Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 02.07.2014, 14:31   #1
fireboarder
 
Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus) - Standard

Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)



Hallo zusammen,
meine Name ist David und ich habe seit circa 2-3 Wochen das Problem, dass ich andauernd beim surfen auf Werbeseiten umgeleitet werde, wenn ich Google-Ergebnisse aufrufen möchte oder eine Website aus meinen Lesezeichen aufrufen möchte. Ich benutze momentan den Browser Firefox. Bezüglich des Problems habe ich bis jetzt folgende Schritte unternommen:

- zweimaliger System-Vollscan mit NortonSecurity
- automatische Weiterleitung bei Firefox deaktiviert (keine Log Dateien)
- zweimaliger Scan mit Malwarebytes Anti-Malware (Logs werden weiter unten aufgeführt)
- einmaliger Scan mit TDSS Killer (Logdatei im Anhang)

Desweiteren poste ich die geforderten Log-Dateien wie in der Beschreibung für Hilfesuchende beschrieben. Bei der Erstellung des Gmer-Logs hakte es jedoch. Beim ersten Mal hängte sich mein Pc auf und beim zweiten Mal wurde das Programm geschlossen aufgrund der Fehlermeldung von Vista: "Programm funktioniert nicht mehr".
Die TDSS-Logdatei und die Audition sowie normale FRST-Logdatei poste ich im Anhang aufgrund von zu vielen verwendeten Zeichen.

Meine Frage(n):
- Auch wird immer Werbung von "quicksharer" eingeblendet, gehört das mit zu diesem Problem?

Ich bin absolut nicht bewandert in Sachen Computer, etc. Für Fragen stehe ich gerne zur Verfügung! Weiterhin hoffe ich, dass ich bis jetzt soweit alles richtig gemacht habe, ansonsten weist mich einfach darauf hin! Ich hoffe man kann mir helfen! Viele Grüße David


LOGS:

DEFOGGER

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:15 on 02/07/2014 (Fireboarder)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-
         
Malwarebytes Anti-Malware I

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 27.06.2014 18:40:32, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Starting, 
Protection, 27.06.2014 18:40:33, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Started, 
Protection, 27.06.2014 18:40:33, SYSTEM, FIREBOARDERS-PC, Protection, Malicious Website Protection, Starting, 
Protection, 27.06.2014 18:40:34, SYSTEM, FIREBOARDERS-PC, Protection, Malicious Website Protection, Failed, 
Error, 27.06.2014 18:40:34, SYSTEM, FIREBOARDERS-PC, Protection, MWAC::CreateList - Block List, 3221225473, 
Update, 27.06.2014 18:40:39, SYSTEM, FIREBOARDERS-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.6.23.2, 
Update, 27.06.2014 18:41:14, SYSTEM, FIREBOARDERS-PC, Manual, Malware Database, 2014.3.4.9, 2014.6.27.6, 
Protection, 27.06.2014 18:41:15, SYSTEM, FIREBOARDERS-PC, Protection, Refresh, Starting, 
Protection, 27.06.2014 18:41:20, SYSTEM, FIREBOARDERS-PC, Protection, Refresh, Success, 
Update, 27.06.2014 19:02:30, SYSTEM, FIREBOARDERS-PC, Manual, Malware Database, 2014.6.27.6, 2014.6.27.7, 
Protection, 27.06.2014 19:03:02, SYSTEM, FIREBOARDERS-PC, Protection, Refresh, Starting, 
Protection, 27.06.2014 19:03:32, SYSTEM, FIREBOARDERS-PC, Protection, Refresh, Success, 
Protection, 27.06.2014 19:10:58, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Stopping, 
Protection, 27.06.2014 19:10:58, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Stopped, 
Protection, 27.06.2014 19:12:31, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Starting, 
Protection, 27.06.2014 19:12:31, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Started, 
Protection, 27.06.2014 19:12:31, SYSTEM, FIREBOARDERS-PC, Protection, Malicious Website Protection, Starting, 
Protection, 27.06.2014 19:12:31, SYSTEM, FIREBOARDERS-PC, Protection, Malicious Website Protection, Failed, 
Error, 27.06.2014 19:12:31, SYSTEM, FIREBOARDERS-PC, Protection, MWAC::CreateList - Block List, 3221225473, 
Protection, 27.06.2014 19:27:17, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Stopping, 
Protection, 27.06.2014 19:27:50, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Stopped, 

(end)
         
Malwarebytes Anti-Malware II

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 02.07.2014 14:54:46, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Starting, 
Protection, 02.07.2014 14:54:46, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Started, 
Protection, 02.07.2014 14:54:46, SYSTEM, FIREBOARDERS-PC, Protection, Malicious Website Protection, Starting, 
Protection, 02.07.2014 14:54:46, SYSTEM, FIREBOARDERS-PC, Protection, Malicious Website Protection, Failed, 
Error, 02.07.2014 14:54:46, SYSTEM, FIREBOARDERS-PC, Protection, MWAC::CreateList - Block List, 3221225473, 

(end)
         

Alt 02.07.2014, 14:35   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus) - Standard

Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)



Hi und

Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 02.07.2014, 14:42   #3
fireboarder
 
Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus) - Standard

Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)



Hallo cosinus!
Danke für die schnelle Rückmeldung!
So stand es in der Anleitung, aber dein Wunsch sei mir Befehl

Hier dann erstmal die Addition und normale Logdatei von FRST

ADDITION

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version:01-07-2014
Ran by Fireboarder at 2014-07-02 14:27:42
Running from C:\Users\Fireboarder\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton 360 Online (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 Online (Enabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 Online (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Anno 1701 (HKLM\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.02 - Sunflowers)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.009.0213.2137 - )
ATI Catalyst Install Manager (HKLM\...\{EB68307E-4E70-0C63-2CEE-62FA85C88CA6}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
Battlefield Play4Free (HKCU\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty Modern Warfare 2 (HKLM\...\Call of Duty Modern Warfare 2_is1) (Version:  - Activision)
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (Version: 2009.0213.2138.38808 - ATI) Hidden
Catalyst Control Center Core Implementation (Version: 2009.0625.1812.30825 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2009.0213.2138.38808 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2009.0625.1812.30825 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2009.0213.2138.38808 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2009.0625.1812.30825 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2009.0213.2138.38808 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2009.0625.1812.30825 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2009.0213.2138.38808 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2009.0625.1812.30825 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2009.0213.2138.38808 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2009.0625.1812.30825 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2009.0213.2138.38808 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2009.0625.1812.30825 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2009.0213.2138.38808 - ATI) Hidden
Catalyst Control Center Localization All (Version: 2009.0625.1812.30825 - ATI) Hidden
CCC Help Chinese Standard (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Chinese Standard (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Danish (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Danish (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Dutch (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Dutch (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help English (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help English (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Finnish (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Finnish (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help French (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help French (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help German (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help German (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Italian (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Italian (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Japanese (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Japanese (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Korean (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Korean (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Norwegian (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Norwegian (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Portuguese (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Portuguese (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Russian (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Russian (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Spanish (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Spanish (Version: 2009.0625.1811.30825 - ATI) Hidden
CCC Help Swedish (Version: 2009.0213.2137.38808 - ATI) Hidden
CCC Help Swedish (Version: 2009.0625.1811.30825 - ATI) Hidden
ccc-core-static (Version: 2009.0213.2138.38808 - ATI) Hidden
ccc-core-static (Version: 2009.0625.1812.30825 - Ihr Firmenname) Hidden
ccc-utility (Version: 2009.0213.2138.38808 - ATI) Hidden
ccc-utility (Version: 2009.0625.1812.30825 - ATI) Hidden
CIB pdf brewer (HKLM\...\{87046747-0738-439B-B8D8-9A10BA1039D6}) (Version: 2.6.0049 - CIB software GmbH)
Cisco Systems VPN Client 5.0.07.0410 (HKLM\...\{1CE60928-8325-49A8-8B06-633E48DD2B67}) (Version: 5.0.7 - Cisco Systems, Inc.)
Company of Heroes (HKLM\...\{EAF636A9-F664-4703-A659-85A894DA264F}) (Version: 1.0.0.99 - THQ Inc.)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Resource CD (HKLM\...\{42929F0F-CE14-47AF-9FC7-FF297A603021}) (Version: 1.00.0000 - Ihr Firmenname)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.29 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.29 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.2.101.219 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM\...\Dell Webcam Central) (Version: 1.20.10 - Creative Technology Ltd)
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DivX Converter (HKLM\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Version Checker (HKLM\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.2 - DivX, Inc.)
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FileZilla Client 3.2.7.1 (HKLM\...\FileZilla Client) (Version: 3.2.7.1 - )
Folder Lock (HKLM\...\Folder Lock) (Version:  - New Softwares.net)
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Free YouTube Download version 3.2.33.424 (HKLM\...\Free YouTube Download_is1) (Version: 3.2.33.424 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.27.225 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.27.225 - DVDVideoSoft Ltd.)
GameSpy Arcade (HKLM\...\GameSpy Arcade) (Version:  - )
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM\...\GoToAssist) (Version:  - )
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
InstallRTC (HKLM\...\{200F584F-848D-4B6B-B1A1-C74D735F18A4}) (Version: 1.0.0 - ICQ Ltd.)
Integrated Webcam Driver (1.06.03.0309)   (HKLM\...\Creative OA001) (Version: 1.06.03.0309 - Creative Technology Ltd.)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
K-Lite Codec Pack 7.7.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 7.7.0 - )
Live! Cam Avatar Creator (HKLM\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.2303.1 - Creative Technology Ltd)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MOUSE Editor (HKLM\...\InstallShield_{21FFDD40-F6B9-4609-B1C9-514E0A342BFA}) (Version: 4.20.0000 - Ihr Firmenname)
MOUSE Editor (Version: 4.20.0000 - Ihr Firmenname) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MP4 To MP3 Converter V3.0 (HKLM\...\MP4 To MP3 Converter_is1) (Version:  - hxxp://www.MP4ToMP3Converter.net)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetSpeedMonitor 2.5.4.0 x86 (HKLM\...\{86501894-E722-4385-A792-B7C2F28FAE7B}) (Version: 2.5.4.0 - Florian Gilles)
Norton 360 (HKLM\...\N360) (Version: 6.4.1.14 - Symantec Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PhotoScape (HKLM\...\PhotoScape) (Version:  - )
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - CyberLink Corporation)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
QuickSet (HKLM\...\{C4972073-2BFE-475D-8441-564EA97DA161}) (Version: 9.2.8 - Dell Inc.)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Roxio Creator Audio (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Copy (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Data (Version: 3.7.0 - Roxio) Hidden
Roxio Creator DE (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)
Roxio Creator DE (Version: 3.7.0 - Roxio) Hidden
Roxio Creator Tools (Version: 3.7.0 - Roxio) Hidden
Roxio Express Labeler 3 (Version: 3.2.1 - Roxio) Hidden
Roxio Update Manager (Version: 6.0.0 - Roxio) Hidden
Serious Sam 2 (HKLM\...\SeriousSam2) (Version:  - )
Skins (Version: 2009.0213.2138.38808 - ATI) Hidden
Skins (Version: 2009.0625.1812.30825 - ATI) Hidden
Skype web features (HKLM\...\{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}) (Version: 1.0.3971 - Skype Technologies S.A.)
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
T-Home Dialerschutz-Software (HKLM\...\{E8C5BD56-F5D8-41D3-8A71-273468FE256A}) (Version:  - )
Turbo Lister 2 (HKLM\...\InstallShield_{69640730-B830-4C24-BB5C-222DA1260548}) (Version: 2.0.0 - eBay)
Turbo Lister 2 (Version: 2.0.0 - eBay) Hidden
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.1 (HKLM\...\VLC media player) (Version: 2.0.1 - VideoLAN)
WIDCOMM Bluetooth Software 6.1.0.4402 (HKLM\...\{03D1988F-469F-4843-8E6E-E5FE9D17889D}) (Version: 6.1.0.4402 - Dell)
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live ID-Anmelde-Assistent (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Movie Maker (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
Yahoo! Detect (HKLM\...\YTdetect) (Version:  - )

==================== Restore Points  =========================

24-05-2014 10:52:15 Geplanter Prüfpunkt
24-05-2014 23:06:54 Geplanter Prüfpunkt
25-05-2014 19:32:06 Geplanter Prüfpunkt
29-05-2014 15:04:30 Geplanter Prüfpunkt
30-05-2014 18:47:32 Geplanter Prüfpunkt
31-05-2014 08:16:59 Geplanter Prüfpunkt
04-06-2014 19:32:36 Geplanter Prüfpunkt
05-06-2014 12:36:35 Geplanter Prüfpunkt
12-06-2014 14:49:39 Windows Update
16-06-2014 18:59:30 Geplanter Prüfpunkt
18-06-2014 18:59:36 Installed SpyHunter
18-06-2014 20:05:06 Gerätetreiber-Paketinstallation: Eset spol s r. o.
18-06-2014 20:05:37 Gerätetreiber-Paketinstallation: Eset spol s r. o.
18-06-2014 20:06:19 Gerätetreiber-Paketinstallation: Eset spol s r. o.
18-06-2014 20:07:13 Gerätetreiber-Paketinstallation: ESET Netzwerkdienst
18-06-2014 20:07:57 Gerätetreiber-Paketinstallation: Eset spol s r. o.
18-06-2014 20:08:44 Gerätetreiber-Paketinstallation: Eset spol s r. o.
18-06-2014 20:31:13 Removed SpyHunter
20-06-2014 20:30:35 Geplanter Prüfpunkt
22-06-2014 13:09:57 Geplanter Prüfpunkt
26-06-2014 07:46:22 Geplanter Prüfpunkt
26-06-2014 14:51:51 Installed SpyHunter
26-06-2014 14:59:32 Removed SpyHunter

