| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Spammail durch meinen AccountWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.08.2015, 07:43
| #1 |
| |  Spammail durch meinen Account Hallo, habe festgestellt, dass mit meiner Mailadresse Spammails verteilt wurden. Auch an meine eigene Adresse wurden Mails gesendet. In der Verteilerliste der Spammail habe ich dann alles mir bekannte Mailadressen gefunden, welche wiederum aus Verteilerlisten von mir empfangener Mails stammen müssen. Die Mailkonten sind bei 1&1 und ich arbeite mit Outlook unter Windows 7. Wo kann das Leck sein? Wie kann man sich dagegen schützen? Gruß halifax Geändert von halifax09 (24.08.2015 um 07:48 Uhr) |
|
24.08.2015, 08:00
| #2 |
| /// the machine /// TB-Ausbilder    | Spammail durch meinen Account hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
24.08.2015, 09:21
| #3 |
| | Spammail durch meinen Account Hallo,
__________________hier die Logdateien: FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-08-2015
durchgeführt von halifax (Administrator) auf MIRACULIX (24-08-2015 09:41:31)
Gestartet von F:\Software\Farbar Recovery Scan Tool
Geladene Profile: halifax (Verfügbare Profile: halifax)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Flexera Software, Inc.) C:\SEFlex\Program\lmgrd.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Flexera Software, Inc.) C:\SEFlex\Program\lmgrd.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(Siemens PLM Software Inc.) C:\SEFlex\Program\selmd.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
() C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\OmniPage19\OpAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Evoluent) C:\Program Files\Evoluent\VMouse\V4\EvoMouseExec.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\HPPU.exe
() C:\jAnrufmonitor\jam.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Designjet ePrintAndShare\HPePSUploader.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Create 8\PdfCreate8Hook.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Designjet ePrintAndShare\HPePSPortMonitorCommunicator.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDH.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieRpcSs.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\32\SbieSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieCrypto.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wbengine.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe [2907240 2010-10-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [1875048 2010-08-05] ()
HKLM\...\Run: [TdmNotify] => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [257392 2011-05-27] (Wave Systems Corp.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112408 2011-08-09] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [PUStarter] => C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\Appinterfaces\HPPUDS.exe [73728 2013-08-07] (Hewlett-Packard Company)
HKLM-x32\...\Run: [RunPUTasktray] => C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\HPPU.exe [68608 2013-08-07] (Hewlett-Packard Company)
HKLM-x32\...\Run: [ItalusUploader] => C:\Program Files (x86)\Hewlett-Packard\HP Designjet ePrintAndShare\HPePSUploader.exe [398336 2013-06-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [OmniPage Preload] => C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe [2922824 2013-04-22] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Nuance OmniPage Ultimate-reminder] => C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe [334152 2013-01-14] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFCreHook] => C:\Program Files (x86)\Nuance\PDF Create 8\pdfcreate8hook.exe [1029960 2013-03-12] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF8 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Create 8\RegistryController.exe [180040 2013-03-12] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [196648 2014-09-26] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Speedup_umh] => C:\Program Files (x86)\Avira\AviraSpeedup\Speedup_umh.exe [194832 2015-06-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKU\S-1-5-21-7558648-862555400-3682171913-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-7558648-862555400-3682171913-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-7558648-862555400-3682171913-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [784392 2014-05-29] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-7558648-862555400-3682171913-1000\...\Run: [HotFolder.FR12] => "C:\Program Files (x86)\ABBYY FineReader 12\HotFolder.exe" /AutoRun
HKU\S-1-5-21-7558648-862555400-3682171913-1000\...\Run: [OpAgent] => C:\Program Files (x86)\Nuance\OmniPage19\OpAgent.exe [2459976 2013-04-22] (Nuance Communications, Inc.)
HKU\S-1-5-21-7558648-862555400-3682171913-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [43816 2015-04-26] (Apple Inc.)
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Evoluent Mouse Manager.lnk [2013-12-02]
ShortcutTarget: Evoluent Mouse Manager.lnk -> C:\Windows\Installer\{0F8F4447-1F0B-4703-9BD5-53F0274CE856}\_B5CB566BBFE908A7621D0F.exe ()
Startup: C:\Users\halifax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jAnrufmonitor 5.0.lnk [2015-08-03]
ShortcutTarget: jAnrufmonitor 5.0.lnk -> C:\jAnrufmonitor\jam.exe ()
Startup: C:\Users\halifax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-08-19]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2011-05-27] (Wave Systems Corp.)
ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2011-05-27] (Wave Systems Corp.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKU\S-1-5-21-7558648-862555400-3682171913-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-7558648-862555400-3682171913-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USREL/8
SearchScopes: HKLM -> DefaultScope {47CCFCEC-808A-4E2E-8958-C17A54585DD6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {47CCFCEC-808A-4E2E-8958-C17A54585DD6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {47CCFCEC-808A-4E2E-8958-C17A54585DD6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {47CCFCEC-808A-4E2E-8958-C17A54585DD6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-7558648-862555400-3682171913-1000 -> DefaultScope {47CCFCEC-808A-4E2E-8958-C17A54585DD6} URL =
SearchScopes: HKU\S-1-5-21-7558648-862555400-3682171913-1000 -> {47CCFCEC-808A-4E2E-8958-C17A54585DD6} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-30] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-30] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: ZeonIEEventHelper Class -> {C7DA0384-42AA-428c-B832-88AC343DE1A8} -> C:\Program Files (x86)\Nuance\PDF Create 8\Bin\GZeonIEFavClient.dll [2013-03-07] (Zeon Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Nuance PDF - {BCCE15AE-AC7E-4bc9-94AF-2A714A412BCB} - C:\Program Files (x86)\Nuance\PDF Create 8\Bin\GZeonIEFavClient.dll [2013-03-07] (Zeon Corporation)
Handler-x32: HPPUDCS - {522CC7E5-F378-4F97-8BD7-125D17F5B332} - C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\APP\hplidcsapp.dll [2013-08-07] (Hewlett-Packard Company)
Handler-x32: hppufile - {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll [2013-08-07] (Hewlett-Packard Company)
Handler-x32: hppusam - {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll [2013-08-07] (Hewlett-Packard Company)
Handler-x32: hppuzip - {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll [2013-08-07] (Hewlett-Packard Company)
Tcpip\..\Interfaces\{2F786E70-33E7-48A6-868F-A7A02016FB47}: [NameServer] 194.25.2.129,194.25.0.53
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-30] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\halifax\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\halifax\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-17]
CHR Extension: (Google Search) - C:\Users\halifax\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-17]
CHR Extension: (Gmail) - C:\Users\halifax\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-17]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-07-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-27] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
R2 FLEXlm License Manager; C:\SEFlex\Program\lmgrd.exe [1379664 2011-08-24] (Flexera Software, Inc.)
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [64552 2014-08-14] (Haufe-Lexware GmbH & Co. KG)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [Datei ist nicht signiert]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [369952 2009-09-17] (SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1246496 2009-09-17] (SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [292128 2009-09-17] (SafeNet, Inc.)
S2 Solid Edge; C:\SEFlex\Program\lmgrd.exe [1379664 2011-08-24] (Flexera Software, Inc.)
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S2 tcsd_win32.exe; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1633280 2011-02-17] () [Datei ist nicht signiert]
R2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1600000 2011-07-01] (Wave Systems Corp.) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-04] (Avira Operations GmbH & Co. KG)
R3 EvoMouseDriverFilterHidUsb; C:\Windows\System32\DRIVERS\EvoMouseDriverFilterHidUsb.sys [25144 2010-06-23] (Evoluent)
R3 EvoMouseDriverMini; C:\Windows\System32\drivers\EvoMouseDriverMini.sys [22584 2010-06-23] ()
R3 hhdspmc64; C:\Windows\System32\DRIVERS\hhdspmc64.sys [39472 2010-10-13] (HHD Software Ltd.)
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHD64.sys [1980648 2010-10-04] (Realtek Semiconductor Corp.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [58792 2009-09-17] (SafeNet, Inc.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-24 09:41 - 2015-08-24 09:41 - 00000000 ____D C:\FRST
2015-08-24 08:04 - 2015-08-24 08:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.5
2015-08-19 19:00 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 19:00 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 19:00 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 19:00 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-15 15:56 - 2015-08-15 15:56 - 00001755 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-15 15:56 - 2015-08-15 15:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-15 15:55 - 2015-08-15 15:56 - 00000000 ____D C:\Program Files\iTunes
2015-08-15 15:55 - 2015-08-15 15:55 - 00000000 ____D C:\Program Files\iPod
2015-08-15 15:55 - 2015-08-15 15:55 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-15 15:50 - 2015-08-15 15:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-08-14 17:21 - 2015-08-14 17:21 - 00000000 ____D C:\OPDE770.tmp
2015-08-12 19:07 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 19:07 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 07:41 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 07:41 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 07:41 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 07:41 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 07:41 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 07:41 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 07:41 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 07:41 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 07:41 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 07:41 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 07:41 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 07:41 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 07:41 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 07:41 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 07:41 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 07:41 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 07:41 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 07:41 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 07:41 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 07:41 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 07:41 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 07:41 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 07:41 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 07:41 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 07:41 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 07:41 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 07:41 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 07:41 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 07:41 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 07:41 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 07:41 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 07:41 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 07:41 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 07:41 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 07:41 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 07:41 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 07:41 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 07:41 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 07:41 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 07:41 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 07:41 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 07:41 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 07:41 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 07:41 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 07:41 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 07:41 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 07:41 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 07:41 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 07:41 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 07:41 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 07:41 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 07:41 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 07:41 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 07:41 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 07:41 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 07:41 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 07:41 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 07:41 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 07:41 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 07:41 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 07:41 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 07:41 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 07:41 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 07:41 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 07:41 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 07:41 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 07:41 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 07:41 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 07:41 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 07:41 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 07:41 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 07:41 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 07:41 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 07:41 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 07:41 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 07:41 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 07:41 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 07:41 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 07:41 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 07:41 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 07:41 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 07:41 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 07:41 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 07:41 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 07:41 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 07:41 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 07:41 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 07:41 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 07:41 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 07:41 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 07:41 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 07:41 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 07:41 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 07:41 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 07:41 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 07:41 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 07:41 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 07:41 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 07:41 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 07:41 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 07:41 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 07:41 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 07:41 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 07:41 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 07:41 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 07:41 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 07:40 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 07:40 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 07:40 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 07:40 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 07:40 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 07:40 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 07:40 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 07:40 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 07:40 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 07:40 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 07:40 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 07:40 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 07:40 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 07:40 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 07:40 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 07:40 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 07:40 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 07:40 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 07:40 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 07:40 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 07:40 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 07:40 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 07:40 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 07:40 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 07:40 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 07:40 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 07:40 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 07:40 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 07:40 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 07:40 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 07:40 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 07:40 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 07:40 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 07:40 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 07:40 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 07:40 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 07:40 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 07:40 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 07:40 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 07:40 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 07:40 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 07:40 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 07:40 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 07:40 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 07:40 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 07:40 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 07:40 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 07:40 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 07:40 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 07:40 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-03 14:06 - 2015-08-03 14:06 - 00000000 ____D C:\Users\halifax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jAnrufmonitor 5.0
2015-07-31 11:01 - 2015-07-31 11:01 - 00000000 _____ C:\Windows\SysWOW64\RENA354.tmp
2015-07-30 16:04 - 2015-08-24 08:19 - 00000000 ____D C:\Users\halifax\Documents\jAnrufmonitor
2015-07-30 16:04 - 2015-07-30 16:03 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-07-30 15:52 - 2015-08-03 16:03 - 00000000 ____D C:\jAnrufmonitor
2015-07-29 10:08 - 2015-07-29 10:08 - 00000000 ____D C:\OPD9CEF.tmp
2015-07-29 10:02 - 2015-07-29 10:02 - 00000000 ____D C:\OPD8FC5.tmp
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-24 09:41 - 2012-03-09 20:11 - 00000000 ____D C:\ProgramData\Temp
2015-08-24 09:40 - 2012-03-27 08:07 - 00000000 ____D C:\Users\halifax\Documents\Outlook-Dateien
2015-08-24 09:10 - 2012-04-19 07:03 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-24 08:56 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-24 08:56 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-24 08:18 - 2012-03-09 19:48 - 02061275 _____ C:\Windows\WindowsUpdate.log
2015-08-24 08:07 - 2013-04-26 00:16 - 00000000 ____D C:\Users\halifax\AppData\Local\D7E2E047-CDE4-4C8C-8E69-30E9564F9814.aplzod
2015-08-24 08:05 - 2015-07-04 19:28 - 00000000 ___RD C:\Users\halifax\iCloudDrive
2015-08-24 08:04 - 2013-11-11 18:27 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0 S-Edition
2015-08-24 08:03 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-24 08:03 - 2009-07-14 06:51 - 00099153 _____ C:\Windows\setupact.log
2015-08-20 09:05 - 2012-04-14 14:25 - 00007626 _____ C:\Users\halifax\AppData\Local\Resmon.ResmonCfg
2015-08-20 06:31 - 2012-03-16 15:21 - 00003554 _____ C:\Windows\Sandboxie.ini
2015-08-19 19:38 - 2014-09-26 09:37 - 00000000 ____D C:\Users\halifax\Documents\OneNote-Notizbücher
2015-08-19 06:51 - 2015-01-11 20:31 - 00002783 _____ C:\Users\Public\Desktop\Lexware financial office.lnk
2015-08-19 06:51 - 2012-03-24 11:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2015-08-15 15:55 - 2014-10-26 13:40 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-08-15 15:55 - 2013-04-26 00:14 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-14 14:46 - 2012-03-24 11:05 - 00000000 ____D C:\ProgramData\Lexware
2015-08-14 14:39 - 2014-02-03 15:58 - 00000000 ____D C:\Users\halifax\AppData\Roaming\apsec
2015-08-12 21:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-12 19:50 - 2014-02-03 15:45 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-12 19:25 - 2009-07-14 06:45 - 00428920 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 19:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-08-12 19:03 - 2013-10-06 17:26 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 19:01 - 2012-03-19 10:59 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 15:10 - 2012-04-19 07:03 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 15:10 - 2012-04-19 07:03 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-12 15:10 - 2012-03-09 19:50 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-09 18:07 - 2010-11-21 08:50 - 00700168 _____ C:\Windows\system32\perfh007.dat
2015-08-09 18:07 - 2010-11-21 08:50 - 00148964 _____ C:\Windows\system32\perfc007.dat
2015-08-09 18:07 - 2009-07-14 07:13 - 01621308 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-04 08:47 - 2012-08-01 08:11 - 00000000 ____D C:\Users\halifax\Documents\HPrintJobsStorage
2015-08-03 08:24 - 2012-04-14 17:05 - 00000000 ____D C:\Temp
2015-07-31 11:01 - 2012-03-09 20:01 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-30 16:03 - 2012-03-09 20:02 - 00000000 ____D C:\Program Files\Java
2015-07-30 15:48 - 2013-04-25 21:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-27 07:21 - 2013-04-25 21:50 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-27 07:21 - 2013-04-25 21:50 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-10-14 18:14 - 2013-11-19 18:23 - 0000600 _____ () C:\Users\halifax\AppData\Local\PUTTY.RND
2012-04-14 14:25 - 2015-08-20 09:05 - 0007626 _____ () C:\Users\halifax\AppData\Local\Resmon.ResmonCfg
2012-04-14 13:13 - 2012-04-14 13:13 - 0000000 _____ () C:\Users\halifax\AppData\Local\rx_image32.Cache
Einige Dateien in TEMP:
====================
C:\Users\halifax\AppData\Local\Temp\2f0y5zym.dll
C:\Users\halifax\AppData\Local\Temp\440cauy2.dll
C:\Users\halifax\AppData\Local\Temp\AskSLib.dll
C:\Users\halifax\AppData\Local\Temp\avgnt.exe
C:\Users\halifax\AppData\Local\Temp\d15xynna.dll
C:\Users\halifax\AppData\Local\Temp\d2zqqsiw.dll
C:\Users\halifax\AppData\Local\Temp\elrflwjo.dll
C:\Users\halifax\AppData\Local\Temp\hjrjrab2.dll
C:\Users\halifax\AppData\Local\Temp\hqrtvn0d.dll
C:\Users\halifax\AppData\Local\Temp\jna2327170774945663529.dll
C:\Users\halifax\AppData\Local\Temp\jna2942623285527526049.dll
C:\Users\halifax\AppData\Local\Temp\jna2966852472924258017.dll
C:\Users\halifax\AppData\Local\Temp\jna3509224287271611035.dll
C:\Users\halifax\AppData\Local\Temp\jna3623595637707095902.dll
C:\Users\halifax\AppData\Local\Temp\jna3865426379731306127.dll
C:\Users\halifax\AppData\Local\Temp\jna4668421206740494391.dll
C:\Users\halifax\AppData\Local\Temp\jna4696705230850570242.dll
C:\Users\halifax\AppData\Local\Temp\jna6140871373146773400.dll
C:\Users\halifax\AppData\Local\Temp\jna6289084436984220030.dll
C:\Users\halifax\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\halifax\AppData\Local\Temp\jre-7u3-windows-i586-iftw.exe
C:\Users\halifax\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe
C:\Users\halifax\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\halifax\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\halifax\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\halifax\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\halifax\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\halifax\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\halifax\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\halifax\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\halifax\AppData\Local\Temp\LMkRstPt.exe
C:\Users\halifax\AppData\Local\Temp\neoSearch64.exe
C:\Users\halifax\AppData\Local\Temp\repair4.exe
C:\Users\halifax\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\halifax\AppData\Local\Temp\sdpm3h2n.dll
C:\Users\halifax\AppData\Local\Temp\Setup.exe
C:\Users\halifax\AppData\Local\Temp\vcredist_x64.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-23 15:22
==================== Ende von Ergebnis ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-08-2015
durchgeführt von halifax (2015-08-24 09:42:15)
Gestartet von F:\Software\Farbar Recovery Scan Tool
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-7558648-862555400-3682171913-500 - Administrator - Disabled)
Gast (S-1-5-21-7558648-862555400-3682171913-501 - Limited - Disabled)
halifax (S-1-5-21-7558648-862555400-3682171913-1000 - Administrator - Enabled) => C:\Users\halifax
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-7558648-862555400-3682171913-1000\...\Amazon Amazon Music) (Version: 3.8.1.754 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}) (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 1.6.10.1246 - Avira Operations GmbH & Co. KG)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BioAPI Framework (Version: 1.0.2 - Dell Inc.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.8.0.1 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.9.0.6 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.8.0.17 - Canon Inc.)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities MyCamera DC (HKLM-x32\...\MyCameraDC) (Version: 7.2.0.5 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.8.0.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.9.0.1 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.6.0.15 - Canon Inc.)
cobra Adress PLUS 8.0 (HKLM-x32\...\Adress PLUS 8.0 deinstall) (Version: - )
CrystalDiskInfo 6.0.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.0.1 - Crystal Dew World)
Custom (Version: 01.00.00.000 - Wave Systems Corp.) Hidden
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.4418 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
dakota.ag (HKLM-x32\...\dakota.ag) (Version: 6.0.30 - ITSG GmbH)
dakota.ag (x32 Version: 6.0.30 - ITSG GmbH) Hidden
Data Lifeguard Diagnostic for Windows 1.24 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
Dell Data Protection | Access (HKLM-x32\...\{A7D91856-258D-4C87-8041-B170851CE432}) (Version: 2.1.00001.002 - Dell Inc.)
Dell Data Protection | Access (Version: 02.01.01.002 - Wave Systems Corp) Hidden
Dell Data Protection | Access | Drivers (HKLM-x32\...\{4E4E65EE-C456-45AC-B5AD-C62C3A325BD0}) (Version: 2.01.018 - Dell Inc.)
Dell Data Protection | Access | Middleware (HKLM-x32\...\{841CBDD5-4BB5-403E-AEE3-2FADC3890BE8}) (Version: 2.01.010 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
DellAccess (Version: 01.01.00.072 - Wave Systems Corp.) Hidden
Device IP Utility 5.0.1 (HKLM-x32\...\Device IP Utility) (Version: 5.0.1 - Schneider Electric)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular 13.1.1.8531k) (Version: 16.0.15910 - Landesfinanzdirektion Thüringen)
EMBASSY Security Center (Version: 04.03.00.121 - Wave Systems Corp.) Hidden
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Evoluent Mouse Manager (HKLM\...\{0F8F4447-1F0B-4703-9BD5-53F0274CE856}) (Version: 4.0.0 - Evoluent)
FileZilla Client 3.7.2 (HKLM-x32\...\FileZilla Client) (Version: 3.7.2 - Tim Kosse)
FluidDraw S5 Version 5.3e (HKLM-x32\...\FluidDraw S5 Version 5.3e) (Version: - )
Gemalto (Version: 01.64.01.0010 - Wave Systems Corp) Hidden
HD Tune Pro 5.50 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HP Designjet ePrint & Share (HKLM-x32\...\{4D1B7E4E-47B1-40E3-9E15-C50E42D81610}) (Version: 1.0.7 - Hewlett-Packard)
HP Designjet T790 und T1300-Druckerserie (HKLM-x32\...\HPDesignjetT790) (Version: - Hewlett-Packard Co.)
HP ICC Profiles_x64 (HKLM\...\{30507920-BC51-470E-B4D8-D6E7251AA7C9}) (Version: 2.0.0 - Hewlett Packard, Co.)
HP Proactive Services (HKLM-x32\...\{7527CD9F-894E-47B3-9AFB-3E680E007051}) (Version: 1.6.0.37 - Ihr Firmenname)
HP Utility (HKLM-x32\...\{16A5318F-B334-428A-BFEA-16BFB1E3EE27}) (Version: 1.16.2.0 - Hewlett-Packard)
HP Webregistrierung (HKLM-x32\...\{167AA1D5-8412-44BC-A003-B7A3662D1CE2}) (Version: 1.3.0.0 - Hewlett Packard, Co.)
HP Webregistrierung (HKLM-x32\...\{D2FF897E-4A99-446E-8BB4-DD99CD496838}) (Version: 1.2.0.0 - Hewlett Packard, Co.)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
IndraSize UnInstall (HKLM-x32\...\{DC7F039D-27B9-468B-B7D4-12B55F7CB855}) (Version: 05V13 - Bosch-Rexroth)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Network Connections 15.7.176.1 (HKLM\...\PROSetDX) (Version: 15.7.176.1 - Intel)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
jAnrufmonitor 5.0 (HKLM-x32\...\jam50-64) (Version: - Thilo Brandt)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lexware Elster (x32 Version: 15.23.00.0023 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster 2015 (HKLM-x32\...\{3a5efc01-edc5-45bd-bd13-dec736cdc85d}) (Version: 15.23.0.23 - Haufe-Lexware GmbH & Co.KG)
Lexware financial office 2015 (x32 Version: 19.52.00.0286 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware financial office plus 2015 (HKLM-x32\...\{52030eba-338c-4953-867d-005d3ca7a6f6}) (Version: 19.4.0.134 - Haufe-Lexware GmbH & Co.KG)
Lexware Info Service (x32 Version: 5.00.00.0044 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst (x32 Version: 4.00.00.0005 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware online banking (x32 Version: 22.00.00.0035 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware PDF-Export 5 (x32 Version: 5.00.00.0005 - Haufe-Lexware GmbH & Co.KG) Hidden
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 Primary Interop Assemblies (HKLM-x32\...\{90140000-1105-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1024 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Connector/ODBC 3.51 (HKLM-x32\...\{BBFD9BC5-BB9A-4F9C-AD77-0BE3897FFE0F}) (Version: 3.51.30 - Oracle Corporation)
NTRU TCG Software Stack (Version: 2.1.36 - Security Innovation, Inc.) Hidden
Nuance OmniPage Ultimate (HKLM-x32\...\{419512F9-D5E7-4ED2-BF99-E7F2C0176B6A}) (Version: 19.00.0000 - Nuance Communications, Inc.)
Nuance PDF Create 8 (HKLM\...\{D8AD8411-A273-4560-B756-A418ED4910AD}) (Version: 8.10.6293 - Nuance Communications, Inc.)
Nuance PDF Create 8 (HKLM-x32\...\{D8AD8411-A273-4560-B756-A418ED4910AD}) (Version: 8.10.6293 - Nuance Communications, Inc.)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5929 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\NVIDIA nView Desktop Manager) (Version: 6.14.10.13534 - NVIDIA Corporation)
Office Manager DMS (HKLM-x32\...\{753524E2-ABF5-4494-B272-4C12C6A0C9C1}) (Version: 13.0 - Softwarebüro Krekeler)
PC-CCID (Version: 2.0.0 - Gemalto) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Preboot Manager (Version: 03.03.00.074 - Wave Systems Corp.) Hidden
Private Information Manager (Version: 07.01.00.022 - Wave Systems Corp.) Hidden
QNAP Qfinder (HKLM-x32\...\QNAP_FINDER) (Version: 4.0.1.0530 - QNAP Systems, Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5883 - Realtek Semiconductor Corp.)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Sandboxie 4.12 (64-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
Scansoft PDF Create (x32 Version: - ) Hidden
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.7 - Seagate Technology)
Sentinel Protection Installer 7.6.1 (HKLM-x32\...\{7B1AA2AB-ACD2-45C7-B1B1-364BEA40615F}) (Version: 7.6.1 - SafeNet, Inc.)
SerialMon (HKLM-x32\...\SerialMon) (Version: 1.5 - Joakim Ögren)
Solid Edge License Manager (HKLM-x32\...\{1AC414BD-ADD0-4694-AE59-76D4606A74FA}) (Version: 104.00.00082 - Siemens)
Solid Edge ST4 (HKLM\...\{DE02B016-E096-437F-8D96-853BB36011D5}) (Version: 104.00.0405 - Siemens)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
SPBA 5.9 (Version: 5.9.4.6686 - UPEK Inc.) Hidden
StarMoney (x32 Version: 3.0.3.19 - StarFinanz) Hidden
StarMoney (x32 Version: 4.0.1.51 - StarFinanz) Hidden
StarMoney 8.0 S-Edition (HKLM-x32\...\{E509C158-BCB2-4B27-91D7-F3E172E77CD8}) (Version: 8.0 - Star Finanz GmbH)
StarMoney 9.0 S-Edition (HKLM-x32\...\{D4DAF13D-EF53-4901-880A-FD237805F7E9}) (Version: 9.0 - Star Finanz GmbH)
sv.net (HKLM-x32\...\sv.net) (Version: 15.0 - ITSG GmbH)
Trusted Drive Manager (Version: 4.1.1.312 - Wave Systems Corp.) Hidden
Upek Touchchip Fingerprint Reader (Version: 1.2.004 - Dell Inc.) Hidden
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Wave Infrastructure Installer (Version: 07.67.17.0010 - Wave Systems Corp) Hidden
Wave Support Software Installer (Version: 05.13.00.033 - Wave Systems Corp) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Dell Inc. PBADRV System (09/11/2009 1.0.1.6) (HKLM\...\9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 - Dell Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-7558648-862555400-3682171913-1000_Classes\CLSID\{91B5EC94-B557-3F93-4138-447DEDD09CFA}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
19-08-2015 19:00:16 Windows Update
24-08-2015 09:08:42 Windows-Sicherung
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {2DD31D32-591F-4E74-B45E-916BEBD51568} - System32\Tasks\{9DA1481C-C6F1-4FCA-AD8A-DFF495686979} => pcalua.exe -a C:\Temp\IndraWorks_MLC_XLC_13V14_P4.exe -d C:\Temp
Task: {433385B7-C710-4B50-AE30-3675E779D58A} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [2015-06-17] (Avira Operations GmbH & Co. KG)
Task: {5D8DB72E-4283-43FE-92F0-A8FA1287B740} - System32\Tasks\{8033C38D-5C13-4CCD-AB98-E6B0C84D4777} => pcalua.exe -a F:\Software\IndraSize\IndraSize05V13\setup.exe -d F:\Software\IndraSize\IndraSize05V13
Task: {74D3276A-3215-4222-AFBE-056789CCF943} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {845BCCEB-7B73-482A-B8C0-DD5DCF1EB0DE} - System32\Tasks\iSCSIAgentAutoStartup => C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe [2013-05-30] ()
Task: {8E177339-B294-420D-A80C-C3B5F1F994CF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {E779A90D-703A-4A04-B472-E10B27BC4571} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-11 19:42 - 2013-05-30 05:50 - 01739472 _____ () C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-11-11 00:53 - 2010-11-11 00:53 - 00817136 _____ () C:\Program Files\Roxio\Roxio Burn\RBVirtualFolder64.dll
2011-10-07 11:39 - 2011-10-07 11:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2010-11-17 12:35 - 2010-11-17 12:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
2015-05-28 14:21 - 2015-05-28 14:21 - 00163328 ____N () C:\jAnrufmonitor\jam.exe
2012-03-09 18:43 - 2010-08-05 02:13 - 00615016 _____ () C:\Program Files\NVIDIA Corporation\nView\nvshell.dll
2013-04-25 22:00 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\PATCHW32.dll
2014-08-01 13:47 - 2011-01-13 12:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\PATCHW32.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2010-11-25 00:44 - 2010-11-25 00:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
2014-09-11 15:09 - 2014-09-11 15:09 - 00176168 _____ () C:\Program Files (x86)\Lexware\Update Manager\Haufe.Core.Diagnostics.Logging.Targets.Etw.dll
2014-09-11 15:09 - 2014-09-11 15:09 - 00043048 _____ () C:\Program Files (x86)\Lexware\Update Manager\Haufe.Core.Diagnostics.Etw.dll
2014-10-16 06:59 - 2014-10-16 06:59 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2012-03-09 20:02 - 2010-11-06 01:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-03-26 18:20 - 1996-11-28 02:15 - 00022016 _____ () C:\Windows\SysWow64\docobj.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:A303874F
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-7558648-862555400-3682171913-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\halifax\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 194.25.2.129 - 194.25.0.53
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{690D2044-3750-4FAE-AA5B-4A3AD18F30D4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{52F2585E-182C-41DD-A86D-C81A52FC020B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{0515819B-E9D5-416C-B37F-B543AF6489D5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{75A9ED0B-423D-4400-A369-0E4E5A94E7DC}] => (Allow) LPort=2869
FirewallRules: [{28193488-4CF8-4707-A53A-92136AA67BEA}] => (Allow) LPort=1900
FirewallRules: [{8BABCDDA-5431-4E0F-821F-850E50B91817}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{106F9538-AE88-43CB-8A74-BEE107893323}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{5CA28E36-148A-46F4-9392-E68F8D166144}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
FirewallRules: [{5B70E74C-79D8-4B84-97FE-13F0FA3BFCCC}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
FirewallRules: [{B15A4386-B32C-43A1-9B94-8AD2889F74CA}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
FirewallRules: [{67BBD391-1A78-4091-ADD2-D22983F73ED7}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
FirewallRules: [{55ED23A0-CC0A-4A33-B226-6BF57670EC80}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{5E71751B-860D-4BD6-BBCF-B66EEBC37F61}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{47477BB7-62CA-410A-9B1D-FB06936175F1}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 S-Edition\app\StarMoney.exe
FirewallRules: [{1139DD44-5175-4F72-81DA-9570AB688ADD}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 S-Edition\app\StarMoney.exe
FirewallRules: [{EEA6B35A-611C-4523-BF14-307321760F62}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{078E76DE-EDF5-4130-AECD-F793DAD68272}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{832D7A5D-D5F3-4C35-8ED8-18FD9A8C21F7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{19AA0670-73F6-4B4E-9D70-59213A8558EC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C7F11AE5-5BD8-4734-9BA7-D4BCAD27A08F}] => (Allow) C:\Program Files\Hewlett-Packard\HP ePrintAndShare\InstantPrinting\HPePrintAndShare.exe
FirewallRules: [{B95BEB42-CD5F-4197-877F-144AF10E53FA}] => (Allow) C:\Program Files\Hewlett-Packard\HP ePrintAndShare\InstantPrinting\HPePrintAndShare.exe
FirewallRules: [{3CD50C49-ABA4-4191-90A4-45C0DEA3197E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Instant Printing 3\PrintingTool\HPInstantPrinting.exe
FirewallRules: [{013EFAF9-F0A4-4B8F-A531-3DA1BD416262}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Instant Printing 3\PrintingTool\HPInstantPrinting.exe
FirewallRules: [{FBB85792-A01F-420A-965D-A089728BB484}] => (Allow) C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{ABE00138-2AD9-4842-833F-43AFB549FD84}] => (Allow) C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{83B50F79-6950-4CE0-891F-A9FEF0A53CEB}] => (Allow) C:\Program Files (x86)\StarMoney 9.0 S-Edition\app\StarMoney.exe
FirewallRules: [{C08A0187-F8C2-4872-9ED4-BA56DD084BFC}] => (Allow) C:\Program Files (x86)\StarMoney 9.0 S-Edition\app\StarMoney.exe
FirewallRules: [{4EC39FB5-F4C6-4AEE-9BCA-5E021F137FD5}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{9E11221C-4F55-4AFE-B228-1CC4ADCD03A3}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{53A4902B-F892-42CF-A226-10E65436690F}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe
FirewallRules: [{4BAF5164-4332-4E2C-A1C0-D84D828D6639}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe
FirewallRules: [{87848E80-B3CA-4A4C-8DFB-0CE2DFFB9421}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\PPMV.exe
FirewallRules: [{5AC70F0E-1D9C-4C10-AC82-87AA6AE06088}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\PPMV.exe
FirewallRules: [{3DB350F9-3D27-43F2-8F0E-9D875AF0EF15}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe
FirewallRules: [{986BC64A-E608-40F7-870D-7BA77CAEB830}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe
FirewallRules: [{3BA6D9CF-B1B9-4C1C-8FF7-D6CA23A20DE0}] => (Allow) C:\Program Files\iTunes\iTunes.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\HPPU.exe] => Enabled:HP Printer Utility HPPURun
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\HPPU.exe] => Enabled:HP Printer Utility HPPURun
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: PS/2-kompatible Maus
Description: PS/2-kompatible Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/24/2015 08:06:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HPPUDH.exe, Version: 1.16.2.0, Zeitstempel: 0x52021513
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a69e20
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ced0b
ID des fehlerhaften Prozesses: 0x10e0
Startzeit der fehlerhaften Anwendung: 0xHPPUDH.exe0
Pfad der fehlerhaften Anwendung: HPPUDH.exe1
Pfad des fehlerhaften Moduls: HPPUDH.exe2
Berichtskennung: HPPUDH.exe3
Error: (08/24/2015 08:04:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/23/2015 01:12:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/21/2015 07:33:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HPPUDH.exe, Version: 1.16.2.0, Zeitstempel: 0x52021513
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a69e20
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ced0b
ID des fehlerhaften Prozesses: 0xb04
Startzeit der fehlerhaften Anwendung: 0xHPPUDH.exe0
Pfad der fehlerhaften Anwendung: HPPUDH.exe1
Pfad des fehlerhaften Moduls: HPPUDH.exe2
Berichtskennung: HPPUDH.exe3
Error: (08/21/2015 07:31:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/20/2015 06:29:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/19/2015 06:43:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HPPUDH.exe, Version: 1.16.2.0, Zeitstempel: 0x52021513
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a69e20
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ced0b
ID des fehlerhaften Prozesses: 0x13c0
Startzeit der fehlerhaften Anwendung: 0xHPPUDH.exe0
Pfad der fehlerhaften Anwendung: HPPUDH.exe1
Pfad des fehlerhaften Moduls: HPPUDH.exe2
Berichtskennung: HPPUDH.exe3
Error: (08/19/2015 06:41:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/18/2015 06:46:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/17/2015 07:01:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HPPUDH.exe, Version: 1.16.2.0, Zeitstempel: 0x52021513
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a69e20
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ced0b
ID des fehlerhaften Prozesses: 0x70c
Startzeit der fehlerhaften Anwendung: 0xHPPUDH.exe0
Pfad der fehlerhaften Anwendung: HPPUDH.exe1
Pfad des fehlerhaften Moduls: HPPUDH.exe2
Berichtskennung: HPPUDH.exe3
Systemfehler:
=============
Error: (08/24/2015 09:22:41 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (08/24/2015 09:22:41 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (08/24/2015 08:03:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NTRU TSS v1.2.1.36 TCS" ist vom Dienst "TPM-Basisdienste" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%0
Error: (08/23/2015 05:27:50 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (08/23/2015 05:27:50 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (08/23/2015 05:27:26 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (08/23/2015 05:27:25 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (08/23/2015 04:53:25 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 20.
