] NVENETFD        C:\Windows\system32\DRIVERS\nvmfdx32.sys
15:47:33.0100 0x22f8  NVENETFD - ok
15:47:33.0130 0x22f8  [ F3EF6CB754C908C5E79FE5BB4A7E39BA, CE41E0FBEA6E8D4A659A2B1D38E6C76BF4A195A1D86DE825879F5A69D7A857D4 ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
15:47:33.0145 0x22f8  NVHDA - ok
15:47:33.0407 0x22f8  [ 23C24FDBC46B61A828DB3779A808A68B, CFB189CCACDD260811C34E86E515DF597DE2D2E4D0F50D6E070650BB8ED015CC ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:47:33.0800 0x22f8  nvlddmkm - ok
15:47:33.0831 0x22f8  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:47:33.0852 0x22f8  nvraid - ok
15:47:33.0879 0x22f8  [ 6F5BB0B40D251351A913B61BA9D64B3F, 69004AA640F59FF44F3EEAD3A0F9BF50850B161675BA9B837299649F92FBC0F6 ] nvrd32          C:\Windows\system32\drivers\nvrd32.sys
15:47:33.0897 0x22f8  nvrd32 - ok
15:47:33.0905 0x22f8  [ 7EC12A73067BACA25A8E3E2A58AE83D8, CB562872E951B599FDCCE27727F2329DC1031574A5A5CEF238D3DF1786E7D12A ] nvsmu           C:\Windows\system32\DRIVERS\nvsmu.sys
15:47:33.0933 0x22f8  nvsmu - ok
15:47:33.0945 0x22f8  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:47:33.0963 0x22f8  nvstor - ok
15:47:33.0987 0x22f8  [ 689A2160B851F8BF88F20728FD2F30BD, 9038C4B036EBD93E9150FA39165DB1E829A1018298BACF920FFD65B53A30EFD5 ] nvstor32        C:\Windows\system32\drivers\nvstor32.sys
15:47:34.0003 0x22f8  nvstor32 - ok
15:47:34.0019 0x22f8  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:47:34.0038 0x22f8  nv_agp - ok
15:47:34.0044 0x22f8  NwlnkFlt - ok
15:47:34.0054 0x22f8  NwlnkFwd - ok
15:47:34.0110 0x22f8  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:47:34.0136 0x22f8  odserv - ok
15:47:34.0170 0x22f8  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
15:47:34.0205 0x22f8  ohci1394 - ok
15:47:34.0253 0x22f8  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:47:34.0269 0x22f8  ose - ok
15:47:34.0475 0x22f8  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:47:34.0704 0x22f8  osppsvc - ok
15:47:34.0755 0x22f8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
15:47:34.0824 0x22f8  p2pimsvc - ok
15:47:34.0853 0x22f8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:47:34.0911 0x22f8  p2psvc - ok
15:47:34.0945 0x22f8  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
15:47:35.0002 0x22f8  Parport - ok
15:47:35.0023 0x22f8  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:47:35.0039 0x22f8  partmgr - ok
15:47:35.0061 0x22f8  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
15:47:35.0106 0x22f8  Parvdm - ok
15:47:35.0134 0x22f8  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:47:35.0163 0x22f8  PcaSvc - ok
15:47:35.0192 0x22f8  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
15:47:35.0213 0x22f8  pci - ok
15:47:35.0237 0x22f8  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
15:47:35.0252 0x22f8  pciide - ok
15:47:35.0275 0x22f8  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:47:35.0291 0x22f8  pcmcia - ok
15:47:35.0320 0x22f8  [ 8F93FB300DEAC55C553C2255F1D0342D, B50119D4AB86E5E5EA4E48F2F5FD5CC2CF8F461A6F1435119E77B2462D493BE5 ] PCTCore         C:\Windows\system32\drivers\PCTCore.sys
15:47:35.0340 0x22f8  PCTCore - ok
15:47:35.0361 0x22f8  [ F820B4C61D1E591325B679D479D4EEA4, 7AE393C2E31CA92083842563C8E887B473D64FD5BC10168FDD1822DF782DB854 ] pctDS           C:\Windows\system32\drivers\pctDS.sys
15:47:35.0385 0x22f8  pctDS - ok
15:47:35.0427 0x22f8  [ ACC8C15F3D59F17C5D903FF1DE3B43D3, C0451359864FD9E59DBDD12C55D84C9019EAD14B17D88785B111A738E542E616 ] pctEFA          C:\Windows\system32\drivers\pctEFA.sys
15:47:35.0471 0x22f8  pctEFA - ok
15:47:35.0525 0x22f8  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:47:35.0617 0x22f8  PEAUTH - ok
15:47:35.0700 0x22f8  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
15:47:35.0811 0x22f8  pla - ok
15:47:35.0840 0x22f8  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:47:35.0889 0x22f8  PlugPlay - ok
15:47:35.0924 0x22f8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
15:47:35.0989 0x22f8  PNRPAutoReg - ok
15:47:36.0032 0x22f8  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
15:47:36.0079 0x22f8  PNRPsvc - ok
15:47:36.0150 0x22f8  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:47:36.0222 0x22f8  PolicyAgent - ok