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {16A1BFAC-4510-4967-B3FC-636B9081C186} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3290928489-3682883313-640886511-1000UA => C:\Users\Fireboarder\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13] (Facebook Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1EE036E2-9127-47CF-855C-A0FF660BBD46} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {2ECACF7B-1E95-43AD-83EF-475A2EEDEB3D} - System32\Tasks\{E5C548E4-8CAD-4F83-A2B2-E472F2F01AF7} => C:\Program Files\Skype\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {41E5151C-AA17-41AF-B464-2CDFF813B924} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-27] (Google Inc.)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {47E68650-8A4E-4C61-88F0-25C772761D9C} - System32\Tasks\{BFE48F15-2591-4221-9279-13666F4A9318} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/abandoninstall?page=tsProgressBar
Task: {4FC0DFD7-203F-46E7-B6F2-892E52CE1589} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2012-03-29] (PC-Doctor, Inc.)
Task: {6144B249-14FD-4EC8-9C51-FF6DA68F98EC} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files\Norton 360\Engine\6.4.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {63C96FDA-A7C0-493B-B231-963B856D85A6} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton 360\Engine\6.4.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation)
Task: {67F3F2C8-FFE4-4A24-9EC6-92F47AB8192D} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
Task: {6F42EFC9-406B-43CF-94C3-125FB6316FA8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3290928489-3682883313-640886511-1000Core => C:\Users\Fireboarder\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13] (Facebook Inc.)
Task: {70E33569-0D64-4585-A3AD-E9CB4FEF990B} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Fireboarder => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)
Task: {7ACED647-C29E-47B5-BCAB-7C215D39BA46} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\uaclauncher.exe [2012-03-29] (PC-Doctor, Inc.)
Task: {C39E2369-6C18-40D8-9ACC-0C6DE218221C} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2012-03-29] (PC-Doctor, Inc.)
Task: {DCC144D0-69F5-43C6-9668-B4334138B533} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-06-27] (Google Inc.)
Task: {E4B71BA8-8909-4BF9-AD88-06C9B7083DCE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-12] (Adobe Systems Incorporated)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {EF1A093F-E8B7-45AE-859F-4E688FD5624B} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files\Norton 360\Engine\6.4.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {F7A41010-A0A2-4376-945A-41EFAC16335E} - System32\Tasks\{88ADCB57-8A80-4B87-ADE0-B9575CE20F45} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/abandoninstall?page=tsProgressBar
Task: {FA0441A0-CFE7-4556-A6D6-DB74CBDD5CE2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3290928489-3682883313-640886511-1000Core.job => C:\Users\Fireboarder\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3290928489-3682883313-640886511-1000UA.job => C:\Users\Fireboarder\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\uaclauncher.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{324E136E-9CA7-4931-ABBF-D738027D2B08}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2009-08-23 19:58 - 2009-08-23 19:58 - 00094208 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2009-06-25 22:05 - 2008-09-16 20:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 00087328 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 01241888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-09-27 12:03 - 2010-09-27 12:03 - 00201512 _____ () C:\Windows\system32\vpnapi.dll
2011-10-08 13:54 - 2012-04-30 14:26 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files\DivX\DivX Update\DivXUpdate.exe
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
2014-07-02 14:19 - 2014-07-02 14:19 - 00043008 _____ () c:\Users\Fireboarder\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2n9hxy.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Fireboarder\AppData\Roaming\Dropbox\bin\libcef.dll
2014-06-18 16:02 - 2014-06-18 16:02 - 03852912 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-06-12 13:18 - 2014-06-12 13:18 - 17024688 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinFLAdrv.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickSet.lnk => C:\Windows\pss\QuickSet.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Fireboarder^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: msnmsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: OscarEditor => "C:\Program Files\MOUSE Editor\MouseEditor.exe" Minimum
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl => "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SweetIM => C:\Program Files\SweetIM\Messenger\SweetIM.exe
MSCONFIG\startupreg: T-Home Dialerschutz-Software => "C:\Program Files\T-Home\Dialerschutz-Software\Defender.exe"

==================== Faulty Device Manager Devices =============

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Creative Live! Camera
Description: 
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Creative Technology Ltd.
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/30/2014 04:13:04 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (06/30/2014 04:13:03 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (06/29/2014 11:56:39 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\system32\bitsperf.dll4

Error: (06/28/2014 08:59:06 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (06/28/2014 08:59:05 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (06/27/2014 06:23:05 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (06/27/2014 06:23:04 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (06/26/2014 04:00:05 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (06/26/2014 04:00:04 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (06/25/2014 08:02:49 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4


System errors:
=============
Error: (07/02/2014 02:29:43 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (07/02/2014 02:26:48 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (07/02/2014 02:26:43 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (07/02/2014 02:25:01 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (07/02/2014 02:24:56 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (07/02/2014 02:23:48 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (07/02/2014 02:23:43 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (07/02/2014 02:23:13 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (07/02/2014 02:22:10 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (07/02/2014 02:21:31 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.


Microsoft Office Sessions:
=========================
Error: (12/09/2011 01:38:52 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/19/2011 00:56:07 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/27/2011 07:09:26 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/22/2011 05:53:38 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/22/2011 05:51:43 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/08/2011 04:05:17 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (09/29/2010 04:05:53 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (09/24/2010 08:34:33 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (09/16/2010 07:55:26 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-07-02 14:27:37.714
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-02 14:27:37.431
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-02 14:27:37.148
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-02 14:27:36.853
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-02 14:27:36.550
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-02 14:27:36.241
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-02 14:27:35.780
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-02 14:27:35.485
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-02 14:27:35.168
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-02 14:27:34.871
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 51%
Total physical RAM: 3035.98 MB
Available physical RAM: 1480.95 MB
Total Pagefile: 6276.96 MB
Available Pagefile: 4632.98 MB
Total Virtual: 2047.88 MB
Available Virtual: 1884.36 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:282.91 GB) (Free:157.68 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:15 GB) (Free:8.95 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 28000000)
Partition 1: (Not Active) - (Size=180 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=283 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---



FRST LOGDATEI


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-07-2014
Ran by Fireboarder (administrator) on FIREBOARDERS-PC on 02-07-2014 14:26:03
Running from C:\Users\Fireboarder\Desktop
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\AEstSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
(T-Systems International GmbH) C:\Program Files\T-Home\Dialerschutz-Software\DFInject.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\6.4.1.14\ccsvchst.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Symantec Corporation) C:\Program Files\Norton 360\Engine\6.4.1.14\ccsvchst.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(T-Systems International GmbH) C:\Program Files\T-Home\Dialerschutz-Software\Defender.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
() C:\Program Files\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Spotify Ltd) C:\Users\Fireboarder\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Dropbox, Inc.) C:\Users\Fireboarder\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Symantec Corporation) C:\Program Files\Norton 360\Engine\6.4.1.14\wscstub.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [233472 2009-04-27] (Alps Electric Co., Ltd.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-02-13] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Windows Mobile-based device management] => C:\Windows\WindowsMobile\wmdSync.exe [215552 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [T-Home Dialerschutz-Software] => C:\Program Files\T-Home\Dialerschutz-Software\Defender.exe [1411720 2010-03-29] (T-Systems International GmbH)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [483428 2009-03-30] (IDT, Inc.)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Runonce: [B Register C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax] - "C:\Windows\system32\rundll32.exe" "C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax",DllRegisterServer
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3290928489-3682883313-640886511-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3290928489-3682883313-640886511-1000\...\Run: [Facebook Update] => C:\Users\Fireboarder\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-13] (Facebook Inc.)
HKU\S-1-5-21-3290928489-3682883313-640886511-1000\...\Run: [Spotify Web Helper] => C:\Users\Fireboarder\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-3290928489-3682883313-640886511-1000\...\Run: [DriverTurbo] => C:\Program Files\DriverTurbo\DriverTurbo.exe
HKU\S-1-5-21-3290928489-3682883313-640886511-1000\...\Run: [WinFLTray] => C:\Windows\system32\WinFLTray.exe
HKU\S-1-5-21-3290928489-3682883313-640886511-1000\...\Run: [FLBackup] => C:\Program Files\NewSoftware's\Folder Lock\FLComServCtrl.exe
HKU\S-1-5-21-3290928489-3682883313-640886511-1000\...\MountPoints2: {47e7e755-f7fd-11de-91d7-00242cb5c754} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE  .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn
HKU\S-1-5-21-3290928489-3682883313-640886511-1000\...\MountPoints2: {a9a05333-a6c2-11de-915f-00242cb5c754} - G:\AutoRun.exe
HKU\S-1-5-21-3290928489-3682883313-640886511-1000\...\MountPoints2: {ed18cc2b-829f-11df-a269-00242cb5c754} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL .\recycled\info.exe
AppInit_DLLs: c:\progra~1\wi9130~1\datamngr\datamngr.dll => c:\progra~1\wi9130~1\datamngr\datamngr.dll File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VPN Client.lnk
ShortcutTarget: VPN Client.lnk -> C:\Windows\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico ()
Startup: C:\Users\Fireboarder\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Fireboarder\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton 360\Engine\6.4.1.14\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton 360\Engine\6.4.1.14\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton 360\Engine\6.4.1.14\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://klit.startnow.com/?src=startpage&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.3.0&install_country=DE&install_date=20110924&user_guid=4023DA4308B945B0B442BF537B5AFE74&machine_id=defcec6e50f223c39ddb60fbc0aad056&browser=IE&os=win&os_version=6.0-x86-SP2
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = hxxp://www.searchqu.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM - {8A96AF9E-4074-43b7-BEA3-87217BDA74C8} URL = hxxp://www.searchqu.com/web?src=ieb&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0388404D-6072-4CEB-B521-8F090FEAEE57} URL = hxxp://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.3.0&install_country=DE&install_date=20110924&user_guid=4023DA4308B945B0B442BF537B5AFE74&machine_id=defcec6e50f223c39ddb60fbc0aad056&browser=IE&os=win&os_version=6.0-x86-SP2&iesrc={referrer:source}
SearchScopes: HKCU - {0388404D-6072-4CEB-B521-8F090FEAEE57} URL = hxxp://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.3.0&install_country=DE&install_date=20110924&user_guid=4023DA4308B945B0B442BF537B5AFE74&machine_id=defcec6e50f223c39ddb60fbc0aad056&browser=IE&os=win&os_version=6.0-x86-SP2&iesrc={referrer:source}
SearchScopes: HKCU - {472E61E4-52A6-49F2-B5B8-20A3C14CDFE3} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {8A96AF9E-4074-43b7-BEA3-87217BDA74C8} URL = hxxp://www.searchqu.com/web?src=ieb&q={searchTerms}
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\6.4.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Fireboarder\AppData\Roaming\Mozilla\Firefox\Profiles\gfikk8eg.default
FF SearchEngineOrder.1: Yahoo
FF Homepage: google.de
FF Keyword.URL: hxxp://klit.startnow.com/s/?src=addrbar&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.3.0&install_country=DE&install_date=20110924&user_guid=4023DA4308B945B0B442BF537B5AFE74&machine_id=defcec6e50f223c39ddb60fbc0aad056&browser=FF&os=win&os_version=6.0-x86-SP2&q=
FF NetworkProxy: "ftp", "89.169.27.68"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "89.169.27.68"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "89.169.27.68"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "89.169.27.68"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Fireboarder\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Fireboarder\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Fireboarder\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Fireboarder\AppData\Roaming\Mozilla\Firefox\Profiles\gfikk8eg.default\searchplugins\SearchquWebSearch.xml
FF SearchPlugin: C:\Users\Fireboarder\AppData\Roaming\Mozilla\Firefox\Profiles\gfikk8eg.default\searchplugins\yahoo-zugo.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Battlefield Play4Free - C:\Users\Fireboarder\AppData\Roaming\Mozilla\Firefox\Profiles\gfikk8eg.default\Extensions\battlefieldplay4free@ea.com [2013-09-14]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Fireboarder\AppData\Roaming\Mozilla\Firefox\Profiles\gfikk8eg.default\Extensions\ich@maltegoetz.de [2013-12-12]
FF Extension: Stealthy - C:\Users\Fireboarder\AppData\Roaming\Mozilla\Firefox\Profiles\gfikk8eg.default\Extensions\stealthyextension@gmail.com.xpi [2012-04-14]
FF Extension: Flash Player - C:\Users\Fireboarder\AppData\Roaming\Mozilla\Firefox\Profiles\gfikk8eg.default\Extensions\uoyAdfHEWKLavbzHG@GvBVViwk5x6JiA7Rbk7S.com.xpi [2014-06-12]
FF Extension: FlashGot - C:\Users\Fireboarder\AppData\Roaming\Mozilla\Firefox\Profiles\gfikk8eg.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2011-12-02]
FF Extension: BugMeNot Plugin - C:\Users\Fireboarder\AppData\Roaming\Mozilla\Firefox\Profiles\gfikk8eg.default\Extensions\{987311C6-B504-4aa2-90BF-60CC49808D42}.xpi [2014-03-24]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Fireboarder\AppData\Roaming\Mozilla\Firefox\Profiles\gfikk8eg.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]
FF Extension: Adblock Plus - C:\Users\Fireboarder\AppData\Roaming\Mozilla\Firefox\Profiles\gfikk8eg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-12-15]
FF Extension: Fox!Box - C:\Users\Fireboarder\AppData\Roaming\Mozilla\Firefox\Profiles\gfikk8eg.default\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi [2013-11-19]
FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2014-06-18]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-04-28]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFF [2013-10-10]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn [2014-07-02]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