Error: (08/23/2015 04:49:53 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Error: (08/23/2015 04:49:52 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.
Microsoft Office:
=========================
Error: (08/24/2015 08:06:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HPPUDH.exe1.16.2.052021513ntdll.dll6.1.7601.1893355a69e20c0000374000ced0b10e001d0de32ce6dece6C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDH.exeC:\Windows\SysWOW64\ntdll.dll3f0f88e6-4a26-11e5-b238-d4bed994502a
Error: (08/24/2015 08:04:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/23/2015 01:12:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/21/2015 07:33:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HPPUDH.exe1.16.2.052021513ntdll.dll6.1.7601.1893355a69e20c0000374000ced0bb0401d0dbd2bc874901C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDH.exeC:\Windows\SysWOW64\ntdll.dll2df2f1da-47c6-11e5-a315-d4bed994502a
Error: (08/21/2015 07:31:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/20/2015 06:29:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/19/2015 06:43:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HPPUDH.exe1.16.2.052021513ntdll.dll6.1.7601.1893355a69e20c0000374000ced0b13c001d0da39532f707dC:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDH.exeC:\Windows\SysWOW64\ntdll.dllca9ae016-462c-11e5-b370-d4bed994502a
Error: (08/19/2015 06:41:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/18/2015 06:46:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/17/2015 07:01:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HPPUDH.exe1.16.2.052021513ntdll.dll6.1.7601.1893355a69e20c0000374000ced0b70c01d0d8a9a2b51482C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDH.exeC:\Windows\SysWOW64\ntdll.dll1569d180-449d-11e5-993f-d4bed994502a
==================== Speicherinformationen ===========================
Processor: Intel(R) Xeon(R) CPU E31270 @ 3.40GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 16341.02 MB
Verfügbarer physikalischer RAM: 12531.43 MB
Summe virtueller Speicher: 144339.22 MB
Verfügbarer virtueller Speicher: 139815.63 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:464.98 GB) (Free:369.43 GB) NTFS
Drive d: (DATAPART1) (Fixed) (Total:465.75 GB) (Free:89.4 GB) NTFS
Drive e: (12 Mrz 2015) (CDROM) (Total:4.38 GB) (Free:3.91 GB) UDF
Drive f: (SAMSUNG) (Fixed) (Total:465.76 GB) (Free:131.38 GB) NTFS
Drive k: () (Network) (Total:3695.18 GB) (Free:3480.89 GB)
Drive n: () (Network) (Total:3695.18 GB) (Free:3480.89 GB)
Drive p: () (Network) (Total:3695.18 GB) (Free:3480.89 GB)
Drive q: () (Network) (Total:3695.18 GB) (Free:3480.89 GB)
Drive r: () (Network) (Total:3696.66 GB) (Free:2314.66 GB)
Drive s: () (Network) (Total:3695.18 GB) (Free:3480.89 GB)
Drive t: () (Network) (Total:3695.18 GB) (Free:3480.89 GB)
Drive u: () (Network) (Total:3695.18 GB) (Free:3480.89 GB)
Drive w: () (Network) (Total:3695.18 GB) (Free:3480.89 GB)
Drive y: () (Network) (Total:3695.18 GB) (Free:3480.89 GB)
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 55DA09CC)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=752 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=465 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 55DA09F1)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: AC736292)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Ende von Ergebnis ============================
|
|
24.08.2015, 15:30
| #4 |
| /// the machine /// TB-Ausbilder | Spammail durch meinen Account hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.08.2015, 16:59
| #5 |
| | Spammail durch meinen Account Hallo, vielen Dank für die schnelle Hilfe. Hier die Ergebnisse: MBAR hat nichts gefunden, cleanup musste nicht ausgeführt werden. Daher auch keine Logdatei zum Posten. TDSSKIller: Code:
ATTFilter 17:33:44.0959 0x0948 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
17:34:13.0204 0x0948 ============================================================
17:34:13.0204 0x0948 Current date / time: 2015/08/24 17:34:13.0204
17:34:13.0204 0x0948 SystemInfo:
17:34:13.0204 0x0948
17:34:13.0204 0x0948 OS Version: 6.1.7601 ServicePack: 1.0
17:34:13.0204 0x0948 Product type: Workstation
17:34:13.0204 0x0948 ComputerName: MIRACULIX
17:34:13.0205 0x0948 UserName: halifax
17:34:13.0205 0x0948 Windows directory: C:\Windows
17:34:13.0205 0x0948 System windows directory: C:\Windows
17:34:13.0205 0x0948 Running under WOW64
17:34:13.0205 0x0948 Processor architecture: Intel x64
17:34:13.0205 0x0948 Number of processors: 8
17:34:13.0205 0x0948 Page size: 0x1000
17:34:13.0205 0x0948 Boot type: Normal boot
17:34:13.0205 0x0948 ============================================================
17:34:13.0661 0x0948 KLMD registered as C:\Windows\system32\drivers\84346187.sys
17:34:13.0898 0x0948 System UUID: {85998D8C-47D4-41B3-2DD4-45CA71E610EC}
17:34:14.0152 0x0948 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:34:14.0153 0x0948 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:34:14.0159 0x0948 Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:34:14.0163 0x0948 ============================================================
17:34:14.0163 0x0948 \Device\Harddisk0\DR0:
17:34:14.0163 0x0948 MBR partitions:
17:34:14.0163 0x0948 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x178000
17:34:14.0163 0x0948 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x18C000, BlocksNum 0x3A1F8000
17:34:14.0163 0x0948 \Device\Harddisk1\DR1:
17:34:14.0163 0x0948 MBR partitions:
17:34:14.0163 0x0948 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x2000, BlocksNum 0x3A382000
17:34:14.0163 0x0948 \Device\Harddisk2\DR2:
17:34:14.0164 0x0948 MBR partitions:
17:34:14.0164 0x0948 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x40, BlocksNum 0x3A384C01
17:34:14.0164 0x0948 ============================================================
17:34:14.0195 0x0948 C: <-> \Device\Harddisk0\DR0\Partition2
17:34:14.0197 0x0948 D: <-> \Device\Harddisk1\DR1\Partition1
17:34:14.0198 0x0948 F: <-> \Device\Harddisk2\DR2\Partition1
17:34:14.0198 0x0948 ============================================================
17:34:14.0198 0x0948 Initialize success
17:34:14.0198 0x0948 ============================================================
17:34:41.0648 0x1a14 ============================================================
17:34:41.0648 0x1a14 Scan started
17:34:41.0648 0x1a14 Mode: Manual; SigCheck; TDLFS;
17:34:41.0648 0x1a14 ============================================================
17:34:41.0648 0x1a14 KSN ping started
17:34:44.0412 0x1a14 KSN ping finished: true
17:34:45.0588 0x1a14 ================ Scan system memory ========================
17:34:45.0588 0x1a14 System memory - ok
17:34:45.0589 0x1a14 ================ Scan services =============================
17:34:45.0733 0x1a14 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:34:45.0806 0x1a14 1394ohci - ok
17:34:45.0836 0x1a14 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:34:45.0849 0x1a14 ACPI - ok
17:34:45.0860 0x1a14 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:34:45.0877 0x1a14 AcpiPmi - ok
17:34:45.0960 0x1a14 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:34:45.0979 0x1a14 AdobeARMservice - ok
17:34:46.0109 0x1a14 [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:34:46.0119 0x1a14 AdobeFlashPlayerUpdateSvc - ok
17:34:46.0153 0x1a14 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:34:46.0168 0x1a14 adp94xx - ok
17:34:46.0192 0x1a14 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:34:46.0205 0x1a14 adpahci - ok
17:34:46.0217 0x1a14 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:34:46.0226 0x1a14 adpu320 - ok
17:34:46.0253 0x1a14 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:34:46.0287 0x1a14 AeLookupSvc - ok
17:34:46.0345 0x1a14 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
17:34:46.0363 0x1a14 AFD - ok
17:34:46.0383 0x1a14 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
17:34:46.0390 0x1a14 agp440 - ok
17:34:46.0399 0x1a14 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
17:34:46.0415 0x1a14 ALG - ok
17:34:46.0425 0x1a14 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
17:34:46.0432 0x1a14 aliide - ok
17:34:46.0445 0x1a14 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
17:34:46.0452 0x1a14 amdide - ok
17:34:46.0462 0x1a14 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:34:46.0470 0x1a14 AmdK8 - ok
17:34:46.0479 0x1a14 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:34:46.0498 0x1a14 AmdPPM - ok
17:34:46.0516 0x1a14 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:34:46.0525 0x1a14 amdsata - ok
17:34:46.0554 0x1a14 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:34:46.0564 0x1a14 amdsbs - ok
17:34:46.0573 0x1a14 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:34:46.0580 0x1a14 amdxata - ok
17:34:46.0699 0x1a14 [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
17:34:46.0722 0x1a14 AntiVirMailService - ok
17:34:46.0772 0x1a14 [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:34:46.0785 0x1a14 AntiVirSchedulerService - ok
17:34:46.0832 0x1a14 [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:34:46.0845 0x1a14 AntiVirService - ok
17:34:46.0896 0x1a14 [ F857D22CEC14854D310C5596C8CE6006, 67448C506D3171D327A6CE3952E41BDC65587FEB45F510160A1DAFCA9491711E ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
17:34:46.0922 0x1a14 AntiVirWebService - ok
17:34:46.0958 0x1a14 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
17:34:46.0997 0x1a14 AppID - ok
17:34:47.0010 0x1a14 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:34:47.0024 0x1a14 AppIDSvc - ok
17:34:47.0059 0x1a14 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
17:34:47.0079 0x1a14 Appinfo - ok
17:34:47.0205 0x1a14 [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:34:47.0213 0x1a14 Apple Mobile Device Service - ok
17:34:47.0253 0x1a14 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
17:34:47.0278 0x1a14 AppMgmt - ok
17:34:47.0303 0x1a14 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
17:34:47.0310 0x1a14 arc - ok
17:34:47.0323 0x1a14 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:34:47.0330 0x1a14 arcsas - ok
17:34:47.0428 0x1a14 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:34:47.0437 0x1a14 aspnet_state - ok
17:34:47.0441 0x1a14 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:34:47.0489 0x1a14 AsyncMac - ok
17:34:47.0535 0x1a14 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
17:34:47.0543 0x1a14 atapi - ok
17:34:47.0594 0x1a14 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:34:47.0643 0x1a14 AudioEndpointBuilder - ok
17:34:47.0657 0x1a14 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:34:47.0675 0x1a14 AudioSrv - ok
17:34:47.0750 0x1a14 [ 24843902369DC82B4691F816F08F2938, 330E22C6007B10FE9C232BBCA2F388ADA17DEDBAA11BEC2A70377A4466DFB6FA ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
17:34:47.0761 0x1a14 avgntflt - ok
17:34:47.0780 0x1a14 [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
17:34:47.0789 0x1a14 avipbb - ok
17:34:47.0893 0x1a14 [ 4B3DBF1CEBE1B2346BF2F8D2251F641A, CDC5BCA35BE658007E29E94E7FBFAA499B50929E738A12904397D16268C6FBAE ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
17:34:47.0904 0x1a14 Avira.ServiceHost - ok
17:34:47.0937 0x1a14 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
17:34:47.0944 0x1a14 avkmgr - ok
17:34:47.0989 0x1a14 [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
17:34:47.0996 0x1a14 avnetflt - ok
17:34:48.0024 0x1a14 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:34:48.0044 0x1a14 AxInstSV - ok
17:34:48.0082 0x1a14 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:34:48.0116 0x1a14 b06bdrv - ok
17:34:48.0146 0x1a14 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:34:48.0159 0x1a14 b57nd60a - ok
17:34:48.0268 0x1a14 [ 5F685973740F289BE3C809952DB8408B, 4C0A0C06BB2B6B1879A860B0D68289A55F80CF74947FCCE7815F1D8121232F62 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe
17:34:48.0279 0x1a14 BBSvc - ok
17:34:48.0310 0x1a14 [ 76F78018F45E7F92164CEA5020176933, 76E1CA6E198417F3749864721C43913189A7EA07B5ED320DE543B2037CEA3D65 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
17:34:48.0321 0x1a14 BBUpdate - ok
17:34:48.0338 0x1a14 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
17:34:48.0347 0x1a14 BDESVC - ok
17:34:48.0357 0x1a14 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
17:34:48.0388 0x1a14 Beep - ok
17:34:48.0457 0x1a14 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
17:34:48.0517 0x1a14 BFE - ok
17:34:48.0555 0x1a14 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
17:34:48.0613 0x1a14 BITS - ok
17:34:48.0636 0x1a14 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:34:48.0645 0x1a14 blbdrive - ok
17:34:48.0697 0x1a14 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:34:48.0722 0x1a14 Bonjour Service - ok
17:34:48.0759 0x1a14 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:34:48.0768 0x1a14 bowser - ok
17:34:48.0782 0x1a14 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:34:48.0791 0x1a14 BrFiltLo - ok
17:34:48.0798 0x1a14 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:34:48.0808 0x1a14 BrFiltUp - ok
17:34:48.0860 0x1a14 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
17:34:48.0878 0x1a14 Browser - ok
17:34:48.0894 0x1a14 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:34:48.0916 0x1a14 Brserid - ok
17:34:48.0930 0x1a14 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:34:48.0940 0x1a14 BrSerWdm - ok
17:34:48.0951 0x1a14 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:34:48.0966 0x1a14 BrUsbMdm - ok
17:34:48.0969 0x1a14 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:34:48.0976 0x1a14 BrUsbSer - ok
17:34:48.0988 0x1a14 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:34:49.0005 0x1a14 BTHMODEM - ok
17:34:49.0043 0x1a14 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
17:34:49.0078 0x1a14 bthserv - ok
17:34:49.0100 0x1a14 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:34:49.0129 0x1a14 cdfs - ok
17:34:49.0166 0x1a14 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:34:49.0176 0x1a14 cdrom - ok
17:34:49.0197 0x1a14 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
17:34:49.0219 0x1a14 CertPropSvc - ok
17:34:49.0240 0x1a14 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
17:34:49.0255 0x1a14 circlass - ok
17:34:49.0292 0x1a14 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
17:34:49.0307 0x1a14 CLFS - ok
17:34:49.0380 0x1a14 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:34:49.0388 0x1a14 clr_optimization_v2.0.50727_32 - ok
17:34:49.0429 0x1a14 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:34:49.0438 0x1a14 clr_optimization_v2.0.50727_64 - ok
17:34:49.0484 0x1a14 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:34:49.0493 0x1a14 clr_optimization_v4.0.30319_32 - ok
17:34:49.0518 0x1a14 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:34:49.0526 0x1a14 clr_optimization_v4.0.30319_64 - ok
17:34:49.0558 0x1a14 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
17:34:49.0572 0x1a14 CmBatt - ok
17:34:49.0584 0x1a14 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:34:49.0591 0x1a14 cmdide - ok
17:34:49.0654 0x1a14 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
17:34:49.0674 0x1a14 CNG - ok
17:34:49.0682 0x1a14 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
17:34:49.0689 0x1a14 Compbatt - ok
17:34:49.0708 0x1a14 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:34:49.0739 0x1a14 CompositeBus - ok
17:34:49.0748 0x1a14 COMSysApp - ok
17:34:49.0762 0x1a14 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:34:49.0769 0x1a14 crcdisk - ok
17:34:49.0809 0x1a14 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:34:49.0828 0x1a14 CryptSvc - ok
17:34:49.0868 0x1a14 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
17:34:49.0894 0x1a14 CSC - ok
17:34:49.0919 0x1a14 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
17:34:49.0957 0x1a14 CscService - ok
17:34:50.0002 0x1a14 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:34:50.0031 0x1a14 DcomLaunch - ok
17:34:50.0056 0x1a14 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
17:34:50.0082 0x1a14 defragsvc - ok
17:34:50.0105 0x1a14 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:34:50.0138 0x1a14 DfsC - ok
17:34:50.0165 0x1a14 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:34:50.0206 0x1a14 Dhcp - ok
17:34:50.0226 0x1a14 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
17:34:50.0247 0x1a14 discache - ok
17:34:50.0292 0x1a14 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
17:34:50.0301 0x1a14 Disk - ok
17:34:50.0328 0x1a14 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
17:34:50.0342 0x1a14 dmvsc - ok
17:34:50.0372 0x1a14 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:34:50.0397 0x1a14 Dnscache - ok
17:34:50.0421 0x1a14 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
17:34:50.0447 0x1a14 dot3svc - ok
17:34:50.0459 0x1a14 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
17:34:50.0505 0x1a14 DPS - ok
17:34:50.0551 0x1a14 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:34:50.0570 0x1a14 drmkaud - ok
17:34:50.0616 0x1a14 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:34:50.0656 0x1a14 DXGKrnl - ok
17:34:50.0686 0x1a14 [ EAFCB4551836FF44EE775CEDDFA7A77E, 5C01EC0EA6B5B04C51F39EA3B22E1A06F47CB88470A667937C56D4A3BCC19309 ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
17:34:50.0697 0x1a14 e1cexpress - ok
17:34:50.0703 0x1a14 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
17:34:50.0733 0x1a14 EapHost - ok
17:34:50.0819 0x1a14 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:34:50.0911 0x1a14 ebdrv - ok
17:34:50.0946 0x1a14 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] EFS C:\Windows\System32\lsass.exe
17:34:50.0964 0x1a14 EFS - ok
17:34:51.0028 0x1a14 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:34:51.0066 0x1a14 ehRecvr - ok
17:34:51.0076 0x1a14 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
17:34:51.0096 0x1a14 ehSched - ok
17:34:51.0145 0x1a14 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:34:51.0162 0x1a14 elxstor - ok
17:34:51.0171 0x1a14 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:34:51.0184 0x1a14 ErrDev - ok
17:34:51.0213 0x1a14 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
17:34:51.0242 0x1a14 EventSystem - ok
17:34:51.0280 0x1a14 [ 618B2BC3E72A2FBDF2FA4A7350DE3695, DF18CD5788FFDD08E5F746E5498E1D70799349187B774962BD220EC8C4ECD69A ] EvoMouseDriverFilterHidUsb C:\Windows\system32\DRIVERS\EvoMouseDriverFilterHidUsb.sys
17:34:51.0286 0x1a14 EvoMouseDriverFilterHidUsb - ok
17:34:51.0325 0x1a14 [ EC0FE22EB2F3B32E046E01496B88D523, 557EE9466BAB79DA1B9BFA6DC0C72AECE0FB77C74E31299C8860C547FBFE3668 ] EvoMouseDriverMini C:\Windows\system32\drivers\EvoMouseDriverMini.sys
17:34:51.0331 0x1a14 EvoMouseDriverMini - ok
17:34:51.0349 0x1a14 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
17:34:51.0381 0x1a14 exfat - ok
17:34:51.0401 0x1a14 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:34:51.0436 0x1a14 fastfat - ok
17:34:51.0489 0x1a14 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
17:34:51.0528 0x1a14 Fax - ok
17:34:51.0539 0x1a14 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
17:34:51.0555 0x1a14 fdc - ok
17:34:51.0566 0x1a14 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
17:34:51.0600 0x1a14 fdPHost - ok
17:34:51.0611 0x1a14 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
17:34:51.0633 0x1a14 FDResPub - ok
17:34:51.0661 0x1a14 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:34:51.0669 0x1a14 FileInfo - ok
17:34:51.0681 0x1a14 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:34:51.0713 0x1a14 Filetrace - ok
17:34:51.0785 0x1a14 [ 3B8B64EF1D7CE03727DEFFFEF473F5AE, D9D031C054759D0E9117021992FD08BBE3A05128B2EEA7FE97BB25DCEF8538FD ] FLEXlm License Manager C:\SEFlex\Program\lmgrd.exe
17:34:51.0813 0x1a14 FLEXlm License Manager - ok
17:34:51.0833 0x1a14 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:34:51.0849 0x1a14 flpydisk - ok
17:34:51.0867 0x1a14 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:34:51.0878 0x1a14 FltMgr - ok
17:34:51.0939 0x1a14 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
17:34:51.0989 0x1a14 FontCache - ok
17:34:52.0041 0x1a14 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:34:52.0047 0x1a14 FontCache3.0.0.0 - ok
17:34:52.0057 0x1a14 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:34:52.0065 0x1a14 FsDepends - ok
17:34:52.0113 0x1a14 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:34:52.0121 0x1a14 Fs_Rec - ok
17:34:52.0147 0x1a14 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:34:52.0160 0x1a14 fvevol - ok
17:34:52.0182 0x1a14 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:34:52.0189 0x1a14 gagp30kx - ok
17:34:52.0244 0x1a14 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:34:52.0250 0x1a14 GEARAspiWDM - ok
17:34:52.0293 0x1a14 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
17:34:52.0349 0x1a14 gpsvc - ok
17:34:52.0366 0x1a14 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:34:52.0381 0x1a14 hcw85cir - ok
17:34:52.0414 0x1a14 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:34:52.0433 0x1a14 HDAudBus - ok
17:34:52.0480 0x1a14 [ DF100F69C70F3319C3F6178D21A910FE, 9CA3D657822FD1BC7B5A50FDCA163348E9FE65689157328358001032F861ABC9 ] hhdspmc64 C:\Windows\system32\DRIVERS\hhdspmc64.sys
17:34:52.0487 0x1a14 hhdspmc64 - ok
17:34:52.0498 0x1a14 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:34:52.0515 0x1a14 HidBatt - ok
17:34:52.0531 0x1a14 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:34:52.0547 0x1a14 HidBth - ok
17:34:52.0559 0x1a14 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
17:34:52.0579 0x1a14 HidIr - ok
17:34:52.0590 0x1a14 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
17:34:52.0625 0x1a14 hidserv - ok
17:34:52.0664 0x1a14 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:34:52.0672 0x1a14 HidUsb - ok
17:34:52.0680 0x1a14 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:34:52.0709 0x1a14 hkmsvc - ok
17:34:52.0735 0x1a14 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:34:52.0748 0x1a14 HomeGroupListener - ok
17:34:52.0771 0x1a14 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:34:52.0789 0x1a14 HomeGroupProvider - ok
17:34:52.0816 0x1a14 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:34:52.0824 0x1a14 HpSAMD - ok
17:34:52.0864 0x1a14 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:34:52.0908 0x1a14 HTTP - ok
17:34:52.0934 0x1a14 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:34:52.0941 0x1a14 hwpolicy - ok
17:34:52.0950 0x1a14 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:34:52.0959 0x1a14 i8042prt - ok
17:34:52.0986 0x1a14 [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor C:\Windows\system32\drivers\iaStor.sys
17:34:52.0998 0x1a14 iaStor - ok
17:34:53.0043 0x1a14 [ 8FFF9083252C16FE3960173722605E9E, 6546FDA34B9AF94C5E86E5269BBC2F02F1E78D6D4BE5B5EC01F4B284CC934994 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:34:53.0048 0x1a14 IAStorDataMgrSvc - ok
17:34:53.0082 0x1a14 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:34:53.0095 0x1a14 iaStorV - ok
17:34:53.0146 0x1a14 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:34:53.0180 0x1a14 idsvc - ok
17:34:53.0231 0x1a14 IEEtwCollectorService - ok
17:34:53.0239 0x1a14 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:34:53.0246 0x1a14 iirsp - ok
17:34:53.0293 0x1a14 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
17:34:53.0327 0x1a14 IKEEXT - ok
17:34:53.0397 0x1a14 [ 19F9D8F7C996D5AE22E913491C912009, 1E733E34F2D39203216F3542F1A5818F3EA21CE51F434FE3B255CB6BF0B048FC ] IntcAzAudAddService C:\Windows\system32\drivers\RTDVHD64.sys
17:34:53.0459 0x1a14 IntcAzAudAddService - ok
17:34:53.0490 0x1a14 [ 28D387EEFAD7CC3A0BEB9C3262E83ADD, 41C3232407CEB4DA84A465018F23B842D67EA9412C02EE3C8DED4D66ABBDEC2A ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
17:34:53.0497 0x1a14 Intel(R) PROSet Monitoring Service - ok
17:34:53.0511 0x1a14 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
17:34:53.0517 0x1a14 intelide - ok
17:34:53.0544 0x1a14 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:34:53.0561 0x1a14 intelppm - ok
17:34:53.0582 0x1a14 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:34:53.0605 0x1a14 IPBusEnum - ok
17:34:53.0617 0x1a14 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:34:53.0648 0x1a14 IpFilterDriver - ok
17:34:53.0668 0x1a14 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:34:53.0711 0x1a14 iphlpsvc - ok
17:34:53.0722 0x1a14 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:34:53.0741 0x1a14 IPMIDRV - ok
17:34:53.0755 0x1a14 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:34:53.0784 0x1a14 IPNAT - ok
17:34:53.0852 0x1a14 [ E8D96F840994291789F0CDE6800AC1A4, 35B39474B6385DA828D4212047F5C94775FC3C55E8C72EAA503D763D86F9BFB7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:34:53.0868 0x1a14 iPod Service - ok
17:34:53.0884 0x1a14 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:34:53.0903 0x1a14 IRENUM - ok
17:34:53.0928 0x1a14 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:34:53.0935 0x1a14 isapnp - ok
17:34:53.0947 0x1a14 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:34:53.0959 0x1a14 iScsiPrt - ok
17:34:54.0002 0x1a14 [ 6C85719A21B3F62C2C76280F4BD36C7B, 471E333467937720EF9369419EEDE5C2246C976123B437E0AC66F394CF1C056A ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
17:34:54.0012 0x1a14 jhi_service - ok
17:34:54.0034 0x1a14 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:34:54.0042 0x1a14 kbdclass - ok
17:34:54.0063 0x1a14 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:34:54.0084 0x1a14 kbdhid - ok
17:34:54.0096 0x1a14 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] KeyIso C:\Windows\system32\lsass.exe
17:34:54.0104 0x1a14 KeyIso - ok
17:34:54.0141 0x1a14 [ 67A1743377EBB5D9A370A8C2086CFDCC, 2F0FD6C1969B1EEEEFFC1A8F972E1E90F1AD9558FF00EC159BC19ED927FD4BF5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:34:54.0150 0x1a14 KSecDD - ok
17:34:54.0162 0x1a14 [ 522A1595D5701800DD41B2D472F5AAED, B62924AE94A5AC454AD6057BC133D717BB1C6445BE36D6BECAB76E1600F60C33 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:34:54.0172 0x1a14 KSecPkg - ok
17:34:54.0185 0x1a14 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:34:54.0218 0x1a14 ksthunk - ok
17:34:54.0246 0x1a14 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
17:34:54.0276 0x1a14 KtmRm - ok
17:34:54.0296 0x1a14 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:34:54.0321 0x1a14 LanmanServer - ok
17:34:54.0345 0x1a14 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:34:54.0376 0x1a14 LanmanWorkstation - ok
17:34:54.0483 0x1a14 [ 7772DFAB22611050B79504E671B06E6E, 331FE235EDBCF48EE96A5A9D5D0560457CD85FA3FD7BEACD3700055F815D9F13 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:34:54.0497 0x1a14 LBTServ - ok
17:34:54.0548 0x1a14 [ ED7EC050CD6C20E1A93A4DAFB7EFD14D, 9B3B9FA23788680D13E3DC2EEA2F127591A368578AEAB70F03AC379BA7379184 ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys
17:34:54.0556 0x1a14 LEqdUsb - ok
17:34:54.0666 0x1a14 [ EAECE4EE45F0AD26E96136BF8A4CFF8E, 729BBE537F2A0A40CFAC26F65B6B2D00A94EB1E63B43E282B31E7936DABB7224 ] Lexware_Update_Service C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
17:34:54.0673 0x1a14 Lexware_Update_Service - ok
17:34:54.0702 0x1a14 [ 3267BC698E29474A8381E68904EB0390, A653ED6364D4B7E02FB7087D364E33D029B15A92E0FAAB176877DE5F93B36B65 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys
17:34:54.0708 0x1a14 LHidEqd - ok
17:34:54.0744 0x1a14 [ 241F2648ADF090E2A10095BD6D6F5DCB, D31F50F7A70A62E3CA45071F75C56FFA21464BFAF4CA4A3AD2482D7477D78D4E ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
17:34:54.0751 0x1a14 LHidFilt - ok
17:34:54.0762 0x1a14 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:34:54.0792 0x1a14 lltdio - ok
17:34:54.0820 0x1a14 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:34:54.0852 0x1a14 lltdsvc - ok
17:34:54.0861 0x1a14 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:34:54.0891 0x1a14 lmhosts - ok
17:34:54.0901 0x1a14 [ 342ED5A4B3326014438F36D22D803737, 45488402BD919D84729A19E618B3595D615EB1F73FB9BC77675A21E7DB80AB6C ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
17:34:54.0907 0x1a14 LMouFilt - ok
17:34:54.0957 0x1a14 [ 519D66259DF1672AABCE9D2E0ACC5552, 953EAEC04D45574ED9260726383438AA18A5EBEB2E0C93869DF4C57B9998BB27 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:34:54.0968 0x1a14 LMS - ok
17:34:55.0003 0x1a14 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:34:55.0012 0x1a14 LSI_FC - ok
17:34:55.0021 0x1a14 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:34:55.0030 0x1a14 LSI_SAS - ok
17:34:55.0042 0x1a14 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:34:55.0049 0x1a14 LSI_SAS2 - ok
17:34:55.0058 0x1a14 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:34:55.0067 0x1a14 LSI_SCSI - ok
17:34:55.0093 0x1a14 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
17:34:55.0115 0x1a14 luafv - ok
17:34:55.0158 0x1a14 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:34:55.0169 0x1a14 Mcx2Svc - ok
17:34:55.0188 0x1a14 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
17:34:55.0195 0x1a14 megasas - ok
17:34:55.0211 0x1a14 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:34:55.0223 0x1a14 MegaSR - ok
17:34:55.0279 0x1a14 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:34:55.0285 0x1a14 MEIx64 - ok
17:34:55.0306 0x1a14 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
17:34:55.0329 0x1a14 MMCSS - ok
17:34:55.0353 0x1a14 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
17:34:55.0384 0x1a14 Modem - ok
17:34:55.0420 0x1a14 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:34:55.0430 0x1a14 monitor - ok
17:34:55.0438 0x1a14 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:34:55.0445 0x1a14 mouclass - ok
17:34:55.0460 0x1a14 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:34:55.0474 0x1a14 mouhid - ok
17:34:55.0508 0x1a14 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:34:55.0517 0x1a14 mountmgr - ok
17:34:55.0530 0x1a14 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
17:34:55.0539 0x1a14 mpio - ok
17:34:55.0555 0x1a14 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:34:55.0578 0x1a14 mpsdrv - ok
17:34:55.0620 0x1a14 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:34:55.0667 0x1a14 MpsSvc - ok
17:34:55.0703 0x1a14 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:34:55.0725 0x1a14 MRxDAV - ok
17:34:55.0755 0x1a14 [ B2081803D510DCE174992BA880EDCA70, 37DB53C9756EC03EB7165DEB58251615D70B7C86DF32A54DE25ADAF30A04D792 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:34:55.0766 0x1a14 mrxsmb - ok
17:34:55.0801 0x1a14 [ 552FA62B0EFECD22D8D52499324BCA4F, C3A02C9C30C36928AC7B1025496544967187A05BEF5D100B54F2C0155E47145C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:34:55.0828 0x1a14 mrxsmb10 - ok