15:47:36.0251 0x22f8  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:47:36.0293 0x22f8  PptpMiniport - ok
15:47:36.0310 0x22f8  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
15:47:36.0344 0x22f8  Processor - ok
15:47:36.0365 0x22f8  [ 0D5DAD610D7EA1627581ED06FB2BAA9A, 6E27CF3A1624AE10EECB8B5F38E03D76A6AABE4E75DD66DEDD67E0773935A396 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:47:36.0402 0x22f8  ProfSvc - ok
15:47:36.0418 0x22f8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
15:47:36.0441 0x22f8  ProtectedStorage - ok
15:47:36.0463 0x22f8  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
15:47:36.0501 0x22f8  PSched - ok
15:47:36.0522 0x22f8  [ AB94285FF6C6BC5433407D8D182A4BB4, FEEED76008F5FFE3E55791B4EF96FF5D7A81151E406AFF0C353343CABFBA4038 ] PSDFilter       C:\Windows\system32\DRIVERS\psdfilter.sys
15:47:36.0535 0x22f8  PSDFilter - ok
15:47:36.0549 0x22f8  [ 2AAF9A5D7A63D26BFAEA853C5F2292BC, EF5CB105F487F3AECC83C743D77CE4CCFD8D4DFD342DE696B89250A65C654307 ] PSDNServ        C:\Windows\system32\DRIVERS\PSDNServ.sys
15:47:36.0562 0x22f8  PSDNServ - ok
15:47:36.0576 0x22f8  [ 0EB8CEC99855BEAE5B0D02C2302619EF, E708FCAEA004D61AA107A392F637CF564F25634BC483134FC79032D0E17F5FEF ] psdvdisk        C:\Windows\system32\DRIVERS\PSDVdisk.sys
15:47:36.0592 0x22f8  psdvdisk - ok
15:47:36.0654 0x22f8  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:47:36.0791 0x22f8  ql2300 - ok
15:47:36.0824 0x22f8  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:47:36.0843 0x22f8  ql40xx - ok
15:47:36.0873 0x22f8  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
15:47:36.0911 0x22f8  QWAVE - ok
15:47:36.0927 0x22f8  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:47:36.0949 0x22f8  QWAVEdrv - ok
15:47:36.0964 0x22f8  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:47:37.0011 0x22f8  RasAcd - ok
15:47:37.0029 0x22f8  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
15:47:37.0075 0x22f8  RasAuto - ok
15:47:37.0094 0x22f8  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:47:37.0129 0x22f8  Rasl2tp - ok
15:47:37.0159 0x22f8  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
15:47:37.0208 0x22f8  RasMan - ok
15:47:37.0234 0x22f8  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:47:37.0258 0x22f8  RasPppoe - ok
15:47:37.0270 0x22f8  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:47:37.0297 0x22f8  RasSstp - ok
15:47:37.0320 0x22f8  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:47:37.0374 0x22f8  rdbss - ok
15:47:37.0395 0x22f8  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:47:37.0435 0x22f8  RDPCDD - ok
15:47:37.0461 0x22f8  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
15:47:37.0497 0x22f8  rdpdr - ok
15:47:37.0504 0x22f8  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:47:37.0540 0x22f8  RDPENCDD - ok
15:47:37.0564 0x22f8  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:47:37.0600 0x22f8  RDPWD - ok
15:47:37.0627 0x22f8  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:47:37.0659 0x22f8  RemoteAccess - ok
15:47:37.0682 0x22f8  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:47:37.0712 0x22f8  RemoteRegistry - ok
15:47:37.0759 0x22f8  [ C1C132455200AD4704142442C89D0FA4, 2A2F9484CB818DBB783552B128B5E5AFB544FA488C0EE7A60C322111F16FCD16 ] RichVideo       C:\Program Files\CyberLink\Shared Files\RichVideo.exe
15:47:37.0775 0x22f8  RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
15:47:38.0074 0x22f8  Detect skipped due to KSN trusted
15:47:38.0074 0x22f8  RichVideo - ok
15:47:38.0117 0x22f8  [ EEC7EE5675294B03E88AA868540007C1, 4FA2DFD007ED0B6276D80D7948E5A676620BB120BAF2BDB22D2D1E6ABA08F1B4 ] RMCAST          C:\Windows\system32\DRIVERS\RMCAST.sys
15:47:38.0153 0x22f8  RMCAST - ok
15:47:38.0179 0x22f8  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
15:47:38.0211 0x22f8  RpcLocator - ok
15:47:38.0243 0x22f8  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
15:47:38.0286 0x22f8  RpcSs - ok
15:47:38.0303 0x22f8  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:47:38.0332 0x22f8  rspndr - ok
15:47:38.0351 0x22f8  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
15:47:38.0371 0x22f8  SamSs - ok
15:47:38.0390 0x22f8  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:47:38.0405 0x22f8  sbp2port - ok