========================== Services (Whitelisted) =================

R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe [81920 2009-03-30] (Andrea Electronics Corporation)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528616 2010-09-27] (Cisco Systems, Inc.)
R2 DFSVC; C:\Program Files\T-Home\Dialerschutz-Software\DFInject.exe [288768 2009-10-21] (T-Systems International GmbH) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S4 LckFldService; C:\Windows\system32\LckFldService.exe [36864 2005-06-22] () [File not signed]
S4 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 N360; C:\Program Files\Norton 360\Engine\6.4.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2012-04-30] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe [254042 2009-03-30] (IDT, Inc.)
S2 ekrn; "C:\Program Files\ESET\ESET Smart Security\ekrn.exe" [X]
S2 FLService; C:\Windows\system32\WinFLService.exe [X]

==================== Drivers (Whitelisted) ====================

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2011-09-07] ()
R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20140606.001\BHDrvx86.sys [1101616 2014-05-10] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360\0604010.00E\ccSetx86.sys [132768 2012-06-07] (Symantec Corporation)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R2 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [308859 2010-09-27] (Cisco Systems, Inc.) [File not signed]
R3 DFSYS; C:\Program Files\T-Home\Dialerschutz-Software\DFSYS.SYS [14624 2009-10-15] (T-Systems International GmbH)
R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [131984 2008-11-16] (Deterministic Networks, Inc.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [377648 2014-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [109872 2014-06-11] (Symantec Corporation)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-09-23] (LogMeIn, Inc.)
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20140701.001\IDSvix86.sys [395992 2014-03-27] (Symantec Corporation)
S3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [54784 2008-08-25] (ITE Tech. Inc. ) [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2011-09-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-06-27] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20140701.033\NAVENG.SYS [93272 2014-06-30] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20140701.033\NAVEX15.SYS [1612376 2014-06-30] (Symantec Corporation)
R3 OA001Ufd; C:\Windows\System32\DRIVERS\OA001Ufd.sys [133632 2009-03-06] (Creative Technology Ltd.)
R3 OA001Vid; C:\Windows\System32\DRIVERS\OA001Vid.sys [280096 2009-03-08] (Creative Technology Ltd.)
R3 SipIMNDI; C:\Windows\System32\DRIVERS\SipIMNDI.sys [24352 2009-10-15] (T-Systems International GmbH)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2010-10-14] (Duplex Secure Ltd.)
R3 SRTSP; C:\Windows\System32\Drivers\N360\0604010.00E\SRTSP.SYS [574112 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360\0604010.00E\SRTSPX.SYS [32928 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360\0604010.00E\SYMDS.SYS [340088 2011-08-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360\0604010.00E\SYMEFA.SYS [924320 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [141944 2012-05-11] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360\0604010.00E\Ironx86.SYS [149624 2011-11-16] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\N360\0604010.00E\SYMTDIV.SYS [345208 2011-11-16] (Symantec Corporation)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [41472 2009-10-16] (Apple, Inc.) [File not signed]
R1 WinFLAdrv; C:\Windows\System32\WinFLAdrv.sys [29184 2013-09-25] ()
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S2 NEWDRIVER; \??\C:\Windows\system32\WinVDEdrv6.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCD5SRVC{3F6A8B78-EC003E00-05040104}; \??\C:\PROGRA~1\DELLSU~1\HWDiag\bin\PCD5SRVC.pkms [X]
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0; \??\c:\program files\dell support center\pcdsrvc.pkms [X]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [X]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [X]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [X]
S3 vpnva; system32\DRIVERS\vpnva.sys [X]
S2 WinVDEDrv; \??\C:\Windows\system32\WinVDEdrv.sys [X]
U2 wuaserv; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-02 14:26 - 2014-07-02 14:27 - 00025735 _____ () C:\Users\Fireboarder\Desktop\FRST.txt
2014-07-02 14:25 - 2014-07-02 14:26 - 00000000 ____D () C:\FRST
2014-07-02 14:25 - 2014-07-02 14:25 - 01073664 _____ (Farbar) C:\Users\Fireboarder\Desktop\FRST.exe
2014-07-02 14:15 - 2014-07-02 14:15 - 00000644 _____ () C:\Users\Fireboarder\Desktop\defogger_disable.log
2014-07-02 14:15 - 2014-07-02 14:15 - 00000020 _____ () C:\Users\Fireboarder\defogger_reenable
2014-07-02 14:13 - 2014-07-02 14:13 - 00050477 _____ () C:\Users\Fireboarder\Desktop\Defogger.exe
2014-07-01 13:26 - 2014-07-01 13:26 - 00000000 ____D () C:\Users\Fireboarder\Desktop\Literaturarbeit
2014-06-30 16:16 - 2014-06-30 16:16 - 00000000 ____D () C:\Users\Fireboarder\Desktop\Projektsachstandsbericht
2014-06-30 16:15 - 2014-06-30 16:15 - 00000000 ____D () C:\Users\Fireboarder\Desktop\SUP Konzept
2014-06-27 18:40 - 2014-06-27 19:12 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-27 18:40 - 2014-06-27 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-27 18:39 - 2014-06-27 18:40 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-06-27 18:39 - 2014-06-27 18:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-27 18:39 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-27 18:39 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-27 18:39 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-26 16:52 - 2014-06-26 16:52 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-06-23 17:19 - 2014-06-23 17:19 - 00000000 ____D () C:\Users\Fireboarder\.chili
2014-06-21 18:11 - 2014-06-21 18:12 - 00000000 ____D () C:\Users\Fireboarder\AppData\Roaming\ImgBurn
2014-06-21 18:00 - 2014-06-21 18:00 - 00001664 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2014-06-21 18:00 - 2014-06-21 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2014-06-21 18:00 - 2014-06-21 18:00 - 00000000 ____D () C:\Program Files\ImgBurn
2014-06-18 22:23 - 2014-06-18 22:23 - 00000000 _____ () C:\Windows\system32\8104297.jun
2014-06-18 22:04 - 2014-06-18 22:04 - 00000000 ____D () C:\ProgramData\ESET
2014-06-18 22:04 - 2014-06-18 22:04 - 00000000 ____D () C:\Program Files\ESET
2014-06-18 20:59 - 2014-06-26 17:00 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-06-18 20:59 - 2014-06-18 20:59 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-06-18 16:02 - 2014-06-18 16:02 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-14 17:04 - 2014-06-14 17:05 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-06-12 15:40 - 2014-06-12 15:40 - 00000000 ____D () C:\Users\Fireboarder\AppData\Local\Adobe
2014-06-12 13:08 - 2014-05-06 06:46 - 03630592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 13:08 - 2014-05-06 06:46 - 01177600 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 13:08 - 2014-05-06 06:46 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 13:08 - 2014-05-06 06:46 - 00671744 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2014-06-12 13:08 - 2014-05-06 06:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 13:08 - 2014-05-06 06:46 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 13:08 - 2014-05-06 06:46 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-12 13:08 - 2014-05-06 06:45 - 06119424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 13:08 - 2014-05-06 06:45 - 00380928 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 13:08 - 2014-05-06 06:45 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 13:08 - 2014-05-06 06:45 - 00193024 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-06-12 13:08 - 2014-05-06 06:45 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 13:08 - 2014-05-06 06:45 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 13:08 - 2014-05-06 06:45 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2014-06-12 13:08 - 2014-05-06 05:16 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-06-12 13:08 - 2014-05-06 05:07 - 01383424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 13:08 - 2014-04-26 18:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 13:08 - 2014-04-05 05:23 - 00915392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 13:08 - 2014-04-05 03:49 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-06-12 13:08 - 2014-03-10 03:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 13:08 - 2014-03-10 03:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-10 19:20 - 2014-06-10 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
2014-06-10 19:20 - 2014-06-10 19:20 - 00000000 ____D () C:\Program Files\Free PDF to Word Doc Converter
2014-06-02 18:40 - 2014-06-30 21:08 - 00000000 ____D () C:\Users\Fireboarder\Desktop\Therapieplan

==================== One Month Modified Files and Folders =======

2014-07-02 14:27 - 2014-07-02 14:26 - 00025735 _____ () C:\Users\Fireboarder\Desktop\FRST.txt
2014-07-02 14:27 - 2012-12-10 22:05 - 00000000 ____D () C:\Users\Fireboarder\AppData\Roaming\NetSpeedMonitor
2014-07-02 14:26 - 2014-07-02 14:25 - 00000000 ____D () C:\FRST
2014-07-02 14:25 - 2014-07-02 14:25 - 01073664 _____ (Farbar) C:\Users\Fireboarder\Desktop\FRST.exe
2014-07-02 14:25 - 2011-06-27 21:21 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-02 14:23 - 2009-06-19 15:53 - 01333660 _____ () C:\Windows\WindowsUpdate.log
2014-07-02 14:23 - 2008-01-21 09:16 - 01567488 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-02 14:19 - 2014-05-03 11:15 - 00000000 ____D () C:\Users\Fireboarder\AppData\Roaming\DropboxMaster
2014-07-02 14:19 - 2012-11-27 23:18 - 00000000 ___RD () C:\Users\Fireboarder\Dropbox
2014-07-02 14:19 - 2012-11-27 23:15 - 00000000 ____D () C:\Users\Fireboarder\AppData\Roaming\Dropbox
2014-07-02 14:17 - 2012-06-02 00:45 - 00132556 _____ () C:\Windows\PFRO.log
2014-07-02 14:17 - 2011-06-27 21:21 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-02 14:17 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-02 14:17 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-02 14:17 - 2006-11-02 14:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-02 14:15 - 2014-07-02 14:15 - 00000644 _____ () C:\Users\Fireboarder\Desktop\defogger_disable.log
2014-07-02 14:15 - 2014-07-02 14:15 - 00000020 _____ () C:\Users\Fireboarder\defogger_reenable
2014-07-02 14:15 - 2009-06-23 14:19 - 00000000 ____D () C:\Users\Fireboarder
2014-07-02 14:15 - 2009-06-19 14:16 - 00006396 _____ () C:\Windows\bthservsdp.dat
2014-07-02 14:15 - 2006-11-02 15:01 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-02 14:13 - 2014-07-02 14:13 - 00050477 _____ () C:\Users\Fireboarder\Desktop\Defogger.exe
2014-07-02 14:05 - 2012-04-22 19:55 - 00001162 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3290928489-3682883313-640886511-1000UA.job
2014-07-02 13:43 - 2012-07-04 18:33 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-02 08:50 - 2009-06-25 21:41 - 00000430 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{324E136E-9CA7-4931-ABBF-D738027D2B08}.job
2014-07-02 08:47 - 2012-04-06 12:12 - 00000506 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2014-07-01 13:26 - 2014-07-01 13:26 - 00000000 ____D () C:\Users\Fireboarder\Desktop\Literaturarbeit
2014-06-30 21:08 - 2014-06-02 18:40 - 00000000 ____D () C:\Users\Fireboarder\Desktop\Therapieplan
2014-06-30 21:07 - 2012-10-15 18:58 - 00000000 ____D () C:\Users\Fireboarder\Desktop\Studium
2014-06-30 18:08 - 2009-06-24 06:54 - 00088576 _____ () C:\Users\Fireboarder\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-30 16:16 - 2014-06-30 16:16 - 00000000 ____D () C:\Users\Fireboarder\Desktop\Projektsachstandsbericht
2014-06-30 16:15 - 2014-06-30 16:15 - 00000000 ____D () C:\Users\Fireboarder\Desktop\SUP Konzept
2014-06-29 17:05 - 2012-04-22 19:55 - 00001140 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3290928489-3682883313-640886511-1000Core.job
2014-06-27 21:18 - 2012-05-11 13:09 - 00000000 ____D () C:\Users\Fireboarder\AppData\Roaming\Spotify
2014-06-27 21:17 - 2012-05-11 13:11 - 00000000 ____D () C:\Users\Fireboarder\AppData\Local\Spotify
2014-06-27 19:12 - 2014-06-27 18:40 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-27 18:40 - 2014-06-27 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-27 18:40 - 2014-06-27 18:39 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-06-27 18:39 - 2014-06-27 18:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-26 17:00 - 2014-06-18 20:59 - 00000000 ____D () C:\Windows\455F074C814E4520B69B5584BD90400C.TMP
2014-06-26 16:52 - 2014-06-26 16:52 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-06-24 14:13 - 2011-07-19 14:36 - 00000000 ____D () C:\Users\Fireboarder\AppData\Local\CrashDumps
2014-06-23 17:19 - 2014-06-23 17:19 - 00000000 ____D () C:\Users\Fireboarder\.chili
2014-06-22 21:07 - 2010-09-11 12:10 - 00000000 ____D () C:\Users\Fireboarder\Desktop\Sonstiges
2014-06-22 15:15 - 2011-06-21 15:38 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-06-21 18:12 - 2014-06-21 18:11 - 00000000 ____D () C:\Users\Fireboarder\AppData\Roaming\ImgBurn
2014-06-21 18:00 - 2014-06-21 18:00 - 00001664 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn.lnk
2014-06-21 18:00 - 2014-06-21 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn
2014-06-21 18:00 - 2014-06-21 18:00 - 00000000 ____D () C:\Program Files\ImgBurn
2014-06-21 17:58 - 2012-05-30 21:12 - 00011619 _____ () C:\Windows\setupact.log
2014-06-21 11:03 - 2012-04-05 14:25 - 00000000 ____D () C:\Users\Fireboarder\AppData\Roaming\vlc
2014-06-20 10:43 - 2012-04-27 18:03 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-18 22:23 - 2014-06-18 22:23 - 00000000 _____ () C:\Windows\system32\8104297.jun
2014-06-18 22:04 - 2014-06-18 22:04 - 00000000 ____D () C:\ProgramData\ESET
2014-06-18 22:04 - 2014-06-18 22:04 - 00000000 ____D () C:\Program Files\ESET
2014-06-18 20:59 - 2014-06-18 20:59 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-06-18 16:02 - 2014-06-18 16:02 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-17 02:08 - 2012-04-06 12:12 - 00000564 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-06-14 17:05 - 2014-06-14 17:04 - 00000000 ____D () C:\Program Files\Mozilla Thunderbird
2014-06-12 16:58 - 2009-06-19 14:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-12 16:56 - 2013-07-21 19:53 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 16:52 - 2006-11-02 12:24 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-06-12 15:40 - 2014-06-12 15:40 - 00000000 ____D () C:\Users\Fireboarder\AppData\Local\Adobe
2014-06-12 13:18 - 2012-03-31 20:03 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-12 13:18 - 2011-05-15 16:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-10 19:20 - 2014-06-10 19:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free PDF to Word Doc Converter
2014-06-10 19:20 - 2014-06-10 19:20 - 00000000 ____D () C:\Program Files\Free PDF to Word Doc Converter