17:34:55.0860 0x1a14 [ 97687971F9CB30E2633DE0F1296B9F61, 865DA87523E4C32D65D55D5475A5CDDFA10699780DA500E6D606384FB3BEB1BE ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:34:55.0877 0x1a14 mrxsmb20 - ok
17:34:55.0895 0x1a14 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
17:34:55.0902 0x1a14 msahci - ok
17:34:55.0927 0x1a14 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:34:55.0937 0x1a14 msdsm - ok
17:34:55.0950 0x1a14 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
17:34:55.0961 0x1a14 MSDTC - ok
17:34:55.0977 0x1a14 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:34:56.0009 0x1a14 Msfs - ok
17:34:56.0030 0x1a14 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:34:56.0062 0x1a14 mshidkmdf - ok
17:34:56.0081 0x1a14 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:34:56.0088 0x1a14 msisadrv - ok
17:34:56.0111 0x1a14 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:34:56.0145 0x1a14 MSiSCSI - ok
17:34:56.0147 0x1a14 msiserver - ok
17:34:56.0167 0x1a14 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:34:56.0194 0x1a14 MSKSSRV - ok
17:34:56.0207 0x1a14 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:34:56.0237 0x1a14 MSPCLOCK - ok
17:34:56.0246 0x1a14 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:34:56.0278 0x1a14 MSPQM - ok
17:34:56.0295 0x1a14 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:34:56.0307 0x1a14 MsRPC - ok
17:34:56.0316 0x1a14 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:34:56.0323 0x1a14 mssmbios - ok
17:34:56.0332 0x1a14 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:34:56.0364 0x1a14 MSTEE - ok
17:34:56.0375 0x1a14 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:34:56.0387 0x1a14 MTConfig - ok
17:34:56.0395 0x1a14 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
17:34:56.0403 0x1a14 Mup - ok
17:34:56.0433 0x1a14 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
17:34:56.0472 0x1a14 napagent - ok
17:34:56.0502 0x1a14 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:34:56.0531 0x1a14 NativeWifiP - ok
17:34:56.0575 0x1a14 [ C38B8AE57F78915905064A9A24DC1586, 5A24A490AC5DB4FCC745182BDBAEA8836E8FBEC635609AE4CF51DAC3A30A8221 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:34:56.0608 0x1a14 NDIS - ok
17:34:56.0628 0x1a14 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:34:56.0650 0x1a14 NdisCap - ok
17:34:56.0674 0x1a14 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:34:56.0703 0x1a14 NdisTapi - ok
17:34:56.0719 0x1a14 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:34:56.0741 0x1a14 Ndisuio - ok
17:34:56.0757 0x1a14 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:34:56.0780 0x1a14 NdisWan - ok
17:34:56.0794 0x1a14 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:34:56.0815 0x1a14 NDProxy - ok
17:34:56.0860 0x1a14 [ 2C723E42FC8D7B0209492828F921FB50, 2ECF9F4D91F317432FB5A6D01D8271BB7E2A5B8A6CA9EF2F2036890D2B072E52 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:34:56.0873 0x1a14 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
17:34:59.0764 0x1a14 Detect skipped due to KSN trusted
17:34:59.0764 0x1a14 Net Driver HPZ12 - ok
17:34:59.0783 0x1a14 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:34:59.0817 0x1a14 NetBIOS - ok
17:34:59.0837 0x1a14 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:34:59.0862 0x1a14 NetBT - ok
17:34:59.0871 0x1a14 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] Netlogon C:\Windows\system32\lsass.exe
17:34:59.0878 0x1a14 Netlogon - ok
17:34:59.0907 0x1a14 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
17:34:59.0943 0x1a14 Netman - ok
17:34:59.0977 0x1a14 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:34:59.0985 0x1a14 NetMsmqActivator - ok
17:34:59.0988 0x1a14 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:34:59.0995 0x1a14 NetPipeActivator - ok
17:35:00.0013 0x1a14 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
17:35:00.0043 0x1a14 netprofm - ok
17:35:00.0048 0x1a14 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:35:00.0055 0x1a14 NetTcpActivator - ok
17:35:00.0058 0x1a14 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:35:00.0065 0x1a14 NetTcpPortSharing - ok
17:35:00.0096 0x1a14 [ 73CE12B8BDD747B0063CB0A7EF44CEA7, F570BB52BE460DBA6203698CC96FFD9674E1903D0E0F5C49375BE3F8D8E89582 ] netvsc C:\Windows\system32\DRIVERS\netvsc60.sys
17:35:00.0111 0x1a14 netvsc - ok
17:35:00.0142 0x1a14 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:35:00.0151 0x1a14 nfrd960 - ok
17:35:00.0184 0x1a14 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
17:35:00.0219 0x1a14 NlaSvc - ok
17:35:00.0233 0x1a14 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:35:00.0255 0x1a14 Npfs - ok
17:35:00.0288 0x1a14 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
17:35:00.0316 0x1a14 nsi - ok
17:35:00.0331 0x1a14 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:35:00.0352 0x1a14 nsiproxy - ok
17:35:00.0418 0x1a14 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:35:00.0452 0x1a14 Ntfs - ok
17:35:00.0464 0x1a14 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
17:35:00.0491 0x1a14 Null - ok
17:35:00.0536 0x1a14 [ A7127E86F9FFE2A53E271B56B2C4CEDF, 9C8D60290B66976BBC6E6FE0C2B8EBBCF65B019C95116565CA75098E9F66C05D ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
17:35:00.0545 0x1a14 nusb3hub - ok
17:35:00.0564 0x1a14 [ 49BBEC6F48D5F9284B03ABF3A959B19B, 688AFDFA9E2F0AB3BDE22EC55C70FD592AA0236557DA9310E1557C083307CEC5 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:35:00.0586 0x1a14 nusb3xhc - ok
17:35:00.0614 0x1a14 [ E20ABD5B229760158F753CA90B97E090, 9970A8ECFA13647B4F2032CB3C21C48458B5ED137254E3FB9C9B93E4A0EBD709 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
17:35:00.0623 0x1a14 NVHDA - ok
17:35:00.0915 0x1a14 [ BCB3F822CE0AE87818982B1AADFCCB85, 45B813DC3282E6B156D41DB3690D08D38790DD1DC923F376A21AB1D1F9D33746 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:35:01.0234 0x1a14 nvlddmkm - ok
17:35:01.0266 0x1a14 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:35:01.0276 0x1a14 nvraid - ok
17:35:01.0300 0x1a14 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:35:01.0310 0x1a14 nvstor - ok
17:35:01.0319 0x1a14 [ 35D7B9216A08509FF38035DD9B5A7919, 51BF943E78FF042502D10DAFBEEEB202B8C83B4E40091B57CDFF3622288BF30C ] nvsvc C:\Windows\system32\nvvsvc.exe
17:35:01.0327 0x1a14 nvsvc - ok
17:35:01.0356 0x1a14 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:35:01.0366 0x1a14 nv_agp - ok
17:35:01.0379 0x1a14 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:35:01.0399 0x1a14 ohci1394 - ok
17:35:01.0469 0x1a14 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:35:01.0478 0x1a14 ose - ok
17:35:01.0634 0x1a14 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:35:01.0721 0x1a14 osppsvc - ok
17:35:01.0753 0x1a14 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:35:01.0773 0x1a14 p2pimsvc - ok
17:35:01.0792 0x1a14 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
17:35:01.0808 0x1a14 p2psvc - ok
17:35:01.0824 0x1a14 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
17:35:01.0844 0x1a14 Parport - ok
17:35:01.0873 0x1a14 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:35:01.0882 0x1a14 partmgr - ok
17:35:01.0901 0x1a14 [ 363B3F857ABEE85767E01E3044C539CD, F6CB6C4B5B206E75BC8EB125363B1A095BA24FCC997A10605D59FCE44BA8651C ] PBADRV C:\Windows\system32\DRIVERS\PBADRV.sys
17:35:01.0907 0x1a14 PBADRV - ok
17:35:01.0939 0x1a14 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:35:01.0959 0x1a14 PcaSvc - ok
17:35:01.0984 0x1a14 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
17:35:01.0995 0x1a14 pci - ok
17:35:02.0012 0x1a14 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
17:35:02.0019 0x1a14 pciide - ok
17:35:02.0044 0x1a14 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:35:02.0056 0x1a14 pcmcia - ok
17:35:02.0066 0x1a14 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
17:35:02.0073 0x1a14 pcw - ok
17:35:02.0116 0x1a14 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:35:02.0140 0x1a14 PEAUTH - ok
17:35:02.0195 0x1a14 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:35:02.0250 0x1a14 PeerDistSvc - ok
17:35:02.0324 0x1a14 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:35:02.0334 0x1a14 PerfHost - ok
17:35:02.0388 0x1a14 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
17:35:02.0446 0x1a14 pla - ok
17:35:02.0487 0x1a14 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:35:02.0503 0x1a14 PlugPlay - ok
17:35:02.0546 0x1a14 [ 171E6D91A20AAC8D02172A64E82CE90B, 0D51F00D6C0376CD12893620E0A15E687263048CFE20E953F6BB4B7D6CDC3F50 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:35:02.0551 0x1a14 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
17:35:05.0442 0x1a14 Detect skipped due to KSN trusted
17:35:05.0442 0x1a14 Pml Driver HPZ12 - ok
17:35:05.0456 0x1a14 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:35:05.0488 0x1a14 PNRPAutoReg - ok
17:35:05.0503 0x1a14 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:35:05.0516 0x1a14 PNRPsvc - ok
17:35:05.0554 0x1a14 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:35:05.0588 0x1a14 PolicyAgent - ok
17:35:05.0614 0x1a14 [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll
17:35:05.0639 0x1a14 Power - ok
17:35:05.0674 0x1a14 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:35:05.0707 0x1a14 PptpMiniport - ok
17:35:05.0723 0x1a14 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
17:35:05.0737 0x1a14 Processor - ok
17:35:05.0767 0x1a14 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
17:35:05.0779 0x1a14 ProfSvc - ok
17:35:05.0787 0x1a14 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:35:05.0795 0x1a14 ProtectedStorage - ok
17:35:05.0806 0x1a14 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:35:05.0829 0x1a14 Psched - ok
17:35:05.0870 0x1a14 [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
17:35:05.0877 0x1a14 PxHlpa64 - ok
17:35:05.0932 0x1a14 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:35:05.0996 0x1a14 ql2300 - ok
17:35:06.0011 0x1a14 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:35:06.0020 0x1a14 ql40xx - ok
17:35:06.0046 0x1a14 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
17:35:06.0063 0x1a14 QWAVE - ok
17:35:06.0087 0x1a14 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:35:06.0112 0x1a14 QWAVEdrv - ok
17:35:06.0122 0x1a14 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:35:06.0153 0x1a14 RasAcd - ok
17:35:06.0187 0x1a14 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:35:06.0223 0x1a14 RasAgileVpn - ok
17:35:06.0237 0x1a14 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
17:35:06.0260 0x1a14 RasAuto - ok
17:35:06.0277 0x1a14 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:35:06.0300 0x1a14 Rasl2tp - ok
17:35:06.0331 0x1a14 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
17:35:06.0367 0x1a14 RasMan - ok
17:35:06.0380 0x1a14 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:35:06.0414 0x1a14 RasPppoe - ok
17:35:06.0423 0x1a14 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:35:06.0446 0x1a14 RasSstp - ok
17:35:06.0462 0x1a14 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:35:06.0488 0x1a14 rdbss - ok
17:35:06.0498 0x1a14 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:35:06.0508 0x1a14 rdpbus - ok
17:35:06.0512 0x1a14 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:35:06.0532 0x1a14 RDPCDD - ok
17:35:06.0553 0x1a14 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:35:06.0563 0x1a14 RDPDR - ok
17:35:06.0585 0x1a14 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:35:06.0612 0x1a14 RDPENCDD - ok
17:35:06.0626 0x1a14 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:35:06.0648 0x1a14 RDPREFMP - ok
17:35:06.0685 0x1a14 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:35:06.0703 0x1a14 RDPWD - ok
17:35:06.0729 0x1a14 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:35:06.0740 0x1a14 rdyboost - ok
17:35:06.0760 0x1a14 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:35:06.0795 0x1a14 RemoteAccess - ok
17:35:06.0817 0x1a14 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:35:06.0846 0x1a14 RemoteRegistry - ok
17:35:06.0893 0x1a14 [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
17:35:06.0911 0x1a14 RimUsb - ok
17:35:06.0994 0x1a14 [ 3C957189B31C34D3AD21967B12B6AED7, 878FE6EA03F60592D6D557B905A5119E2CC836C2A6A86ED2867C3C9B0F0FDBA2 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
17:35:07.0037 0x1a14 RoxMediaDB12OEM - ok
17:35:07.0069 0x1a14 [ 2B73088CC2CA757A172B425C9398E5BC, 3D296B4D6F66F7729CC48FE54456E6E6D8207DBA7E31D66653566C128E53163B ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
17:35:07.0079 0x1a14 RoxWatch12 - ok
17:35:07.0100 0x1a14 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:35:07.0130 0x1a14 RpcEptMapper - ok
17:35:07.0152 0x1a14 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
17:35:07.0171 0x1a14 RpcLocator - ok
17:35:07.0192 0x1a14 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
17:35:07.0221 0x1a14 RpcSs - ok
17:35:07.0252 0x1a14 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:35:07.0287 0x1a14 rspndr - ok
17:35:07.0310 0x1a14 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:35:07.0341 0x1a14 s3cap - ok
17:35:07.0362 0x1a14 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] SamSs C:\Windows\system32\lsass.exe
17:35:07.0369 0x1a14 SamSs - ok
17:35:07.0447 0x1a14 [ F22189298ABFC75F2A2D87BCCD3CA092, 8408FBC2C05A437F4382C3D9822E857E660C7656F2B10C4A5FC4802FE4721B2F ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
17:35:07.0458 0x1a14 SbieDrv - ok
17:35:07.0501 0x1a14 [ 53A64997DEC2AA75C611B376E5A9D03F, 1BE87A3F148EBCBB7311D5BFD4C616E000C4CD4335C8A69966161EDA47FBE1C6 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
17:35:07.0511 0x1a14 SbieSvc - ok
17:35:07.0521 0x1a14 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:35:07.0529 0x1a14 sbp2port - ok
17:35:07.0551 0x1a14 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:35:07.0586 0x1a14 SCardSvr - ok
17:35:07.0620 0x1a14 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:35:07.0647 0x1a14 scfilter - ok
17:35:07.0706 0x1a14 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
17:35:07.0790 0x1a14 Schedule - ok
17:35:07.0822 0x1a14 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:35:07.0845 0x1a14 SCPolicySvc - ok
17:35:07.0849 0x1a14 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:35:07.0860 0x1a14 SDRSVC - ok
17:35:07.0880 0x1a14 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:35:07.0901 0x1a14 secdrv - ok
17:35:07.0907 0x1a14 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
17:35:07.0929 0x1a14 seclogon - ok
17:35:08.0048 0x1a14 [ 8365191D0FE7DF5972B889821ADBE62B, A3CC36FBF7962166D0E6A6B277130882BED623708C7F14EC158614F30F982420 ] SecureStorageService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
17:35:08.0109 0x1a14 SecureStorageService - ok
17:35:08.0135 0x1a14 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
17:35:08.0165 0x1a14 SENS - ok
17:35:08.0175 0x1a14 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:35:08.0194 0x1a14 SensrSvc - ok
17:35:08.0236 0x1a14 [ 255476B54C82A89416EFDF09FD62F107, 000A6F7F15177A08ED4E22DB1C06F9FF0F8D324541A3E7AF7F35123D9CA4122D ] Sentinel64 C:\Windows\System32\Drivers\Sentinel64.sys
17:35:08.0244 0x1a14 Sentinel64 - ok
17:35:08.0266 0x1a14 [ 1BA2C677C6146A8B3ADEA7B69D2EED56, B8BA275B748C0F729CED224A415CC0D0EBB1EE2FC0F59DA0275C18EE9BDC1604 ] SentinelKeysServer C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
17:35:08.0276 0x1a14 SentinelKeysServer - ok
17:35:08.0330 0x1a14 [ D1A2BA8BF092DDF18F3D3DB1D5AC7803, EE1B349DD8D5C00B4E13F9F71BFDBA73A4870C6BC90F1845D2AEAD8EFEE02322 ] SentinelProtectionServer C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
17:35:08.0355 0x1a14 SentinelProtectionServer - ok
17:35:08.0392 0x1a14 [ E80B91AEC007711B1EEC9C83487754E2, 8C417EF2FC3460F05C3BCA955C628A65AA86E9DB080235CCF61FB98745BB2F90 ] SentinelSecurityRuntime C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
17:35:08.0402 0x1a14 SentinelSecurityRuntime - ok
17:35:08.0420 0x1a14 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:35:08.0436 0x1a14 Serenum - ok
17:35:08.0470 0x1a14 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:35:08.0493 0x1a14 Serial - ok
17:35:08.0516 0x1a14 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:35:08.0525 0x1a14 sermouse - ok
17:35:08.0551 0x1a14 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
17:35:08.0580 0x1a14 SessionEnv - ok
17:35:08.0592 0x1a14 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:35:08.0607 0x1a14 sffdisk - ok
17:35:08.0609 0x1a14 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:35:08.0625 0x1a14 sffp_mmc - ok
17:35:08.0641 0x1a14 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:35:08.0657 0x1a14 sffp_sd - ok
17:35:08.0659 0x1a14 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:35:08.0667 0x1a14 sfloppy - ok
17:35:08.0695 0x1a14 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:35:08.0736 0x1a14 SharedAccess - ok
17:35:08.0758 0x1a14 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:35:08.0786 0x1a14 ShellHWDetection - ok
17:35:08.0809 0x1a14 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:35:08.0816 0x1a14 SiSRaid2 - ok
17:35:08.0828 0x1a14 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:35:08.0835 0x1a14 SiSRaid4 - ok
17:35:08.0854 0x1a14 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:35:08.0882 0x1a14 Smb - ok
17:35:08.0908 0x1a14 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:35:08.0926 0x1a14 SNMPTRAP - ok
17:35:08.0964 0x1a14 [ 2D5576C01C8A34AA614870E745FE8F19, FAAD06A4B912B8A7B6971E152D89356191C9655DDA494A04F0AA086DFB46BD11 ] SNTUSB64 C:\Windows\system32\DRIVERS\SNTUSB64.SYS
17:35:08.0971 0x1a14 SNTUSB64 - ok
17:35:09.0052 0x1a14 [ 3B8B64EF1D7CE03727DEFFFEF473F5AE, D9D031C054759D0E9117021992FD08BBE3A05128B2EEA7FE97BB25DCEF8538FD ] Solid Edge C:\SEFlex\Program\lmgrd.exe
17:35:09.0079 0x1a14 Solid Edge - ok
17:35:09.0089 0x1a14 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
17:35:09.0096 0x1a14 spldr - ok
17:35:09.0121 0x1a14 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
17:35:09.0156 0x1a14 Spooler - ok
17:35:09.0242 0x1a14 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
17:35:09.0365 0x1a14 sppsvc - ok
17:35:09.0378 0x1a14 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:35:09.0414 0x1a14 sppuinotify - ok
17:35:09.0442 0x1a14 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:35:09.0472 0x1a14 srv - ok
17:35:09.0494 0x1a14 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:35:09.0518 0x1a14 srv2 - ok
17:35:09.0533 0x1a14 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:35:09.0554 0x1a14 srvnet - ok
17:35:09.0588 0x1a14 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:35:09.0615 0x1a14 SSDPSRV - ok
17:35:09.0622 0x1a14 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:35:09.0653 0x1a14 SstpSvc - ok
17:35:09.0748 0x1a14 [ 98CC6BDCB5F593394CE2000EC454AEE4, 13973E69DDFB5A0494141C60ABF0E6F7EF555B476AC4171B18A31FF04618D54B ] StarMoney 8.0 OnlineUpdate C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
17:35:09.0766 0x1a14 StarMoney 8.0 OnlineUpdate - ok
17:35:09.0846 0x1a14 [ 3BF022F8064A83A23DF90971DD78CA83, 85754DF1C6DE745ADF9A0BAB1948AFF2CA16C4569128DA90AF610D199E621BF4 ] StarMoney 9.0 OnlineUpdate C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
17:35:09.0863 0x1a14 StarMoney 9.0 OnlineUpdate - ok
17:35:09.0881 0x1a14 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:35:09.0888 0x1a14 stexstor - ok
17:35:09.0936 0x1a14 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
17:35:09.0984 0x1a14 stisvc - ok
17:35:10.0026 0x1a14 [ 7731F46EC0D687A931CBA063E8F90EF0, 5CF996A209756B901316C4406C7D3E52ECC9C15A1BDB0D4D9C77846AB29FD040 ] stllssvr C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
17:35:10.0034 0x1a14 stllssvr - ok
17:35:10.0060 0x1a14 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
17:35:10.0068 0x1a14 StorSvc - ok
17:35:10.0102 0x1a14 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:35:10.0110 0x1a14 storvsc - ok
17:35:10.0133 0x1a14 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:35:10.0139 0x1a14 swenum - ok
17:35:10.0169 0x1a14 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
17:35:10.0201 0x1a14 swprv - ok
17:35:10.0212 0x1a14 [ 4CDD7DF58730D23BA9CB5829A6E2ECEA, 89A2A1604C2BF985894000F51D9D376B32F1327197866850B5BF8640272DE828 ] SynthVid C:\Windows\system32\DRIVERS\VMBusVideoM.sys
17:35:10.0220 0x1a14 SynthVid - ok
17:35:10.0279 0x1a14 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
17:35:10.0344 0x1a14 SysMain - ok
17:35:10.0358 0x1a14 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:35:10.0371 0x1a14 TabletInputService - ok
17:35:10.0387 0x1a14 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
17:35:10.0415 0x1a14 TapiSrv - ok
17:35:10.0426 0x1a14 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
17:35:10.0455 0x1a14 TBS - ok
17:35:10.0526 0x1a14 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:35:10.0597 0x1a14 Tcpip - ok
17:35:10.0650 0x1a14 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:35:10.0687 0x1a14 TCPIP6 - ok
17:35:10.0706 0x1a14 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:35:10.0739 0x1a14 tcpipreg - ok
17:35:10.0828 0x1a14 [ 3D52B206D9F6F3ECFDB5D676614E47B6, 909C5C362D35E6D0264E9F2DC42B535AB39DD99FEDD483C7DEE8E8EA91A081DA ] tcsd_win32.exe C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
17:35:10.0878 0x1a14 tcsd_win32.exe - detected UnsignedFile.Multi.Generic ( 1 )
17:35:13.0765 0x1a14 Detect skipped due to KSN trusted
17:35:13.0765 0x1a14 tcsd_win32.exe - ok
17:35:13.0885 0x1a14 [ E2F626E4A23E12DE31D8820FF143A456, FF1CBFD52A32B25E31167D9AE3F4826818623C03DA92EE1B7B99A5DA1A1C4FC5 ] TdmService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
17:35:13.0952 0x1a14 TdmService - ok
17:35:13.0966 0x1a14 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:35:13.0977 0x1a14 TDPIPE - ok
17:35:14.0008 0x1a14 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:35:14.0038 0x1a14 TDTCP - ok
17:35:14.0056 0x1a14 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:35:14.0084 0x1a14 tdx - ok
17:35:14.0093 0x1a14 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:35:14.0101 0x1a14 TermDD - ok
17:35:14.0139 0x1a14 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
17:35:14.0168 0x1a14 TermService - ok
17:35:14.0187 0x1a14 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
17:35:14.0205 0x1a14 Themes - ok
17:35:14.0230 0x1a14 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
17:35:14.0262 0x1a14 THREADORDER - ok
17:35:14.0274 0x1a14 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
17:35:14.0298 0x1a14 TrkWks - ok
17:35:14.0337 0x1a14 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:35:14.0362 0x1a14 TrustedInstaller - ok
17:35:14.0392 0x1a14 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:35:14.0401 0x1a14 tssecsrv - ok
17:35:14.0427 0x1a14 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:35:14.0435 0x1a14 TsUsbFlt - ok
17:35:14.0446 0x1a14 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:35:14.0466 0x1a14 TsUsbGD - ok
17:35:14.0498 0x1a14 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:35:14.0526 0x1a14 tunnel - ok
17:35:14.0542 0x1a14 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:35:14.0550 0x1a14 uagp35 - ok
17:35:14.0565 0x1a14 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:35:14.0591 0x1a14 udfs - ok
17:35:14.0613 0x1a14 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:35:14.0629 0x1a14 UI0Detect - ok
17:35:14.0650 0x1a14 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:35:14.0659 0x1a14 uliagpkx - ok
17:35:14.0680 0x1a14 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:35:14.0695 0x1a14 umbus - ok
17:35:14.0714 0x1a14 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
17:35:14.0727 0x1a14 UmPass - ok
17:35:14.0750 0x1a14 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
17:35:14.0763 0x1a14 UmRdpService - ok
17:35:14.0891 0x1a14 [ 1B71370AEC1115F80D9A4A209317C968, C6886F556E87C1750991C27EF818B3A2CAB5DD84A26290457A005CFDECBEF884 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:35:14.0943 0x1a14 UNS - ok
17:35:14.0965 0x1a14 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
17:35:14.0994 0x1a14 upnphost - ok
17:35:15.0035 0x1a14 [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:35:15.0056 0x1a14 usbccgp - ok
17:35:15.0098 0x1a14 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:35:15.0113 0x1a14 usbcir - ok
17:35:15.0136 0x1a14 [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:35:15.0152 0x1a14 usbehci - ok
17:35:15.0208 0x1a14 [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:35:15.0222 0x1a14 usbhub - ok
17:35:15.0257 0x1a14 [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:35:15.0288 0x1a14 usbohci - ok
17:35:15.0307 0x1a14 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
17:35:15.0318 0x1a14 usbprint - ok
17:35:15.0344 0x1a14 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:35:15.0353 0x1a14 USBSTOR - ok
17:35:15.0385 0x1a14 [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:35:15.0393 0x1a14 usbuhci - ok
17:35:15.0411 0x1a14 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
17:35:15.0434 0x1a14 UxSms - ok
17:35:15.0437 0x1a14 [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] VaultSvc C:\Windows\system32\lsass.exe
17:35:15.0445 0x1a14 VaultSvc - ok
17:35:15.0466 0x1a14 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:35:15.0473 0x1a14 vdrvroot - ok
17:35:15.0492 0x1a14 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
17:35:15.0544 0x1a14 vds - ok
17:35:15.0561 0x1a14 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:35:15.0580 0x1a14 vga - ok
17:35:15.0588 0x1a14 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:35:15.0621 0x1a14 VgaSave - ok
17:35:15.0637 0x1a14 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:35:15.0648 0x1a14 vhdmp - ok
17:35:15.0658 0x1a14 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
17:35:15.0665 0x1a14 viaide - ok
17:35:15.0686 0x1a14 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:35:15.0694 0x1a14 VMBusHID - ok
17:35:15.0715 0x1a14 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:35:15.0723 0x1a14 volmgr - ok
17:35:15.0741 0x1a14 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:35:15.0754 0x1a14 volmgrx - ok
17:35:15.0769 0x1a14 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:35:15.0781 0x1a14 volsnap - ok
17:35:15.0800 0x1a14 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:35:15.0810 0x1a14 vsmraid - ok
17:35:15.0863 0x1a14 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
17:35:15.0938 0x1a14 VSS - ok
17:35:15.0953 0x1a14 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:35:15.0972 0x1a14 vwifibus - ok
17:35:15.0993 0x1a14 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
17:35:16.0037 0x1a14 W32Time - ok
17:35:16.0051 0x1a14 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:35:16.0059 0x1a14 WacomPen - ok
17:35:16.0085 0x1a14 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:35:16.0107 0x1a14 WANARP - ok
17:35:16.0110 0x1a14 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:35:16.0132 0x1a14 Wanarpv6 - ok
17:35:16.0219 0x1a14 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:35:16.0259 0x1a14 WatAdminSvc - ok
17:35:16.0349 0x1a14 [ E45BCE01F15EEB240FE9DB83B9D86BE3, D423C4193CE65409173557424FA49A9E75DA7377E2C9F6A46E37316D29EB5785 ] Wave Authentication Manager Service C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
17:35:16.0399 0x1a14 Wave Authentication Manager Service - detected UnsignedFile.Multi.Generic ( 1 )
17:35:19.0322 0x1a14 Detect skipped due to KSN trusted
17:35:19.0322 0x1a14 Wave Authentication Manager Service - ok
17:35:19.0381 0x1a14 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
17:35:19.0445 0x1a14 wbengine - ok
17:35:19.0465 0x1a14 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:35:19.0488 0x1a14 WbioSrvc - ok
17:35:19.0506 0x1a14 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:35:19.0524 0x1a14 wcncsvc - ok
17:35:19.0537 0x1a14 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:35:19.0546 0x1a14 WcsPlugInService - ok
17:35:19.0562 0x1a14 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
17:35:19.0569 0x1a14 Wd - ok
17:35:19.0616 0x1a14 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:35:19.0650 0x1a14 Wdf01000 - ok
17:35:19.0659 0x1a14 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:35:19.0684 0x1a14 WdiServiceHost - ok
17:35:19.0687 0x1a14 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:35:19.0700 0x1a14 WdiSystemHost - ok
17:35:19.0733 0x1a14 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
17:35:19.0747 0x1a14 WebClient - ok
17:35:19.0762 0x1a14 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:35:19.0789 0x1a14 Wecsvc - ok
17:35:19.0796 0x1a14 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:35:19.0832 0x1a14 wercplsupport - ok
17:35:19.0854 0x1a14 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
17:35:19.0888 0x1a14 WerSvc - ok
17:35:19.0919 0x1a14 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:35:19.0943 0x1a14 WfpLwf - ok
17:35:19.0947 0x1a14 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:35:19.0954 0x1a14 WIMMount - ok
17:35:19.0976 0x1a14 WinDefend - ok
17:35:19.0978 0x1a14 WinHttpAutoProxySvc - ok
17:35:20.0018 0x1a14 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:35:20.0055 0x1a14 Winmgmt - ok
17:35:20.0114 0x1a14 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
17:35:20.0191 0x1a14 WinRM - ok
17:35:20.0235 0x1a14 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:35:20.0245 0x1a14 WinUsb - ok
17:35:20.0280 0x1a14 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:35:20.0327 0x1a14 Wlansvc - ok
17:35:20.0377 0x1a14 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:35:20.0384 0x1a14 wlcrasvc - ok
17:35:20.0480 0x1a14 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:35:20.0522 0x1a14 wlidsvc - ok
17:35:20.0543 0x1a14 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:35:20.0559 0x1a14 WmiAcpi - ok
17:35:20.0585 0x1a14 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:35:20.0610 0x1a14 wmiApSrv - ok
17:35:20.0645 0x1a14 WMPNetworkSvc - ok
17:35:20.0663 0x1a14 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:35:20.0684 0x1a14 WPCSvc - ok
17:35:20.0693 0x1a14 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:35:20.0705 0x1a14 WPDBusEnum - ok
17:35:20.0716 0x1a14 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:35:20.0738 0x1a14 ws2ifsl - ok
17:35:20.0754 0x1a14 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
17:35:20.0768 0x1a14 wscsvc - ok
17:35:20.0808 0x1a14 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
17:35:20.0818 0x1a14 WSDPrintDevice - ok
17:35:20.0866 0x1a14 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
17:35:20.0874 0x1a14 WSDScan - ok
17:35:20.0877 0x1a14 WSearch - ok
17:35:20.0966 0x1a14 [ 499034D7F1F6AF49F9EE12F8822793CB, 55D591C4861AF66C6B9201BF78808B2ECE7B79D95C6BB07FF0ED87EFE63DD99E ] wuauserv C:\Windows\system32\wuaueng.dll