15:47:38.0428 0x22f8  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:47:38.0465 0x22f8  SCardSvr - ok
15:47:38.0502 0x22f8  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
15:47:38.0558 0x22f8  Schedule - ok
15:47:38.0590 0x22f8  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:47:38.0615 0x22f8  SCPolicySvc - ok
15:47:38.0654 0x22f8  [ A1089AC7683826E6C7C9FAB9723DD80F, 8C8E29DA3A53CAC5B4294276DB50D44D7C90209EF40A0CD955D5BE25C0CF9985 ] sdAuxService    C:\Program Files\PC Tools Security\pctsAuxs.exe
15:47:38.0682 0x22f8  sdAuxService - ok
15:47:38.0756 0x22f8  [ 2E5651BEB5C4C23757723DACFD230246, 333C3851850F6F63174D87DB4C45EA86F85F5559FF70B6237F393D44BF824F88 ] sdCoreService   C:\Program Files\PC Tools Security\pctsSvc.exe
15:47:38.0840 0x22f8  sdCoreService - ok
15:47:38.0867 0x22f8  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:47:38.0905 0x22f8  SDRSVC - ok
15:47:38.0916 0x22f8  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:47:38.0978 0x22f8  secdrv - ok
15:47:38.0994 0x22f8  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
15:47:39.0030 0x22f8  seclogon - ok
15:47:39.0044 0x22f8  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
15:47:39.0084 0x22f8  SENS - ok
15:47:39.0106 0x22f8  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:47:39.0147 0x22f8  Serenum - ok
15:47:39.0170 0x22f8  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:47:39.0214 0x22f8  Serial - ok
15:47:39.0235 0x22f8  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:47:39.0267 0x22f8  sermouse - ok
15:47:39.0307 0x22f8  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:47:39.0345 0x22f8  SessionEnv - ok
15:47:39.0362 0x22f8  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:47:39.0404 0x22f8  sffdisk - ok
15:47:39.0420 0x22f8  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:47:39.0453 0x22f8  sffp_mmc - ok
15:47:39.0473 0x22f8  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:47:39.0518 0x22f8  sffp_sd - ok
15:47:39.0540 0x22f8  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:47:39.0602 0x22f8  sfloppy - ok
15:47:39.0634 0x22f8  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:47:39.0688 0x22f8  SharedAccess - ok
15:47:39.0717 0x22f8  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:47:39.0762 0x22f8  ShellHWDetection - ok
15:47:39.0774 0x22f8  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
15:47:39.0790 0x22f8  sisagp - ok
15:47:39.0820 0x22f8  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
15:47:39.0836 0x22f8  SiSRaid2 - ok
15:47:39.0853 0x22f8  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:47:39.0870 0x22f8  SiSRaid4 - ok
15:47:40.0004 0x22f8  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
15:47:40.0209 0x22f8  slsvc - ok
15:47:40.0256 0x22f8  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
15:47:40.0292 0x22f8  SLUINotify - ok
15:47:40.0309 0x22f8  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:47:40.0343 0x22f8  Smb - ok
15:47:40.0379 0x22f8  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:47:40.0402 0x22f8  SNMPTRAP - ok
15:47:40.0414 0x22f8  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:47:40.0431 0x22f8  spldr - ok
15:47:40.0461 0x22f8  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
15:47:40.0488 0x22f8  Spooler - ok
15:47:40.0522 0x22f8  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:47:40.0569 0x22f8  srv - ok
15:47:40.0586 0x22f8  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:47:40.0626 0x22f8  srv2 - ok
15:47:40.0640 0x22f8  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:47:40.0664 0x22f8  srvnet - ok
15:47:40.0690 0x22f8  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:47:40.0730 0x22f8  SSDPSRV - ok
15:47:40.0752 0x22f8  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
15:47:40.0767 0x22f8  ssmdrv - ok
15:47:40.0798 0x22f8  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:47:40.0831 0x22f8  SstpSvc - ok
15:47:40.0901 0x22f8  [ 98CC6BDCB5F593394CE2000EC454AEE4, 13973E69DDFB5A0494141C60ABF0E6F7EF555B476AC4171B18A31FF04618D54B ] StarMoney 8.0 OnlineUpdate C:\Program Files\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe
15:47:40.0943 0x22f8  StarMoney 8.0 OnlineUpdate - ok
15:47:41.0019 0x22f8  [ 3BF022F8064A83A23DF90971DD78CA83, 85754DF1C6DE745ADF9A0BAB1948AFF2CA16C4569128DA90AF610D199E621BF4 ] StarMoney 9.0 OnlineUpdate C:\Program Files\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