Files to move or delete:
====================
C:\ProgramData\win_mpwd_sys.dat


Some content of TEMP:
====================
C:\Users\Fireboarder\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2n9hxy.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-02 14:23

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 02.07.2014, 14:44   #4
fireboarder
 
Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus) - Standard

Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)



Und der erste Teil der TDSS Killer (?) Logdatei:

Code:
ATTFilter
22:25:09.0648 0x0cb4  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
22:25:14.0617 0x0cb4  ============================================================
22:25:14.0617 0x0cb4  Current date / time: 2014/06/18 22:25:14.0617
22:25:14.0617 0x0cb4  SystemInfo:
22:25:14.0617 0x0cb4  
22:25:14.0617 0x0cb4  OS Version: 6.0.6002 ServicePack: 2.0
22:25:14.0617 0x0cb4  Product type: Workstation
22:25:14.0617 0x0cb4  ComputerName: FIREBOARDERS-PC
22:25:14.0617 0x0cb4  UserName: Fireboarder
22:25:14.0617 0x0cb4  Windows directory: C:\Windows
22:25:14.0617 0x0cb4  System windows directory: C:\Windows
22:25:14.0617 0x0cb4  Processor architecture: Intel x86
22:25:14.0617 0x0cb4  Number of processors: 2
22:25:14.0617 0x0cb4  Page size: 0x1000
22:25:14.0617 0x0cb4  Boot type: Normal boot
22:25:14.0617 0x0cb4  ============================================================
22:25:20.0692 0x0cb4  KLMD registered as C:\Windows\system32\drivers\16353992.sys
22:25:22.0247 0x0cb4  System UUID: {603CDC7D-C926-8E6E-CA5E-F667FC70E8DD}
22:25:26.0207 0x0cb4  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:25:26.0224 0x0cb4  ============================================================
22:25:26.0224 0x0cb4  \Device\Harddisk0\DR0:
22:25:26.0293 0x0cb4  MBR partitions:
22:25:26.0293 0x0cb4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x5A800, BlocksNum 0x1E00000
22:25:26.0293 0x0cb4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E5A800, BlocksNum 0x235D3800
22:25:26.0293 0x0cb4  ============================================================
22:25:28.0225 0x0cb4  C: <-> \Device\Harddisk0\DR0\Partition2
22:25:28.0267 0x0cb4  D: <-> \Device\Harddisk0\DR0\Partition1
22:25:29.0004 0x0cb4  ============================================================
22:25:29.0004 0x0cb4  Initialize success
22:25:29.0004 0x0cb4  ============================================================
22:25:32.0061 0x156c  ============================================================
22:25:32.0061 0x156c  Scan started
22:25:32.0061 0x156c  Mode: Manual; 
22:25:32.0061 0x156c  ============================================================
22:25:32.0061 0x156c  KSN ping started
22:25:45.0978 0x156c  KSN ping finished: true
22:25:49.0820 0x156c  ================ Scan system memory ========================
22:25:49.0820 0x156c  System memory - ok
22:25:49.0820 0x156c  ================ Scan services =============================
22:25:50.0151 0x156c  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
22:25:50.0161 0x156c  ACPI - ok
22:25:50.0331 0x156c  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:25:50.0332 0x156c  AdobeARMservice - ok
22:25:50.0410 0x156c  [ B5D8DE922237CEDDC7992297654A4BE4, 88EF0B5EBFB383C9069A29AEA8D76EDBE1E70DD6F7C18970EE01ECAE9F408B38 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:25:50.0419 0x156c  AdobeFlashPlayerUpdateSvc - ok
22:25:50.0540 0x156c  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
22:25:50.0563 0x156c  adp94xx - ok
22:25:50.0623 0x156c  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
22:25:50.0632 0x156c  adpahci - ok
22:25:50.0684 0x156c  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
22:25:50.0687 0x156c  adpu160m - ok
22:25:50.0747 0x156c  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
22:25:50.0752 0x156c  adpu320 - ok
22:25:50.0794 0x156c  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:25:50.0796 0x156c  AeLookupSvc - ok
22:25:50.0980 0x156c  [ 827DBC22C96EECF6D36A13162FABAFD3, EBBC04A6AD3BC83E3791569C1120BBBB59AF70512FA2CEB6A8BA2A257F3F6C32 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe
22:25:50.0982 0x156c  AESTFilters - ok
22:25:51.0052 0x156c  [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD             C:\Windows\system32\drivers\afd.sys
22:25:51.0060 0x156c  AFD - ok
22:25:51.0140 0x156c  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
22:25:51.0143 0x156c  agp440 - ok
22:25:51.0164 0x156c  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
22:25:51.0168 0x156c  aic78xx - ok
22:25:51.0189 0x156c  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
22:25:51.0191 0x156c  ALG - ok
22:25:51.0202 0x156c  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
22:25:51.0204 0x156c  aliide - ok
22:25:51.0258 0x156c  [ D38A1DD45B40F31C8CF546AADBC6F513, 137173A4433B1048C969332C1CE799D19190433D615B08F85D012048654BE9FA ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:25:51.0264 0x156c  AMD External Events Utility - ok
22:25:51.0284 0x156c  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
22:25:51.0286 0x156c  amdagp - ok
22:25:51.0302 0x156c  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
22:25:51.0303 0x156c  amdide - ok
22:25:51.0312 0x156c  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
22:25:51.0315 0x156c  AmdK7 - ok
22:25:51.0332 0x156c  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
22:25:51.0334 0x156c  AmdK8 - ok
22:25:51.0376 0x156c  [ D7723A101C5CB4C0FA979E4DDA732EC0, 9CCF59C30972805A111F1557E178CBAF6BB7ADC8CA015A2B380A0C940FD14632 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
22:25:51.0383 0x156c  ApfiltrService - ok
22:25:51.0416 0x156c  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
22:25:51.0418 0x156c  Appinfo - ok
22:25:51.0492 0x156c  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:25:51.0494 0x156c  Apple Mobile Device - ok
22:25:51.0511 0x156c  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
22:25:51.0515 0x156c  arc - ok
22:25:51.0635 0x156c  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:25:51.0638 0x156c  arcsas - ok
22:25:51.0743 0x156c  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:25:51.0747 0x156c  aspnet_state - ok
22:25:51.0799 0x156c  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:25:51.0801 0x156c  AsyncMac - ok
22:25:51.0833 0x156c  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
22:25:51.0834 0x156c  atapi - ok
22:25:51.0899 0x156c  [ 8B4BDFBEE6B52216F40DF9E54E5BFCC9, AA22F1F2F8CD5FDC3453AB757B840A15A0D1153C21C32AA70FC20996B5423AC7 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
22:25:51.0903 0x156c  AtiHdmiService - ok
22:25:52.0110 0x156c  [ 7AD53CC3A290ED312D54727DDDA98927, 79589FC8E77EAB768A67C36C27B8854FEB050872A1CA7E3866BFE4545DB7B18B ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:25:52.0283 0x156c  atikmdag - ok
22:25:52.0356 0x156c  [ F0D933B42CD0594048E4D5200AE9E417, FF53E843A99948568515964C3C97107FA875BBC3F2906BADEE0B29ACE5532F0D ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
22:25:52.0366 0x156c  atksgt - ok
22:25:52.0415 0x156c  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:25:52.0426 0x156c  AudioEndpointBuilder - ok
22:25:52.0449 0x156c  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
22:25:52.0455 0x156c  Audiosrv - ok
22:25:52.0493 0x156c  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:25:52.0495 0x156c  Beep - ok
22:25:52.0665 0x156c  [ 5A55D8D9340A00B3BD2CC3413B4CB0C0, 438BB95072EC14AD597CFEF040CA7FDE8D46E4AAEE9145AC1014522F1842F713 ] BHDrvx86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20140606.001\BHDrvx86.sys
22:25:52.0721 0x156c  BHDrvx86 - ok
22:25:52.0816 0x156c  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
22:25:52.0916 0x156c  BITS - ok
22:25:52.0948 0x156c  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
22:25:52.0950 0x156c  blbdrive - ok
22:25:53.0010 0x156c  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:25:53.0032 0x156c  Bonjour Service - ok
22:25:53.0069 0x156c  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:25:53.0115 0x156c  bowser - ok
22:25:53.0192 0x156c  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
22:25:53.0193 0x156c  BrFiltLo - ok
22:25:53.0210 0x156c  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
22:25:53.0211 0x156c  BrFiltUp - ok
22:25:53.0238 0x156c  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
22:25:53.0242 0x156c  Browser - ok
22:25:53.0341 0x156c  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
22:25:53.0344 0x156c  Brserid - ok
22:25:53.0353 0x156c  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
22:25:53.0356 0x156c  BrSerWdm - ok
22:25:53.0408 0x156c  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
22:25:53.0410 0x156c  BrUsbMdm - ok
22:25:53.0427 0x156c  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
22:25:53.0428 0x156c  BrUsbSer - ok
22:25:53.0470 0x156c  [ 6D39C954799B63BA866910234CF7D726, 1D807C3410C01C76E5810D626F23C1CCED3C9C5A65F39267B770C494C8D64114 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
22:25:53.0472 0x156c  BthEnum - ok
22:25:53.0508 0x156c  [ 9A966A8E86D1771911AE34A20D11BFF3, FBD5F621A47A3530B325816E71F0C4BCE5CCE731C57DEBD42ACFC8BCAA258656 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:25:53.0510 0x156c  BTHMODEM - ok
22:25:53.0535 0x156c  [ 5904EFA25F829BF84EA6FB045134A1D8, 66E4160CC404744576BA6E9DD606B533F42B3D4A3E2FDD457DAA016CC72A81CC ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
22:25:53.0539 0x156c  BthPan - ok
22:25:53.0591 0x156c  [ 611FF3F2F095C8D4A6D4CFD9DCC09793, 2F27A1287ABCDB9C316EB720D1855100666240959CF969D5B2679C9ABCBD6050 ] BthPort         C:\Windows\system32\Drivers\BTHport.sys
22:25:53.0613 0x156c  BthPort - ok
22:25:53.0678 0x156c  [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ         C:\Windows\System32\bthserv.dll
22:25:53.0680 0x156c  BthServ - ok
22:25:53.0706 0x156c  [ D330803EAB2A15CAEC7F011F1D4CB30E, 240FFF317C90AD8966DA9666F2748F98CEC3CB99C486F399D1C68FE0E393EE68 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
22:25:53.0708 0x156c  BTHUSB - ok
22:25:53.0726 0x156c  [ 58C4B59D0EBFB637E2E296CF4A686BA0, CAF4A0F74B94792B3993353007A0F48F1F013625D6BC58B21CC5C245AD4405F3 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
22:25:53.0729 0x156c  btwaudio - ok
22:25:53.0737 0x156c  [ E8CC9436CC464D6975ADBC4AECE0BA7B, D052ECBDD09FE3297E1C5D50D40D7E0D2C9923CB05D734DA1D0320FB5D03C10C ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
22:25:53.0741 0x156c  btwavdt - ok
22:25:53.0840 0x156c  [ AA29BE5BF3D40CA73447639E293FE4C8, EE3E91A3C6205BDE6498D39642098637B43A16FA17E9381FD17BA52835D0C7A3 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
22:25:53.0849 0x156c  btwdins - ok
22:25:53.0867 0x156c  [ ECB98391C756A7B9CFBAE89D9D1235E1, 0A639D2187BDCD64320A7FB72627ED8AF2AF7CC8AAEF6E0991BDEF28BA080442 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
22:25:53.0869 0x156c  btwl2cap - ok
22:25:53.0878 0x156c  [ 62ED55843F8216EB25A909A820613033, AC26611768395B92DD1B9571C9927E1279FCE7192BB0D8CA555409706D767C09 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
22:25:53.0880 0x156c  btwrchid - ok
22:25:53.0983 0x156c  [ ACE85AF1C31F68BDFEE9333F6592917E, 106799FCF3B375BF92A73A2BE4680D20EB9E77E9F715B9477E5AA7D43023C7B1 ] ccSet_N360      C:\Windows\system32\drivers\N360\0604010.00E\ccSetx86.sys
22:25:53.0988 0x156c  ccSet_N360 - ok
22:25:54.0023 0x156c  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:25:54.0074 0x156c  cdfs - ok
22:25:54.0157 0x156c  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:25:54.0159 0x156c  cdrom - ok
22:25:54.0250 0x156c  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
22:25:54.0252 0x156c  CertPropSvc - ok
22:25:54.0261 0x156c  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:25:54.0264 0x156c  circlass - ok
22:25:54.0301 0x156c  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
22:25:54.0310 0x156c  CLFS - ok
22:25:54.0434 0x156c  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:25:54.0436 0x156c  clr_optimization_v2.0.50727_32 - ok