17:35:21.0048 0x1a14 wuauserv - ok
17:35:21.0065 0x1a14 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:35:21.0088 0x1a14 WudfPf - ok
17:35:21.0113 0x1a14 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:35:21.0147 0x1a14 WUDFRd - ok
17:35:21.0169 0x1a14 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:35:21.0192 0x1a14 wudfsvc - ok
17:35:21.0209 0x1a14 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
17:35:21.0224 0x1a14 WwanSvc - ok
17:35:21.0235 0x1a14 ================ Scan global ===============================
17:35:21.0266 0x1a14 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
17:35:21.0297 0x1a14 [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
17:35:21.0306 0x1a14 [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
17:35:21.0327 0x1a14 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:35:21.0358 0x1a14 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
17:35:21.0364 0x1a14 [ Global ] - ok
17:35:21.0365 0x1a14 ================ Scan MBR ==================================
17:35:21.0375 0x1a14 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:35:21.0650 0x1a14 \Device\Harddisk0\DR0 - ok
17:35:21.0659 0x1a14 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:35:21.0725 0x1a14 \Device\Harddisk1\DR1 - ok
17:35:21.0726 0x1a14 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
17:35:23.0485 0x1a14 \Device\Harddisk2\DR2 - ok
17:35:23.0485 0x1a14 ================ Scan VBR ==================================
17:35:23.0486 0x1a14 [ 1CA4D98FED1D0EAADAD5C47EC03F7E34 ] \Device\Harddisk0\DR0\Partition1
17:35:23.0491 0x1a14 \Device\Harddisk0\DR0\Partition1 - ok
17:35:23.0492 0x1a14 [ CC896EEFA59B848BDE40E620C16DFCE9 ] \Device\Harddisk0\DR0\Partition2
17:35:23.0493 0x1a14 \Device\Harddisk0\DR0\Partition2 - ok
17:35:23.0494 0x1a14 [ 6B803490111BA929AEC703E3A190DF9A ] \Device\Harddisk1\DR1\Partition1
17:35:23.0495 0x1a14 \Device\Harddisk1\DR1\Partition1 - ok
17:35:23.0497 0x1a14 [ A5CDA7F5DD9779BEE96423C0FB7CACCC ] \Device\Harddisk2\DR2\Partition1
17:35:23.0566 0x1a14 \Device\Harddisk2\DR2\Partition1 - ok
17:35:23.0566 0x1a14 ================ Scan generic autorun ======================
17:35:23.0644 0x1a14 [ 4C748E4BBFF7795A623A6D122A16C5EB, 24C9EE6023B020B21F68C187B34DD7FC46A4FF27F2B565AA3DF35641CD64ACBB ] C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe
17:35:23.0696 0x1a14 RtHDVCpl - ok
17:35:23.0770 0x1a14 [ 9953AA19D2C70443A1955160312D6D06, F3B7FA6D1829ED54D2D45C7EACA8924F1287E9F087F17D837A35E6D6019122D5 ] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe
17:35:23.0830 0x1a14 nwiz - ok
17:35:23.0856 0x1a14 [ EBC5436427CD4D8C92AA36F3F7AC441A, 52BD1528EE768A5B413B557EC7D51CF81219D00CD997B6E8C4237A05ADA06AF4 ] C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
17:35:23.0877 0x1a14 TdmNotify - ok
17:35:23.0950 0x1a14 [ DF72D700CC33611206675B8A2FD4D4F9, AB3AF6FD92140A1432FEAFFF2015CFAD5E9362F0018EA1D859A2DA349E95847D ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
17:35:23.0996 0x1a14 EvtMgr6 - ok
17:35:24.0063 0x1a14 [ 838258B7655F2309F7BE63F844AF51BB, 50E5831663E8BD4627C9D532AB4B0D451D668CFC519163E5D75952BA9BD6EE12 ] C:\Program Files\iTunes\iTunesHelper.exe
17:35:24.0072 0x1a14 iTunesHelper - ok
17:35:24.0102 0x1a14 [ 4A73AB8412D3AA6CFAD24051FF9DBFA7, 7C1F6BDECE92F2A58E88FC603F1BEE9B0F72130136AE9A368892323A9A327FD1 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
17:35:24.0112 0x1a14 IAStorIcon - ok
17:35:24.0145 0x1a14 [ 1EAD2147E5633CB26AF77B694F070777, 762159FA5985D0562A425967E39716C8953742D485245C5A8BF87501B95203EA ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
17:35:24.0153 0x1a14 IMSS - ok
17:35:24.0189 0x1a14 [ 88FD47E3BD31BC358AD1EF14E75C7681, 0177A849A8E63122628D42AAB97F29224413B10C5E9720F7ED9E109E509EC7ED ] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
17:35:24.0196 0x1a14 RemoteControl9 - ok
17:35:24.0215 0x1a14 [ A4A59E38A82781985AF76BA2038C78BE, 0E349A07EFC7FB0BB6E9CD3A6B9E72CDA4FD45001EEAB3AAC5D885E2AE0CEF77 ] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe
17:35:24.0229 0x1a14 PDVD9LanguageShortcut - ok
17:35:24.0244 0x1a14 [ A7749965A3923D024922A86BAAECAFF4, 70CC52E58881F405B334EDE68913EAB1B7FADBFB19B92F42B40E4737C6F073F7 ] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe
17:35:24.0254 0x1a14 RoxWatchTray - ok
17:35:24.0301 0x1a14 [ 4164A47F3A2DA7EA44572904C3DF44A4, 192097A694949269CD642C4F832715F48F4448669951D027DBECE9D873E9DA94 ] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
17:35:24.0314 0x1a14 Desktop Disc Tool - ok
17:35:24.0402 0x1a14 [ 28DEF0EFB36D172EAA5A08EB09CF75DF, 62D07A28167AEBFB9511830BFBBEAAB17CC24D57FF8D07F1414D921135BC9024 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
17:35:24.0436 0x1a14 avgnt - ok
17:35:24.0497 0x1a14 [ 0080EB1CDD83F14C01534B1DC754234D, D0FC9B95A12D0C92730F8031B3DB287D1309008CF15EA0C02FC14B56FAE8C320 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
17:35:24.0504 0x1a14 APSDaemon - ok
17:35:24.0537 0x1a14 [ 41F8D76CAFAA8A9FD0F1F2B7361DDC2C, 7B16573ED3ADFA794923A6DD2F9B1679909DB15BE657464DE944D9D050CB5957 ] C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\Appinterfaces\HPPUDS.exe
17:35:24.0550 0x1a14 PUStarter - detected UnsignedFile.Multi.Generic ( 1 )
17:35:27.0443 0x1a14 Detect skipped due to KSN trusted
17:35:27.0443 0x1a14 PUStarter - ok
17:35:27.0498 0x1a14 [ C59B1DA2B3E5D35A08787A5B85681668, 2AFFABDCB05B1172F6CF9DB464EF78A3357CE548B727092A1699115C526E9D62 ] C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\HPPU.exe
17:35:27.0502 0x1a14 RunPUTasktray - detected UnsignedFile.Multi.Generic ( 1 )
17:35:30.0395 0x1a14 Detect skipped due to KSN trusted
17:35:30.0395 0x1a14 RunPUTasktray - ok
17:35:30.0461 0x1a14 [ 18C384C8FA1A0A5CA6484D545A6E748A, C978961D4C6A4FA87E28B639E296977A743AF1463AE5B50BA78CCE9C9F8AB202 ] C:\Program Files (x86)\Hewlett-Packard\HP Designjet ePrintAndShare\HPePSUploader.exe
17:35:30.0479 0x1a14 ItalusUploader - detected UnsignedFile.Multi.Generic ( 1 )
17:35:33.0420 0x1a14 ItalusUploader ( UnsignedFile.Multi.Generic ) - warning
17:35:36.0214 0x1a14 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:35:36.0279 0x1a14 Sidebar - ok
17:35:36.0302 0x1a14 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:35:36.0315 0x1a14 mctadmin - ok
17:35:36.0336 0x1a14 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:35:36.0363 0x1a14 Sidebar - ok
17:35:36.0367 0x1a14 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:35:36.0379 0x1a14 mctadmin - ok
17:35:36.0434 0x1a14 [ F341DD6145F779CE5B732BC6BC6A3370, 67CE7E6DD5969C8DE34473E01D60D52FABC740B056287C2E261A36F97993ED0D ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
17:35:36.0441 0x1a14 iCloudServices - ok
17:35:36.0461 0x1a14 [ 944E77A49DBAF8F6BB473118C116E59E, 0DA67736F1841A270AB24C13BA8FF4021A8950EB58B4985774F4B224B832B0DA ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
17:35:36.0467 0x1a14 ApplePhotoStreams - ok
17:35:36.0540 0x1a14 [ 55F751FD10B5CE32FD44BD658438A0AE, 26FAE4ADA494D28872EA4323B53FCC590C7126C5348B893665FEA4714894CBF2 ] C:\Program Files\Sandboxie\SbieCtrl.exe
17:35:36.0559 0x1a14 SandboxieControl - ok
17:35:36.0559 0x1a14 HotFolder.FR12 - ok
17:35:36.0693 0x1a14 [ ACD6AED54DFF3E2E4C6A1753BF3BEA98, F718D1ED1E00145396FFB3A00AB795BD53CB77BE16975C1512E7FB02ECE3B6BB ] C:\Program Files (x86)\Nuance\OmniPage19\OpAgent.exe
17:35:36.0738 0x1a14 OpAgent - ok
17:35:36.0765 0x1a14 [ 4016CE43255F0BE4FBE4A54F4500B021, 125A4BA4F0EF844F8320829ECED5D5CB1503A066E0D1A9D17702220F4C32F1E3 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
17:35:36.0770 0x1a14 iCloudDrive - ok
17:35:36.0771 0x1a14 Waiting for KSN requests completion. In queue: 9
17:35:37.0771 0x1a14 Waiting for KSN requests completion. In queue: 9
17:35:38.0771 0x1a14 Waiting for KSN requests completion. In queue: 9
17:35:39.0802 0x1a14 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.12.402 ), 0x41000 ( enabled : updated )
17:35:39.0805 0x1a14 Win FW state via NFP2: enabled ( trusted )
17:35:42.0520 0x1a14 ============================================================
17:35:42.0520 0x1a14 Scan finished
17:35:42.0520 0x1a14 ============================================================
17:35:42.0525 0x2d44 Detected object count: 1
17:35:42.0525 0x2d44 Actual detected object count: 1
17:38:09.0649 0x2d44 ItalusUploader ( UnsignedFile.Multi.Generic ) - skipped by user
17:38:09.0649 0x2d44 ItalusUploader ( UnsignedFile.Multi.Generic ) - User select action: Skip
Ich denke bisher wurde nichts gefunden? Grüße halifax |
|
25.08.2015, 05:49
| #6 |
| /// the machine /// TB-Ausbilder | Spammail durch meinen Account hi, Passwort zum Account geändert? Auf wievielen Geräten ist der Account eingerichtet?
__________________ --> Spammail durch meinen Account |
|
25.08.2015, 06:47
| #7 |
| | Spammail durch meinen Account Hallo, die Passwörter habe ich gestern geändert. Der Account ist noch auf 3 weiteren Geräten (1x Win 7, 2x iOS). |
|
25.08.2015, 10:49
| #8 |
| /// the machine /// TB-Ausbilder | Spammail durch meinen Account Von den beiden IOS den Account komplett löschen. Logs von dem andern Win7 bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.08.2015, 13:11
| #9 |
| | Spammail durch meinen Account Hallo, hier die Logs vom 2. Win7: 1. FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-08-2015
durchgeführt von halifax (Administrator) auf THINKPADW520 (25-08-2015 13:43:39)
Gestartet von C:\TEMP
Geladene Profile: halifax (Verfügbare Profile: UpdatusUser & halifax)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(UPEK Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
(Bosch Rexroth AG) C:\Program Files (x86)\Rexroth\IndraWorks\IndraLogic\ENI Server\ENI.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Flexera Software, Inc.) C:\SEFlex\Program\lmgrd.exe
(Flexera Software, Inc.) C:\SEFlex\Program\lmgrd.exe
(Bosch Rexroth AG) C:\Program Files (x86)\Rexroth\IndraWorks\GatewayPLC\ServiceControl.exe
(Bosch Rexroth AG) C:\Program Files (x86)\Rexroth\IndraWorks\GatewayPLC\GatewayService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\AlmPanelPlugin\ALMPanelPlugin.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SIEMENS AG) C:\Program Files (x86)\Siemens\Step7\S7BIN\s7hspsvx.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Siemens AG) C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7epasrv64x.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\pniomgr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieCtrl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Lenovo) C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Bosch Rexroth AG) C:\Program Files (x86)\Rexroth\IndraWorks\GatewayPLC\IndraLogicGatewaySysTray.exe
(Bosch Rexroth AG) C:\Windows\SysWOW64\Gateway.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(SIEMENS AG) C:\Program Files (x86)\Common Files\Siemens\S7UBTOOX\S7ubTstx.exe
(SIEMENS AG) C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Bosch Rexroth AG) C:\Program Files (x86)\Rexroth\IndraWorks\IndraLogic\ENI Server\ENISysTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(iAnywhere Solutions, Inc.) C:\Program Files (x86)\Common Files\Siemens\SQLANY\dbsrv9.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvbubble64x.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Bosch Rexroth AG) C:\Program Files (x86)\Rexroth\IndraWorks\IndraWorks.Service.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(SIEMENS AG) C:\Windows\SysWOW64\pniopcac.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2789160 2011-05-19] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-03-14] (Conexant systems, Inc.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [40808 2011-05-31] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281960 2011-05-25] (Lenovo Group Limited)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112152 2011-01-17] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [S7UB Start] => C:\Program Files (x86)\Common Files\Siemens\S7ubtoox\s7ubtstx.exe [102453 2010-06-03] (SIEMENS AG)
HKLM-x32\...\Run: [WinCC flexible Smart Start] => C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe [118784 2011-12-14] (SIEMENS AG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ENISysTray] => C:\Program Files (x86)\Rexroth\IndraWorks\IndraLogic\ENI Server\ENISysTray.exe [40960 2013-06-25] (Bosch Rexroth AG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
HKU\S-1-5-21-2831858354-3733170835-1677986244-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [694032 2012-06-17] (SANDBOXIE L.T.D)
HKU\S-1-5-21-2831858354-3733170835-1677986244-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKU\S-1-5-21-2831858354-3733170835-1677986244-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-02-28] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-02-28] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-05-18]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Gateway Control.lnk [2015-04-24]
ShortcutTarget: Gateway Control.lnk -> C:\Program Files (x86)\Rexroth\IndraWorks\GatewayPLC\IndraLogicGatewaySysTray.exe (Bosch Rexroth AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Gateway Server.lnk [2015-04-24]
ShortcutTarget: Gateway Server.lnk -> C:\Windows\SysWOW64\Gateway.exe (Bosch Rexroth AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2012-08-27]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
GroupPolicyScripts: Gruppenrichtline erkannt <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKU\S-1-5-21-2831858354-3733170835-1677986244-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-2831858354-3733170835-1677986244-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-2831858354-3733170835-1677986244-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-2831858354-3733170835-1677986244-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2831858354-3733170835-1677986244-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE485
SearchScopes: HKU\S-1-5-21-2831858354-3733170835-1677986244-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE485
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08] (pdfforge GmbH)
Toolbar: HKU\S-1-5-21-2831858354-3733170835-1677986244-1001 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
DPF: HKLM-x32 {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} hxxps://juniper.net/dana-cached/setup/JuniperSetupSP1.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4BC0D719-E6BE-4B69-BC92-65F7BF5D72CB}: [NameServer] 194.25.2.129
Tcpip\..\Interfaces\{D7169D49-9723-4CD6-AB15-1F0A74B64CFC}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\halifax\AppData\Roaming\Mozilla\Firefox\Profiles\1v40iiq1.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-24] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-24] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-10] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npatgpc.dll [2015-04-28] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\halifax\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-04-28] (Cisco WebEx LLC)
FF Extension: Avira Browser Safety - C:\Users\halifax\AppData\Roaming\Mozilla\Firefox\Profiles\1v40iiq1.default\Extensions\abs@avira.com [2015-08-17]
FF Extension: Firebug - C:\Users\halifax\AppData\Roaming\Mozilla\Firefox\Profiles\1v40iiq1.default\Extensions\firebug@software.joehewitt.com.xpi [2013-10-07]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-04-25]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AceServer; C:\Program Files (x86)\Adept Technology\Adept ACE\bin\AceService.exe [18432 2012-10-09] (Adept Technology, Inc.) [Datei ist nicht signiert]
R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [1543816 2011-12-11] (SIEMENS AG) [Datei ist nicht signiert]
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-18] (Avira Operations GmbH & Co. KG)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [478056 2012-02-27] (Lenovo.)
R2 ENI Server; C:\Program Files (x86)\Rexroth\IndraWorks\IndraLogic\ENI Server\ENI.exe [651264 2013-06-25] (Bosch Rexroth AG) [Datei ist nicht signiert]
R2 FLEXlm License Manager; C:\SEFlex\Program\lmgrd.exe [1379664 2011-08-24] (Flexera Software, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 IndraLogic Service Control; C:\Program Files (x86)\Rexroth\IndraWorks\GatewayPLC\ServiceControl.exe [303104 2012-08-02] (Bosch Rexroth AG) [Datei ist nicht signiert]
R2 IndraLogic V13 Gateway; C:\Program Files (x86)\Rexroth\IndraWorks\GatewayPLC\GatewayService.exe [671744 2014-06-04] (Bosch Rexroth AG) [Datei ist nicht signiert]
R2 IndraWorksService; C:\Program Files (x86)\Rexroth\IndraWorks\IndraWorks.Service.exe [94208 2014-12-16] (Bosch Rexroth AG) [Datei ist nicht signiert]
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 MSSQL$WINCCFLEXEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-02-08] (Hewlett-Packard) [Datei ist nicht signiert]
S3 OpcEnum; C:\Windows\SysWOW64\opcenum.exe [225280 2014-12-16] (Bosch Rexroth AG) [Datei ist nicht signiert]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-02-08] (Hewlett-Packard) [Datei ist nicht signiert]
R2 s7hspsvx; C:\Program Files (x86)\Siemens\Step7\s7bin\s7hspsvx.exe [61493 2011-10-31] (SIEMENS AG) [Datei ist nicht signiert]
R2 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [139864 2011-11-03] (SIEMENS AG)
R2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe [229976 2011-11-03] (SIEMENS AG)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [98576 2012-06-17] (SANDBOXIE L.T.D)
U2 smartserver; C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe [558416 2011-12-06] (Siemens AG)
S2 Solid Edge; C:\SEFlex\Program\lmgrd.exe [1379664 2011-08-24] (Flexera Software, Inc.)
R2 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28672 2011-07-25] (Lenovo Group Limited) [Datei ist nicht signiert]
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-06-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-04-09] (Avira Operations GmbH & Co. KG)
S3 cgnxcdc_x64; C:\Windows\System32\DRIVERS\cgnxcdc_x64.sys [74456 2015-04-24] (Cognex Corporation)
R3 dpmconv; C:\Windows\System32\DRIVERS\dpmconv.sys [259072 2011-04-19] (SIEMENS AG)
S3 dpmcslv; C:\Windows\System32\Drivers\dpmcslv.sys [68280 2005-07-04] (Siemens AG)
R3 fwkbdrtm; C:\Windows\system32\drivers\fwkbdrtm.sys [24152 2011-12-06] (Windows (R) Win 7 DDK provider)
S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [130944 2014-10-28] (Gemalto)
R3 hhdspmc64; C:\Windows\System32\DRIVERS\hhdspmc64.sys [39472 2010-10-13] (HHD Software Ltd.)
R3 KbdBlock2; C:\Windows\System32\Drivers\KbdBlock2.sys [14416 2013-02-01] (ILLC)
R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Lenovo)
S3 mxuwdrv2; C:\Windows\System32\DRIVERS\mxuwdrv2.sys [83480 2009-04-27] (Moxa Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-02-28] (NVIDIA Corporation)
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
S3 pln1394bus; C:\Windows\System32\DRIVERS\pln1394bus_x64.sys [197720 2011-02-09] (Basler AG)
R2 PYNWAGNT; C:\Windows\System32\Drivers\pynwagnt.sys [56408 2010-07-08] (Basler AG)
R3 PyNwFlt; C:\Windows\System32\DRIVERS\pynwflt.sys [59480 2010-07-08] (Basler AG)
R3 s7odpx2x64; C:\Windows\System32\DRIVERS\s7odpx2x64.sys [71168 2011-10-20] (SIEMENS AG)
R3 s7oppinx64; C:\Windows\System32\DRIVERS\s7oppinx64.sys [107520 2011-10-20] (SIEMENS AG)
R3 s7oserix64; C:\Windows\System32\Drivers\s7oserix64.sys [121344 2011-05-06] (SIEMENS AG)
R3 s7osmcax64; C:\Windows\System32\DRIVERS\s7osmcax64.sys [195584 2011-09-29] (SIEMENS AG)
R3 s7osobux64; C:\Windows\System32\DRIVERS\s7osobux64.sys [152576 2011-05-06] (SIEMENS AG)
R3 s7otmcd64x; C:\Windows\System32\Drivers\s7otmcd64x.sys [199680 2011-05-06] (SIEMENS AG)
R3 s7otranx64; C:\Windows\System32\DRIVERS\s7otranx64.sys [260096 2011-05-06] (SIEMENS AG)
R3 s7otsadx64; C:\Windows\System32\DRIVERS\s7otsadx64.sys [192000 2011-09-29] (SIEMENS AG)
R2 s7ousbu64x; C:\Windows\System32\DRIVERS\s7ousbu64x.sys [193024 2011-09-29] (SIEMENS AG)
R2 s7sn2srtx; C:\Windows\System32\DRIVERS\s7sn2srtx.sys [83032 2011-06-16] (SIEMENS AG)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [166576 2012-06-17] (SANDBOXIE L.T.D)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13840 2009-03-13] (UPEK Inc.)
R2 SNTIE; C:\Windows\System32\DRIVERS\sntie.sys [179288 2011-10-11] (SIEMENS AG)
S3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [63528 2011-09-22] (SafeNet, Inc.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
R3 vsnl2ada; C:\Windows\System32\DRIVERS\vsnl2ada.sys [120832 2011-04-19] (SIEMENS AG)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-25 13:32 - 2015-08-25 13:43 - 00000000 ____D C:\FRST
2015-08-14 18:29 - 2015-08-14 18:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-14 08:00 - 2015-08-14 08:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Juniper Networks
2015-08-14 07:18 - 2015-08-14 07:18 - 00000000 ____D C:\Program Files (x86)\Gemalto
2015-08-14 07:09 - 2015-08-14 07:09 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-08-14 07:02 - 2015-08-14 08:00 - 00001352 _____ C:\Users\Public\Desktop\Network Connect.lnk
2015-08-14 07:00 - 2015-08-14 07:02 - 00000000 ____D C:\Users\halifax\AppData\Roaming\Juniper Networks
2015-08-14 07:00 - 2015-08-14 07:00 - 00000000 ____D C:\Users\Public\Juniper Networks
2015-08-14 07:00 - 2014-06-25 14:48 - 00594032 _____ (Juniper Networks, Inc.) C:\Windows\system32\dsNcSmartCardProv.dll
2015-08-14 07:00 - 2014-06-25 14:48 - 00423536 _____ (Juniper Networks, Inc.) C:\Windows\system32\dsNcCredProv.dll
2015-08-14 06:59 - 2015-08-14 07:02 - 00000000 ____D C:\Program Files (x86)\Juniper Networks
2015-08-14 06:59 - 2015-08-14 06:59 - 00000000 ____D C:\Users\halifax\AppData\Local\Juniper Networks
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-25 13:29 - 2012-07-09 14:36 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-25 13:29 - 2012-05-18 19:55 - 01988641 _____ C:\Windows\WindowsUpdate.log
2015-08-25 10:43 - 2009-07-14 06:45 - 00031072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-25 10:43 - 2009-07-14 06:45 - 00031072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-25 10:34 - 2012-05-18 20:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-25 10:34 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-25 10:34 - 2009-07-14 06:51 - 00110300 _____ C:\Windows\setupact.log
2015-08-17 13:55 - 2012-06-04 11:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-17 13:55 - 2010-11-21 05:47 - 02026002 _____ C:\Windows\PFRO.log
2015-08-14 19:10 - 2015-06-18 12:54 - 00984902 _____ C:\Windows\SysWOW64\avgnt.log
2015-08-14 19:03 - 2015-06-18 12:54 - 00021602 _____ C:\Windows\SysWOW64\Avira.ServiceHost.log
2015-08-14 18:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-14 10:58 - 2012-08-27 17:43 - 00000000 ____D C:\ProgramData\TEMP
2015-08-14 07:48 - 2015-06-18 12:54 - 02097002 _____ C:\Windows\SysWOW64\avgnt0011.log
2015-08-14 07:43 - 2015-06-18 11:29 - 00001131 _____ C:\Users\Public\Desktop\Avira.lnk
2015-08-14 07:43 - 2015-01-13 11:38 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-14 07:43 - 2013-09-21 17:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-08-14 07:15 - 2012-05-25 22:09 - 00002142 _____ C:\Windows\Sandboxie.ini
2015-08-14 07:10 - 2013-04-25 22:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-08-07 13:29 - 2012-05-19 05:35 - 00756844 _____ C:\Windows\system32\perfh007.dat
2015-08-07 13:29 - 2012-05-19 05:35 - 00172542 _____ C:\Windows\system32\perfc007.dat
2015-08-07 13:29 - 2009-07-14 07:13 - 01781582 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-28 14:30 - 2015-06-18 12:54 - 02097002 _____ C:\Windows\SysWOW64\avgnt0010.log
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-24 09:07 - 2015-07-17 08:52 - 0001865 _____ () C:\Users\halifax\AppData\Roaming\APStartupCulture
2015-04-24 09:07 - 2015-07-17 08:52 - 0001865 _____ () C:\ProgramData\APStartupCulture
2012-07-08 19:41 - 2012-07-08 19:41 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2012-11-08 10:58 - 2012-11-08 10:59 - 0000304 _____ () C:\ProgramData\Rexroth.IWDsInstall.log
Einige Dateien in TEMP:
====================
C:\Users\halifax\AppData\Local\Temp\avgnt.exe
C:\Users\halifax\AppData\Local\Temp\dsNCInst64.exe
C:\Users\halifax\AppData\Local\Temp\exie.exe
C:\Users\halifax\AppData\Local\Temp\expb.exe
C:\Users\halifax\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\halifax\AppData\Local\Temp\IW_InstUtil.exe
C:\Users\halifax\AppData\Local\Temp\PsKill.exe
C:\Users\halifax\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\halifax\AppData\Local\Temp\simaticn.exe
C:\Users\halifax\AppData\Local\Temp\_is8F54.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-14 11:28
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-08-2015
durchgeführt von halifax (2015-08-25 13:44:56)
Gestartet von C:\TEMP
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2831858354-3733170835-1677986244-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2831858354-3733170835-1677986244-1003 - Limited - Enabled)
Gast (S-1-5-21-2831858354-3733170835-1677986244-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2831858354-3733170835-1677986244-1009 - Limited - Enabled)
halifax (S-1-5-21-2831858354-3733170835-1677986244-1001 - Administrator - Enabled) => C:\Users\halifax
UpdatusUser (S-1-5-21-2831858354-3733170835-1677986244-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden
ACCONfigurator (HKLM-x32\...\ACCONfigurator) (Version: 3.83.0.013 - DELTALOGIC Automatisierungstechnik GmbH)
ACCON-S7-NET (HKLM-x32\...\ACCON-S7-NET) (Version: 3.0.2.3 - DELTALOGIC Automatisierungstechnik GmbH)
Adept ACE (HKLM-x32\...\{FD967DD1-359A-4AD4-A207-087C02A1A5C7}) (Version: 3.3.2.18 - Adept Technology)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.60.03 - )
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS WL-330N3G Wireless Router Utilities (HKLM-x32\...\{914B74BD-2E42-46DB-BD43-8CE09BF5B245}) (Version: 4.2.5.8 - ASUS)
Avira (HKLM-x32\...\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}) (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.579 - Avira Operations GmbH & Co. KG)
Balluff IO-Link Device Tool (HKLM-x32\...\{72BDF610-B2A6-4A7D-B3C4-DE9B61770F9D}) (Version: 2.1.10 - Balluff GmbH)
Baselib Runtime (x32 Version: 3.0.1 - Pleora Technologies Inc.) Hidden
Baselib Runtime 64 (Version: 3.0.1 - Pleora Technologies Inc.) Hidden
Basler pylon SDK x64 2.3.5.2633 (HKLM\...\{D7F97581-F17B-48AD-B4BB-634AF0F78D39}) (Version: 2.3.2633 - Basler Vision Technologies)
BCL Configuration Tool 04.04.02 (HKLM-x32\...\{01EE69EB-F826-4C07-A867-5B0B73085904}_is1) (Version: - Leuze electronic GmbH & Co. KG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
C3MGR2_R09-30 (HKLM-x32\...\{E23B4114-015B-497C-B727-0CE5A6574CFE}) (Version: 1.00.0000 - Parker Hannifin)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.1.3243 - CDBurnerXP)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Checker Vision Sensors 3.4 (HKLM\...\{A5ECA4A3-CC43-4D7D-8E9A-3E7DF19F8DEB}) (Version: 3.4.7.0 - Cognex Corporation)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
CoDeSys for Automation Alliance (HKLM-x32\...\{07976ABB-1EBD-4A65-A7C7-155A0DC17173}) (Version: - 3S-Smart Software Solutions GmbH)
Cognex DataMan Software (x32 Version: 1.00.0001 - COGNEX Inc.) Hidden
Cognex DataMan Software v5.5.0 (HKLM-x32\...\{809DA373-D98E-4238-9326-244471BAABAA}) (Version: 5.5.0 - Cognex)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.2 - Conexant)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.890 - Corel Inc.)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dienstprogramm "ThinkPad UltraNav" (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
eBUS Drivers (64 bits) (Version: 3.0.1 - Pleora Technologies Inc.) Hidden
eBUS Drivers (x32 Version: 3.0.1 - Pleora Technologies Inc.) Hidden
eBUS GEV Protocol Driver Object (64 bits) (Version: 3.0.1 - Pleora Technologies Inc.) Hidden
eBUS GEV Protocol Driver Object (x32 Version: 3.0.1 - Pleora Technologies Inc.) Hidden
eBUS Runtime (64 bits) (Version: 3.0.1 - Pleora Technologies Inc.) Hidden
eBUS Runtime (x32 Version: 3.0.1 - Pleora Technologies Inc.) Hidden
eBUS Universal Pro (64 bits) (Version: 3.0.1 - Pleora Technologies Inc.) Hidden
eBUS Universal Pro (x32 Version: 3.0.1 - Pleora Technologies Inc.) Hidden
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
GemPcCCID (HKLM\...\{B6FF55F4-1C4B-4A91-B479-4E32EE1CFB46}) (Version: 2.0.5 - Gemalto)
HexSight 4.2 (HKLM-x32\...\HexSight 4.2) (Version: - )
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
IndraLogic (HKLM-x32\...\{F50F362A-AF43-4187-A34A-984E5F2FCA26}) (Version: 1.80.239.40 #2 - Bosch Rexroth AG)
IndraWorks 13.14.579.0 (HKLM-x32\...\{65BCFBA2-01CC-4B80-A7CF-4A5D59EC72CE}) (Version: 13.14.579.0 - Bosch Rexroth AG)
IndraWorks Ds (HKLM-x32\...\IndraWorks Ds) (Version: 12V06 - Bosch Rexroth AG)
IndraWorksManager (HKLM\...\{74bfa03b-803e-4a6e-9d19-10f59dd11112}.sdb) (Version: - )
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2321 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
Juniper Installer Service (x32 Version: 8.0.31739 - Juniper Networks) Hidden
Juniper Installer Service 8.0 (HKLM-x32\...\Juniper Installer Service 8.0) (Version: 8.0.31739 - Juniper Networks, Inc.)
Juniper Networks Network Connect 8.0 (HKLM-x32\...\Juniper Network Connect 8.0) (Version: 8.0.5.31739 - Juniper Networks)
Juniper Networks Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Patch Utility (HKLM-x32\...\{24E92E7A-6848-4747-A3EA-3AAC0576BE52}) (Version: 1.0.1.1 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{39A04221-294E-4D90-A0F2-CCB1EF15CB56}) (Version: 1.2.0.1 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.66.00.22 - )
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo SimpleTap (HKLM\...\{EFC9FE7C-ECE8-4282-8F77-FEDCAD374C77}) (Version: 3.0.0010.00 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{828CE72E-718B-4FDC-A469-8DE674CE8C4D}) (Version: 1.0.006.00 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Ihr Firmenname)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 3.00.006.0 - Lenovo)
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
LOGO!Soft Comfort V8.0 (HKLM\...\LOGO!Soft Comfort V8.0 ) (Version: 8.0.0.0 - Siemens AG)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{7F8205DE-DDFA-4156-ADA2-766E9CB4FABC}) (Version: 3.0.0011.00 - Lenovo Group Limited)
MetroSet2_3.2.42 (HKLM-x32\...\{2D6B9594-2795-40DD-8A74-F6CF75C8EDA1}) (Version: 3.2.0042 - Honeywell International Inc)
Microsoft .NET Compact Framework 2.0 SP2 (HKLM-x32\...\{B1060346-9388-4C5B-AA52-176C39819E43}) (Version: 2.0.7045 - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MotionStudio (HKLM-x32\...\{0934A6DC-CFEF-45B3-89D7-D5F69008C4D2}) (Version: 5.8.0 - SEW-EURODRIVE GmbH & Co KG)
MOVITOOLS® 4.90 (HKLM-x32\...\{6A2D840F-065F-40F7-8F92-9EE1188EDD9B}) (Version: 4.9.0 - SEW-EURODRIVE GmbH & Co KG)
MOVITOOLS-MotionStudio (HKLM-x32\...\SEW MotionStudio Uninstall) (Version: - SEW-EURODRIVE GmbH & Co KG)
MOXA UPort 1110/1130/1150 Windows Driver Ver1.6 (HKLM\...\MOXA UPort 1110/1130/1150 Windows Driver_is1) (Version: 1.6 - Moxa Inc.)