15:47:41.0055 0x22f8  StarMoney 9.0 OnlineUpdate - ok
15:47:41.0091 0x22f8  [ EF70B3D22B4BFFDA6EA851ECB063EFAA, 1666572F8F988805C3A2E949FA6B060B35B72DBB115B86F4CFC710FB6A86C3E3 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
15:47:41.0128 0x22f8  StillCam - ok
15:47:41.0172 0x22f8  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
15:47:41.0233 0x22f8  stisvc - ok
15:47:41.0250 0x22f8  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:47:41.0266 0x22f8  swenum - ok
15:47:41.0301 0x22f8  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
15:47:41.0341 0x22f8  swprv - ok
15:47:41.0357 0x22f8  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
15:47:41.0374 0x22f8  Symc8xx - ok
15:47:41.0384 0x22f8  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
15:47:41.0400 0x22f8  Sym_hi - ok
15:47:41.0413 0x22f8  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
15:47:41.0434 0x22f8  Sym_u3 - ok
15:47:41.0480 0x22f8  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
15:47:41.0561 0x22f8  SysMain - ok
15:47:41.0578 0x22f8  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:47:41.0611 0x22f8  TabletInputService - ok
15:47:41.0638 0x22f8  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:47:41.0693 0x22f8  TapiSrv - ok
15:47:41.0716 0x22f8  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
15:47:41.0753 0x22f8  TBS - ok
15:47:41.0800 0x22f8  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:47:41.0862 0x22f8  Tcpip - ok
15:47:41.0915 0x22f8  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
15:47:41.0962 0x22f8  Tcpip6 - ok
15:47:41.0993 0x22f8  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:47:42.0038 0x22f8  tcpipreg - ok
15:47:42.0052 0x22f8  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:47:42.0094 0x22f8  TDPIPE - ok
15:47:42.0109 0x22f8  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:47:42.0152 0x22f8  TDTCP - ok
15:47:42.0169 0x22f8  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:47:42.0199 0x22f8  tdx - ok
15:47:42.0219 0x22f8  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:47:42.0236 0x22f8  TermDD - ok
15:47:42.0263 0x22f8  [ DBD84E59D631569EC3E756EF144E8431, 9E58629EC762584A2D294A619593620626F7CBE467045AD0F920B6CF1D4B4724 ] TermService     C:\Windows\System32\termsrv.dll
15:47:42.0321 0x22f8  TermService - ok
15:47:42.0342 0x22f8  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
15:47:42.0369 0x22f8  Themes - ok
15:47:42.0384 0x22f8  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
15:47:42.0415 0x22f8  THREADORDER - ok
15:47:42.0435 0x22f8  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
15:47:42.0479 0x22f8  TrkWks - ok
15:47:42.0512 0x22f8  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:47:42.0548 0x22f8  TrustedInstaller - ok
15:47:42.0576 0x22f8  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:47:42.0605 0x22f8  tssecsrv - ok
15:47:42.0630 0x22f8  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
15:47:42.0652 0x22f8  tunmp - ok
15:47:42.0673 0x22f8  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:47:42.0694 0x22f8  tunnel - ok
15:47:42.0724 0x22f8  [ 97DD70FECA64FB4F63DE7BB7E66A80B1, 3C045B227C1D3AC7DE68D666CE51A0BB18226683AE40AACCBF4CE74152C33CAC ] tvicport        C:\Windows\system32\drivers\tvicport.sys
15:47:42.0732 0x22f8  tvicport - detected UnsignedFile.Multi.Generic ( 1 )
15:47:43.0036 0x22f8  Detect skipped due to KSN trusted
15:47:43.0036 0x22f8  tvicport - ok
15:47:43.0053 0x22f8  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:47:43.0071 0x22f8  uagp35 - ok
15:47:43.0093 0x22f8  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:47:43.0139 0x22f8  udfs - ok
15:47:43.0188 0x22f8  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:47:43.0240 0x22f8  UI0Detect - ok
15:47:43.0254 0x22f8  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:47:43.0270 0x22f8  uliagpkx - ok
15:47:43.0289 0x22f8  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
15:47:43.0314 0x22f8  uliahci - ok
15:47:43.0334 0x22f8  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
15:47:43.0350 0x22f8  UlSata - ok
15:47:43.0371 0x22f8  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