22:25:54.0490 0x156c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:25:54.0495 0x156c  clr_optimization_v4.0.30319_32 - ok
22:25:54.0541 0x156c  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:25:54.0543 0x156c  CmBatt - ok
22:25:54.0570 0x156c  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:25:54.0572 0x156c  cmdide - ok
22:25:54.0584 0x156c  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:25:54.0585 0x156c  Compbatt - ok
22:25:54.0590 0x156c  COMSysApp - ok
22:25:54.0595 0x156c  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
22:25:54.0597 0x156c  crcdisk - ok
22:25:54.0655 0x156c  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
22:25:54.0657 0x156c  Crusoe - ok
22:25:54.0708 0x156c  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:25:54.0713 0x156c  CryptSvc - ok
22:25:54.0783 0x156c  [ 281B2B60B5CB449BCF0474EECF73EBEC, B49D2F11426E6E28E1E5F8CA7DF213067A20A5AB6F0177F31A75162DB07CAE16 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
22:25:54.0788 0x156c  CtClsFlt - ok
22:25:54.0815 0x156c  [ B5ECADF7708960F1818C7FA015F4C239, A58BA71B08A9D46EB79EB3DF0858F553A11DE3461E13B6D926E25D21D4CBB2D8 ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA.sys
22:25:54.0816 0x156c  CVirtA - ok
22:25:54.0929 0x156c  [ 30443EEF52F5FB043654859EAA8E5247, 887ED8C4FE2259542E05A17973FE1549B636DA2C6888CC3A66F97D7D2600DC49 ] CVPND           C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
22:25:54.0957 0x156c  CVPND - ok
22:25:55.0027 0x156c  [ CB90B2762B1A1D0B40496400C55B6ADE, 7A8D86B223FD8A2C4A75AD0849041D56255277D491387C613E62BC76E6730F06 ] CVPNDRVA        C:\Windows\system32\Drivers\CVPNDRVA.sys
22:25:55.0048 0x156c  CVPNDRVA - ok
22:25:55.0103 0x156c  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:25:55.0127 0x156c  DcomLaunch - ok
22:25:55.0228 0x156c  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
22:25:55.0345 0x156c  DFSR - ok
22:25:55.0432 0x156c  [ 6A7DBBF0DA2EA69F573FF86C6675FB7B, 2A4CA948AFF5D62B618C6565F668167FE38D257C700DF7EC9F9C01D7A531B0A8 ] DFSVC           C:\Program Files\T-Home\Dialerschutz-Software\DFInject.exe
22:25:55.0438 0x156c  DFSVC - ok
22:25:55.0478 0x156c  [ EA29C804FCF6FED1F2F4F14BEC890DE0, 2C8D3D69A8BCF0BE63D0CFAA7DD1821C48BEFA9AB7CDD5D3D84452794DC04BBF ] DFSYS           C:\Program Files\T-Home\Dialerschutz-Software\DFSYS.SYS
22:25:55.0480 0x156c  DFSYS - ok
22:25:55.0536 0x156c  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
22:25:55.0544 0x156c  Dhcp - ok
22:25:55.0572 0x156c  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
22:25:55.0574 0x156c  disk - ok
22:25:55.0605 0x156c  [ B5AA5AA5AC327BD7C1AEC0C58F0C1144, 14C147B79786C5DCEC54AF191E8815D871906E30DE90B00C7929F0E6CC025E6A ] DNE             C:\Windows\system32\DRIVERS\dne2000.sys
22:25:55.0609 0x156c  DNE - ok
22:25:55.0655 0x156c  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:25:55.0659 0x156c  Dnscache - ok
22:25:55.0745 0x156c  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
22:25:55.0752 0x156c  dot3svc - ok
22:25:55.0849 0x156c  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
22:25:55.0855 0x156c  DPS - ok
22:25:55.0895 0x156c  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:25:55.0897 0x156c  drmkaud - ok
22:25:55.0948 0x156c  [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:25:55.0968 0x156c  DXGKrnl - ok
22:25:56.0018 0x156c  [ 908ED85B7806E8AF3AF5E9B74F7809D4, 9A763D247035578A946094D2C1CE8204E6EDFFD7237C7BF2058B5F4ECC0306E0 ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
22:25:56.0026 0x156c  e1express - ok
22:25:56.0044 0x156c  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
22:25:56.0048 0x156c  E1G60 - ok
22:25:56.0068 0x156c  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
22:25:56.0071 0x156c  EapHost - ok
22:25:56.0124 0x156c  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
22:25:56.0129 0x156c  Ecache - ok
22:25:56.0228 0x156c  [ 10D14FAEF105DF2432D0E03860895284, 200662CD73537A8152FA0C276F20CE9B558FB2EB1AD0C171E5CCF4DC8C02F8B3 ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
22:25:56.0239 0x156c  eeCtrl - ok
22:25:56.0257 0x156c  ehdrv - ok
22:25:56.0313 0x156c  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:25:56.0323 0x156c  ehRecvr - ok
22:25:56.0379 0x156c  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
22:25:56.0383 0x156c  ehSched - ok
22:25:56.0392 0x156c  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
22:25:56.0393 0x156c  ehstart - ok
22:25:56.0485 0x156c  ekrn - ok
22:25:56.0580 0x156c  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
22:25:56.0591 0x156c  elxstor - ok
22:25:56.0666 0x156c  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
22:25:56.0683 0x156c  EMDMgmt - ok
22:25:56.0689 0x156c  epfw - ok
22:25:56.0745 0x156c  [ BDC856F11F2A8F4C9B4A59B29A33569B, ADD91A760F57C73FE6574EABBCB2F3F897A45C8DD0DE26BBFF2CCD5891FDBA6C ] EpfwLWF         C:\Windows\system32\DRIVERS\EpfwLWF.sys
22:25:56.0747 0x156c  EpfwLWF - ok
22:25:56.0751 0x156c  epfwwfp - ok
22:25:56.0820 0x156c  [ 0424EAB7549926FB864BD41E7F0639CC, 04E349F311B24239E1B4DAD073360A0D91391B69E74B43D705A1C00FDF113F45 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
22:25:56.0824 0x156c  EraserUtilRebootDrv - ok
22:25:56.0894 0x156c  [ F2A80DE2D1B7116052C09CB4D4CA1416, C21E5C078D93AE605E04D251F71B617343C908DF7EF74F96BB5B810052957572 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:25:56.0896 0x156c  ErrDev - ok
22:25:56.0974 0x156c  [ B6905802576D480505EE30D6DFE098A6, CEA60847B5ACA1651182E5525295F73C1C54A9C1CE969263B081AE8ADF8408AF ] esgiguard       C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
22:25:56.0976 0x156c  esgiguard - ok
22:25:57.0022 0x156c  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
22:25:57.0042 0x156c  EventSystem - ok
22:25:57.0130 0x156c  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:25:57.0135 0x156c  exfat - ok
22:25:57.0164 0x156c  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:25:57.0169 0x156c  fastfat - ok
22:25:57.0239 0x156c  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:25:57.0241 0x156c  fdc - ok
22:25:57.0272 0x156c  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
22:25:57.0275 0x156c  fdPHost - ok
22:25:57.0281 0x156c  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:25:57.0284 0x156c  FDResPub - ok
22:25:57.0290 0x156c  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:25:57.0293 0x156c  FileInfo - ok
22:25:57.0341 0x156c  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:25:57.0342 0x156c  Filetrace - ok
22:25:57.0396 0x156c  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:25:57.0397 0x156c  flpydisk - ok
22:25:57.0411 0x156c  FLService - ok
22:25:57.0440 0x156c  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:25:57.0447 0x156c  FltMgr - ok
22:25:57.0594 0x156c  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
22:25:57.0627 0x156c  FontCache - ok
22:25:57.0709 0x156c  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:25:57.0711 0x156c  FontCache3.0.0.0 - ok
22:25:57.0745 0x156c  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:25:57.0747 0x156c  Fs_Rec - ok
22:25:57.0776 0x156c  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:25:57.0779 0x156c  gagp30kx - ok
22:25:57.0882 0x156c  [ D3316F6E3C011435F36E3D6E49B3196C, 941DF52BA26603A146ED6B65A696DB87153868ED0469EF9C2EB09AC7E63525B7 ] GoToAssist      C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
22:25:57.0883 0x156c  GoToAssist - ok
22:25:57.0921 0x156c  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
22:25:57.0977 0x156c  gpsvc - ok
22:25:58.0078 0x156c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
22:25:58.0082 0x156c  gupdate - ok
22:25:58.0089 0x156c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
22:25:58.0092 0x156c  gupdatem - ok
22:25:58.0155 0x156c  [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
22:25:58.0157 0x156c  hamachi - ok
22:25:58.0201 0x156c  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:25:58.0208 0x156c  HdAudAddService - ok
22:25:58.0307 0x156c  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:25:58.0330 0x156c  HDAudBus - ok
22:25:58.0394 0x156c  [ FCB3F4BE408F72C1BD81BCABA87FC22F, F63D75904888E40889A600EF32AA77130C088014949F5A574B49F547E9F9D4AD ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:25:58.0396 0x156c  HidBth - ok
22:25:58.0420 0x156c  [ D8DF3722D5E961BAA1292AA2F12827E2, 799E194B36BA08D59500A2C45ADD2FB69C7698F3F7F837CC7CFB266D57830BD6 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:25:58.0422 0x156c  HidIr - ok
22:25:58.0490 0x156c  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
22:25:58.0493 0x156c  hidserv - ok
22:25:58.0557 0x156c  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:25:58.0559 0x156c  HidUsb - ok
22:25:58.0588 0x156c  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:25:58.0593 0x156c  hkmsvc - ok
22:25:58.0667 0x156c  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
22:25:58.0692 0x156c  HpCISSs - ok
22:25:58.0756 0x156c  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:25:58.0778 0x156c  HTTP - ok
22:25:58.0842 0x156c  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
22:25:58.0843 0x156c  i2omp - ok
22:25:58.0881 0x156c  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:25:58.0883 0x156c  i8042prt - ok
22:25:58.0910 0x156c  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
22:25:58.0917 0x156c  iaStorV - ok
22:25:59.0003 0x156c  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
22:25:59.0072 0x156c  IDriverT - ok
22:25:59.0184 0x156c  [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:25:59.0250 0x156c  idsvc - ok
22:25:59.0359 0x156c  [ 373C0F67CC49772028D311FD147F4E85, D88613EB4DCB6F0A77D947D3DAB853689FFD71331484723C7CDCBADC7F01CB34 ] IDSVix86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20140617.001\IDSvix86.sys
22:25:59.0383 0x156c  IDSVix86 - ok
22:25:59.0427 0x156c  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
22:25:59.0429 0x156c  iirsp - ok
22:25:59.0491 0x156c  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
22:25:59.0514 0x156c  IKEEXT - ok
22:25:59.0573 0x156c  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
22:25:59.0575 0x156c  intelide - ok
22:25:59.0590 0x156c  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:25:59.0593 0x156c  intelppm - ok
22:25:59.0621 0x156c  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:25:59.0627 0x156c  IPBusEnum - ok
22:25:59.0638 0x156c  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:25:59.0641 0x156c  IpFilterDriver - ok
22:25:59.0644 0x156c  IpInIp - ok
22:25:59.0655 0x156c  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
22:25:59.0658 0x156c  IPMIDRV - ok
22:25:59.0679 0x156c  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
22:25:59.0683 0x156c  IPNAT - ok
22:25:59.0698 0x156c  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:25:59.0699 0x156c  IRENUM - ok
22:25:59.0705 0x156c  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:25:59.0708 0x156c  isapnp - ok
22:25:59.0758 0x156c  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
22:25:59.0764 0x156c  iScsiPrt - ok
22:25:59.0823 0x156c  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
22:25:59.0825 0x156c  iteatapi - ok
22:25:59.0863 0x156c  [ 8BCD857C7932AD005D5F9C89329DA2E1, B2091CEA5D3D0D06E49D71E7D40E993D5653A0D8F5DC5CE5C9CEFB1242887E0D ] itecir          C:\Windows\system32\DRIVERS\itecir.sys
22:25:59.0866 0x156c  itecir - ok
22:25:59.0920 0x156c  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
22:25:59.0922 0x156c  iteraid - ok
22:25:59.0966 0x156c  [ 2FBF424E4E8D5F320D2F69D9A726DE30, 86D29A67EB73D303F6B51962BAF5125C4A111D6AC15C1D7E7D9120BD5FCCA883 ] k57nd60x        C:\Windows\system32\DRIVERS\k57nd60x.sys
22:25:59.0973 0x156c  k57nd60x - ok
22:25:59.0999 0x156c  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:26:00.0001 0x156c  kbdclass - ok
22:26:00.0081 0x156c  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:26:00.0084 0x156c  kbdhid - ok
22:26:00.0139 0x156c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