Mozilla Firefox 40.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 de)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)
Mozilla Thunderbird 24.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.0 (x86 de)) (Version: 24.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 311.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.00 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.00 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.23.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.23.3 - NVIDIA Corporation)
OPC Core Components Redistributable (x86) 101.0 (HKLM-x32\...\{FE1BD42E-EF10-4277-9DCE-1B144D1A8937}) (Version: 3.00.10100 - OPC Foundation)
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
PCAN OEM 64-Bit (HKLM\...\{5F790368-CC5C-4571-B3D3-BEA8EB068401}) (Version: 2.1.18 - PEAK-System Technik GmbH)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
PKZIP Server for Windows 12.40.0008 (HKLM-x32\...\{134A51EB-1BBB-4249-BAF5-494C3D186A06}) (Version: 12.40.0008 - PKWARE, Inc)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.1.0 - Prolific Technology INC)
PLCEditor (HKLM-x32\...\{EFE16766-5940-4038-9C02-4094B6E8608E}) (Version: 2.3.0935 - SEW Eurodrive GmbH & Co. KG)
PLCEditorGatewayServer (HKLM-x32\...\{CDAB0996-9AEB-4B64-8492-D4C40ABB3B7C}) (Version: 2.3.0925 - SEW Eurodrive GmbH & Co. KG)
PLCEditorOPCServer (HKLM-x32\...\{4F24ABD3-5163-4DB3-90B9-841F040650C6}) (Version: 2.3.1308 - SEW Eurodrive GmbH & Co. KG)
Pleora GenICam Package (64 bits) (Version: 3.0.1 - Pleora Technologies Inc.) Hidden
Pleora GenICam Package (x32 Version: 3.0.1 - Pleora Technologies Inc.) Hidden
Pleora Protocol Functional Device Object for eBUS (64 bits) (Version: 3.0.1 - Pleora Technologies Inc.) Hidden
Pleora Protocol Functional Device Object for eBUS (x32 Version: 3.0.1 - Pleora Technologies Inc.) Hidden
PureGEV GEV Protocol eBUS Streaming Runtime (64 bits) (Version: 2.0.1 - Pleora Technologies Inc.) Hidden
PureGEV GEV Protocol eBUS Streaming Runtime (x32 Version: 2.0.1 - Pleora Technologies Inc.) Hidden
PureGEV Runtime (64 bit GenICam dependent layers) (Version: 2.0.1 - Pleora Technologies Inc.) Hidden
PureGEV Runtime (GenICam dependent layers) (x32 Version: 2.0.1 - Pleora Technologies Inc.) Hidden
RapidBoot (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.11 - Lenovo)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
Sandboxie 3.72 (64-bit) (HKLM\...\Sandboxie) (Version: 3.72 - SANDBOXIE L.T.D)
Sentinel Protection Installer 7.6.5 (HKLM-x32\...\{DE09967A-E9E2-4562-A58D-989CA70FA65E}) (Version: 7.6.5 - SafeNet, Inc.)
SerialMon (HKLM-x32\...\SerialMon) (Version: 1.5 - Joakim Ögren)
SEW-Communication-Server (HKLM-x32\...\{310358D8-48D1-4B35-A984-7DE3E88B6469}) (Version: 1.0.0 - SEW Eurodrive GmbH)
Siemens Automation License Manager (Version: 05.01.0103 - Siemens AG) Hidden
Siemens Automation License Manager V5.1 + SP1 + Upd3 (HKLM\...\{4EA2F07F-BD6B-4765-B7C1-53674EED70F6}LicenseManager) (Version: 05.01.0103 - Siemens AG)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - Silicon Laboratories)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{36D71176-4A63-4D4A-A5E0-425474C0B873}) (Version: 6.2.00 - Silicon Laboratories, Inc.)
SIMATIC STEP 7 (x32 Version: 05.05.0200 - Siemens AG) Hidden
SIMATIC STEP 7 V5.5 + SP2 Professional 2010 SR2 (HKLM-x32\...\{7B427E8E-F76D-4C8C-B155-7F24DF46DB67}STEP7) (Version: 05.05.0200 - Siemens AG)
SIMATIC Device Drivers (Version: 01.00.0200 - Siemens AG) Hidden
SIMATIC Device Drivers WoW (x32 Version: 20.00.0200 - Siemens AG) Hidden
SIMATIC HMI License Manager Panel Plugin (x64) (Version: 11.00.0100 - Siemens AG) Hidden
SIMATIC HMI Symbol Library (x32 Version: 11.00.0200 - Siemens AG) Hidden
SIMATIC LanguageSupportTool (x32 Version: 05.08.0200 - Siemens AG) Hidden
SIMATIC NCM FWL 64 (Version: 05.05.0100 - Siemens AG) Hidden
SIMATIC PLCSIM 64 (Version: 01.00.0001 - Siemens AG) Hidden
SIMATIC Prosave (x32 Version: 09.00.0300 - Siemens AG) Hidden
SIMATIC Prosave V9.0 incl. SP3 (HKLM-x32\...\{AE533A06-4655-41E8-88BB-48293AAF1FA0}Prosave) (Version: 09.00.0300 - Siemens AG)
SIMATIC S7 CP PtP Param (x32 Version: 5.1.1300 - Siemens AG) Hidden
SIMATIC S7 CP PtP Param V5.1 + SP13 (HKLM-x32\...\{62B332B3-65AB-419D-ACFA-4A5361CFB116}CPPTP) (Version: 5.1.1300 - Siemens AG)
SIMATIC S7-GRAPH (x32 Version: 05.03.0700 - Siemens AG) Hidden
SIMATIC S7-GRAPH V5.3 + SP7 Professional 2010 SR2 (HKLM-x32\...\{4FF24C45-A4EE-4A99-B287-E3468EC41CBD}S7GRAPH) (Version: 05.03.0700 - Siemens AG)
SIMATIC S7-PCT (x32 Version: 02.03.0000 - Siemens AG) Hidden
SIMATIC S7-PCT V2.3 Professional 2010 SR2 (HKLM-x32\...\{06AF0F82-E926-48A6-8C5F-ECB195DB2CB4}S7PCT) (Version: 02.03.0000 - Siemens AG)
SIMATIC S7-PDIAG (x32 Version: 05.03.0600 - Siemens AG) Hidden
SIMATIC S7-PDIAG V5.3 + SP6 (HKLM-x32\...\{68851FEA-BB6B-4700-B822-F42D61919EFD}S7-PDIAG) (Version: 05.03.0600 - Siemens AG)
SIMATIC S7-PLCSIM (x32 Version: 5.4.0502 - Siemens AG) Hidden
SIMATIC S7-PLCSIM V5.4 + SP5 + Upd2 Professional 2010 SR2 (HKLM-x32\...\{1CBF27F6-24A4-488D-940A-678F1C691C49}PLCSim) (Version: 5.4.0502 - Siemens AG)
SIMATIC S7-SCL (x32 Version: 5.3.6.0 - Siemens AG) Hidden
SIMATIC S7-SCL V5.3 + SP6 Professional 2010 SR2 (HKLM-x32\...\{5B1B0682-EEC6-4EDD-BAB0-3FEC2E55090D}SCL) (Version: 5.3.6.0 - Siemens AG)
SIMATIC Version View (x32 Version: 01.07.0700 - Siemens AG) Hidden
SIMATIC WinCC flexible 2008 SP3 (HKLM-x32\...\InstallShield_{4859C171-B826-4B74-ABCE-501B4C725EA2}) (Version: 01.04.0000 - Siemens AG)
SIMATIC WinCC flexible OCX (x32 Version: 01.04.0000 - Siemens AG) Hidden
SIMATIC WinCC flexible Runtime (x32 Version: 01.04.0000 - Siemens AG) Hidden
SIMATIC WinCC flexible Runtime 2008 SP3 (HKLM-x32\...\{BA076DAD-B2E9-4DE6-8DC3-A12C0E569EAC}HmiRTm) (Version: 01.04.0000 - Siemens AG)
SIMATIC WinCC flexible Runtime Driver (x64) (Version: 01.04.0000 - Siemens AG) Hidden
SIMATIC WinCC flexible Simulator (x32 Version: 01.08.0300 - Siemens AG) Hidden
SIMATIC WinCC flexible Tag Simulator (x32 Version: 01.04.0000 - Siemens AG) Hidden
SmartVision EX Utility Client (HKLM-x32\...\{7F6BC921-9098-4E55-9C20-C03CEBAF1837}) (Version: 1.0.12 - Adept Technology)
Solid Edge License Manager (HKLM-x32\...\{1AC414BD-ADD0-4694-AE59-76D4606A74FA}) (Version: 104.00.00082 - Siemens)
Solid Edge ST4 (HKLM\...\{DE02B016-E096-437F-8D96-853BB36011D5}) (Version: 104.00.0405 - Siemens)
Standard-HMI (HKLM-x32\...\{6161DE40-F09C-11D5-8B61-0040952A05E4}) (Version: - )
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.01.0015 - Lenovo)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.1500 - Broadcom Corporation)
ThinkPad Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.67 - )
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.8.0 - )
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.03 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.07 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{502EE63C-9A62-4330-8F8B-1EAB51B7BB46}) (Version: 5.9.4.6882 - UPEK Inc.)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.73 - Lenovo)
WinCC flexible (x32 Version: 01.04.0000 - Siemens AG) Hidden
WinCC flexible Graphics (x32 Version: 1.04.0000 - Siemens AG) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - FTDI CDM Driver Package (07/12/2010 2.08.02) (HKLM\...\498B9978CE49397903524B0761200F43EC650044) (Version: 07/12/2010 2.08.02 - FTDI)
Windows-Treiberpaket - FTDI CDM Driver Package (07/12/2010 2.08.02) (HKLM\...\67170FB0228B69BCCBEF8CE14A76953A5505D8EA) (Version: 07/12/2010 2.08.02 - FTDI)
Windows-Treiberpaket - Intel (e1cexpress) Net (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows-Treiberpaket - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System (09/10/2010 9.2.0.1011) (HKLM\...\8058FF31D7C7F4818DC176DAF53CD379968C86E4) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System (11/20/2010 9.2.0.1016) (HKLM\...\43B5066463CEBC83E99586A67037B6F9FC4193FE) (Version: 11/20/2010 9.2.0.1016 - Intel)
Windows-Treiberpaket - Intel USB (12/21/2010 9.2.0.1021) (HKLM\...\0DD5528A211904214F70A66DE6ADBD378B21566D) (Version: 12/21/2010 9.2.0.1021 - Intel)
Windows-Treiberpaket - Lenovo (LenovoRd) SmartCardReader (05/11/2009 4.1.0.1) (HKLM\...\9B84710FFAE6C50914FCE568B59E426F1386E7F6) (Version: 05/11/2009 4.1.0.1 - Lenovo)
Windows-Treiberpaket - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (HKLM\...\466E9B20D871055D6D3CDA2CDD1D355E978A61AF) (Version: 11/11/2010 1.61.00.11 - Lenovo)
Windows-Treiberpaket - libusb-win32 (libusb0) libusb-win32 devices (10/02/2010 1.2.2.0) (HKLM\...\D799FADEEBD9F7950736A4761F35786956C03D1B) (Version: 10/02/2010 1.2.2.0 - libusb-win32)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (05/19/2011 15.3.8.0) (HKLM\...\DDD8A532E361E9A878EBEF69C338B306810DF059) (Version: 05/19/2011 15.3.8.0 - Synaptics)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
08-07-2015 10:39:19 Geplanter Prüfpunkt
17-07-2015 08:57:59 Gerätetreiber-Paketinstallation: Printing Communications Assoc. (PCAUSA) Netzwerkprotokoll
17-07-2015 09:18:39 Installiert ASUS WL-330N3G Wireless Router Utilities
28-07-2015 12:23:34 Geplanter Prüfpunkt
14-08-2015 07:01:17 Installed Juniper Installer Service
14-08-2015 07:17:41 Installed GemPcCCID
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {462CECFC-2B4A-402A-ABD4-79A1CFA1FD63} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4A73A5AA-8B5E-44B6-AB42-83BCEC209FA0} - System32\Tasks\{F7F5D493-CCBA-424B-9598-52781194B897} => pcalua.exe -a "D:\Vision Sensor Checker C4G\Software Checker\Checker_3_4_Release\setup.exe" -d "D:\Vision Sensor Checker C4G\Software Checker\Checker_3_4_Release"
Task: {4FC53E9F-5E35-4547-A25E-840283C0A174} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {54FF7A75-F37C-4252-91F9-EB13194E9317} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-24] (Adobe Systems Incorporated)
Task: {61C7B0DE-6B03-49C6-8D6E-295A4F972862} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for ThinkPad_W520.halifax => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2011-12-21] (Lenovo)
Task: {68A22C0E-63E2-4057-A39A-87307C2A61F9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2012-01-09] (Lenovo)
Task: {957B5C24-C10D-4D98-801C-0DA3B72D49FE} - System32\Tasks\{54064CF3-0307-41AC-8BF3-5E84091C8990} => pcalua.exe -a D:\Setup_PtP_V5113.exe -d D:\
Task: {A3855F2E-7D4C-49EF-A256-B71717D666B8} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2012-02-27] (Lenovo Group Limited)
Task: {CA19B814-5662-4B4F-B532-31E300CDB2AE} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2011-12-21] (Lenovo)
Task: {D9E6DACE-665F-4F09-8B69-9C8567158A7C} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2011-12-21] (Lenovo)
Task: {E663363B-D967-493A-ACAB-62CDB9A0C949} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for THINKPADW520.halifax => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2011-12-21] (Lenovo)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-12-06 04:12 - 2013-01-10 23:36 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-07-27 20:07 - 2011-07-27 20:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-03-10 00:43 - 2011-03-10 00:43 - 00774144 _____ () C:\Program Files\Common Files\Siemens\SWS\PlugIns\SCP\Scpwin64.dll
2011-06-14 18:24 - 2011-06-14 18:24 - 00824320 _____ () C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\sn_regbase.dll
2011-12-21 00:28 - 2012-01-11 16:25 - 00636216 _____ () C:\SWTOOLS\SimpleTap DeskBand\DeskBand64.dll
2012-05-18 20:08 - 2012-02-27 20:07 - 00055808 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2010-12-18 15:50 - 2010-12-18 15:50 - 00173856 _____ () C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll
2012-05-19 05:30 - 2011-05-19 14:04 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2012-05-18 20:01 - 2010-10-26 06:40 - 00049056 ____N () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2012-05-18 20:05 - 2011-03-06 13:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-27 08:49 - 2009-07-20 12:35 - 00018960 _____ () C:\Program Files\Logitech\SetPoint\khalwrapper.dll
2012-08-27 08:49 - 2009-07-20 04:00 - 00077824 _____ () C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
2011-12-06 22:11 - 2011-12-06 22:11 - 00061776 _____ () C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\zlib.dll
2012-05-18 20:09 - 2010-04-06 09:05 - 02085888 _____ () C:\Program Files\Lenovo\AutoLock\cv210.dll
2012-05-18 20:09 - 2010-04-06 09:04 - 02201088 _____ () C:\Program Files\Lenovo\AutoLock\cxcore210.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2012-05-19 05:30 - 2011-05-19 14:04 - 00066856 _____ () C:\Windows\SysWOW64\SynTPEnhPS.dll
2011-06-14 18:24 - 2011-06-14 18:24 - 00749568 _____ () C:\Windows\SysWOW64\sn_regbase.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:9A32E6D3
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2831858354-3733170835-1677986244-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{9DFA7748-24BC-4A9C-9E59-30B4F4D94EB3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{EF18C5D6-BB3A-41D9-9403-E5E376D65FA5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{4BDBC899-2013-4FE1-9195-4AA2864C7D40}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{395F6B66-E05E-423F-9911-7B8CA1945464}] => (Allow) LPort=2869
FirewallRules: [{C8373DCF-454C-4344-B78A-7A5F8583B4AF}] => (Allow) LPort=1900
FirewallRules: [{242FDCEB-4515-4563-BC69-ACC1798B16A3}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{01B9E93F-30F5-402B-A3B3-6CA9297DC53B}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{6F1FF28F-7342-4E0C-A4D1-9CC95AAA3B31}] => (Allow) C:\Users\halifax\AppData\Local\Temp\7zSBD36.tmp\SymNRT.exe
FirewallRules: [{7EB4A71F-F37F-49E7-962E-68164A86B03A}] => (Allow) C:\Users\halifax\AppData\Local\Temp\7zSBD36.tmp\SymNRT.exe
FirewallRules: [{BBF8B453-A2A7-416B-963C-BFB7DA247962}] => (Allow) C:\Users\halifax\AppData\Local\Temp\7zS5C11.tmp\SymNRT.exe
FirewallRules: [{76EC315B-9990-4CB2-A81F-5D9A04836179}] => (Allow) C:\Users\halifax\AppData\Local\Temp\7zS5C11.tmp\SymNRT.exe
FirewallRules: [{67FC1B1B-2A94-4788-A7C5-52EB75F670FC}] => (Allow) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
FirewallRules: [{17250FE2-F28F-4301-9944-9BF76739627B}] => (Allow) C:\Program Files (x86)\Common Files\Siemens\SQLANY\Dbsrv9.exe
FirewallRules: [{90AE6944-4B73-46C2-8259-428F8C429028}] => (Allow) C:\Program Files (x86)\Common Files\Siemens\SQLANY\Dbeng9.exe
FirewallRules: [{AC237726-54CC-4FDF-AD7F-30108CD4536E}] => (Allow) C:\Windows\system32\S7otbxsx.exe
FirewallRules: [{D9BC46F5-DF66-493A-96AB-07D8CDC5FFB2}] => (Allow) C:\Program Files (x86)\Siemens\Step7\S7INF\S7usiapx.exe
FirewallRules: [{991BB5B2-33B5-43FF-8B36-D9FB908860F2}] => (Allow) C:\Program Files (x86)\Siemens\Step7\S7BIN\S7tgtopx.exe
FirewallRules: [{CA492B0E-F8F3-494B-A72F-F56165FFD3DC}] => (Allow) C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe
FirewallRules: [{1E9842E1-147A-43CC-BD09-8E7F29FF2905}] => (Allow) C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe
FirewallRules: [{01634614-769E-4D64-9101-E70CD59F12AE}] => (Allow) C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\MiniWeb.exe
FirewallRules: [{18D4593B-5C0F-49BB-9783-472BC13B012A}] => (Allow) C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe
FirewallRules: [{33C13528-B5B2-4B65-BEA6-5A990F2EEC14}] => (Allow) C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\HmiLoad.exe
FirewallRules: [{E9BAA8E0-7675-4C2C-BEEC-B9655C0DBDAE}] => (Allow) C:\Program Files\di-soric\Checker Vision Sensors 3.4\Checker.exe
FirewallRules: [{6FC5FADD-3DD6-4A53-BF40-A563853A9782}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5EBEBC15-8B2C-4C5D-8B01-C4E11855BE65}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8FD248F0-33C5-4CF1-B3CE-B7388A38DEE8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7D93FE52-1805-4B36-9F9E-BD7FE47C3FB2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{32D0047A-EBA3-4A72-926F-B1C234D6812B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3BA7FF70-8ECD-4E4E-BD88-0BAE223B16F4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{14477482-B0A5-4BCE-9B7A-8885972B4265}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BC57EFB2-9519-4F5E-92ED-B35F0DE60990}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{10385D7E-C68E-44D4-89C7-DE2DDE0FA10F}] => (Allow) C:\Program Files (x86)\Common Files\Siemens\SQLANY\dbsrv9.exe
FirewallRules: [{7D5F695E-C502-49D2-B7BE-F921BA9B0AE4}] => (Allow) C:\Program Files (x86)\Common Files\Siemens\SQLANY\dbsrv9.exe
FirewallRules: [{A7210BC8-7504-4654-9789-FC9D710FC145}] => (Allow) C:\Program Files (x86)\Siemens\Step7\S7BIN\S7tgtopx.exe
FirewallRules: [{E28BA11E-CB74-4A53-96BA-72A8B40A6ACE}] => (Allow) C:\Program Files (x86)\Siemens\Step7\S7BIN\S7tgtopx.exe
FirewallRules: [{E721023F-01AB-440F-BA51-A4F8BF0F933A}] => (Allow) C:\Program Files (x86)\Siemens\Step7\S7INF\S7usiapx.exe
FirewallRules: [{6A6C75D5-FBE6-4B8E-874A-D424E18F535F}] => (Allow) C:\Program Files (x86)\Siemens\Step7\S7INF\S7usiapx.exe
FirewallRules: [{C76EE630-B0FC-44F6-9B20-8F69F3B1BFDF}] => (Allow) C:\Windows\SysWOW64\s7otbxsx.exe
FirewallRules: [{05D177E4-27D0-4E9C-8705-42A1EFB63A21}] => (Allow) C:\Windows\SysWOW64\s7otbxsx.exe
FirewallRules: [TCP Query User{A5A26E4C-277A-49A1-BEE6-373B1D7B9268}C:\program files\siemens\logocomfort_v8\jre\bin\javaw.exe] => (Allow) C:\program files\siemens\logocomfort_v8\jre\bin\javaw.exe
FirewallRules: [UDP Query User{8A43B8F2-09A4-4462-A0AF-A8A895021407}C:\program files\siemens\logocomfort_v8\jre\bin\javaw.exe] => (Allow) C:\program files\siemens\logocomfort_v8\jre\bin\javaw.exe
FirewallRules: [{66874D90-7787-453F-83CB-BA6F6F8F4493}] => (Block) C:\program files\siemens\logocomfort_v8\jre\bin\javaw.exe
FirewallRules: [{E244F12E-9BAE-42B3-B78C-F86E9E7D7C48}] => (Block) C:\program files\siemens\logocomfort_v8\jre\bin\javaw.exe
FirewallRules: [TCP Query User{70427FEE-3151-4530-89A6-8991E3693903}C:\program files\siemens\logocomfort_v8\jre\bin\java.exe] => (Allow) C:\program files\siemens\logocomfort_v8\jre\bin\java.exe
FirewallRules: [UDP Query User{17CE695D-B428-4AFA-BAAE-E25FBA5ADDF0}C:\program files\siemens\logocomfort_v8\jre\bin\java.exe] => (Allow) C:\program files\siemens\logocomfort_v8\jre\bin\java.exe
FirewallRules: [{FD3D73F0-2D0B-4998-9A8D-F9900B4428F9}] => (Block) C:\program files\siemens\logocomfort_v8\jre\bin\java.exe
FirewallRules: [{C74A55AE-0067-4D8E-B74A-0F872C4CC46A}] => (Block) C:\program files\siemens\logocomfort_v8\jre\bin\java.exe
FirewallRules: [{F20B6846-96E4-4971-944C-BED80AEDB7A6}] => (Allow) C:\Windows\SysWOW64\Gateway.exe
FirewallRules: [{FC9175AA-5D1E-4963-862A-E5AD6A333F21}] => (Allow) C:\Windows\SysWOW64\Gateway.exe
FirewallRules: [{A764C461-5D85-4401-8E92-F7FF5D680891}] => (Allow) C:\Windows\SysWOW64\Gateway.exe
FirewallRules: [{49E79BB0-B2B1-4111-8E06-90072409E470}] => (Allow) C:\Windows\SysWOW64\Gateway.exe
FirewallRules: [{43A34002-A132-49B4-A9D9-5782FB559447}] => (Allow) C:\Windows\SysWOW64\GatewayDDE.exe
FirewallRules: [{A7134CC0-5123-49B1-AE19-5C4FFFADEFD9}] => (Allow) C:\Windows\SysWOW64\GatewayDDE.exe
FirewallRules: [{D538F327-B798-4314-99DA-1FEDB93EA5FC}] => (Allow) C:\Windows\SysWOW64\GatewayDDE.exe
FirewallRules: [{64F0C6E9-BB3F-4A9C-BA15-63D3156960E8}] => (Allow) C:\Windows\SysWOW64\GatewayDDE.exe
FirewallRules: [TCP Query User{20306B15-5772-4E4F-9170-743AB487B2BD}C:\program files (x86)\cognex\dataman\dataman software v5.5.0\setuptool.exe] => (Allow) C:\program files (x86)\cognex\dataman\dataman software v5.5.0\setuptool.exe
FirewallRules: [UDP Query User{97DAD424-FAE7-4D28-8D92-9BE2C17BE114}C:\program files (x86)\cognex\dataman\dataman software v5.5.0\setuptool.exe] => (Allow) C:\program files (x86)\cognex\dataman\dataman software v5.5.0\setuptool.exe
FirewallRules: [{C7E27173-86A9-413F-9C17-8EBF6CA1D361}] => (Block) C:\program files (x86)\cognex\dataman\dataman software v5.5.0\setuptool.exe
FirewallRules: [{E05A42BA-1410-4B01-BC99-19892E0B3A62}] => (Block) C:\program files (x86)\cognex\dataman\dataman software v5.5.0\setuptool.exe
FirewallRules: [{F75A74E8-9BD8-4B90-87BE-6C478F0974CE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{09015D10-7BD5-4AD1-BE46-09544B587184}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{76EC456F-C806-44FB-B34A-B688487DE2EA}C:\program files (x86)\rexroth\indraworks ds\iwds.exe] => (Allow) C:\program files (x86)\rexroth\indraworks ds\iwds.exe
FirewallRules: [UDP Query User{951F56CA-1413-417B-983A-84635359279C}C:\program files (x86)\rexroth\indraworks ds\iwds.exe] => (Allow) C:\program files (x86)\rexroth\indraworks ds\iwds.exe
FirewallRules: [{166FAE5D-744B-4234-BE22-AE3B1A61ABE0}] => (Block) C:\program files (x86)\rexroth\indraworks ds\iwds.exe
FirewallRules: [{91C0FB7D-2531-40B0-8357-51C150085FCB}] => (Block) C:\program files (x86)\rexroth\indraworks ds\iwds.exe
FirewallRules: [{82011EE8-6BEB-4E61-813E-F00FEBF5351A}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DDP.ENGINEERINGDESKTOP.EXE
FirewallRules: [{FDBF3BD9-18BB-45E5-B12B-8A383430856F}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DDP.ENGINEERINGDESKTOP.EXE
FirewallRules: [{01BF67E5-42C5-40FD-9619-31A5D72C76E5}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DDP.OPERATIONDESKTOP.EXE
FirewallRules: [{74ED0FD9-38DF-42DE-84B3-1BCF88402CA5}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DDP.OPERATIONDESKTOP.EXE
FirewallRules: [{67D740E9-7DAC-455C-B2E8-11ACFEF044D8}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB03VRS.EXE
FirewallRules: [{6FEF3B17-5031-4C70-81CE-80B744BFB6C3}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB03VRS.EXE
FirewallRules: [{C55F2E00-232C-400A-B637-12002A9E6EC5}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD03VRS.EXE
FirewallRules: [{ADF6F61E-8728-432A-8DED-6B5695484D33}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD03VRS.EXE
FirewallRules: [{60D7DC71-D635-488C-B571-56F0BCBDB565}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH03VRS.EXE
FirewallRules: [{3A47ACFD-1413-42A0-AD1B-E5168612B265}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH03VRS.EXE
FirewallRules: [{2A976217-0A7D-4402-88A9-5D6C78EFF3F8}] => (Allow) C:\WINDOWS\SYSWOW64\GATEWAY.EXE
FirewallRules: [{AA42D969-A782-483C-B131-4644433C0356}] => (Allow) C:\WINDOWS\SYSWOW64\GATEWAY.EXE
FirewallRules: [{B0BF8466-3E3E-4A2A-A4EF-F21479BF0B6D}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\PDA.SERVER.EXE
FirewallRules: [{92922AD9-A4D2-4317-823F-E6AA679971E0}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\PDA.SERVER.EXE
FirewallRules: [{798611C9-89E7-493C-9587-B2680D135933}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB04VRS.EXE
FirewallRules: [{34ECA275-7987-4156-8C3E-2D6F137E8951}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB04VRS.EXE
FirewallRules: [{B0AE0702-EF29-4F60-B7DC-208F9F861CD5}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD04VRS.EXE
FirewallRules: [{FF36B6DA-CFDA-49FE-B8E7-0C41FEF55EC2}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD04VRS.EXE
FirewallRules: [{23533677-60F2-4A0B-A5AC-880BD3D09799}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH04VRS.EXE
FirewallRules: [{7802153D-B9D5-4E78-B85F-EF9D4FACC584}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH04VRS.EXE
FirewallRules: [{471D4B60-5DA0-42FD-A3B3-1F3561C0D131}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\SCPSERVER.EXE
FirewallRules: [{F1AE0861-26A6-42AB-B578-594FCCA62BAC}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\SCPSERVER.EXE
FirewallRules: [{F579FD9D-8831-4228-ACE8-EA7CA98F5A77}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB05VRS.EXE
FirewallRules: [{BFE42D9D-D9D0-4397-B3F6-B98CA7CBD649}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB05VRS.EXE
FirewallRules: [{11B02297-D998-4533-9217-71071714BFD0}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD05VRS.EXE
FirewallRules: [{EB4C7A65-A6D1-4CDC-82DC-C052096C0DF5}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD05VRS.EXE
FirewallRules: [{930C98D9-0C30-4134-B159-9397F08FEBC1}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH05VRS.EXE
FirewallRules: [{B8272C5A-6F82-48EA-A2AC-4B732E7A2010}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH05VRS.EXE
FirewallRules: [{0FDBFB4F-1B92-4422-8E47-33D18FE8C656}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\HNC\OFFLINE\DRIVESERVER_HDH05VRS.EXE
FirewallRules: [{47D3A18F-A2E0-4F9D-AE20-514A34B12BAB}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\HNC\OFFLINE\DRIVESERVER_HDH05VRS.EXE
FirewallRules: [{506DBA83-586D-42C0-A4DE-EB1FDA059180}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB06VRS.EXE
FirewallRules: [{E4CB4553-BB5E-4CC4-85BC-AE496B327E93}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB06VRS.EXE
FirewallRules: [{0A6BABCE-F7D4-4588-805C-488C55F82632}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPC06VRS.EXE
FirewallRules: [{5E584781-C031-45EF-9B4A-D4EEFBEEA34E}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPC06VRS.EXE
FirewallRules: [{CDE2A0F7-3F62-42D7-A658-F6949152EA32}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD06VRS.EXE
FirewallRules: [{36C4F617-0A91-43FF-801B-F91E22D72DBF}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD06VRS.EXE
FirewallRules: [{67752BBD-E358-4DFD-9425-2D5848DE6113}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH06VRS.EXE
FirewallRules: [{32A5F599-062F-475D-8217-B9E976E91CB9}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH06VRS.EXE
FirewallRules: [{00B4CFFC-2177-4A45-8417-AA516DBE16FD}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB07VRS.EXE
FirewallRules: [{B03E3869-5C67-4F8F-9BDC-0E3A5427B909}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB07VRS.EXE
FirewallRules: [{810F3864-4AEF-4D16-B285-9DB30B66CD01}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPC07VRS.EXE
FirewallRules: [{46650305-FD0D-414D-9453-C9218B24DD59}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPC07VRS.EXE
FirewallRules: [{57532F2B-5AA7-47BE-9E07-DF809E0730F6}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD07VRS.EXE
FirewallRules: [{3A75440B-4480-4A35-BFEB-A3EBA96EA843}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD07VRS.EXE
FirewallRules: [{77D92FD9-D90D-437E-B39E-BB15DB7D4105}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH07VRS.EXE
FirewallRules: [{5FBCF6D0-4575-4BCB-B861-6B62B4B9BA03}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH07VRS.EXE
FirewallRules: [{707399A4-7E8A-4BD4-BB60-7AFFC2BADBA8}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\WINSTUDIO\BIN\CESERVER.EXE
FirewallRules: [{7D4D5F86-9638-490D-8912-C28117C008DB}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\WINSTUDIO\BIN\CESERVER.EXE
FirewallRules: [{8F169E3D-EF42-40B6-B73D-8703A954145F}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB16VRS.EXE
FirewallRules: [{C44D1138-30AB-49AD-A392-E3F17F310931}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB16VRS.EXE
FirewallRules: [{F70C5193-BB3B-4714-A3C9-77D4B4396210}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DDP.HOSTEDOPERATIONDESKTOP.EXE
FirewallRules: [{764F6A87-9BB9-4259-BD8F-BE1630967990}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DDP.HOSTEDOPERATIONDESKTOP.EXE
FirewallRules: [{5EAFBD6D-86A4-481B-AFEB-0F8BE93BDB4D}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\IWDS.EXE
FirewallRules: [{D4DD9C31-B071-4AD4-8321-66379F63C400}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\IWDS.EXE
FirewallRules: [{104A1C1C-6A9B-418A-B7D0-3970452D54BF}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB17VRS.EXE
FirewallRules: [{F145CA25-5FE2-4CC0-9302-A01DBFDD4F0F}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB17VRS.EXE
FirewallRules: [{688F5FF1-13DC-4FEA-B113-035BF2900AE5}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB08VRS.EXE
FirewallRules: [{FD8633AA-7463-4FE6-B9E3-82648B2ADF9B}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB08VRS.EXE
FirewallRules: [{3E5E45CE-6348-41E5-BBBF-34ACB0B51779}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPC08VRS.EXE
FirewallRules: [{AF722B8B-D594-46FC-9E1B-AED3DD27BE2A}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPC08VRS.EXE
FirewallRules: [{EA75B90D-1C10-4714-89D2-A6AC10674337}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD08VRS.EXE
FirewallRules: [{DBD9DE21-A08A-4319-9911-5CA7E14BBA8E}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD08VRS.EXE
FirewallRules: [{04C58702-8543-498A-9343-0126050EB75E}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH08VRS.EXE
FirewallRules: [{938F98A1-01F2-4A4B-8E40-0026B08915E9}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH08VRS.EXE
FirewallRules: [{0C273D83-7470-484B-A08A-F446251B47EF}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\ILNG.IPMCLI.EXE
FirewallRules: [{D6A064B3-ACA2-47FD-99BA-3D31D842B8A8}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\ILNG.IPMCLI.EXE
FirewallRules: [{9180AC9A-919C-4D1F-8B5A-7F4019AE17A2}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\ILNG.REPTOOL.EXE
FirewallRules: [{77B0FCCB-6272-4A51-8E49-EAA19981DECC}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\ILNG.REPTOOL.EXE
FirewallRules: [{A42238BF-CB3B-4E3C-B206-29BD5C1EB600}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\GATEWAYPLC\GATEWAYSERVICE.EXE
FirewallRules: [{C9342228-F438-4C5B-87D5-3FDDCBA762CB}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\GATEWAYPLC\GATEWAYSERVICE.EXE
FirewallRules: [{37337DCC-64DF-4117-BE96-548EB4F8B936}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\MLC\OFFLINE\MOTIONSERVER_MLC12VRS.EXE
FirewallRules: [{A866272C-3C58-46D1-8A49-87E37958D421}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\MLC\OFFLINE\MOTIONSERVER_MLC12VRS.EXE
FirewallRules: [{F8D59899-CCC5-4791-ACF8-EC3E16FE91BB}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPE17VRS.EXE
FirewallRules: [{3A722412-3123-4108-BB4F-AF13CBA0ED49}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPE17VRS.EXE
FirewallRules: [{D3092615-68D2-4165-9432-AE2BF672F1A7}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPC17VRS.EXE
FirewallRules: [{2B0EDCCD-7634-4A35-B5C9-9BAEB986D8D0}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPC17VRS.EXE