15:47:43.0389 0x22f8  ulsata2 - ok
15:47:43.0403 0x22f8  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:47:43.0433 0x22f8  umbus - ok
15:47:43.0469 0x22f8  [ 88BD96A1BAEED33EE8BDF9499C07A841, 1C4DA1B34FE52B8022AB23CBF18D6B16635283625BB2D08E6524292E6009773A ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:47:43.0498 0x22f8  UmPass - ok
15:47:43.0580 0x22f8  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
15:47:43.0641 0x22f8  upnphost - ok
15:47:43.0670 0x22f8  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:47:43.0719 0x22f8  usbccgp - ok
15:47:43.0737 0x22f8  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:47:43.0804 0x22f8  usbcir - ok
15:47:43.0839 0x22f8  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:47:43.0859 0x22f8  usbehci - ok
15:47:43.0874 0x22f8  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:47:43.0920 0x22f8  usbhub - ok
15:47:43.0945 0x22f8  [ D457EBD0C3A8B3A3A144355B5EE91CBC, 6AD52BDBB1607A48F0B02E663B97C3A00E3345B1B12C259608A5AE728C1C06B2 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
15:47:43.0965 0x22f8  usbohci - ok
15:47:43.0984 0x22f8  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:47:44.0017 0x22f8  usbprint - ok
15:47:44.0053 0x22f8  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:47:44.0074 0x22f8  usbscan - ok
15:47:44.0100 0x22f8  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:47:44.0150 0x22f8  USBSTOR - ok
15:47:44.0165 0x22f8  [ 814D653EFC4D48BE3B04A307ECEFF56F, D73D62F51AEFE2F8F2B938B20107C246F2AC2F62ED49112DBD092A5D2E4024B3 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:47:44.0225 0x22f8  usbuhci - ok
15:47:44.0246 0x22f8  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
15:47:44.0277 0x22f8  UxSms - ok
15:47:44.0385 0x22f8  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
15:47:44.0428 0x22f8  vds - ok
15:47:44.0452 0x22f8  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:47:44.0492 0x22f8  vga - ok
15:47:44.0502 0x22f8  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:47:44.0538 0x22f8  VgaSave - ok
15:47:44.0559 0x22f8  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
15:47:44.0577 0x22f8  viaagp - ok
15:47:44.0598 0x22f8  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
15:47:44.0631 0x22f8  ViaC7 - ok
15:47:44.0658 0x22f8  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
15:47:44.0672 0x22f8  viaide - ok
15:47:44.0682 0x22f8  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:47:44.0698 0x22f8  volmgr - ok
15:47:44.0734 0x22f8  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:47:44.0766 0x22f8  volmgrx - ok
15:47:44.0803 0x22f8  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:47:44.0823 0x22f8  volsnap - ok
15:47:44.0849 0x22f8  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:47:44.0870 0x22f8  vsmraid - ok
15:47:44.0915 0x22f8  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
15:47:45.0011 0x22f8  VSS - ok
15:47:45.0045 0x22f8  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
15:47:45.0087 0x22f8  W32Time - ok
15:47:45.0104 0x22f8  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:47:45.0153 0x22f8  WacomPen - ok
15:47:45.0172 0x22f8  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
15:47:45.0208 0x22f8  Wanarp - ok
15:47:45.0214 0x22f8  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:47:45.0244 0x22f8  Wanarpv6 - ok
15:47:45.0268 0x22f8  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:47:45.0303 0x22f8  wcncsvc - ok
15:47:45.0337 0x22f8  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:47:45.0367 0x22f8  WcsPlugInService - ok
15:47:45.0382 0x22f8  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
15:47:45.0398 0x22f8  Wd - ok
15:47:45.0504 0x22f8  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:47:45.0543 0x22f8  Wdf01000 - ok
15:47:45.0568 0x22f8  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:47:45.0616 0x22f8  WdiServiceHost - ok
15:47:45.0622 0x22f8  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:47:45.0659 0x22f8  WdiSystemHost - ok
15:47:45.0690 0x22f8  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
15:47:45.0733 0x22f8  WebClient - ok
15:47:45.0763 0x22f8  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:47:45.0800 0x22f8  Wecsvc - ok