22:26:00.0142 0x156c  KeyIso - ok
22:26:00.0166 0x156c  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:26:00.0179 0x156c  KSecDD - ok
22:26:00.0231 0x156c  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:26:00.0253 0x156c  KtmRm - ok
22:26:00.0318 0x156c  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:26:00.0326 0x156c  LanmanServer - ok
22:26:00.0391 0x156c  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:26:00.0414 0x156c  LanmanWorkstation - ok
22:26:00.0478 0x156c  [ 2479974EEECD109218FA847BE6994624, 7BE7F47D861E646B8506FEFACDE42F79170EB01663C38E61C8D78269F241E80C ] LckFldService   C:\Windows\system32\LckFldService.exe
22:26:00.0483 0x156c  LckFldService - ok
22:26:00.0633 0x156c  [ F8A7212D0864EF5E9185FB95E6623F4D, 277EAA06BD3D1CB31E6CD7B9ECD3A4B7D4AB7A369DB5FFF04EC7D749DF26E3D2 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
22:26:00.0635 0x156c  lirsgt - ok
22:26:00.0671 0x156c  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:26:00.0673 0x156c  lltdio - ok
22:26:00.0716 0x156c  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:26:00.0781 0x156c  lltdsvc - ok
22:26:00.0813 0x156c  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:26:00.0818 0x156c  lmhosts - ok
22:26:00.0837 0x156c  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:26:00.0841 0x156c  LSI_FC - ok
22:26:00.0857 0x156c  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:26:00.0861 0x156c  LSI_SAS - ok
22:26:00.0883 0x156c  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:26:00.0887 0x156c  LSI_SCSI - ok
22:26:00.0909 0x156c  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
22:26:00.0912 0x156c  luafv - ok
22:26:00.0925 0x156c  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:26:00.0931 0x156c  Mcx2Svc - ok
22:26:00.0995 0x156c  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
22:26:00.0997 0x156c  megasas - ok
22:26:01.0023 0x156c  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
22:26:01.0090 0x156c  MegaSR - ok
22:26:01.0155 0x156c  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
22:26:01.0160 0x156c  MMCSS - ok
22:26:01.0172 0x156c  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
22:26:01.0174 0x156c  Modem - ok
22:26:01.0190 0x156c  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:26:01.0193 0x156c  monitor - ok
22:26:01.0208 0x156c  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:26:01.0210 0x156c  mouclass - ok
22:26:01.0228 0x156c  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:26:01.0229 0x156c  mouhid - ok
22:26:01.0249 0x156c  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
22:26:01.0253 0x156c  MountMgr - ok
22:26:01.0416 0x156c  [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:26:01.0420 0x156c  MozillaMaintenance - ok
22:26:01.0452 0x156c  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:26:01.0456 0x156c  mpio - ok
22:26:01.0476 0x156c  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:26:01.0479 0x156c  mpsdrv - ok
22:26:01.0509 0x156c  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
22:26:01.0511 0x156c  Mraid35x - ok
22:26:01.0558 0x156c  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:26:01.0567 0x156c  MRxDAV - ok
22:26:01.0626 0x156c  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:26:01.0630 0x156c  mrxsmb - ok
22:26:01.0714 0x156c  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:26:01.0721 0x156c  mrxsmb10 - ok
22:26:01.0804 0x156c  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:26:01.0807 0x156c  mrxsmb20 - ok
22:26:01.0841 0x156c  [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] msahci          C:\Windows\system32\drivers\msahci.sys
22:26:01.0843 0x156c  msahci - ok
22:26:01.0874 0x156c  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:26:01.0878 0x156c  msdsm - ok
22:26:01.0932 0x156c  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
22:26:01.0939 0x156c  MSDTC - ok
22:26:01.0983 0x156c  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:26:01.0985 0x156c  Msfs - ok
22:26:02.0032 0x156c  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:26:02.0035 0x156c  msisadrv - ok
22:26:02.0093 0x156c  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:26:02.0099 0x156c  MSiSCSI - ok
22:26:02.0103 0x156c  msiserver - ok
22:26:02.0144 0x156c  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:26:02.0146 0x156c  MSKSSRV - ok
22:26:02.0164 0x156c  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:26:02.0165 0x156c  MSPCLOCK - ok
22:26:02.0179 0x156c  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:26:02.0180 0x156c  MSPQM - ok
22:26:02.0219 0x156c  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:26:02.0225 0x156c  MsRPC - ok
22:26:02.0252 0x156c  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
22:26:02.0312 0x156c  mssmbios - ok
22:26:02.0356 0x156c  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:26:02.0358 0x156c  MSTEE - ok
22:26:02.0374 0x156c  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:26:02.0376 0x156c  Mup - ok
22:26:02.0464 0x156c  [ F2840DBFE9322F35557219AE82CC4597, 51AADE48DB7F61DFB3AF7CADF46250211B210DF35EA12E7767F1CACBA3B8F4D3 ] N360            C:\Program Files\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
22:26:02.0467 0x156c  N360 - ok
22:26:02.0512 0x156c  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
22:26:02.0534 0x156c  napagent - ok
22:26:02.0607 0x156c  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:26:02.0613 0x156c  NativeWifiP - ok
22:26:02.0703 0x156c  [ 81E928EE3751FAF725C87CC17726C05D, 8AB84270DCB35F239B00FA4B9AC90E9520967B8188085D897F28E994CBF911FB ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20140618.001\NAVENG.SYS
22:26:02.0707 0x156c  NAVENG - ok
22:26:02.0780 0x156c  [ E0C39FA6C76AE8ED53ABF043F35ECDFF, CD2F87D3CB64F3362508D1855B24F40F1C44CF4132E3626971CCF4E7C49E61D6 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20140618.001\NAVEX15.SYS
22:26:02.0865 0x156c  NAVEX15 - ok
22:26:02.0943 0x156c  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:26:02.0964 0x156c  NDIS - ok
22:26:02.0994 0x156c  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:26:02.0995 0x156c  NdisTapi - ok
22:26:03.0002 0x156c  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:26:03.0004 0x156c  Ndisuio - ok
22:26:03.0066 0x156c  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:26:03.0071 0x156c  NdisWan - ok
22:26:03.0081 0x156c  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:26:03.0084 0x156c  NDProxy - ok
22:26:03.0100 0x156c  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:26:03.0102 0x156c  NetBIOS - ok
22:26:03.0150 0x156c  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
22:26:03.0155 0x156c  netbt - ok
22:26:03.0185 0x156c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
22:26:03.0189 0x156c  Netlogon - ok
22:26:03.0267 0x156c  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
22:26:03.0290 0x156c  Netman - ok
22:26:03.0370 0x156c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:26:03.0376 0x156c  NetMsmqActivator - ok
22:26:03.0392 0x156c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:26:03.0395 0x156c  NetPipeActivator - ok
22:26:03.0424 0x156c  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
22:26:03.0435 0x156c  netprofm - ok
22:26:03.0447 0x156c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:26:03.0451 0x156c  NetTcpActivator - ok
22:26:03.0457 0x156c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:26:03.0461 0x156c  NetTcpPortSharing - ok
22:26:03.0826 0x156c  [ 9CA26DCCF0B84A6FF2B54FBB2A94520B, B602543D61BA8756E6D0BDBFC729B3678D0E7ECE1053AE5842EFE55ABCFA3166 ] NETw5v32        C:\Windows\system32\DRIVERS\NETw5v32.sys
22:26:03.0981 0x156c  NETw5v32 - ok
22:26:04.0009 0x156c  NEWDRIVER - ok
22:26:04.0145 0x156c  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
22:26:04.0147 0x156c  nfrd960 - ok
22:26:04.0191 0x156c  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:26:04.0200 0x156c  NlaSvc - ok
22:26:04.0258 0x156c  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:26:04.0261 0x156c  Npfs - ok
22:26:04.0294 0x156c  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
22:26:04.0299 0x156c  nsi - ok
22:26:04.0329 0x156c  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:26:04.0330 0x156c  nsiproxy - ok
22:26:04.0410 0x156c  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:26:04.0477 0x156c  Ntfs - ok
22:26:04.0573 0x156c  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
22:26:04.0575 0x156c  ntrigdigi - ok
22:26:04.0589 0x156c  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
22:26:04.0591 0x156c  Null - ok
22:26:04.0643 0x156c  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:26:04.0647 0x156c  nvraid - ok
22:26:04.0657 0x156c  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:26:04.0660 0x156c  nvstor - ok
22:26:04.0722 0x156c  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:26:04.0726 0x156c  nv_agp - ok
22:26:04.0730 0x156c  NwlnkFlt - ok
22:26:04.0734 0x156c  NwlnkFwd - ok
22:26:04.0781 0x156c  [ 2CF21D5F8F1B74BB1922135AC2B12DDB, A6D6296A5477CB2AF7252CB1A0C4B5C384D0BFAE9F4860CAB466209BDC72C747 ] OA001Ufd        C:\Windows\system32\DRIVERS\OA001Ufd.sys
22:26:04.0786 0x156c  OA001Ufd - ok
22:26:04.0821 0x156c  [ 4075063D25AF9DA64101769854B83787, CF98600A3649B629A97CC4E0D2FD3904BC2D03CDD9716BF67A23237DF8D4AA64 ] OA001Vid        C:\Windows\system32\DRIVERS\OA001Vid.sys
22:26:04.0830 0x156c  OA001Vid - ok
22:26:04.0910 0x156c  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:26:04.0933 0x156c  odserv - ok
22:26:05.0011 0x156c  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
22:26:05.0014 0x156c  ohci1394 - ok
22:26:05.0043 0x156c  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:26:05.0079 0x156c  ose - ok
22:26:05.0142 0x156c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
22:26:05.0198 0x156c  p2pimsvc - ok
22:26:05.0261 0x156c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:26:05.0277 0x156c  p2psvc - ok
22:26:05.0336 0x156c  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
22:26:05.0340 0x156c  Parport - ok
22:26:05.0383 0x156c  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:26:05.0386 0x156c  partmgr - ok
22:26:05.0431 0x156c  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
22:26:05.0432 0x156c  Parvdm - ok
22:26:05.0456 0x156c  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:26:05.0490 0x156c  PcaSvc - ok
22:26:05.0561 0x156c  PCD5SRVC{3F6A8B78-EC003E00-05040104} - ok
22:26:05.0639 0x156c  [ 92FDDBED716BF5C3CB766101563CFCE5, BD77BEB532483FBDBE2D69A7D5193F1EB43514CA7A65934F17AE71DCF397CCD4 ] PCDSRVC{E9D79540-57D5953E-06020101}_0 c:\program files\dell support center\pcdsrvc.pkms
22:26:05.0646 0x156c  PCDSRVC{E9D79540-57D5953E-06020101}_0 - ok
22:26:05.0721 0x156c  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
22:26:05.0727 0x156c  pci - ok
22:26:05.0775 0x156c  [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:26:05.0777 0x156c  pciide - ok
22:26:05.0842 0x156c  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:26:05.0848 0x156c  pcmcia - ok
22:26:05.0921 0x156c  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:26:05.0954 0x156c  PEAUTH - ok
22:26:06.0128 0x156c  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
22:26:06.0193 0x156c  pla - ok
22:26:06.0256 0x156c  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:26:06.0279 0x156c  PlugPlay - ok
22:26:06.0314 0x156c  [ 205E1B699FD3F2F9B036EEA2EC30C620, 9D5C8009BC3F6F76438FC82C3DAAA3E9CC87F74CDE841A0ADD9EF00E98DB6890 ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
22:26:06.0322 0x156c  PnkBstrA - ok
22:26:06.0354 0x156c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
22:26:06.0371 0x156c  PNRPAutoReg - ok
22:26:06.0450 0x156c  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
22:26:06.0466 0x156c  PNRPsvc - ok
22:26:06.0555 0x156c  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:26:06.0569 0x156c  PolicyAgent - ok
22:26:06.0719 0x156c  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:26:06.0722 0x156c  PptpMiniport - ok