FirewallRules: [{0AEDD56F-5657-4BE7-B1F3-275E6E0018E9}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\WinStudio\BIN\TAGINTEGRATIONMANAGER.EXE
FirewallRules: [{EFD9D560-78F6-4C49-B97A-A32CD924AB20}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\WinStudio\BIN\TAGINTEGRATIONMANAGER.EXE
FirewallRules: [{086D45F8-C9FD-4029-B644-DF6E732A28B1}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\INDRAWORKS.LICENSEIMPORT.EXE
FirewallRules: [{24110D02-52EC-489A-85E9-676BBD6AFDFC}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\INDRAWORKS.LICENSEIMPORT.EXE
FirewallRules: [{DB31592D-79B4-4AB5-AF6F-9BB9ACD80C89}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\WINSTUDIO\BIN\STUDIO MANAGER.EXE
FirewallRules: [{9F9F9599-4ACD-495A-AC29-866AA782EA54}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\WINSTUDIO\BIN\STUDIO MANAGER.EXE
FirewallRules: [{AAAE5AC6-FEDF-4283-9D4E-C9FB123DCEE1}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB18VRS.EXE
FirewallRules: [{18FE605B-DCB3-489E-BC11-F233F844A36C}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB18VRS.EXE
FirewallRules: [{985B5815-4C3E-4611-8D3F-B824AF9B436F}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPC18VRS.EXE
FirewallRules: [{A0F514BB-5F4E-4A6C-B4E5-74AD6E2FCD72}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPC18VRS.EXE
FirewallRules: [{3D0A6AB2-2372-497D-A1C8-F3493C34A5B0}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPE18VRS.EXE
FirewallRules: [{EB363B1E-3C10-4CB0-BD1A-232E12806860}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPE18VRS.EXE
FirewallRules: [{6ED4F92C-DB0A-42E4-AEE7-B9237F2A49EE}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPM18VRS.EXE
FirewallRules: [{AB325812-ED38-41D3-9C28-182E7EB6262A}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPM18VRS.EXE
FirewallRules: [{A7A0C9E2-60F7-4003-94D0-165E142E021C}] => (Allow) LPort=135
FirewallRules: [{A2BDC04D-8C68-410C-BED0-4122A7DCCF52}] => (Allow) F:\RouterSetup\QISWizard.exe
FirewallRules: [{F6D25695-5A75-4FA9-82D7-E82E96F8BEC0}] => (Allow) F:\RouterSetup\QISWizard.exe
FirewallRules: [{117C0A73-9632-4EC4-8A04-78FDBC1D57A1}] => (Allow) C:\Program Files (x86)\ASUS\WL-330N3G Wireless Router Utilities\Discovery.exe
FirewallRules: [{C734605A-BC2D-46AC-853E-82E6D0810D8F}] => (Allow) C:\Program Files (x86)\ASUS\WL-330N3G Wireless Router Utilities\Discovery.exe
FirewallRules: [{EDBBCD2E-3870-4DF6-BA1D-48100E327D74}] => (Allow) C:\Program Files (x86)\ASUS\WL-330N3G Wireless Router Utilities\Rescue.exe
FirewallRules: [{73ABEF46-818C-4A66-85DA-A1B9CE951A5D}] => (Allow) C:\Program Files (x86)\ASUS\WL-330N3G Wireless Router Utilities\Rescue.exe
FirewallRules: [{6179C186-3916-42FD-8636-ABCF45C2FD7A}] => (Allow) C:\Program Files (x86)\ASUS\WL-330N3G Wireless Router Utilities\QISWizard.exe
FirewallRules: [{4A387716-1D97-49A3-AE4C-B6FEC63AD35E}] => (Allow) C:\Program Files (x86)\ASUS\WL-330N3G Wireless Router Utilities\QISWizard.exe
FirewallRules: [TCP Query User{CBC377E3-66EB-483D-BF23-654CBA56686C}C:\program files (x86)\asus\wl-330n3g wireless router utilities\discovery.exe] => (Allow) C:\program files (x86)\asus\wl-330n3g wireless router utilities\discovery.exe
FirewallRules: [UDP Query User{8826A3B7-5D9F-40A9-BEAC-94B9FA013E5E}C:\program files (x86)\asus\wl-330n3g wireless router utilities\discovery.exe] => (Allow) C:\program files (x86)\asus\wl-330n3g wireless router utilities\discovery.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/25/2015 12:43:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 998
Error: (08/25/2015 12:43:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 998
Error: (08/25/2015 12:43:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/25/2015 10:46:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5008
Error: (08/25/2015 10:46:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5008
Error: (08/25/2015 10:46:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/25/2015 10:46:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4009
Error: (08/25/2015 10:46:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4009
Error: (08/25/2015 10:46:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/25/2015 10:46:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3011
Systemfehler:
=============
Error: (08/25/2015 01:32:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/25/2015 10:38:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (08/25/2015 10:38:40 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (08/25/2015 10:35:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (08/17/2015 02:00:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (08/17/2015 02:00:55 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (08/14/2015 06:07:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (08/14/2015 06:07:00 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (08/14/2015 09:22:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (08/14/2015 09:22:42 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Microsoft Office:
=========================
Error: (08/25/2015 12:43:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 998
Error: (08/25/2015 12:43:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 998
Error: (08/25/2015 12:43:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/25/2015 10:46:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5008
Error: (08/25/2015 10:46:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5008
Error: (08/25/2015 10:46:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/25/2015 10:46:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4009
Error: (08/25/2015 10:46:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4009
Error: (08/25/2015 10:46:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (08/25/2015 10:46:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3011
CodeIntegrity:
===================================
Date: 2012-07-08 19:42:01.770
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-07-08 19:42:01.750
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-07-08 19:42:01.728
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-07-08 19:42:01.676
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-07-08 19:42:01.643
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-07-08 19:42:01.598
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-07-08 19:42:01.569
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-07-08 19:42:01.549
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-07-08 19:42:01.526
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-07-08 19:42:01.459
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i7-2760QM CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 16267.23 MB
Verfügbarer physikalischer RAM: 13116.46 MB
Summe virtueller Speicher: 32532.65 MB
Verfügbarer virtueller Speicher: 28975.74 MB
==================== Laufwerke ================================
Drive c: (Windows7_OS) (Fixed) (Total:448.67 GB) (Free:328.62 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive k: () (Network) (Total:3695.18 GB) (Free:3480.92 GB)
Drive m: (OS) (Network) (Total:464.98 GB) (Free:372.3 GB) NTFS
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:5.11 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 78C1E17D)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS)
==================== Ende von FRST.txt ============================
2. Malwarebytes No malware found! Geändert von halifax09 (25.08.2015 um 14:05 Uhr) |
|
25.08.2015, 14:33
| #10 |
| | Spammail durch meinen Account 3. TDSSKiller Teil 1 Code:
ATTFilter 15:06:54.0910 0x1090 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
15:07:04.0138 0x1090 ============================================================
15:07:04.0138 0x1090 Current date / time: 2015/08/25 15:07:04.0137
15:07:04.0138 0x1090 SystemInfo:
15:07:04.0138 0x1090
15:07:04.0138 0x1090 OS Version: 6.1.7601 ServicePack: 1.0
15:07:04.0138 0x1090 Product type: Workstation
15:07:04.0138 0x1090 ComputerName: THINKPADW520
15:07:04.0139 0x1090 UserName: halifax
15:07:04.0139 0x1090 Windows directory: C:\Windows
15:07:04.0139 0x1090 System windows directory: C:\Windows
15:07:04.0139 0x1090 Running under WOW64
15:07:04.0139 0x1090 Processor architecture: Intel x64
15:07:04.0139 0x1090 Number of processors: 8
15:07:04.0139 0x1090 Page size: 0x1000
15:07:04.0139 0x1090 Boot type: Normal boot
15:07:04.0139 0x1090 ============================================================
15:07:04.0504 0x1090 KLMD registered as C:\Windows\system32\drivers\97492273.sys
15:07:05.0087 0x1090 System UUID: {F9F72BB6-18FE-BC6D-3968-090B3CD33066}
15:07:05.0968 0x1090 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:07:05.0989 0x1090 ============================================================
15:07:05.0989 0x1090 \Device\Harddisk0\DR0:
15:07:05.0989 0x1090 MBR partitions:
15:07:05.0989 0x1090 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000
15:07:05.0989 0x1090 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38157000
15:07:05.0990 0x1090 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38445800, BlocksNum 0x1F40000
15:07:05.0990 0x1090 ============================================================
15:07:06.0003 0x1090 C: <-> \Device\Harddisk0\DR0\Partition2
15:07:06.0046 0x1090 Q: <-> \Device\Harddisk0\DR0\Partition3
15:07:06.0046 0x1090 ============================================================
15:07:06.0046 0x1090 Initialize success
15:07:06.0046 0x1090 ============================================================
15:07:43.0279 0x14dc ============================================================
15:07:43.0279 0x14dc Scan started
15:07:43.0279 0x14dc Mode: Manual; SigCheck; TDLFS;
15:07:43.0279 0x14dc ============================================================
15:07:43.0279 0x14dc KSN ping started
15:07:57.0077 0x14dc KSN ping finished: true
15:07:58.0823 0x14dc ================ Scan system memory ========================
15:07:58.0823 0x14dc System memory - ok
15:07:58.0824 0x14dc ================ Scan services =============================
15:07:58.0998 0x14dc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
15:07:59.0139 0x14dc 1394ohci - ok
15:07:59.0188 0x14dc [ F4AF97702BAD85BFEF64B9A557F11B6F, 8255B2FBE64C60562A7DAAAD575EED49EE0D23DD42E5C76C988B8A3673843EA6 ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
15:07:59.0232 0x14dc 5U877 - ok
15:07:59.0397 0x14dc [ 1225A5F7EBEF1EFF4E90BA37DA9B3839, D7D18839CF2496CE53A0B806153FA0BED54021D0D4ADBAF037A0E9F828517A6A ] AceServer C:\Program Files (x86)\Adept Technology\Adept ACE\bin\AceService.exe
15:07:59.0432 0x14dc AceServer - detected UnsignedFile.Multi.Generic ( 1 )
15:08:02.0089 0x14dc AceServer ( UnsignedFile.Multi.Generic ) - warning
15:08:04.0642 0x14dc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:08:04.0695 0x14dc ACPI - ok
15:08:04.0735 0x14dc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:08:04.0775 0x14dc AcpiPmi - ok
15:08:04.0894 0x14dc [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:08:04.0925 0x14dc AdobeARMservice - ok
15:08:05.0063 0x14dc [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:08:05.0104 0x14dc AdobeFlashPlayerUpdateSvc - ok
15:08:05.0164 0x14dc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:08:05.0226 0x14dc adp94xx - ok
15:08:05.0283 0x14dc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:08:05.0333 0x14dc adpahci - ok
15:08:05.0363 0x14dc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:08:05.0403 0x14dc adpu320 - ok
15:08:05.0437 0x14dc [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:08:05.0538 0x14dc AeLookupSvc - ok
15:08:05.0620 0x14dc [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
15:08:05.0694 0x14dc AFD - ok
15:08:05.0729 0x14dc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
15:08:05.0772 0x14dc agp440 - ok
15:08:05.0823 0x14dc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
15:08:05.0864 0x14dc ALG - ok
15:08:05.0914 0x14dc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
15:08:05.0942 0x14dc aliide - ok
15:08:06.0131 0x14dc [ 6A896356FF660AB7DA9778C9DDBC6730, A10BF331F2653245278BF2EE97A2FA40CD7A05CCA86883F3A7AC26078743466B ] almservice C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
15:08:06.0290 0x14dc almservice - detected UnsignedFile.Multi.Generic ( 1 )
15:08:08.0734 0x14dc Detect skipped due to KSN trusted
15:08:08.0734 0x14dc almservice - ok
15:08:08.0769 0x14dc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
15:08:08.0797 0x14dc amdide - ok
15:08:08.0824 0x14dc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:08:08.0862 0x14dc AmdK8 - ok
15:08:08.0887 0x14dc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:08:08.0925 0x14dc AmdPPM - ok
15:08:08.0948 0x14dc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:08:08.0983 0x14dc amdsata - ok
15:08:09.0013 0x14dc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:08:09.0053 0x14dc amdsbs - ok
15:08:09.0073 0x14dc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:08:09.0101 0x14dc amdxata - ok
15:08:09.0217 0x14dc [ 3358CAD1887DDDDD2A36B7796B579292, 40BA1A836276C2AA78914F294661C3C918F2D6DFAA9D6EF3FEB6D1EE3B07F584 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
15:08:09.0297 0x14dc AntiVirMailService - ok
15:08:09.0385 0x14dc [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:08:09.0437 0x14dc AntiVirSchedulerService - ok
15:08:09.0501 0x14dc [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:08:09.0553 0x14dc AntiVirService - ok
15:08:09.0665 0x14dc [ 6FD5165364D88FDABE4FA59E1768376F, B82D11E6FCC297F822E29A49D46C9985955C9F5676D107A397B00D0468F93504 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
15:08:09.0767 0x14dc AntiVirWebService - ok
15:08:09.0802 0x14dc [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
15:08:09.0898 0x14dc AppID - ok
15:08:09.0927 0x14dc [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:08:10.0022 0x14dc AppIDSvc - ok
15:08:10.0062 0x14dc [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
15:08:10.0099 0x14dc Appinfo - ok
15:08:10.0132 0x14dc [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
15:08:10.0180 0x14dc AppMgmt - ok
15:08:10.0208 0x14dc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
15:08:10.0241 0x14dc arc - ok
15:08:10.0269 0x14dc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:08:10.0303 0x14dc arcsas - ok
15:08:10.0417 0x14dc [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:08:10.0453 0x14dc aspnet_state - ok
15:08:10.0476 0x14dc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:08:10.0571 0x14dc AsyncMac - ok
15:08:10.0611 0x14dc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
15:08:10.0639 0x14dc atapi - ok
15:08:10.0722 0x14dc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:08:10.0866 0x14dc AudioEndpointBuilder - ok
15:08:10.0918 0x14dc [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:08:11.0064 0x14dc AudioSrv - ok
15:08:11.0167 0x14dc [ CC1ABBD9E61B7AA5CCBB45EA87CB033F, 4E5DE485833721E19B36455C017B9D908BAA7D12637A878934A0FAF2326E000B ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:08:11.0219 0x14dc avgntflt - ok
15:08:11.0265 0x14dc [ 07C8454D3A94BA478752FAFA2B94E0FE, EB19396D4A6D51D6C33ED55C8EF0259045801D39CCE2945931F9163D6006C133 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:08:11.0299 0x14dc avipbb - ok
15:08:11.0420 0x14dc [ 4B3DBF1CEBE1B2346BF2F8D2251F641A, CDC5BCA35BE658007E29E94E7FBFAA499B50929E738A12904397D16268C6FBAE ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
15:08:11.0462 0x14dc Avira.ServiceHost - ok
15:08:11.0498 0x14dc [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
15:08:11.0526 0x14dc avkmgr - ok
15:08:11.0562 0x14dc [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
15:08:11.0590 0x14dc avnetflt - ok
15:08:11.0636 0x14dc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:08:11.0691 0x14dc AxInstSV - ok
15:08:11.0748 0x14dc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:08:11.0817 0x14dc b06bdrv - ok
15:08:11.0857 0x14dc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:08:11.0911 0x14dc b57nd60a - ok
15:08:11.0950 0x14dc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
15:08:11.0989 0x14dc BDESVC - ok
15:08:11.0999 0x14dc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
15:08:12.0093 0x14dc Beep - ok
15:08:12.0161 0x14dc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
15:08:12.0252 0x14dc BFE - ok
15:08:12.0328 0x14dc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
15:08:12.0491 0x14dc BITS - ok
15:08:12.0517 0x14dc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:08:12.0553 0x14dc blbdrive - ok
15:08:12.0623 0x14dc [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:08:12.0679 0x14dc Bonjour Service - ok
15:08:12.0724 0x14dc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:08:12.0762 0x14dc bowser - ok
15:08:12.0794 0x14dc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:08:12.0834 0x14dc BrFiltLo - ok
15:08:12.0843 0x14dc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:08:12.0884 0x14dc BrFiltUp - ok
15:08:12.0930 0x14dc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
15:08:12.0974 0x14dc Browser - ok
15:08:13.0011 0x14dc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:08:13.0068 0x14dc Brserid - ok
15:08:13.0094 0x14dc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:08:13.0137 0x14dc BrSerWdm - ok
15:08:13.0160 0x14dc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:08:13.0200 0x14dc BrUsbMdm - ok
15:08:13.0209 0x14dc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:08:13.0243 0x14dc BrUsbSer - ok
15:08:13.0297 0x14dc [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
15:08:13.0331 0x14dc BthEnum - ok
15:08:13.0358 0x14dc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:08:13.0404 0x14dc BTHMODEM - ok
15:08:13.0435 0x14dc [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:08:13.0484 0x14dc BthPan - ok
15:08:13.0534 0x14dc [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
15:08:13.0610 0x14dc BTHPORT - ok
15:08:13.0645 0x14dc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
15:08:13.0746 0x14dc bthserv - ok
15:08:13.0785 0x14dc [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
15:08:13.0821 0x14dc BTHUSB - ok
15:08:13.0888 0x14dc [ 8834F87A6A745872894DF8223201A6C3, B8C26E11EAAB4A93E4241B4B6F00C1CA05501011E28D6A06D4B009BA4E3AB7CD ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
15:08:13.0940 0x14dc BTWAMPFL - ok
15:08:13.0968 0x14dc [ 9863D82ECBEC6106D377ED73680D99D8, 27DA7335BB14BBF9DC627C8F97ED59BA3479E5E084704AE4C16B1A3E67CB184C ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
15:08:13.0999 0x14dc btwaudio - ok
15:08:14.0029 0x14dc [ 3432DD66AE75AB2DE6D0527AD78DBFC7, C2DEB409CDA3621E33E429E592A81E09095C52CDCE36732C9BEA00B92994E44D ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
15:08:14.0061 0x14dc btwavdt - ok
15:08:14.0157 0x14dc [ EB4AFE08FB39BB444F221D7D501E0915, 2AF8ECEEAB5A0E972660C1553B555E49C49F19500ABD67DFEB9BEBA7E577A700 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
15:08:14.0244 0x14dc btwdins - ok
15:08:14.0257 0x14dc [ 382DC5A631CED0462EA09B7EB898BDBF, 7457145E194310F4EB9273471EA41100D3A1448BC2A366064B25A212B389AACB ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
15:08:14.0281 0x14dc btwl2cap - ok
15:08:14.0312 0x14dc [ 13A9C2CEDD44C175E6CA39A536795CA6, 13D6D24C2127E6A5E9AB2DFAA9729D57AA6CFCC72DFACF78E4DE7E63ABA122DF ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
15:08:14.0334 0x14dc btwrchid - ok
15:08:14.0358 0x14dc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:08:14.0459 0x14dc cdfs - ok
15:08:14.0507 0x14dc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:08:14.0551 0x14dc cdrom - ok
15:08:14.0579 0x14dc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
15:08:14.0676 0x14dc CertPropSvc - ok
15:08:14.0722 0x14dc [ 5BCA4B2551CE016A2FECBC50BC216BC7, DAE13DEDF91226397CD4873C1F622557FBFA3C3C181079F05458182E86F8FAD2 ] cgnxcdc_x64 C:\Windows\system32\DRIVERS\cgnxcdc_x64.sys
15:08:14.0751 0x14dc cgnxcdc_x64 - ok
15:08:14.0773 0x14dc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
15:08:14.0816 0x14dc circlass - ok
15:08:14.0872 0x14dc [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
15:08:14.0924 0x14dc CLFS - ok
15:08:14.0979 0x14dc [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:08:15.0007 0x14dc clr_optimization_v2.0.50727_32 - ok
15:08:15.0058 0x14dc [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:08:15.0087 0x14dc clr_optimization_v2.0.50727_64 - ok
15:08:15.0161 0x14dc [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:08:15.0200 0x14dc clr_optimization_v4.0.30319_32 - ok
15:08:15.0225 0x14dc [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:08:15.0264 0x14dc clr_optimization_v4.0.30319_64 - ok
15:08:15.0295 0x14dc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:08:15.0330 0x14dc CmBatt - ok
15:08:15.0358 0x14dc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:08:15.0386 0x14dc cmdide - ok
15:08:15.0456 0x14dc [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
15:08:15.0532 0x14dc CNG - ok
15:08:15.0669 0x14dc [ 8DE541B4CFA281A204BAA3EA2109809E, FD3F9F0C7FD88D04CCC8A249D94EFEB3FBAD7192ABCAFAF5A3F23B830925DE68 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
15:08:15.0803 0x14dc CnxtHdAudService - ok
15:08:15.0840 0x14dc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:08:15.0868 0x14dc Compbatt - ok
15:08:15.0893 0x14dc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:08:15.0937 0x14dc CompositeBus - ok
15:08:15.0947 0x14dc COMSysApp - ok
15:08:15.0969 0x14dc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:08:15.0997 0x14dc crcdisk - ok
15:08:16.0043 0x14dc [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:08:16.0090 0x14dc CryptSvc - ok
15:08:16.0142 0x14dc [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
15:08:16.0216 0x14dc CSC - ok
15:08:16.0288 0x14dc [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
15:08:16.0397 0x14dc CscService - ok
15:08:16.0436 0x14dc [ 9D0D050170D47E778B624A28C90F23DE, 48528AA9EB0C9FB5086D992EF1F9556C8249D267C2E3D4E681D5C8B6BC316C71 ] CxAudMsg C:\Windows\system32\CxAudMsg64.exe
15:08:16.0471 0x14dc CxAudMsg - ok
15:08:16.0530 0x14dc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:08:16.0678 0x14dc DcomLaunch - ok
15:08:16.0731 0x14dc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
15:08:16.0847 0x14dc defragsvc - ok
15:08:16.0884 0x14dc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:08:16.0981 0x14dc DfsC - ok
15:08:17.0025 0x14dc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:08:17.0084 0x14dc Dhcp - ok
15:08:17.0108 0x14dc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
15:08:17.0204 0x14dc discache - ok
15:08:17.0246 0x14dc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
15:08:17.0277 0x14dc Disk - ok
15:08:17.0302 0x14dc [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
15:08:17.0338 0x14dc dmvsc - ok
15:08:17.0381 0x14dc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:08:17.0427 0x14dc Dnscache - ok
15:08:17.0470 0x14dc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
15:08:17.0583 0x14dc dot3svc - ok
15:08:17.0666 0x14dc [ 277247B79DA2230D0C3AEB83E6CD8CA7, E6C1BD8374AAA17F20E8C4D7E8B729537E4CB14537D55B7D6C3C8863A431D64E ] DozeSvc C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
15:08:17.0720 0x14dc DozeSvc - ok
15:08:17.0787 0x14dc [ 84E9BE1A67C14EDF514E379FD610D210, 259B7C87E5177F5C15ACA24D977F3AB7F67FA54302FE5FA2C5799034DEA97F7C ] dpmconv C:\Windows\system32\DRIVERS\dpmconv.sys
15:08:17.0836 0x14dc dpmconv - ok
15:08:17.0883 0x14dc [ 0BD72E62C3974C4F5E4372DBA971901B, E3A6ACA940A92B7721773E38141FC7C4E353423C007DB72CF2361E95DFDE5B93 ] dpmcslv C:\Windows\system32\drivers\dpmcslv.sys
15:08:17.0900 0x14dc dpmcslv - detected UnsignedFile.Multi.Generic ( 1 )
15:08:20.0342 0x14dc Detect skipped due to KSN trusted
15:08:20.0342 0x14dc dpmcslv - ok
15:08:20.0406 0x14dc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
15:08:20.0511 0x14dc DPS - ok
15:08:20.0549 0x14dc [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:08:20.0580 0x14dc drmkaud - ok
15:08:20.0632 0x14dc [ F2D97A85F4F6E0942BC17C4EECEEE6B7, 3583D00634C36B16880766F7635BFF48D04CECA4F2489E2720EBE33007CA0B9B ] dsNcAdpt C:\Windows\system32\DRIVERS\dsNcAdpt.sys
15:08:20.0671 0x14dc dsNcAdpt - ok
15:08:20.0884 0x14dc [ B3B6C72AD1464CE3DE31005DB7C0D2DF, D7D087D6417BDD62D9BB1C77F1FE817E237DB3C4AA562EA6E335CBF57FFD9004 ] dsNcService C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
15:08:20.0955 0x14dc dsNcService - ok
15:08:21.0054 0x14dc [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:08:21.0149 0x14dc DXGKrnl - ok
15:08:21.0181 0x14dc [ CE4CFFD9F64B86BCEB1C343FC9924D72, A7E03531661C808F34560765136E1912A1389C459BA996880761539F4967056E ] DzHDD64 C:\Windows\system32\DRIVERS\DzHDD64.sys
15:08:21.0205 0x14dc DzHDD64 - ok
15:08:21.0255 0x14dc [ DC1776D086AA9733B1929A3D979D9FDD, C7EEF160C615948CCCDE3B56C43F8A1E348B4E1212E0DDDB8A9EC2EC14FF73EE ] e1cexpress C:\Windows\system32\DRIVERS\e1c62x64.sys
15:08:21.0299 0x14dc e1cexpress - ok
15:08:21.0350 0x14dc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
15:08:21.0453 0x14dc EapHost - ok
15:08:21.0696 0x14dc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:08:21.0999 0x14dc ebdrv - ok
15:08:22.0079 0x14dc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
15:08:22.0114 0x14dc EFS - ok
15:08:22.0202 0x14dc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:08:22.0293 0x14dc ehRecvr - ok
15:08:22.0312 0x14dc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
15:08:22.0355 0x14dc ehSched - ok
15:08:22.0416 0x14dc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:08:22.0480 0x14dc elxstor - ok
15:08:22.0669 0x14dc [ 3151725A59EC0D6B4A75150E7995E45E, 8529D135A296C66CE4DAD2A3BB2B1BBDFB6EE954B002964A1637912C8CF2A2FE ] ENI Server C:\Program Files (x86)\Rexroth\IndraWorks\IndraLogic\ENI Server\ENI.exe
15:08:22.0736 0x14dc ENI Server - detected UnsignedFile.Multi.Generic ( 1 )
15:08:25.0434 0x14dc ENI Server ( UnsignedFile.Multi.Generic ) - warning
15:08:27.0914 0x14dc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:08:27.0947 0x14dc ErrDev - ok
15:08:28.0024 0x14dc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
15:08:28.0153 0x14dc EventSystem - ok
15:08:28.0318 0x14dc [ E3A96D5AE6E5C7B5472011BA77353368, 846D8E5AF471CEAB3E12D6CB2ED0D25EF28B768AC10AD873F33F3F5BEC80CF25 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:08:28.0447 0x14dc EvtEng - ok
15:08:28.0488 0x14dc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
15:08:28.0598 0x14dc exfat - ok
15:08:28.0642 0x14dc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:08:28.0752 0x14dc fastfat - ok
15:08:28.0828 0x14dc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
15:08:28.0917 0x14dc Fax - ok
15:08:28.0941 0x14dc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
15:08:28.0976 0x14dc fdc - ok
15:08:29.0001 0x14dc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
15:08:29.0097 0x14dc fdPHost - ok
15:08:29.0127 0x14dc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
15:08:29.0224 0x14dc FDResPub - ok
15:08:29.0259 0x14dc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:08:29.0290 0x14dc FileInfo - ok
15:08:29.0303 0x14dc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:08:29.0399 0x14dc Filetrace - ok
15:08:29.0540 0x14dc [ 3B8B64EF1D7CE03727DEFFFEF473F5AE, D9D031C054759D0E9117021992FD08BBE3A05128B2EEA7FE97BB25DCEF8538FD ] FLEXlm License Manager C:\SEFlex\Program\lmgrd.exe
15:08:29.0658 0x14dc FLEXlm License Manager - ok
15:08:29.0691 0x14dc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:08:29.0725 0x14dc flpydisk - ok
15:08:29.0758 0x14dc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:08:29.0805 0x14dc FltMgr - ok
15:08:29.0929 0x14dc [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
15:08:30.0058 0x14dc FontCache - ok
15:08:30.0108 0x14dc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:08:30.0134 0x14dc FontCache3.0.0.0 - ok
15:08:30.0160 0x14dc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:08:30.0190 0x14dc FsDepends - ok
15:08:30.0206 0x14dc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:08:30.0234 0x14dc Fs_Rec - ok
15:08:30.0274 0x14dc [ 82D4BD620F7E27EA268EA0E2F701A7AE, 744014A791C07CF3B9387ADECB94552D8B6AC523433F7063411198509155F3E9 ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
15:08:30.0298 0x14dc FTDIBUS - ok
15:08:30.0311 0x14dc [ 1FA21FF2D7B50B528D8B73DB34AD06BC, 77B670CA00AC56C59307F154608462197DDF9A367701A5C687B4A93AFB759554 ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys
15:08:30.0337 0x14dc FTSER2K - ok
15:08:30.0392 0x14dc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:08:30.0442 0x14dc fvevol - ok
15:08:30.0484 0x14dc [ 4CB5DE14E7DF5CE501CF8521BDB2FD37, F966EE158C7EE53AFECD9B0AB9D321CDE1318BC6D160CD996FF66EED28F89224 ] fwkbdrtm C:\Windows\system32\drivers\fwkbdrtm.sys
15:08:30.0507 0x14dc fwkbdrtm - ok
15:08:30.0543 0x14dc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:08:30.0574 0x14dc gagp30kx - ok
15:08:30.0629 0x14dc [ A28F068F74FFB64B9DEA922D267801BE, F4C9904C3206DC039DD539B8B073EB85FAD47982C5455B7085E73D329B1F4221 ] GemCCID C:\Windows\system32\DRIVERS\GemCCID.sys
15:08:30.0674 0x14dc GemCCID - ok
15:08:30.0759 0x14dc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
15:08:30.0915 0x14dc gpsvc - ok
15:08:30.0931 0x14dc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:08:30.0965 0x14dc hcw85cir - ok
15:08:31.0015 0x14dc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:08:31.0082 0x14dc HdAudAddService - ok
15:08:31.0115 0x14dc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:08:31.0164 0x14dc HDAudBus - ok
15:08:31.0227 0x14dc [ DF100F69C70F3319C3F6178D21A910FE, 9CA3D657822FD1BC7B5A50FDCA163348E9FE65689157328358001032F861ABC9 ] hhdspmc64 C:\Windows\system32\DRIVERS\hhdspmc64.sys
15:08:31.0255 0x14dc hhdspmc64 - ok
15:08:31.0269 0x14dc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:08:31.0304 0x14dc HidBatt - ok
15:08:31.0331 0x14dc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:08:31.0379 0x14dc HidBth - ok
15:08:31.0405 0x14dc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