15:47:45.0820 0x22f8  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:47:45.0859 0x22f8  wercplsupport - ok
15:47:45.0881 0x22f8  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:47:45.0916 0x22f8  WerSvc - ok
15:47:45.0982 0x22f8  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
15:47:46.0006 0x22f8  WinDefend - ok
15:47:46.0023 0x22f8  WinHttpAutoProxySvc - ok
15:47:46.0079 0x22f8  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:47:46.0113 0x22f8  Winmgmt - ok
15:47:46.0165 0x22f8  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:47:46.0254 0x22f8  WinRM - ok
15:47:46.0303 0x22f8  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:47:46.0374 0x22f8  Wlansvc - ok
15:47:46.0386 0x22f8  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:47:46.0420 0x22f8  WmiAcpi - ok
15:47:46.0451 0x22f8  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:47:46.0484 0x22f8  wmiApSrv - ok
15:47:46.0532 0x22f8  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
15:47:46.0596 0x22f8  WMPNetworkSvc - ok
15:47:46.0617 0x22f8  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:47:46.0655 0x22f8  WPCSvc - ok
15:47:46.0684 0x22f8  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:47:46.0732 0x22f8  WPDBusEnum - ok
15:47:46.0764 0x22f8  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
15:47:46.0799 0x22f8  WpdUsb - ok
15:47:46.0863 0x22f8  [ C108DC20ACE05072350DBB6934E277FB, 548E6ABE4C4ADE48260FFDC7BADFD1697972EA3AE94D6576498C8A183D8CE0C8 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:47:46.0912 0x22f8  WPFFontCache_v0400 - ok
15:47:46.0946 0x22f8  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:47:46.0981 0x22f8  ws2ifsl - ok
15:47:47.0004 0x22f8  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\system32\wscsvc.dll
15:47:47.0056 0x22f8  wscsvc - ok
15:47:47.0098 0x22f8  [ 4422AC5ED8D4C2F0DB63E71D4C069DD7, B010DCC7B802C26A701A7DE1CA1B21D6B43D99FE88524D015C9228376B0BDA6E ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
15:47:47.0137 0x22f8  WSDPrintDevice - ok
15:47:47.0147 0x22f8  WSearch - ok
15:47:47.0234 0x22f8  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:47:47.0320 0x22f8  wuauserv - ok
15:47:47.0382 0x22f8  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:47:47.0416 0x22f8  WudfPf - ok
15:47:47.0444 0x22f8  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:47:47.0477 0x22f8  WUDFRd - ok
15:47:47.0506 0x22f8  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:47:47.0546 0x22f8  wudfsvc - ok
15:47:47.0585 0x22f8  [ 40AC8590CC9006DBB99FFCB37879D4C6, 3EBC1379503C1E65034A25660FB634813926B0918FCB6A3E6F36CEBB57DA9E20 ] zntport         C:\Windows\system32\drivers\zntport.sys
15:47:47.0598 0x22f8  zntport - detected UnsignedFile.Multi.Generic ( 1 )
15:47:47.0894 0x22f8  Detect skipped due to KSN trusted
15:47:47.0894 0x22f8  zntport - ok
15:47:47.0922 0x22f8  ================ Scan global ===============================
15:47:47.0941 0x22f8  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
15:47:47.0982 0x22f8  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
15:47:48.0016 0x22f8  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
15:47:48.0064 0x22f8  [ 4F0A7910FC7D8A66433FA9961EEF8BB5, 2086EDEE8CF9CC9BDBDC03018F7C28BB56172F941CB4D6F3D857BCF82B32FB6B ] C:\Windows\system32\services.exe
15:47:48.0074 0x22f8  [ Global ] - ok
15:47:48.0076 0x22f8  ================ Scan MBR ==================================
15:47:48.0103 0x22f8  [ A863475757CC50891AA8458C415E4B25 ] \Device\Harddisk0\DR0
15:47:50.0352 0x22f8  \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
15:47:50.0352 0x22f8  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:47:50.0546 0x22f8  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk1\DR1
15:47:50.0783 0x22f8  \Device\Harddisk1\DR1 - ok
15:47:50.0788 0x22f8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
15:47:50.0862 0x22f8  \Device\Harddisk2\DR2 - ok
15:47:50.0862 0x22f8  ================ Scan VBR ==================================
15:47:50.0886 0x22f8  [ 822D9364935B33E0AFAFA4B383F98723 ] \Device\Harddisk0\DR0\Partition1
15:47:50.0903 0x22f8  \Device\Harddisk0\DR0\Partition1 - ok
15:47:50.0920 0x22f8  [ 29023B611AE8AA5B883D2155B87646B2 ] \Device\Harddisk0\DR0\Partition2
15:47:50.0935 0x22f8  \Device\Harddisk0\DR0\Partition2 - ok