22:26:06.0845 0x156c  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
22:26:06.0848 0x156c  Processor - ok
22:26:06.0893 0x156c  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
22:26:06.0902 0x156c  ProfSvc - ok
22:26:06.0921 0x156c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
22:26:06.0924 0x156c  ProtectedStorage - ok
22:26:06.0966 0x156c  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
22:26:06.0968 0x156c  PSched - ok
22:26:07.0016 0x156c  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
22:26:07.0018 0x156c  PxHelp20 - ok
22:26:07.0129 0x156c  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:26:07.0184 0x156c  ql2300 - ok
22:26:07.0245 0x156c  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:26:07.0249 0x156c  ql40xx - ok
22:26:07.0277 0x156c  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
22:26:07.0299 0x156c  QWAVE - ok
22:26:07.0377 0x156c  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:26:07.0379 0x156c  QWAVEdrv - ok
22:26:07.0586 0x156c  [ 7AD53CC3A290ED312D54727DDDA98927, 79589FC8E77EAB768A67C36C27B8854FEB050872A1CA7E3866BFE4545DB7B18B ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
22:26:07.0675 0x156c  R300 - ok
22:26:07.0889 0x156c  [ 70DBDAB246C18B78E2200D6401D038BE, 18395D084AA9BEAF9C20736C90063CE1F862AF3A80F7752DB4FC0D1870D9996D ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
22:26:07.0894 0x156c  RapiMgr - ok
22:26:07.0899 0x156c  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:26:07.0901 0x156c  RasAcd - ok
22:26:07.0998 0x156c  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
22:26:08.0007 0x156c  RasAuto - ok
22:26:08.0088 0x156c  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:26:08.0092 0x156c  Rasl2tp - ok
22:26:08.0136 0x156c  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
22:26:08.0148 0x156c  RasMan - ok
22:26:08.0197 0x156c  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:26:08.0199 0x156c  RasPppoe - ok
22:26:08.0238 0x156c  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:26:08.0241 0x156c  RasSstp - ok
22:26:08.0291 0x156c  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:26:08.0298 0x156c  rdbss - ok
22:26:08.0371 0x156c  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:26:08.0373 0x156c  RDPCDD - ok
22:26:08.0396 0x156c  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
22:26:08.0404 0x156c  rdpdr - ok
22:26:08.0409 0x156c  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:26:08.0411 0x156c  RDPENCDD - ok
22:26:08.0491 0x156c  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:26:08.0536 0x156c  RDPWD - ok
22:26:08.0581 0x156c  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:26:08.0586 0x156c  RemoteAccess - ok
22:26:08.0625 0x156c  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:26:08.0633 0x156c  RemoteRegistry - ok
22:26:08.0691 0x156c  [ 6482707F9F4DA0ECBAB43B2E0398A101, 7D57FC36577121D7E26A4F2D46DCA8725D55EC9F75B91DF994DB742BC4FB89C2 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
22:26:08.0696 0x156c  RFCOMM - ok
22:26:08.0726 0x156c  [ C2EF513BBE069F0D4EE0938A76F975D3, DDF90CDBCF3422BA9A39C5B372E617CE0047EC8D99148795E12204AC75BA7CE2 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
22:26:08.0729 0x156c  rimmptsk - ok
22:26:08.0743 0x156c  [ C398BCA91216755B098679A8DA8A2300, 1FDDC3D927509AB10C3B0B7900DCE78DEC6B1C3CAE80F78EFCFBB628673B2143 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
22:26:08.0745 0x156c  rimsptsk - ok
22:26:08.0762 0x156c  [ 2A2554CB24506E0A0508FC395C4A1B42, B989AE65727C971D508E7284707258FCCC9213B510F4C2A257D3069A3DABE20B ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
22:26:08.0765 0x156c  rismxdp - ok
22:26:08.0789 0x156c  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
22:26:08.0793 0x156c  RpcLocator - ok
22:26:08.0833 0x156c  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
22:26:08.0848 0x156c  RpcSs - ok
22:26:08.0896 0x156c  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:26:08.0899 0x156c  rspndr - ok
22:26:08.0903 0x156c  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
22:26:08.0907 0x156c  SamSs - ok
22:26:08.0928 0x156c  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:26:08.0931 0x156c  sbp2port - ok
22:26:08.0988 0x156c  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:26:08.0996 0x156c  SCardSvr - ok
22:26:09.0040 0x156c  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
22:26:09.0073 0x156c  Schedule - ok
22:26:09.0126 0x156c  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:26:09.0127 0x156c  SCPolicySvc - ok
22:26:09.0202 0x156c  [ 8F36B54688C31EED4580129040C6A3D3, DC150689CBAEEC94B9DE0CA6A633FAD16CDDDC452521232E0C2A44BAE61E08D9 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
22:26:09.0206 0x156c  sdbus - ok
22:26:09.0237 0x156c  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:26:09.0245 0x156c  SDRSVC - ok
22:26:09.0311 0x156c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:26:09.0313 0x156c  secdrv - ok
22:26:09.0330 0x156c  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
22:26:09.0336 0x156c  seclogon - ok
22:26:09.0396 0x156c  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
22:26:09.0403 0x156c  SENS - ok
22:26:09.0459 0x156c  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
22:26:09.0460 0x156c  Serenum - ok
22:26:09.0478 0x156c  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
22:26:09.0481 0x156c  Serial - ok
22:26:09.0564 0x156c  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:26:09.0566 0x156c  sermouse - ok
22:26:09.0607 0x156c  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:26:09.0616 0x156c  SessionEnv - ok
22:26:09.0666 0x156c  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
22:26:09.0668 0x156c  sffdisk - ok
22:26:09.0699 0x156c  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:26:09.0701 0x156c  sffp_mmc - ok
22:26:09.0740 0x156c  [ 9F66A46C55D6F1CCABC79BB7AFCCC545, 029115C69315D2298F7FC944A53EF7F120FF74919208EB5ABC190022176D9B16 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
22:26:09.0742 0x156c  sffp_sd - ok
22:26:09.0772 0x156c  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
22:26:09.0773 0x156c  sfloppy - ok
22:26:09.0801 0x156c  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:26:09.0823 0x156c  SharedAccess - ok
22:26:09.0909 0x156c  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:26:09.0932 0x156c  ShellHWDetection - ok
22:26:10.0000 0x156c  [ 1644C3814E0DAE66CD68E39FFB97D869, C68CCCFDC4A1B984434BA512CF5CC52D27E2D56B15519CEA3B0383E1C7C482B9 ] SipIMNDI        C:\Windows\system32\DRIVERS\SipIMNDI.sys
22:26:10.0002 0x156c  SipIMNDI - ok
22:26:10.0064 0x156c  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
22:26:10.0135 0x156c  sisagp - ok
22:26:10.0169 0x156c  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
22:26:10.0172 0x156c  SiSRaid2 - ok
22:26:10.0210 0x156c  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:26:10.0214 0x156c  SiSRaid4 - ok
22:26:10.0290 0x156c  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
22:26:10.0329 0x156c  SkypeUpdate - ok
22:26:10.0567 0x156c  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
22:26:10.0709 0x156c  slsvc - ok
22:26:10.0764 0x156c  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
22:26:10.0771 0x156c  SLUINotify - ok
22:26:10.0804 0x156c  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:26:10.0807 0x156c  Smb - ok
22:26:10.0881 0x156c  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:26:10.0887 0x156c  SNMPTRAP - ok
22:26:10.0935 0x156c  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:26:10.0937 0x156c  spldr - ok
22:26:10.0987 0x156c  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
22:26:10.0996 0x156c  Spooler - ok
22:26:11.0096 0x156c  [ CDDDEC541BC3C96F91ECB48759673505, B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB ] sptd            C:\Windows\system32\Drivers\sptd.sys
22:26:11.0097 0x156c  Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505, sha256: B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB
22:26:11.0098 0x156c  sptd - detected LockedFile.Multi.Generic ( 1 )
22:26:13.0652 0x156c  Detect skipped due to KSN trusted
22:26:13.0652 0x156c  sptd - ok
22:26:13.0777 0x156c  [ 7BB297CADA42903328E92425D9761DA6, D23D933E770A21CDB57CAC274DD1DC3AB9A3F62F859D7AA069F8E7A5075796BE ] SRTSP           C:\Windows\System32\Drivers\N360\0604010.00E\SRTSP.SYS
22:26:13.0810 0x156c  SRTSP - ok
22:26:13.0825 0x156c  [ 475FCF0F28D845BF1C8ABAC27F19003E, 908F17A694D0979BBCBF26D24452912A8E7BAD17E28905EB53828AE76DD2BD28 ] SRTSPX          C:\Windows\system32\drivers\N360\0604010.00E\SRTSPX.SYS
22:26:13.0828 0x156c  SRTSPX - ok
22:26:13.0875 0x156c  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:26:13.0906 0x156c  srv - ok
22:26:13.0947 0x156c  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:26:13.0953 0x156c  srv2 - ok
22:26:14.0000 0x156c  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:26:14.0028 0x156c  srvnet - ok
22:26:14.0081 0x156c  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:26:14.0114 0x156c  SSDPSRV - ok
22:26:14.0195 0x156c  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:26:14.0204 0x156c  SstpSvc - ok
22:26:14.0339 0x156c  [ DDEB942850278D67EDC108D57F774BF8, 8212F3FC56587FC26ECFDD1E1AF6919F86671395B7614BFCDF698B5252F0BA55 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe
22:26:14.0347 0x156c  STacSV - ok
22:26:14.0421 0x156c  [ C4BE9C3AF8AF6F2E4CDD22FCABF77A1B, F65FB294790DF77D2E8C98CF6352025C7F02A3E8B54E55755418F1F3447631CA ] STHDA           C:\Windows\system32\DRIVERS\stwrt.sys
22:26:14.0433 0x156c  STHDA - ok
22:26:14.0490 0x156c  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
22:26:14.0512 0x156c  stisvc - ok
22:26:14.0597 0x156c  [ 1D0063597C3666404FCF97698ABEB019, 352A63C97F930499BC598C2A398663377D7CCD4A42770E35635C90EDC4DA530A ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
22:26:14.0602 0x156c  stllssvr - ok
22:26:14.0633 0x156c  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:26:14.0635 0x156c  swenum - ok
22:26:14.0723 0x156c  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
22:26:14.0746 0x156c  swprv - ok
22:26:14.0819 0x156c  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
22:26:14.0821 0x156c  Symc8xx - ok
22:26:14.0881 0x156c  [ 690FA0E61B90084C4D9A721BD4F3D779, 6DBED961CB0BC154D8BC862A018B5BA5A956590527AEAB9FA4149251195A3F2A ] SymDS           C:\Windows\system32\drivers\N360\0604010.00E\SYMDS.SYS
22:26:14.0892 0x156c  SymDS - ok
22:26:14.0957 0x156c  [ 8F88EDB211B12537D2DC2A6D73D6067C, 7BBD3B1C779BB2CADFAC36A72BB1177A082AFFC5CF5F2972DA479FFC9C5F0012 ] SymEFA          C:\Windows\system32\drivers\N360\0604010.00E\SYMEFA.SYS
22:26:15.0023 0x156c  SymEFA - ok
22:26:15.0051 0x156c  [ 74E2521E96176A4449570E50BE91954D, 731EACC486C77DE9006094B45F3C778095E8F31B183E09D6DBD32F89229474AB ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
22:26:15.0057 0x156c  SymEvent - ok
22:26:15.0088 0x156c  [ 2C356CCA706505CF63CBE39D532B9236, F4F00C3BC6A3939E594FFB60475348992AA3E8EA7381AC0AD3CD0CD30724DF52 ] SymIRON         C:\Windows\system32\drivers\N360\0604010.00E\Ironx86.SYS
22:26:15.0095 0x156c  SymIRON - ok
22:26:15.0131 0x156c  [ 40C6E6417C8B7D7FCF82CFBE71525795, D34092E594AF27EC17B106758C71D9D3AB7BE9BBD190D5C5E27684891D08EB70 ] SYMTDIv         C:\Windows\System32\Drivers\N360\0604010.00E\SYMTDIV.SYS
22:26:15.0154 0x156c  SYMTDIv - ok
22:26:15.0185 0x156c  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
22:26:15.0188 0x156c  Sym_hi - ok
22:26:15.0237 0x156c  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
22:26:15.0239 0x156c  Sym_u3 - ok
22:26:15.0292 0x156c  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
22:26:15.0359 0x156c  SysMain - ok
22:26:15.0413 0x156c  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:26:15.0420 0x156c  TabletInputService - ok
22:26:15.0502 0x156c  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:26:15.0524 0x156c  TapiSrv - ok
22:26:15.0577 0x156c  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
22:26:15.0585 0x156c  TBS - ok