15:08:31.0448 0x14dc HidIr - ok
15:08:31.0475 0x14dc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
15:08:31.0572 0x14dc hidserv - ok
15:08:31.0629 0x14dc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:08:31.0662 0x14dc HidUsb - ok
15:08:31.0693 0x14dc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:08:31.0790 0x14dc hkmsvc - ok
15:08:31.0822 0x14dc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:08:31.0873 0x14dc HomeGroupListener - ok
15:08:31.0915 0x14dc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:08:31.0964 0x14dc HomeGroupProvider - ok
15:08:31.0996 0x14dc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:08:32.0027 0x14dc HpSAMD - ok
15:08:32.0096 0x14dc [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:08:32.0245 0x14dc HTTP - ok
15:08:32.0259 0x14dc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:08:32.0287 0x14dc hwpolicy - ok
15:08:32.0348 0x14dc [ E935C8099F9196BF19224D9EE4808612, 7F39ACF763E042EFB9B41C7D805CF7C9E1261B14FC6E5C09BCA11623312E2C7B ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
15:08:32.0377 0x14dc HyperW7Svc - ok
15:08:32.0425 0x14dc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:08:32.0466 0x14dc i8042prt - ok
15:08:32.0527 0x14dc [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor C:\Windows\system32\drivers\iaStor.sys
15:08:32.0580 0x14dc iaStor - ok
15:08:32.0633 0x14dc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:08:32.0687 0x14dc iaStorV - ok
15:08:32.0721 0x14dc [ B21087E1A64FD474BF3E1A602A714F1F, 1122D26F938E1A331D0BEBBEA4BACC75276E8502291B3FCB45D53ACA1562C422 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
15:08:32.0749 0x14dc IBMPMDRV - ok
15:08:32.0770 0x14dc [ A3E4DE0F77031061972485EF9BD8E4D0, 5F9E293898553281DAECE577CCB3F83178C46FB9078FB7D2E9FF609EF5709373 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
15:08:32.0796 0x14dc IBMPMSVC - ok
15:08:32.0848 0x14dc [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:08:32.0866 0x14dc IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
15:08:35.0310 0x14dc Detect skipped due to KSN trusted
15:08:35.0310 0x14dc IDriverT - ok
15:08:35.0432 0x14dc [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:08:35.0515 0x14dc idsvc - ok
15:08:35.0542 0x14dc IEEtwCollectorService - ok
15:08:36.0391 0x14dc [ 66DC0CE2D1867B8178EAA0E11930DBD7, 8870CBBEDD81E0886E9021FB43A3B26486C2E8CD05A805028A136950B3FA809A ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:08:37.0476 0x14dc igfx - ok
15:08:37.0548 0x14dc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:08:37.0577 0x14dc iirsp - ok
15:08:37.0665 0x14dc [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
15:08:37.0767 0x14dc IKEEXT - ok
15:08:37.0889 0x14dc [ 9E952C8897A0839C4ED18827A95F5613, A9E4CF47FC368C5250194677F37344B3593B09B0196E275C0E5D990B5C518EDC ] IndraLogic Service Control C:\Program Files (x86)\Rexroth\IndraWorks\GatewayPLC\ServiceControl.exe
15:08:37.0927 0x14dc IndraLogic Service Control - detected UnsignedFile.Multi.Generic ( 1 )
15:08:40.0364 0x14dc Detect skipped due to KSN trusted
15:08:40.0364 0x14dc IndraLogic Service Control - ok
15:08:40.0433 0x14dc [ 18754965A54167979B957F8B776241FC, FAC8C854E86A31BC182889A240BF6B11FC28502DA0A859FF46E2604E9E8327F1 ] IndraLogic V13 Gateway C:\Program Files (x86)\Rexroth\IndraWorks\GatewayPLC\GatewayService.exe
15:08:40.0503 0x14dc IndraLogic V13 Gateway - detected UnsignedFile.Multi.Generic ( 1 )
15:08:42.0946 0x14dc IndraLogic V13 Gateway ( UnsignedFile.Multi.Generic ) - warning
15:08:45.0437 0x14dc [ 18A1E7CC285B910656C2AB650367D9F6, 3C5140C37061890DF26E0E5692E45EEE1E7F489DAE5BC0C73EEFE0A28A62BD53 ] IndraWorksService C:\Program Files (x86)\Rexroth\IndraWorks\IndraWorks.Service.exe
15:08:45.0459 0x14dc IndraWorksService - detected UnsignedFile.Multi.Generic ( 1 )
15:08:47.0896 0x14dc IndraWorksService ( UnsignedFile.Multi.Generic ) - warning
15:08:47.0896 0x14dc Force sending object to P2P due to detect: IndraWorksService
15:08:50.0469 0x14dc Object send P2P result: true
15:08:52.0967 0x14dc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
15:08:52.0995 0x14dc intelide - ok
15:08:53.0031 0x14dc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:08:53.0069 0x14dc intelppm - ok
15:08:53.0104 0x14dc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:08:53.0208 0x14dc IPBusEnum - ok
15:08:53.0242 0x14dc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:08:53.0338 0x14dc IpFilterDriver - ok
15:08:53.0414 0x14dc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:08:53.0493 0x14dc iphlpsvc - ok
15:08:53.0515 0x14dc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:08:53.0554 0x14dc IPMIDRV - ok
15:08:53.0589 0x14dc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:08:53.0690 0x14dc IPNAT - ok
15:08:53.0715 0x14dc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:08:53.0761 0x14dc IRENUM - ok
15:08:53.0782 0x14dc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:08:53.0810 0x14dc isapnp - ok
15:08:53.0866 0x14dc [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:08:53.0911 0x14dc iScsiPrt - ok
15:08:53.0997 0x14dc [ 6C85719A21B3F62C2C76280F4BD36C7B, 471E333467937720EF9369419EEDE5C2246C976123B437E0AC66F394CF1C056A ] jhi_service C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
15:08:54.0035 0x14dc jhi_service - ok
15:08:54.0136 0x14dc [ B38CA9E61ADEEA7845FB74422217AE78, 5BC54E6A7487953A300C619118E223C6BBDF58A571DCFA6F3BCBF3B9AED99073 ] JuniperAccessService C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
15:08:54.0168 0x14dc JuniperAccessService - ok
15:08:54.0220 0x14dc [ 047A17C944D1B29B2A4A7F63B2FE1DF5, 86B13C910CC3D128AE71CA9B31D31AC9D1E2D193834467CA13A42640280DDB3E ] KbdBlock2 C:\Windows\system32\drivers\KbdBlock2.sys
15:08:54.0243 0x14dc KbdBlock2 - ok
15:08:54.0263 0x14dc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:08:54.0293 0x14dc kbdclass - ok
15:08:54.0327 0x14dc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:08:54.0362 0x14dc kbdhid - ok
15:08:54.0390 0x14dc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
15:08:54.0424 0x14dc KeyIso - ok
15:08:54.0472 0x14dc [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:08:54.0505 0x14dc KSecDD - ok
15:08:54.0529 0x14dc [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:08:54.0566 0x14dc KSecPkg - ok
15:08:54.0587 0x14dc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:08:54.0681 0x14dc ksthunk - ok
15:08:54.0735 0x14dc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
15:08:54.0861 0x14dc KtmRm - ok
15:08:54.0902 0x14dc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:08:55.0013 0x14dc LanmanServer - ok
15:08:55.0048 0x14dc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:08:55.0151 0x14dc LanmanWorkstation - ok
15:08:55.0226 0x14dc [ 88E52495B47C67126B510AF53FDB0BC7, 75027CE5F578592BBA29F4FB8D820AC5D4E5C8F3095CAF9441818B14128BB4E4 ] LBTServ C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
15:08:55.0259 0x14dc LBTServ - ok
15:08:55.0306 0x14dc [ 56B74943929BC575914631EDC0E72220, 47AC85C1837FB412AD08EB9E81411E3560826F978910A89354CF689B0BCDF78B ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
15:08:55.0327 0x14dc LENOVO.CAMMUTE - ok
15:08:55.0375 0x14dc [ 340288B3B2EDC8AFD5FF127DF85142A7, 595103B5CCDC83D8E4617D2C3E8ED91C88A78ACF11BC9478E9244C510DD50A80 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
15:08:55.0401 0x14dc LENOVO.MICMUTE - ok
15:08:55.0429 0x14dc [ 2B9D8555DC004E240082D18E7725CE20, 9DEF9463CB099C0BC8782C1E5FCE62F038B971ABC12966774D1F83569B081A42 ] lenovo.smi C:\Windows\system32\DRIVERS\smiifx64.sys
15:08:55.0452 0x14dc lenovo.smi - ok
15:08:55.0470 0x14dc [ F9B51B2A5DA1222A910021C71E9EA559, 4B7040808828991B2C075B91E41E6AB03A50FADDCC477444A673B08FE77BE96A ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
15:08:55.0493 0x14dc LENOVO.TPKNRSVC - ok
15:08:55.0516 0x14dc [ F7DE50781DC4D162C1005EB30D98F931, CDD07CD2E300DCD818CF97AC05CAFD2BA5568CEA10622D69E156CFC936DD4769 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
15:08:55.0544 0x14dc Lenovo.VIRTSCRLSVC - ok
15:08:55.0588 0x14dc [ 606DA892A53FA863B67F8D3F8FF016A0, FB026285C07C8A77C1702698E40C2EA694B054C35C62E45C9A5C498BC94BAD49 ] LenovoRd C:\Windows\system32\Drivers\LenovoRd.sys
15:08:55.0626 0x14dc LenovoRd - ok
15:08:55.0663 0x14dc [ BECBD7CD46776B8739EE18061F45A581, 5379671AB2C04F9F9F4E5197255A9562B4E5EA2463355F996066E6FAB4F25EC9 ] LEqdUsb C:\Windows\system32\DRIVERS\LEqdUsb.Sys
15:08:55.0689 0x14dc LEqdUsb - ok
15:08:55.0708 0x14dc [ 21D6BD7D62C270059EB8E2B1D4095880, 93DD175A37C8BAE95BD922965D75E4D479375F009BF531E47A5853B00E17FC45 ] LHidEqd C:\Windows\system32\DRIVERS\LHidEqd.Sys
15:08:55.0730 0x14dc LHidEqd - ok
15:08:55.0748 0x14dc [ B6552D382FF070B4ED34CBD6737277C0, 7C2C24454037170311B0267DEFB797E8DF8D157D62157D271BF7F5F74B2A12F3 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
15:08:55.0773 0x14dc LHidFilt - ok
15:08:55.0810 0x14dc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:08:55.0908 0x14dc lltdio - ok
15:08:55.0941 0x14dc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:08:56.0061 0x14dc lltdsvc - ok
15:08:56.0090 0x14dc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:08:56.0187 0x14dc lmhosts - ok
15:08:56.0202 0x14dc [ 73C1F563AB73D459DFFE682D66476558, 9B8BEE384C968DC6C37DD54B9128D9C2BA92EDBF7BDF49D753AA7DB165F18D00 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
15:08:56.0227 0x14dc LMouFilt - ok
15:08:56.0293 0x14dc [ 97F9EAAC985A663394CD8F54DCD3E73A, D5BA3E7ED36BA361B1941F12D83568C30F7E49A8B9D54D3EBBBD05767E1F3B0A ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:08:56.0337 0x14dc LMS - ok
15:08:56.0368 0x14dc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:08:56.0402 0x14dc LSI_FC - ok
15:08:56.0437 0x14dc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:08:56.0470 0x14dc LSI_SAS - ok
15:08:56.0488 0x14dc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:08:56.0519 0x14dc LSI_SAS2 - ok
15:08:56.0547 0x14dc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:08:56.0581 0x14dc LSI_SCSI - ok
15:08:56.0611 0x14dc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
15:08:56.0714 0x14dc luafv - ok
15:08:56.0744 0x14dc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:08:56.0785 0x14dc Mcx2Svc - ok
15:08:56.0801 0x14dc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
15:08:56.0830 0x14dc megasas - ok
15:08:56.0865 0x14dc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:08:56.0911 0x14dc MegaSR - ok
15:08:56.0937 0x14dc [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:08:56.0962 0x14dc MEIx64 - ok
15:08:56.0983 0x14dc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
15:08:57.0083 0x14dc MMCSS - ok
15:08:57.0100 0x14dc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
15:08:57.0196 0x14dc Modem - ok
15:08:57.0228 0x14dc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:08:57.0269 0x14dc monitor - ok
15:08:57.0305 0x14dc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:08:57.0334 0x14dc mouclass - ok
15:08:57.0351 0x14dc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:08:57.0386 0x14dc mouhid - ok
15:08:57.0420 0x14dc [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:08:57.0453 0x14dc mountmgr - ok
15:08:57.0510 0x14dc [ 2E1F005987F6C31ADE25B67C2D172DF6, 7DDEA05F80158FECCF37A31F056D04E8E76115B178557450056DEC516D3027C8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:08:57.0546 0x14dc MozillaMaintenance - ok
15:08:57.0570 0x14dc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
15:08:57.0607 0x14dc mpio - ok
15:08:57.0630 0x14dc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:08:57.0729 0x14dc mpsdrv - ok
15:08:57.0814 0x14dc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:08:57.0975 0x14dc MpsSvc - ok
15:08:58.0030 0x14dc [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:08:58.0073 0x14dc MRxDAV - ok
15:08:58.0117 0x14dc [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:08:58.0160 0x14dc mrxsmb - ok
15:08:58.0198 0x14dc [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:08:58.0252 0x14dc mrxsmb10 - ok
15:08:58.0279 0x14dc [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:08:58.0319 0x14dc mrxsmb20 - ok
15:08:58.0362 0x14dc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
15:08:58.0389 0x14dc msahci - ok
15:08:58.0426 0x14dc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:08:58.0462 0x14dc msdsm - ok
15:08:58.0485 0x14dc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
15:08:58.0532 0x14dc MSDTC - ok
15:08:58.0569 0x14dc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:08:58.0664 0x14dc Msfs - ok
15:08:58.0686 0x14dc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:08:58.0780 0x14dc mshidkmdf - ok
15:08:58.0792 0x14dc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:08:58.0820 0x14dc msisadrv - ok
15:08:58.0853 0x14dc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:08:58.0960 0x14dc MSiSCSI - ok
15:08:58.0968 0x14dc msiserver - ok
15:08:59.0001 0x14dc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:08:59.0094 0x14dc MSKSSRV - ok
15:08:59.0102 0x14dc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:08:59.0196 0x14dc MSPCLOCK - ok
15:08:59.0205 0x14dc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:08:59.0299 0x14dc MSPQM - ok
15:08:59.0337 0x14dc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:08:59.0391 0x14dc MsRPC - ok
15:08:59.0413 0x14dc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:08:59.0441 0x14dc mssmbios - ok
15:08:59.0489 0x14dc MSSQL$WINCCFLEXEXPRESS - ok
15:08:59.0523 0x14dc [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
15:08:59.0548 0x14dc MSSQLServerADHelper - ok
15:08:59.0566 0x14dc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:08:59.0660 0x14dc MSTEE - ok
15:08:59.0669 0x14dc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:08:59.0703 0x14dc MTConfig - ok
15:08:59.0731 0x14dc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
15:08:59.0761 0x14dc Mup - ok
15:08:59.0803 0x14dc [ 49BCB8E4E93C7C12D5551DAE583CF1AB, 277C78F10EA8B1DB75FA01630029D0EB08674C074D9A6DE42E55CF313838D54C ] mxuwdrv2 C:\Windows\system32\DRIVERS\mxuwdrv2.sys
15:08:59.0830 0x14dc mxuwdrv2 - ok
15:08:59.0881 0x14dc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
15:09:00.0012 0x14dc napagent - ok
15:09:00.0065 0x14dc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:09:00.0136 0x14dc NativeWifiP - ok
15:09:00.0239 0x14dc [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
15:09:00.0332 0x14dc NDIS - ok
15:09:00.0358 0x14dc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:09:00.0454 0x14dc NdisCap - ok
15:09:00.0478 0x14dc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:09:00.0573 0x14dc NdisTapi - ok
15:09:00.0594 0x14dc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:09:00.0689 0x14dc Ndisuio - ok
15:09:00.0717 0x14dc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:09:00.0820 0x14dc NdisWan - ok
15:09:00.0846 0x14dc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:09:00.0941 0x14dc NDProxy - ok
15:09:00.0985 0x14dc [ 76C4D5C98A808D8C8E0C46280036FAF8, A808DFA8B6949D44698122CDA43CD01B3B1CD14029B368F1686D023426239B87 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:09:01.0003 0x14dc Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
15:09:11.0003 0x14dc Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:09:11.0003 0x14dc Force sending object to P2P due to detect: Net Driver HPZ12
15:09:15.0641 0x14dc Object send P2P result: true
15:09:18.0170 0x14dc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:09:18.0268 0x14dc NetBIOS - ok
15:09:18.0303 0x14dc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:09:18.0414 0x14dc NetBT - ok
15:09:18.0434 0x14dc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
15:09:18.0469 0x14dc Netlogon - ok
15:09:18.0514 0x14dc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
15:09:18.0638 0x14dc Netman - ok
15:09:18.0713 0x14dc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:09:18.0753 0x14dc NetMsmqActivator - ok
15:09:18.0768 0x14dc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:09:18.0808 0x14dc NetPipeActivator - ok
15:09:18.0857 0x14dc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
15:09:18.0991 0x14dc netprofm - ok
15:09:19.0008 0x14dc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:09:19.0048 0x14dc NetTcpActivator - ok
15:09:19.0063 0x14dc [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:09:19.0103 0x14dc NetTcpPortSharing - ok
15:09:19.0707 0x14dc [ 50AD7F7040C22BB7CAA59A0880875A21, 34A3BE5C708F3498F6350EF041CE33847C1D041D610DFDA41AA877F87DD26050 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
15:09:20.0446 0x14dc NETwNs64 - ok
15:09:20.0522 0x14dc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:09:20.0551 0x14dc nfrd960 - ok
15:09:20.0585 0x14dc [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:09:20.0643 0x14dc NlaSvc - ok
15:09:20.0673 0x14dc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:09:20.0770 0x14dc Npfs - ok
15:09:20.0793 0x14dc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
15:09:20.0890 0x14dc nsi - ok
15:09:20.0917 0x14dc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:09:21.0013 0x14dc nsiproxy - ok
15:09:21.0157 0x14dc [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:09:21.0302 0x14dc Ntfs - ok
15:09:21.0322 0x14dc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
15:09:21.0416 0x14dc Null - ok
15:09:21.0454 0x14dc [ 158AD24745BD85BA9BE3C51C38F48C32, B053A3B5A5CAE2CBC47E2C19E636AD70F376334EFFBB391A76562E67CBF3AC86 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
15:09:21.0487 0x14dc nusb3hub - ok
15:09:21.0531 0x14dc [ D40A13B2C0891E218F9523B376955DB6, 9A2AAAF960868B860A65579EAD507B35C64CFD6C3581F8D731ADF975F778D10E ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
15:09:21.0572 0x14dc nusb3xhc - ok
15:09:21.0617 0x14dc [ 960E39A54E525DF58CB29193147DFFA1, E4620FD0E1E76FA9EBE9C641517D22B82458B62998711C74CA4FC60D55678582 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
15:09:21.0650 0x14dc NVHDA - ok
15:09:21.0723 0x14dc [ FB49C2A67096411EF5D20871946F0BE7, 50880570B7654A61D2AE7748B66E26F1E91F8AE8B3E814DEB5FFCC4D437D91CB ] nvkflt C:\Windows\system32\DRIVERS\nvkflt.sys
15:09:21.0768 0x14dc nvkflt - ok
15:09:22.0527 0x14dc [ 993D73A8090C957230DE4E14AA9C5DFF, 3864CB466E0F76881131AC8043C53297B70C30D3F1B5C3C7A8CC031EA86D60FC ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:09:23.0331 0x14dc nvlddmkm - ok
15:09:23.0388 0x14dc [ 29C4634D4B9A36CAA14BA5C91E5F4E8B, 474894ED2E48375BBA9C2A9B45CA44E58CDE5816218ED03DE418955615CF6CD4 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
15:09:23.0415 0x14dc nvpciflt - ok
15:09:23.0460 0x14dc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:09:23.0496 0x14dc nvraid - ok
15:09:23.0523 0x14dc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:09:23.0561 0x14dc nvstor - ok
15:09:23.0655 0x14dc [ C367AD646714E03E14F24F39EC206736, 231EFD56E51497DC452D96F249E1C193CEF8139392253CDB32AA664107B76E62 ] NVSvc C:\Windows\system32\nvvsvc.exe
15:09:23.0744 0x14dc NVSvc - ok
15:09:23.0873 0x14dc [ 44407283382D82C64C9195DE686D4205, 51BE011A0D4CB850B62B30324A9ED14EEC125F4B7AC46926014D9CCD2C10820D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:09:23.0986 0x14dc nvUpdatusService - ok
15:09:24.0020 0x14dc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:09:24.0055 0x14dc nv_agp - ok
15:09:24.0074 0x14dc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:09:24.0113 0x14dc ohci1394 - ok
15:09:24.0234 0x14dc [ E5399670D332DE22606F7D15FADF9138, BE2C5054544DC8A56B552FEA20212C293531A7898125BEFE3B82B8D48ED1556B ] OpcEnum C:\Windows\SysWOW64\opcenum.exe
15:09:24.0267 0x14dc OpcEnum - detected UnsignedFile.Multi.Generic ( 1 )
15:09:26.0706 0x14dc OpcEnum ( UnsignedFile.Multi.Generic ) - warning
15:09:29.0208 0x14dc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:09:29.0271 0x14dc p2pimsvc - ok
15:09:29.0315 0x14dc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
15:09:29.0383 0x14dc p2psvc - ok
15:09:29.0411 0x14dc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
15:09:29.0451 0x14dc Parport - ok
15:09:29.0475 0x14dc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:09:29.0507 0x14dc partmgr - ok
15:09:29.0589 0x14dc [ 5EACB8A19CAD7057806FBBF9550165E1, 63B9AE044F9205E395B9573BE32EC8A9695A16E4DF1BF3E7F7F5FFD336A7029E ] PcaSp60 C:\Windows\system32\DRIVERS\PcaSp60.sys
15:09:29.0618 0x14dc PcaSp60 - ok
15:09:29.0652 0x14dc [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
15:09:29.0714 0x14dc PcaSvc - ok
15:09:29.0751 0x14dc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
15:09:29.0790 0x14dc pci - ok
15:09:29.0830 0x14dc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
15:09:29.0857 0x14dc pciide - ok
15:09:29.0887 0x14dc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:09:29.0929 0x14dc pcmcia - ok
15:09:29.0949 0x14dc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
15:09:29.0979 0x14dc pcw - ok
15:09:30.0134 0x14dc [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
15:09:30.0250 0x14dc PDF Architect Helper Service - ok
15:09:30.0341 0x14dc [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
15:09:30.0417 0x14dc PDF Architect Service - ok
15:09:30.0481 0x14dc [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:09:30.0630 0x14dc PEAUTH - ok
15:09:30.0745 0x14dc [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:09:30.0890 0x14dc PeerDistSvc - ok
15:09:30.0935 0x14dc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:09:30.0971 0x14dc PerfHost - ok
15:09:31.0044 0x14dc [ 52C9F4359AF4A25969B882AECC6F3BDA, 4776FD60E71FA96F67E79A8ECAE48A224790234308DC8DEBC7D389227C0728BE ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
15:09:31.0065 0x14dc PHCORE - ok
15:09:31.0185 0x14dc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
15:09:31.0391 0x14dc pla - ok
15:09:31.0462 0x14dc [ 3EA0773AEDAD9B134A7C9C6883C7069F, E6D813D42D05A6BE05418235C8BC3EA2E0757AE3D997B775ABAB67A1491C7411 ] pln1394bus C:\Windows\system32\DRIVERS\pln1394bus_x64.sys
15:09:31.0498 0x14dc pln1394bus - ok
15:09:31.0584 0x14dc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:09:31.0651 0x14dc PlugPlay - ok
15:09:31.0689 0x14dc [ D1A4DBB8A29F7FFC78378F47F9EA6B91, 782C7C6AA7A4A772C5E7392EA6D849BBCD159C30DF30918941C0BE058226D765 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:09:31.0708 0x14dc Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
15:09:34.0144 0x14dc Detect skipped due to KSN trusted
15:09:34.0144 0x14dc Pml Driver HPZ12 - ok
15:09:34.0201 0x14dc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:09:34.0235 0x14dc PNRPAutoReg - ok
15:09:34.0275 0x14dc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:09:34.0335 0x14dc PNRPsvc - ok
15:09:34.0388 0x14dc [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:09:34.0520 0x14dc PolicyAgent - ok
15:09:34.0568 0x14dc [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll
15:09:34.0615 0x14dc Power - ok
15:09:34.0667 0x14dc [ 4CADD52E1669693937360C7ED680365B, 42AB4E08508743F26C7A90221E33F6346A1C2E4D0FAA703AF3B4C2674DD98D34 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
15:09:34.0697 0x14dc Power Manager DBC Service - ok
15:09:34.0733 0x14dc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:09:34.0832 0x14dc PptpMiniport - ok
15:09:34.0854 0x14dc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
15:09:34.0892 0x14dc Processor - ok
15:09:34.0929 0x14dc [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
15:09:34.0980 0x14dc ProfSvc - ok
15:09:34.0994 0x14dc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:09:35.0028 0x14dc ProtectedStorage - ok
15:09:35.0060 0x14dc [ B8035AF9CC0CCBA9A09AC0A0D9801797, 6F09D25BAD66951B795326EBF01EFB3E03B000E51EB7A0D8D99C1ACC7478209B ] psadd C:\Windows\system32\DRIVERS\psadd.sys
15:09:35.0083 0x14dc psadd - ok
15:09:35.0113 0x14dc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:09:35.0214 0x14dc Psched - ok
15:09:35.0258 0x14dc [ F036CFB275D0C55F4E45FBBF5F98B3C8, D8D1CA9F65B34A93AB9F7FD9BB6C453B2BF4E8320E620F56055B743DF1D56DE8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
15:09:35.0292 0x14dc PSI_SVC_2 - ok
15:09:35.0336 0x14dc [ 71399B176DE1CAEFD5AD4287ABB9E8A3, 4FEFDBD66B8478FFBF759667C2A3FC7A5EB47D14AFBC05B8B2C870538C66FE72 ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
15:09:35.0375 0x14dc PwmEWSvc - ok
15:09:35.0431 0x14dc [ B41AD9BC21A80598DAD208439E3A28B3, 06E38EE5804E3FC451354DBDB3D454BE8F75A433C561E76DBF922F3F17A79D3F ] PYNWAGNT C:\Windows\System32\Drivers\pynwagnt.sys
15:09:35.0456 0x14dc PYNWAGNT - ok
15:09:35.0480 0x14dc [ B4979A1C131C614A1AFB04857C1FA362, 2F57DF7B7C671269996852E08CA8BDE166E7561EBBB600B29853ACC910D2F633 ] PyNwFlt C:\Windows\system32\DRIVERS\pynwflt.sys
15:09:35.0506 0x14dc PyNwFlt - ok
15:09:35.0643 0x14dc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:09:35.0778 0x14dc ql2300 - ok
15:09:35.0802 0x14dc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:09:35.0838 0x14dc ql40xx - ok
15:09:35.0884 0x14dc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
15:09:35.0951 0x14dc QWAVE - ok
15:09:35.0978 0x14dc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:09:36.0027 0x14dc QWAVEdrv - ok
15:09:36.0046 0x14dc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:09:36.0140 0x14dc RasAcd - ok
15:09:36.0163 0x14dc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:09:36.0261 0x14dc RasAgileVpn - ok
15:09:36.0297 0x14dc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
15:09:36.0401 0x14dc RasAuto - ok
15:09:36.0435 0x14dc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:09:36.0536 0x14dc Rasl2tp - ok
15:09:36.0574 0x14dc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
15:09:36.0694 0x14dc RasMan - ok
15:09:36.0727 0x14dc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:09:36.0828 0x14dc RasPppoe - ok
15:09:36.0850 0x14dc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:09:36.0950 0x14dc RasSstp - ok
15:09:36.0989 0x14dc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:09:37.0105 0x14dc rdbss - ok
15:09:37.0138 0x14dc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:09:37.0178 0x14dc rdpbus - ok
15:09:37.0201 0x14dc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:09:37.0294 0x14dc RDPCDD - ok
15:09:37.0323 0x14dc [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:09:37.0368 0x14dc RDPDR - ok
15:09:37.0390 0x14dc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:09:37.0484 0x14dc RDPENCDD - ok
15:09:37.0500 0x14dc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:09:37.0594 0x14dc RDPREFMP - ok
15:09:37.0639 0x14dc [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:09:37.0672 0x14dc RdpVideoMiniport - ok
15:09:37.0715 0x14dc [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:09:37.0762 0x14dc RDPWD - ok
15:09:37.0796 0x14dc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:09:37.0837 0x14dc rdyboost - ok
15:09:37.0933 0x14dc [ FD11C1287D38A46FB72353E14D50089C, C787EE22583ADF1E19E5ADAC5B949750890D1FA5062B5DD2C6B35667D005FECF ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:09:38.0013 0x14dc RegSrvc - ok
15:09:38.0046 0x14dc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:09:38.0148 0x14dc RemoteAccess - ok
15:09:38.0195 0x14dc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:09:38.0304 0x14dc RemoteRegistry - ok
15:09:38.0345 0x14dc [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:09:38.0397 0x14dc RFCOMM - ok
15:09:38.0431 0x14dc [ 5A227511ED22DDFEDF7EF7323C8F7D2F, 5056DED32432E192268BE8214B6152A488807357D1BBB769171843E589BF4320 ] risdxc C:\Windows\system32\DRIVERS\risdxc64.sys
15:09:38.0467 0x14dc risdxc - ok
15:09:38.0487 0x14dc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:09:38.0589 0x14dc RpcEptMapper - ok
15:09:38.0601 0x14dc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
15:09:38.0637 0x14dc RpcLocator - ok
15:09:38.0687 0x14dc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
15:09:38.0822 0x14dc RpcSs - ok
15:09:38.0857 0x14dc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:09:38.0956 0x14dc rspndr - ok
15:09:38.0977 0x14dc [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:09:39.0008 0x14dc s3cap - ok
15:09:39.0161 0x14dc [ C041DE0EB4C3DA55C5BD2E370A5BB999, 6B65B6FEFC31B4BACF57D4307CD1A0946CD3713ED7FF4C0B739EA767537BF7F3 ] s7hspsvx C:\Program Files (x86)\Siemens\Step7\s7bin\s7hspsvx.exe
15:09:39.0179 0x14dc s7hspsvx - detected UnsignedFile.Multi.Generic ( 1 )
15:09:41.0618 0x14dc s7hspsvx ( UnsignedFile.Multi.Generic ) - warning
15:09:44.0105 0x14dc [ 67B07DB7190C4A120112B9915AB1B7C8, E2D939D911B2363FB68C8F9F79DB1DDCA617A0F5E7DCB339EC438C513497C08B ] s7odpx2x64 C:\Windows\system32\DRIVERS\s7odpx2x64.sys
15:09:44.0139 0x14dc s7odpx2x64 - ok
15:09:44.0219 0x14dc [ 2BC3AB45505095E3D02616983D625683, 1FFF2D353EF720D2F2FAC372218BF252D37D888DE57A123BCFA3C09DFF49E2AE ] s7oiehsx64 C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe
15:09:44.0308 0x14dc s7oiehsx64 - ok
15:09:44.0353 0x14dc [ 56C7E819BEEF3EBEB701C5304DD5753F, F2735ED246BE77C8D8AA14BB2A9FEB69A02DE2D8B287B3CC8708DCF22C1C8638 ] s7oppinx64 C:\Windows\system32\DRIVERS\s7oppinx64.sys
15:09:44.0389 0x14dc s7oppinx64 - ok
15:09:44.0413 0x14dc [ F113DD69F3A483B3D3C1E4EC692D1B49, 643445914A17D0C9D9922D5F375805C96B7A3E4DB8F2BC2248DE15C088F9A020 ] s7oserix64 C:\Windows\system32\Drivers\s7oserix64.sys
15:09:44.0450 0x14dc s7oserix64 - ok
15:09:44.0487 0x14dc [ B35AE80AA27A93A08D6DB4F968B68226, 3D42359870CA763EBA46DE02F23D8AF4AD4F5C6846481B72E9BF5315B376296E ] s7osmcax64 C:\Windows\system32\DRIVERS\s7osmcax64.sys
15:09:44.0530 0x14dc s7osmcax64 - ok
15:09:44.0551 0x14dc [ 87C0D4FC0C7FE5AEFD2371DFEFC2203B, 6E24D45B1D09F9581FA3DF1407EE16FF3452DD09F439A5448B086B1AE5B919DE ] s7osobux64 C:\Windows\system32\DRIVERS\s7osobux64.sys
15:09:44.0591 0x14dc s7osobux64 - ok
15:09:44.0620 0x14dc [ 1FFCE3E378C40B7925ED318D6494689F, 16AE8533EEFE5CBA72BCAF7E1FA4E8159F0CBD3B26D1E8FBFB50CBA20023E295 ] s7otmcd64x C:\Windows\system32\Drivers\s7otmcd64x.sys
15:09:44.0663 0x14dc s7otmcd64x - ok