15:47:50.0939 0x22f8  [ 4AA35A2A5952AF226B39591A9DAEE269 ] \Device\Harddisk1\DR1\Partition1
15:47:50.0965 0x22f8  \Device\Harddisk1\DR1\Partition1 - ok
15:47:50.0967 0x22f8  [ DD12B7B2A7C7BF190649EF8407FE9A07 ] \Device\Harddisk2\DR2\Partition1
15:47:51.0009 0x22f8  \Device\Harddisk2\DR2\Partition1 - ok
15:47:51.0009 0x22f8  ================ Scan generic autorun ======================
15:47:51.0062 0x22f8  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
15:47:51.0127 0x22f8  Windows Defender - ok
15:47:51.0354 0x22f8  [ 905A44230F1A7CFF23BBA670B247E6AA, 0A63A42F4942E1E9D568186F07F2EA3AB377132E075B18C486BD746DE6E0F419 ] C:\Windows\RtHDVCpl.exe
15:47:51.0593 0x22f8  RtHDVCpl - ok
15:47:51.0632 0x22f8  [ 712FC805D0DD5C41A0C364BF5B49AA91, 30CF527DBE1B2070BBB19BA4BE058ED95B99841301470413A6301D74A338AE75 ] C:\Acer\Empowering Technology\SysMonitor.exe
15:47:51.0651 0x22f8  Acer Empowering Technology Monitor - ok
15:47:51.0688 0x22f8  [ 4BC8167722B6C79B1B13F1F2076B9EEC, 662E214F02735D40C0DB00AFB9FB943F93FCFD739779340C3B87E140B8AD2384 ] C:\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
15:47:51.0713 0x22f8  eDataSecurity Loader - ok
15:47:51.0760 0x22f8  [ 37728F6DB0A8D31B0A1C49A7228E1D34, 6F545DF31523E41CA90C4277B544BE7A132D0CCAAFB5F621916E7FC4083D47A9 ] C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
15:47:51.0774 0x22f8  PCMMediaSharing - detected UnsignedFile.Multi.Generic ( 1 )
15:47:52.0121 0x22f8  Detect skipped due to KSN trusted
15:47:52.0121 0x22f8  PCMMediaSharing - ok
15:47:52.0150 0x22f8  [ 4F42FAB0A6E4A9AD8606AEF8C4D78722, 2264D01EC2E315038AD72C4B01847A9FEFD2C25DFA760C8D00D9633BD756DB8E ] C:\Windows\system32\nvraidservice.exe
15:47:52.0170 0x22f8  NVRaidService - ok
15:47:52.0190 0x22f8  [ 88132DEEBC4282ABDEAC30D3625BAFF3, 20BC57511527B4312B1335C37121EDE488E1F0E9EC4C3DAEBA7D8C9DF5877623 ] C:\Program Files\PC Tools Security\BDT\FGuard.exe
15:47:52.0205 0x22f8  PCTools FGuard - ok
15:47:52.0272 0x22f8  [ 66177D4C99FD8B578C7C56DE445E4D5D, 003D0254D7C693A72DE84CB76858F8D67D9FD62206F1B56DF7F5D0FA834C3BA7 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
15:47:52.0306 0x22f8  avgnt - ok
15:47:52.0397 0x22f8  [ 504C916D52ABA407FD4DC1E709AEA71E, 8F279620247481F28DF7D9FD4A81173396E39EB807E24587E89CAF1172CC846C ] C:\Program Files\avmwlanstick\wlangui.exe
15:47:52.0512 0x22f8  AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
15:47:52.0812 0x22f8  Detect skipped due to KSN trusted
15:47:52.0812 0x22f8  AVMWlanClient - ok
15:47:52.0817 0x22f8  NvSvc - ok
15:47:52.0823 0x22f8  NvCplDaemon - ok
15:47:52.0828 0x22f8  NvMediaCenter - ok
15:47:52.0862 0x22f8  [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
15:47:52.0896 0x22f8  ehTray.exe - ok
15:47:52.0986 0x22f8  [ 395BCC9122E705F6586217E32CD01CC9, 0A2E3BF0E626A65B9FF1BEFB35FFBC9CCAA3C75DB395D175AAE2DD014A8E8A34 ] C:\Program Files\HP\HP Officejet 6600\Bin\ScanToPCActivationApp.exe
15:47:53.0059 0x22f8  HP Officejet 6600 (NET) - ok
15:47:53.0091 0x22f8  [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\WMPNSCFG.exe
15:47:53.0115 0x22f8  WMPNSCFG - ok
15:47:53.0207 0x22f8  [ 395BCC9122E705F6586217E32CD01CC9, 0A2E3BF0E626A65B9FF1BEFB35FFBC9CCAA3C75DB395D175AAE2DD014A8E8A34 ] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
15:47:53.0298 0x22f8  HP Officejet Pro 8600 (NET) - ok
15:47:53.0302 0x22f8  Waiting for KSN requests completion. In queue: 11
15:47:54.0327 0x22f8  AV detected via SS2: Avira Antivirus, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 15.0.10.414 ), 0x40000 ( disabled : updated )
15:47:54.0335 0x22f8  Win FW state via NFP2: enabled
15:47:54.0473 0x22f8  ============================================================
15:47:54.0473 0x22f8  Scan finished
15:47:54.0473 0x22f8  ============================================================
15:47:54.0484 0x2424  Detected object count: 1
15:47:54.0484 0x2424  Actual detected object count: 1
15:49:53.0702 0x2424  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
15:49:53.0702 0x2424  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Alt 25.05.2015, 20:01   #15
M-K-D-B
/// TB-Ausbilder
 
DHL Virus oder Trojaner warscheinlich eingefangen - Standard

DHL Virus oder Trojaner warscheinlich eingefangen


Servus,



Starte deinen Rechner nach dieser Anleitung und führe das TDSS-Killer nochmal im abgesicherten Modus aus.