15:09:44.0720 0x14dc [ 0C4C99C91C7C46B859C084DD6FDEEBC5, A9E9E7114FFC9D287E79F78713E9C6117D4F7EFF7C5FA1DF7EF1E455E958599E ] s7otranx64 C:\Windows\system32\DRIVERS\s7otranx64.sys
15:09:44.0773 0x14dc s7otranx64 - ok
15:09:44.0794 0x14dc [ CF4BF284DA8DF45CF96DB0DB975F2C9E, 623E1F5A3AC35A8A8AC1ACFFD4870A1B35D45E4CDED1601B0FDAC311871F77BB ] s7otsadx64 C:\Windows\system32\DRIVERS\s7otsadx64.sys
15:09:44.0837 0x14dc s7otsadx64 - ok
15:09:44.0867 0x14dc [ 446DE23B25DA8E2A15F395EB5D29B496, A968E5C897F0C52AC378AEDFB5BD314231229C0F5C73A3405BABF9C75A1F4821 ] s7ousbu64x C:\Windows\system32\DRIVERS\s7ousbu64x.sys
15:09:44.0910 0x14dc s7ousbu64x - ok
15:09:44.0957 0x14dc [ BC374502CCE3572D2EF015728CC99232, CD9986BD487BA6C1626E1B3EA83D4B43FD8D620EED51808B836C80D3A1FAD534 ] s7sn2srtx C:\Windows\system32\DRIVERS\s7sn2srtx.sys
15:09:44.0984 0x14dc s7sn2srtx - ok
15:09:45.0016 0x14dc [ 41DEBFBAA26CBC481E95B0135F747F6F, C6BC1B78E7D5DC2ADFEF6DC591D703F6D11761D85F46887D8F7D1E3B61650847 ] S7TraceServiceX C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe
15:09:45.0052 0x14dc S7TraceServiceX - ok
15:09:45.0069 0x14dc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
15:09:45.0103 0x14dc SamSs - ok
15:09:45.0111 0x14dc SAService - ok
15:09:45.0193 0x14dc [ 495588414F5C62C333F1A69E17E5FB9F, F16FA9EE19BA1B519EBC371282F913FE0E42AEED226D149C6F37976466D61CA8 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
15:09:45.0233 0x14dc SbieDrv - ok
15:09:45.0251 0x14dc [ 099007B7A80E1917FFA110CE7785A3C9, 04B877099A151F226C378FB000185FA4B3CB96FF858ED2801A9440D7625F0E52 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
15:09:45.0280 0x14dc SbieSvc - ok
15:09:45.0306 0x14dc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:09:45.0340 0x14dc sbp2port - ok
15:09:45.0380 0x14dc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:09:45.0492 0x14dc SCardSvr - ok
15:09:45.0517 0x14dc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:09:45.0610 0x14dc scfilter - ok
15:09:45.0699 0x14dc [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
15:09:45.0882 0x14dc Schedule - ok
15:09:45.0910 0x14dc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:09:46.0008 0x14dc SCPolicySvc - ok
15:09:46.0069 0x14dc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:09:46.0117 0x14dc SDRSVC - ok
15:09:46.0134 0x14dc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:09:46.0230 0x14dc secdrv - ok
15:09:46.0250 0x14dc [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
15:09:46.0345 0x14dc seclogon - ok
15:09:46.0378 0x14dc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
15:09:46.0479 0x14dc SENS - ok
15:09:46.0490 0x14dc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:09:46.0526 0x14dc SensrSvc - ok
15:09:46.0579 0x14dc [ 255476B54C82A89416EFDF09FD62F107, 000A6F7F15177A08ED4E22DB1C06F9FF0F8D324541A3E7AF7F35123D9CA4122D ] Sentinel64 C:\Windows\System32\Drivers\Sentinel64.sys
15:09:46.0611 0x14dc Sentinel64 - ok
15:09:46.0648 0x14dc [ 172600C07C64B6C989AEE451994AC18D, A21BE5D125F575627197A8729FDC1D582BF7E468A914297D04BB14616C16F41A ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl64.sys
15:09:46.0683 0x14dc Ser2pl - ok
15:09:46.0709 0x14dc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:09:46.0743 0x14dc Serenum - ok
15:09:46.0781 0x14dc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:09:46.0821 0x14dc Serial - ok
15:09:46.0844 0x14dc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:09:46.0879 0x14dc sermouse - ok
15:09:46.0929 0x14dc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
15:09:47.0031 0x14dc SessionEnv - ok
15:09:47.0050 0x14dc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:09:47.0091 0x14dc sffdisk - ok
15:09:47.0100 0x14dc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:09:47.0140 0x14dc sffp_mmc - ok
15:09:47.0149 0x14dc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:09:47.0189 0x14dc sffp_sd - ok
15:09:47.0198 0x14dc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:09:47.0232 0x14dc sfloppy - ok
15:09:47.0299 0x14dc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:09:47.0423 0x14dc SharedAccess - ok
15:09:47.0464 0x14dc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:09:47.0587 0x14dc ShellHWDetection - ok
15:09:47.0620 0x14dc [ E2FC046D4EDABFE3B5EF7DA06406277D, DB2B2A3BE6DC85F414D969E16E8E770BB7ADFA6E44B5FA6725B76D17978DF22A ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
15:09:47.0651 0x14dc Shockprf - ok
15:09:47.0681 0x14dc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:09:47.0711 0x14dc SiSRaid2 - ok
15:09:47.0734 0x14dc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:09:47.0766 0x14dc SiSRaid4 - ok
15:09:47.0886 0x14dc [ EDB28D1C30B647C6F7AA3414670FE82B, E9ADC49E25D28491FAD32782EDBF16DF068A4AFD5E2C3517E4253599CD6F1A55 ] smartserver C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe
15:09:47.0946 0x14dc smartserver - ok
15:09:47.0987 0x14dc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:09:48.0086 0x14dc Smb - ok
15:09:48.0123 0x14dc [ C5B1A19B14F19B08AE72FCB20A3075B6, FD920DC51638A2C52C51827CC14264FA7B945417A486DE439E516FA2BD6D51DA ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
15:09:48.0145 0x14dc smihlp - ok
15:09:48.0188 0x14dc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:09:48.0226 0x14dc SNMPTRAP - ok
15:09:48.0276 0x14dc [ 01E0EDAEA718BD5B831DB29E2D16E73B, C8A3A6300AF4F06276A562223B4F0D0A54E926F9197FAB8F8E6C2320302A60CA ] SNTIE C:\Windows\system32\DRIVERS\sntie.sys
15:09:48.0309 0x14dc SNTIE - ok
15:09:48.0353 0x14dc [ BAECAF8945218EC7390BFE2277406354, 46A0F71A260F00EAF9C9888527C32492614711C8BA59BE22A7A11D1C1F8AEE12 ] SNTUSB64 C:\Windows\system32\DRIVERS\SNTUSB64.SYS
15:09:48.0380 0x14dc SNTUSB64 - ok
15:09:48.0537 0x14dc [ 3B8B64EF1D7CE03727DEFFFEF473F5AE, D9D031C054759D0E9117021992FD08BBE3A05128B2EEA7FE97BB25DCEF8538FD ] Solid Edge C:\SEFlex\Program\lmgrd.exe
15:09:48.0654 0x14dc Solid Edge - ok
15:09:48.0681 0x14dc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
15:09:48.0708 0x14dc spldr - ok
15:09:48.0781 0x14dc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
15:09:48.0861 0x14dc Spooler - ok
15:09:49.0119 0x14dc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
15:09:49.0503 0x14dc sppsvc - ok
15:09:49.0556 0x14dc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:09:49.0657 0x14dc sppuinotify - ok
15:09:49.0725 0x14dc [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:09:49.0762 0x14dc SQLBrowser - ok
15:09:49.0826 0x14dc [ 3C432A96363097870995E2A3C8B66ABD, AA0AE0935FC5317FE93D7D3C3B9A6B2E026915D07704AF3E36F14FEA8595F4A6 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:09:49.0858 0x14dc SQLWriter - ok
15:09:49.0912 0x14dc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:09:49.0983 0x14dc srv - ok
15:09:50.0030 0x14dc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:09:50.0095 0x14dc srv2 - ok
15:09:50.0123 0x14dc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:09:50.0168 0x14dc srvnet - ok
15:09:50.0213 0x14dc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:09:50.0324 0x14dc SSDPSRV - ok
15:09:50.0345 0x14dc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:09:50.0446 0x14dc SstpSvc - ok
15:09:50.0522 0x14dc [ 17FC2EAD763F0237457817A753A5A676, CDA2EFE4AC5A7BE034FF1A5A6469CF7C4B295BF5E1D995C9A289AD9E8FBD3740 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:09:50.0573 0x14dc Stereo Service - ok
15:09:50.0600 0x14dc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:09:50.0628 0x14dc stexstor - ok
15:09:50.0706 0x14dc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
15:09:50.0801 0x14dc stisvc - ok
15:09:50.0835 0x14dc [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:09:50.0865 0x14dc storflt - ok
15:09:50.0884 0x14dc [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
15:09:50.0919 0x14dc StorSvc - ok
15:09:50.0951 0x14dc [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:09:50.0980 0x14dc storvsc - ok
15:09:51.0047 0x14dc [ 6EA2F517373771CAC5188E82617C9C0B, 8ADCCF88C0BA60994060AEDA97873EBDEACBCC728FD379F117DCB6A095E59CB9 ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
15:09:51.0061 0x14dc SUService - detected UnsignedFile.Multi.Generic ( 1 )
15:09:53.0507 0x14dc Detect skipped due to KSN trusted
15:09:53.0507 0x14dc SUService - ok
|
|
25.08.2015, 14:34
| #11 |
| | Spammail durch meinen Account Teil 2 Code:
ATTFilter 15:09:53.0544 0x14dc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:09:53.0572 0x14dc swenum - ok
15:09:53.0624 0x14dc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
15:09:53.0763 0x14dc swprv - ok
15:09:53.0900 0x14dc [ FFDD13B42D4B106AC9FAFBB0E1F7FAA5, 0A0AD18033446F464459F7492F7CB580893DEAC54FAC05A5E342F66D10E2B8F3 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:09:54.0025 0x14dc SynTP - ok
15:09:54.0169 0x14dc [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
15:09:54.0362 0x14dc SysMain - ok
15:09:54.0389 0x14dc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:09:54.0444 0x14dc TabletInputService - ok
15:09:54.0483 0x14dc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
15:09:54.0604 0x14dc TapiSrv - ok
15:09:54.0635 0x14dc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
15:09:54.0736 0x14dc TBS - ok
15:09:54.0897 0x14dc [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:09:55.0058 0x14dc Tcpip - ok
15:09:55.0196 0x14dc [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:09:55.0357 0x14dc TCPIP6 - ok
15:09:55.0405 0x14dc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:09:55.0439 0x14dc tcpipreg - ok
15:09:55.0466 0x14dc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:09:55.0498 0x14dc TDPIPE - ok
15:09:55.0518 0x14dc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:09:55.0550 0x14dc TDTCP - ok
15:09:55.0576 0x14dc [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:09:55.0675 0x14dc tdx - ok
15:09:55.0706 0x14dc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:09:55.0737 0x14dc TermDD - ok
15:09:55.0808 0x14dc [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
15:09:55.0956 0x14dc TermService - ok
15:09:55.0974 0x14dc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
15:09:56.0025 0x14dc Themes - ok
15:09:56.0055 0x14dc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
15:09:56.0155 0x14dc THREADORDER - ok
15:09:56.0170 0x14dc [ 55B7FE3E1D3B616BDC4E9EA48D92D6E6, 6FB582C4BC0093A585942FB510B40C2222AF477A1D8DC22C3B3ACB3B83A9B31E ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
15:09:56.0192 0x14dc TPDIGIMN - ok
15:09:56.0220 0x14dc [ F0684C62ED8FD3061CD488ECFC851022, 0F22F355C468512B25ED7BC3826146DCAA51BBC58EA59175EF911EFF91F3E363 ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
15:09:56.0246 0x14dc TPHDEXLGSVC - ok
15:09:56.0314 0x14dc [ 83415782D47F8064FCAFEA308ABB2246, 24D407FFF78EB48A440E4929918C92AEF6F5CF8170A14019C22D36B30BB01A23 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
15:09:56.0343 0x14dc TPHKLOAD - ok
15:09:56.0366 0x14dc [ C04BB65441913AB621C58A8BD3169B23, 2EC3DD6A154CA9751F560960F5CD9659C8EFF7DF57505A165AFBB0EF45137082 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
15:09:56.0395 0x14dc TPHKSVC - ok
15:09:56.0429 0x14dc [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys
15:09:56.0465 0x14dc TPM - ok
15:09:56.0495 0x14dc [ 7165B5A9B4867F64A6D6935F57D4196B, 716BF044005E11A84D2B114E4DBCDA390C7842EBD4B6E8FA710D2D002BAE09DC ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
15:09:56.0517 0x14dc TPPWRIF - ok
15:09:56.0553 0x14dc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
15:09:56.0658 0x14dc TrkWks - ok
15:09:56.0714 0x14dc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:09:56.0819 0x14dc TrustedInstaller - ok
15:09:56.0860 0x14dc [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:09:56.0894 0x14dc tssecsrv - ok
15:09:56.0930 0x14dc [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:09:56.0966 0x14dc TsUsbFlt - ok
15:09:56.0991 0x14dc [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:09:57.0024 0x14dc TsUsbGD - ok
15:09:57.0057 0x14dc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:09:57.0156 0x14dc tunnel - ok
15:09:57.0186 0x14dc [ 4DAAE0413CD4E816258838E2FAFB3147, 7D45621A0148C2EEA4302A5852D9407DCEF1947936E9E840788F01625E869CDD ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
15:09:57.0211 0x14dc TVTI2C - ok
15:09:57.0230 0x14dc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:09:57.0261 0x14dc uagp35 - ok
15:09:57.0304 0x14dc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:09:57.0421 0x14dc udfs - ok
15:09:57.0459 0x14dc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:09:57.0499 0x14dc UI0Detect - ok
15:09:57.0568 0x14dc [ BE788A747457E6916586C410EC0111E7, 525F9065270AF40FED854C5B3C7E690783F5169C2F9286EE225F6C817ED1E237 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
15:09:57.0585 0x14dc UleadBurningHelper - detected UnsignedFile.Multi.Generic ( 1 )
15:10:00.0037 0x14dc Detect skipped due to KSN trusted
15:10:00.0038 0x14dc UleadBurningHelper - ok
15:10:00.0096 0x14dc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:10:00.0127 0x14dc uliagpkx - ok
15:10:00.0158 0x14dc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:10:00.0195 0x14dc umbus - ok
15:10:00.0216 0x14dc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
15:10:00.0251 0x14dc UmPass - ok
15:10:00.0292 0x14dc [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
15:10:00.0344 0x14dc UmRdpService - ok
15:10:00.0576 0x14dc [ A69CD6BDB82872999D2E46F9324ADA83, 1F06D5B716D48E693A082C1FC49D80405F50D60C78FDF5829FF51F1CC11CF011 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:10:00.0784 0x14dc UNS - ok
15:10:00.0829 0x14dc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
15:10:00.0954 0x14dc upnphost - ok
15:10:01.0011 0x14dc [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:10:01.0050 0x14dc usbccgp - ok
15:10:01.0083 0x14dc [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:10:01.0123 0x14dc usbcir - ok
15:10:01.0143 0x14dc [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:10:01.0178 0x14dc usbehci - ok
15:10:01.0224 0x14dc [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:10:01.0283 0x14dc usbhub - ok
15:10:01.0320 0x14dc [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:10:01.0352 0x14dc usbohci - ok
15:10:01.0376 0x14dc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
15:10:01.0417 0x14dc usbprint - ok
15:10:01.0448 0x14dc [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:10:01.0486 0x14dc USBSTOR - ok
15:10:01.0518 0x14dc [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:10:01.0550 0x14dc usbuhci - ok
15:10:01.0607 0x14dc [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
15:10:01.0653 0x14dc usbvideo - ok
15:10:01.0682 0x14dc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
15:10:01.0780 0x14dc UxSms - ok
15:10:01.0795 0x14dc [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
15:10:01.0830 0x14dc VaultSvc - ok
15:10:01.0852 0x14dc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:10:01.0881 0x14dc vdrvroot - ok
15:10:01.0931 0x14dc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
15:10:02.0067 0x14dc vds - ok
15:10:02.0091 0x14dc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:10:02.0133 0x14dc vga - ok
15:10:02.0152 0x14dc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:10:02.0247 0x14dc VgaSave - ok
15:10:02.0277 0x14dc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:10:02.0318 0x14dc vhdmp - ok
15:10:02.0372 0x14dc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
15:10:02.0399 0x14dc viaide - ok
15:10:02.0443 0x14dc [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:10:02.0483 0x14dc vmbus - ok
15:10:02.0505 0x14dc [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:10:02.0538 0x14dc VMBusHID - ok
15:10:02.0563 0x14dc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:10:02.0594 0x14dc volmgr - ok
15:10:02.0631 0x14dc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:10:02.0683 0x14dc volmgrx - ok
15:10:02.0714 0x14dc [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:10:02.0761 0x14dc volsnap - ok
15:10:02.0789 0x14dc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:10:02.0826 0x14dc vsmraid - ok
15:10:02.0875 0x14dc [ D45FED2CAF2C336058A516132B486888, 2B642E4B88F8BB7B20E614904565428DD95DB369232CDD596D9652951A050370 ] vsnl2ada C:\Windows\system32\DRIVERS\vsnl2ada.sys
15:10:02.0912 0x14dc vsnl2ada - ok
15:10:03.0046 0x14dc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
15:10:03.0271 0x14dc VSS - ok
15:10:03.0293 0x14dc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:10:03.0335 0x14dc vwifibus - ok
15:10:03.0363 0x14dc [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:10:03.0414 0x14dc vwififlt - ok
15:10:03.0439 0x14dc [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:10:03.0486 0x14dc vwifimp - ok
15:10:03.0542 0x14dc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
15:10:03.0670 0x14dc W32Time - ok
15:10:03.0694 0x14dc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:10:03.0729 0x14dc WacomPen - ok
15:10:03.0776 0x14dc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:10:03.0872 0x14dc WANARP - ok
15:10:03.0884 0x14dc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:10:03.0983 0x14dc Wanarpv6 - ok
15:10:04.0096 0x14dc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
15:10:04.0253 0x14dc wbengine - ok
15:10:04.0301 0x14dc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:10:04.0366 0x14dc WbioSrvc - ok
15:10:04.0405 0x14dc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:10:04.0483 0x14dc wcncsvc - ok
15:10:04.0503 0x14dc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:10:04.0540 0x14dc WcsPlugInService - ok
15:10:04.0568 0x14dc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
15:10:04.0596 0x14dc Wd - ok
15:10:04.0678 0x14dc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:10:04.0764 0x14dc Wdf01000 - ok
15:10:04.0795 0x14dc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:10:04.0851 0x14dc WdiServiceHost - ok
15:10:04.0863 0x14dc [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:10:04.0918 0x14dc WdiSystemHost - ok
15:10:04.0966 0x14dc [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
15:10:05.0020 0x14dc WebClient - ok
15:10:05.0051 0x14dc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:10:05.0166 0x14dc Wecsvc - ok
15:10:05.0185 0x14dc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:10:05.0287 0x14dc wercplsupport - ok
15:10:05.0330 0x14dc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
15:10:05.0433 0x14dc WerSvc - ok
15:10:05.0463 0x14dc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:10:05.0557 0x14dc WfpLwf - ok
15:10:05.0579 0x14dc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:10:05.0607 0x14dc WIMMount - ok
15:10:05.0627 0x14dc WinDefend - ok
15:10:05.0643 0x14dc WinHttpAutoProxySvc - ok
15:10:05.0716 0x14dc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:10:05.0829 0x14dc Winmgmt - ok
15:10:05.0995 0x14dc [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
15:10:06.0256 0x14dc WinRM - ok
15:10:06.0342 0x14dc [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
15:10:06.0385 0x14dc WinUsb - ok
15:10:06.0470 0x14dc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:10:06.0591 0x14dc Wlansvc - ok
15:10:06.0632 0x14dc [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:10:06.0658 0x14dc wlcrasvc - ok
15:10:06.0856 0x14dc [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:10:07.0039 0x14dc wlidsvc - ok
15:10:07.0081 0x14dc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:10:07.0115 0x14dc WmiAcpi - ok
15:10:07.0165 0x14dc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:10:07.0216 0x14dc wmiApSrv - ok
15:10:07.0253 0x14dc WMPNetworkSvc - ok
15:10:07.0287 0x14dc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:10:07.0322 0x14dc WPCSvc - ok
15:10:07.0348 0x14dc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:10:07.0397 0x14dc WPDBusEnum - ok
15:10:07.0422 0x14dc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:10:07.0516 0x14dc ws2ifsl - ok
15:10:07.0538 0x14dc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
15:10:07.0595 0x14dc wscsvc - ok
15:10:07.0603 0x14dc WSearch - ok
15:10:07.0804 0x14dc [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
15:10:08.0005 0x14dc wuauserv - ok
15:10:08.0055 0x14dc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:10:08.0093 0x14dc WudfPf - ok
15:10:08.0136 0x14dc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:10:08.0183 0x14dc WUDFRd - ok
15:10:08.0226 0x14dc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:10:08.0267 0x14dc wudfsvc - ok
15:10:08.0318 0x14dc [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
15:10:08.0372 0x14dc WwanSvc - ok
15:10:08.0411 0x14dc ================ Scan global ===============================
15:10:08.0434 0x14dc [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:10:08.0487 0x14dc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:10:08.0522 0x14dc [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:10:08.0567 0x14dc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:10:08.0606 0x14dc [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
15:10:08.0629 0x14dc [ Global ] - ok
15:10:08.0630 0x14dc ================ Scan MBR ==================================
15:10:08.0639 0x14dc [ C30A9FBB9194C2C5688458822C902A78 ] \Device\Harddisk0\DR0
15:10:09.0048 0x14dc \Device\Harddisk0\DR0 - ok
15:10:09.0049 0x14dc ================ Scan VBR ==================================
15:10:09.0054 0x14dc [ 330DD205C29FB1538B22193230586A54 ] \Device\Harddisk0\DR0\Partition1
15:10:09.0058 0x14dc \Device\Harddisk0\DR0\Partition1 - ok
15:10:09.0073 0x14dc [ 8642F04239E3949C275305737FBFD766 ] \Device\Harddisk0\DR0\Partition2
15:10:09.0076 0x14dc \Device\Harddisk0\DR0\Partition2 - ok
15:10:09.0106 0x14dc [ AF800E455B95ABD38B4B1B4CFEA40A0B ] \Device\Harddisk0\DR0\Partition3
15:10:09.0110 0x14dc \Device\Harddisk0\DR0\Partition3 - ok
15:10:09.0111 0x14dc ================ Scan generic autorun ======================
15:10:09.0112 0x14dc SynTPEnh - ok
15:10:09.0173 0x14dc [ 3B46C768A26D33F867B1A3D06C281A8A, 5E04D008892BA2EEB1009E9CEA9EC62E1783BD1C12B4C84F94371600821363D8 ] C:\Windows\system32\TpShocks.exe
15:10:09.0221 0x14dc TpShocks - ok
15:10:09.0260 0x14dc [ 42361B4BD80768E82B80285851037665, A555A6BF8016645B838FEA993AD273D1F472586F3600619DC243B1C33438FA07 ] C:\Program Files\Conexant\ForteConfig\fmapp.exe
15:10:09.0284 0x14dc ForteConfig - ok
15:10:09.0328 0x14dc [ 59684F3A784301D09ADF69E70DF979E8, 69B437914B91947FA2EF817FB83495EE86C065B886EA155A0CF354C7ED100DE1 ] C:\Program Files\CONEXANT\SAII\SAIICpl.exe
15:10:09.0370 0x14dc SmartAudio - ok
15:10:09.0400 0x14dc [ 7EE88AA7B7F93CDA445921B6F8D9B89E, E8C40233E4EAE4660D481587E313A3542354FD4008B5165DB2393B0A87FC310D ] C:\Windows\system32\igfxtray.exe
15:10:09.0434 0x14dc IgfxTray - ok
15:10:09.0473 0x14dc [ 5D4069AEF369F011205CD71EACB5BBF7, 41769086CE903D4AA6572FB5DF6BCAE9647412E309537365AC31A89083B72FED ] C:\Windows\system32\hkcmd.exe
15:10:09.0523 0x14dc HotKeysCmds - ok
15:10:09.0565 0x14dc [ F0F898B89FD490AB77CC9D072B62004B, D0EAF4C0C993AA9ABB194AEADBBC09CF97FE3818ED22429CDBC60DF72423069A ] C:\Windows\system32\igfxpers.exe
15:10:09.0616 0x14dc Persistence - ok
15:10:09.0651 0x14dc [ EC80D4878D3824C289868E007B9C43EF, 8076D0F6C3D3EC60D3C638C60625F8063D2FA93FEAD00A3E6551812996087FFB ] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
15:10:09.0672 0x14dc LENOVO.TPKNRRES - ok
15:10:09.0709 0x14dc [ F5005A238995EAF113D62DD2540C5A38, 5CE534EF4125683A98BA491252830F3496AE71A25E85773B72F6AC4E732E4047 ] C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE
15:10:09.0747 0x14dc ALCKRESI.EXE - ok
15:10:09.0782 0x14dc [ 74354790ECAE60C11631BD7856C0AFD0, 4932908C79842CFDB4882A767BCAECB97F663892C9715D4FA1F4AE902335DCB5 ] C:\Windows\KHALMNPR.EXE
15:10:09.0812 0x14dc Kernel and Hardware Abstraction Layer - ok
15:10:09.0856 0x14dc [ 0307536FD43CC7BFB92F9DAC8DB913F1, 6C8BEDA4ADFBEF28E647B39B3EEA37A20BFE5C93C7EDA79471EFB46156197843 ] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
15:10:09.0872 0x14dc RotateImage - detected UnsignedFile.Multi.Generic ( 1 )
15:10:12.0315 0x14dc Detect skipped due to KSN trusted
15:10:12.0315 0x14dc RotateImage - ok
15:10:12.0375 0x14dc [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
15:10:12.0404 0x14dc NUSB3MON - ok
15:10:12.0443 0x14dc [ 49FBD026C73B6EFBFD3F58E641E39411, A2B80515D5107AD9817036B118D141F7A7306C372D54211A0B9687DB12D715FA ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
15:10:12.0471 0x14dc IMSS - ok
15:10:12.0477 0x14dc PWMTRV - ok
15:10:12.0788 0x14dc [ B3E053ED10DD568A3B292241F1A74D32, 62606F78FF968D7DF3EF04CD146749B525AEC9C438E9A897DA48F05577659DB2 ] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe
15:10:13.0112 0x14dc Lenovo Registration - ok
15:10:13.0253 0x14dc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:10:13.0382 0x14dc Sidebar - ok
15:10:13.0409 0x14dc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:10:13.0463 0x14dc mctadmin - ok
15:10:13.0545 0x14dc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:10:13.0674 0x14dc Sidebar - ok
15:10:13.0688 0x14dc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:10:13.0742 0x14dc mctadmin - ok
15:10:13.0823 0x14dc [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:10:13.0952 0x14dc Sidebar - ok
15:10:14.0045 0x14dc [ 1D375BC94804633AAA93E63301355D9E, 9884CC1260505AC2B9DD1190321BF4AD64CA06C2E7AA0AA0C402F31A1846E6D1 ] C:\Program Files\Sandboxie\SbieCtrl.exe
15:10:14.0116 0x14dc SandboxieControl - ok
15:10:14.0185 0x14dc [ 23C2FCAA50C4F80F7D1B8A0771D45328, AE5BC1B2FC15AFFB5F38037AE4C87BB85F9C85D4AC0DCDD51F48A0F77E8EC094 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
15:10:14.0211 0x14dc iCloudServices - ok
15:10:14.0241 0x14dc [ 5883D86F8C22B1E5F78627E4AF19B234, 7DEE0ED168CBE012CAB1552586FDA945DF5151773E5523F0C7E4091F1DF1578F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
15:10:14.0266 0x14dc ApplePhotoStreams - ok
15:10:14.0293 0x14dc [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:10:14.0347 0x14dc mctadmin - ok
15:10:14.0403 0x14dc [ 1D375BC94804633AAA93E63301355D9E, 9884CC1260505AC2B9DD1190321BF4AD64CA06C2E7AA0AA0C402F31A1846E6D1 ] C:\Program Files\Sandboxie\SbieCtrl.exe
15:10:14.0474 0x14dc SandboxieControl - ok
15:10:14.0493 0x14dc [ 23C2FCAA50C4F80F7D1B8A0771D45328, AE5BC1B2FC15AFFB5F38037AE4C87BB85F9C85D4AC0DCDD51F48A0F77E8EC094 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
15:10:14.0519 0x14dc iCloudServices - ok
15:10:14.0533 0x14dc [ 5883D86F8C22B1E5F78627E4AF19B234, 7DEE0ED168CBE012CAB1552586FDA945DF5151773E5523F0C7E4091F1DF1578F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
15:10:14.0558 0x14dc ApplePhotoStreams - ok
15:10:14.0560 0x14dc Waiting for KSN requests completion. In queue: 185
15:10:15.0560 0x14dc Waiting for KSN requests completion. In queue: 15
15:10:16.0560 0x14dc Waiting for KSN requests completion. In queue: 15
15:10:17.0560 0x14dc Waiting for KSN requests completion. In queue: 15
15:10:18.0560 0x14dc Waiting for KSN requests completion. In queue: 15
15:10:19.0560 0x14dc Waiting for KSN requests completion. In queue: 15
15:10:20.0560 0x14dc Waiting for KSN requests completion. In queue: 15
15:10:21.0560 0x14dc Waiting for KSN requests completion. In queue: 15
15:10:22.0560 0x14dc Waiting for KSN requests completion. In queue: 15
15:10:23.0560 0x14dc Waiting for KSN requests completion. In queue: 15
15:10:24.0560 0x14dc Waiting for KSN requests completion. In queue: 15
15:10:25.0560 0x14dc Waiting for KSN requests completion. In queue: 15
15:10:26.0560 0x14dc Waiting for KSN requests completion. In queue: 15
15:10:27.0561 0x14dc Waiting for KSN requests completion. In queue: 15
15:10:28.0621 0x14dc AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.11.550 ), 0x41000 ( enabled : updated )
15:10:28.0636 0x14dc Win FW state via NFP2: enabled ( trusted )
15:10:31.0064 0x14dc ============================================================
15:10:31.0064 0x14dc Scan finished
15:10:31.0064 0x14dc ============================================================
15:10:31.0082 0x23cc Detected object count: 7
15:10:31.0082 0x23cc Actual detected object count: 7
15:12:22.0815 0x23cc AceServer ( UnsignedFile.Multi.Generic ) - skipped by user
15:12:22.0816 0x23cc AceServer ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:12:22.0817 0x23cc ENI Server ( UnsignedFile.Multi.Generic ) - skipped by user
15:12:22.0817 0x23cc ENI Server ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:12:22.0820 0x23cc IndraLogic V13 Gateway ( UnsignedFile.Multi.Generic ) - skipped by user
15:12:22.0820 0x23cc IndraLogic V13 Gateway ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:12:22.0823 0x23cc IndraWorksService ( UnsignedFile.Multi.Generic ) - skipped by user
15:12:22.0823 0x23cc IndraWorksService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:12:22.0825 0x23cc Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:12:22.0825 0x23cc Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:12:22.0828 0x23cc OpcEnum ( UnsignedFile.Multi.Generic ) - skipped by user
15:12:22.0828 0x23cc OpcEnum ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:12:22.0831 0x23cc s7hspsvx ( UnsignedFile.Multi.Generic ) - skipped by user
15:12:22.0831 0x23cc s7hspsvx ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:14:14.0993 0x0538 Deinitialize success
ACEServer - Software von Adept ist installiert ENIServer - Software von CoDeSys ist installiert Indralogic, Indraworks - Software Bosch Rexroth ist installiert Net Driver HPZ12 - Treiber von HP ? OPCEnum - hängt irgendwie mit einem OPC-Server zusammen. Bosch Rexroth oder Siemens? s7hspsvx - STEP7 von Siemens ist installiert Also alles sauber? Geändert von halifax09 (25.08.2015 um 14:51 Uhr) |
|
26.08.2015, 08:54
| #12 |
| /// the machine /// TB-Ausbilder | Spammail durch meinen Account Ja alles sauber.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Spammail durch meinen Account |
| account, bekannte, festgestellt, gestellt, mailadresse, mailadressen, schütze, schützen, spammail, spammails, verteilt |
Linear-Darstellung