Wähle dort bei dem o. g. Fund Delete aus und lass den Rechner über TDSS-Killer neu starten. Poste die Logdatei.

Antwort
Seite 1 von 6 1 23 Letzte »

Themen zu DHL Virus oder Trojaner warscheinlich eingefangen
antivir, brauche, dhl virus, eingefangen, firefox, gefangen, gen, installer, interne, internet, link, mail, malware, mauszeiger, pakete, quarantäne, rojaner gefunden, software, total, trojaner, unerwünschte, virus, website, wirklich, würde, überall, öffnen


« Windows 8.1/N900: Skype verschickt mit meinem Account "Hi! goo.gl/*" | Explorer schließt sich immer wieder »


Ähnliche Themen: DHL Virus oder Trojaner warscheinlich eingefangen


  1. Virus oder Trojaner eingefangen?Private Daten verschwunden...
    Plagegeister aller Art und deren Bekämpfung - 23.10.2014 (3)
  2. Evtl. Virus oder Trojaner eingefangen
    Log-Analyse und Auswertung - 04.02.2013 (24)
  3. Virus oder Trojaner eingefangen
    Log-Analyse und Auswertung - 18.01.2013 (1)
  4. Hilfe,Virus oder Trojaner eingefangen. Nur halber Erfolg durch Eigenreparatur.
    Log-Analyse und Auswertung - 27.08.2012 (19)
  5. Link in email geöffnet! Virus oder Trojaner eingefangen?
    Log-Analyse und Auswertung - 02.07.2012 (22)
  6. Virus/Trojaner über Facebook eingefangen oder nicht?
    Log-Analyse und Auswertung - 14.04.2011 (11)
  7. Virus oder Trojaner eingefangen? Musik läuft im Hintergrund!
    Plagegeister aller Art und deren Bekämpfung - 06.09.2010 (1)
  8. habe warscheinlich viren und /oder trojana on board (laptop)
    Log-Analyse und Auswertung - 05.08.2010 (3)
  9. Trojaner oder Virus eingefangen
    Plagegeister aller Art und deren Bekämpfung - 14.07.2010 (5)
  10. Virus oder Trojaner eingefangen!!
    Plagegeister aller Art und deren Bekämpfung - 06.02.2009 (3)
  11. Virus oder Trojaner eingefangen
    Plagegeister aller Art und deren Bekämpfung - 08.01.2009 (0)
  12. Fieser Virus oder Trojaner eingefangen :(
    Mülltonne - 22.07.2008 (0)
  13. MSN - virus oder ähnliches eingefangen!?
    Plagegeister aller Art und deren Bekämpfung - 15.01.2008 (1)
  14. sehr hohe cpuauslastung, virus oder Trojaner eingefangen? bitte logfile auswerten
    Log-Analyse und Auswertung - 27.07.2007 (2)
  15. Bin warscheinlich mit sehr gut gemachten Virus oder Rootkit infected....
    Plagegeister aller Art und deren Bekämpfung - 14.11.2006 (6)
  16. Virus oder trojaner über codec eingefangen
    Log-Analyse und Auswertung - 12.10.2006 (2)
  17. Habe mir Virus oder Spyware eingefangen
    Log-Analyse und Auswertung - 31.12.2005 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema DHL Virus oder Trojaner warscheinlich eingefangen - Ich habe mir warscheinlich vor ca. 3 Tagen etwas eingefangen. Da ich auf 3 Pakete von DHL wartete, habe ich eine Mail von Dhl angeklickt und auch auf den Link - DHL Virus oder Trojaner warscheinlich eingefangen...
Archiv
Du betrachtest: DHL Virus oder Trojaner warscheinlich eingefangen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19