22:26:15.0664 0x156c  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:26:15.0708 0x156c  Tcpip - ok
22:26:15.0771 0x156c  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
22:26:15.0788 0x156c  Tcpip6 - ok
22:26:15.0812 0x156c  [ 95389980F70FC4990A4395A0B8BBE1D6, FB5CBC85733A4EC4FB9F210A5D4E5989F6A3F2995D895F5B41163CDFC04DB82C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:26:15.0814 0x156c  tcpipreg - ok
22:26:15.0860 0x156c  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:26:15.0862 0x156c  TDPIPE - ok
22:26:15.0889 0x156c  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:26:15.0891 0x156c  TDTCP - ok
22:26:15.0933 0x156c  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:26:15.0937 0x156c  tdx - ok
22:26:15.0971 0x156c  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:26:15.0974 0x156c  TermDD - ok
22:26:16.0003 0x156c  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
22:26:16.0025 0x156c  TermService - ok
22:26:16.0080 0x156c  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
22:26:16.0089 0x156c  Themes - ok
22:26:16.0242 0x156c  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
22:26:16.0246 0x156c  THREADORDER - ok
22:26:16.0306 0x156c  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
22:26:16.0314 0x156c  TrkWks - ok
22:26:16.0387 0x156c  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:26:16.0388 0x156c  TrustedInstaller - ok
22:26:16.0432 0x156c  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:26:16.0434 0x156c  tssecsrv - ok
22:26:16.0454 0x156c  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
22:26:16.0456 0x156c  tunmp - ok
22:26:16.0487 0x156c  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:26:16.0489 0x156c  tunnel - ok
22:26:16.0541 0x156c  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:26:16.0544 0x156c  uagp35 - ok
22:26:16.0658 0x156c  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:26:16.0665 0x156c  udfs - ok
22:26:16.0776 0x156c  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:26:16.0783 0x156c  UI0Detect - ok
22:26:16.0804 0x156c  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:26:16.0807 0x156c  uliagpkx - ok
22:26:16.0832 0x156c  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
22:26:16.0840 0x156c  uliahci - ok
22:26:16.0855 0x156c  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
22:26:16.0860 0x156c  UlSata - ok
22:26:16.0925 0x156c  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
22:26:16.0930 0x156c  ulsata2 - ok
22:26:16.0950 0x156c  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:26:16.0958 0x156c  umbus - ok
22:26:17.0006 0x156c  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
22:26:17.0029 0x156c  upnphost - ok
22:26:17.0079 0x156c  [ E8C1B9EBAC65288E1B51E8A987D98AF6, 9DD752EE9DB12EB284AFA894723511C7BF2ED02CFE0931083DF5CB1707720DCA ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
22:26:17.0082 0x156c  USBAAPL - ok
22:26:17.0141 0x156c  [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
22:26:17.0144 0x156c  usbaudio - ok
22:26:17.0186 0x156c  usbbus - ok
22:26:17.0254 0x156c  [ 39263BF5DD85B31F30B9A4CE30955C45, A05D426931E55304F4E136FB1654607EF2430F071BD91B84AFE280158C8B13DF ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:26:17.0257 0x156c  usbccgp - ok
22:26:17.0273 0x156c  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:26:17.0276 0x156c  usbcir - ok
22:26:17.0280 0x156c  UsbDiag - ok
22:26:17.0339 0x156c  [ BC65492B34F7827CDE8A187BCDCF9CD9, 198DD98B70A6A3BFAED43477C5675695627034161221E6B922EC1A3CBF295D17 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:26:17.0342 0x156c  usbehci - ok
22:26:17.0384 0x156c  [ 5578CE68BD063186451BCC95EF0B6E13, A834BDDACE7F413E46AF0B77766C1F68223C28813E3E83BC445803F85D0FDD0D ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:26:17.0391 0x156c  usbhub - ok
22:26:17.0443 0x156c  USBModem - ok
22:26:17.0464 0x156c  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:26:17.0466 0x156c  usbohci - ok
22:26:17.0482 0x156c  [ B51E52ACF758BE00EF3A58EA452FE360, 79E629EC5DE8AB7F31B0EE9AE94C71E8F703FED5C09A816228726974F7790C85 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
22:26:17.0484 0x156c  usbprint - ok
22:26:17.0556 0x156c  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:26:17.0559 0x156c  USBSTOR - ok
22:26:17.0571 0x156c  [ 616BB8DBDF2BE053195F7FB66524F25B, 4FE065FE2542973AFF44E6ED678CF69B4090D798175F92F5F20D78FE429DBD37 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
22:26:17.0573 0x156c  usbuhci - ok
22:26:17.0637 0x156c  [ 73FF24E21B690625A58109637DDA0DF7, 62B1F9CD82678E2110D4BB5CC86EE8A7AB0757681443916620B6AAA1EF0DECEB ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
22:26:17.0642 0x156c  usbvideo - ok
22:26:17.0680 0x156c  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
22:26:17.0687 0x156c  UxSms - ok
22:26:17.0736 0x156c  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
22:26:17.0769 0x156c  vds - ok
22:26:17.0798 0x156c  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:26:17.0800 0x156c  vga - ok
22:26:17.0844 0x156c  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:26:17.0846 0x156c  VgaSave - ok
22:26:17.0863 0x156c  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
22:26:17.0866 0x156c  viaagp - ok
22:26:17.0882 0x156c  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
22:26:17.0886 0x156c  ViaC7 - ok
22:26:17.0907 0x156c  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
22:26:17.0909 0x156c  viaide - ok
22:26:17.0931 0x156c  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:26:17.0934 0x156c  volmgr - ok
22:26:17.0975 0x156c  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:26:17.0984 0x156c  volmgrx - ok
22:26:18.0071 0x156c  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:26:18.0079 0x156c  volsnap - ok
22:26:18.0094 0x156c  vpnva - ok
22:26:18.0112 0x156c  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:26:18.0117 0x156c  vsmraid - ok
22:26:18.0179 0x156c  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
22:26:18.0257 0x156c  VSS - ok
22:26:18.0329 0x156c  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
22:26:18.0352 0x156c  W32Time - ok
22:26:18.0404 0x156c  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:26:18.0406 0x156c  WacomPen - ok
22:26:18.0426 0x156c  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
22:26:18.0429 0x156c  Wanarp - ok
22:26:18.0434 0x156c  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:26:18.0436 0x156c  Wanarpv6 - ok
22:26:18.0496 0x156c  [ 779F9C90D3FE9C70B6FFD8EF035F3E83, 4E38026BA53139B4A10D5E8F00413FAF442A2A42FE1388FCF2155F07BE826750 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
22:26:18.0518 0x156c  WcesComm - ok
22:26:18.0546 0x156c  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:26:18.0569 0x156c  wcncsvc - ok
22:26:18.0585 0x156c  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:26:18.0591 0x156c  WcsPlugInService - ok
22:26:18.0622 0x156c  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
22:26:18.0624 0x156c  Wd - ok
22:26:18.0673 0x156c  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:26:18.0695 0x156c  Wdf01000 - ok
22:26:18.0717 0x156c  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:26:18.0725 0x156c  WdiServiceHost - ok
22:26:18.0730 0x156c  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:26:18.0738 0x156c  WdiSystemHost - ok
22:26:18.0783 0x156c  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
22:26:18.0806 0x156c  WebClient - ok
22:26:18.0887 0x156c  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:26:18.0921 0x156c  Wecsvc - ok
22:26:18.0953 0x156c  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:26:18.0960 0x156c  wercplsupport - ok
22:26:18.0997 0x156c  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:26:19.0006 0x156c  WerSvc - ok
22:26:19.0079 0x156c  [ CB79207A1E4F697533678B7DF0C91648, CE132852070BDAF9B95513E88A7214FA2D927FDF25258F5F5D0DEBD6A46462CB ] WinFLAdrv       C:\Windows\system32\WinFLAdrv.sys
22:26:19.0087 0x156c  WinFLAdrv - ok
22:26:19.0090 0x156c  WinHttpAutoProxySvc - ok
22:26:19.0178 0x156c  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:26:19.0185 0x156c  Winmgmt - ok
22:26:19.0300 0x156c  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
22:26:19.0390 0x156c  WinRM - ok
22:26:19.0426 0x156c  [ 676F4B665BDD8053EAA53AC1695B8074, 98521FCB6B6B33DD8BF38A703745053481681C7981DFE5A59116D6BDE187D6F6 ] winusb          C:\Windows\system32\DRIVERS\winusb.sys
22:26:19.0428 0x156c  winusb - ok
22:26:19.0443 0x156c  WinVDEDrv - ok
22:26:19.0482 0x156c  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:26:19.0538 0x156c  Wlansvc - ok
22:26:19.0721 0x156c  [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:26:19.0749 0x156c  wlidsvc - ok
22:26:19.0822 0x156c  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
22:26:19.0825 0x156c  WmiAcpi - ok
22:26:19.0859 0x156c  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:26:19.0865 0x156c  wmiApSrv - ok
22:26:19.0953 0x156c  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
22:26:19.0986 0x156c  WMPNetworkSvc - ok
22:26:20.0022 0x156c  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:26:20.0033 0x156c  WPCSvc - ok
22:26:20.0074 0x156c  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:26:20.0083 0x156c  WPDBusEnum - ok
22:26:20.0128 0x156c  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
22:26:20.0130 0x156c  WpdUsb - ok
22:26:20.0295 0x156c  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:26:20.0362 0x156c  WPFFontCache_v0400 - ok
22:26:20.0434 0x156c  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:26:20.0436 0x156c  ws2ifsl - ok
22:26:20.0440 0x156c  WSearch - ok
22:26:20.0577 0x156c  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:26:20.0665 0x156c  wuauserv - ok
22:26:20.0757 0x156c  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:26:20.0759 0x156c  WudfPf - ok
22:26:20.0797 0x156c  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:26:20.0803 0x156c  WUDFRd - ok
22:26:20.0846 0x156c  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:26:20.0855 0x156c  wudfsvc - ok
22:26:20.0916 0x156c  ================ Scan global ===============================
22:26:20.0943 0x156c  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
22:26:21.0019 0x156c  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
22:26:21.0057 0x156c  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
22:26:21.0129 0x156c  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
22:26:21.0152 0x156c  [ Global ] - ok
22:26:21.0152 0x156c  ================ Scan MBR ==================================
22:26:21.0193 0x156c  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
22:26:21.0741 0x156c  \Device\Harddisk0\DR0 - ok
22:26:21.0741 0x156c  ================ Scan VBR ==================================
22:26:21.0750 0x156c  [ 7C7E9249E69BD420B5A8CC30BBD10143 ] \Device\Harddisk0\DR0\Partition1
22:26:21.0793 0x156c  \Device\Harddisk0\DR0\Partition1 - ok
22:26:21.0833 0x156c  [ AA8BA382C734AC267F0BC5E1330238EC ] \Device\Harddisk0\DR0\Partition2
22:26:21.0900 0x156c  \Device\Harddisk0\DR0\Partition2 - ok
22:26:21.0901 0x156c  ================ Scan generic autorun ======================
22:26:21.0950 0x156c  [ C111FFD56FF6F5E15266A55057487102, A27B293E424434DEF6004A2C890ABF65C7E1A889B642035C58ACE090653038EA ] C:\Program Files\DellTPad\Apoint.exe
22:26:21.0957 0x156c  Apoint - ok
22:26:22.0069 0x156c  [ 8D703E1BCF8389C155E00DF652545E4C, 02045665B0BBAEE96FD64C1D3AF30A390D7A58347AB3D38E0EF8A08063339DD0 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
22:26:22.0095 0x156c  StartCCC - ok
22:26:22.0127 0x156c  [ 4AB05041D5C922B9A7A5D9059F5538CD, 554885535DB523D25DBDB43FBA9384B8E4EC9DF79B02F3B9FFDE3C498106D463 ] C:\Windows\WindowsMobile\wmdSync.exe
22:26:22.0135 0x156c  Windows Mobile-based device management - ok
22:26:22.0205 0x156c  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
22:26:22.0207 0x156c  APSDaemon - ok
22:26:22.0284 0x156c  [ 900633A911F86D7F941B3089EAFD6D15, 0DFB096B65F248D962DEBA0D35B85F27A1B65616E920C1075A87F6F64D6600B7 ] C:\Program Files\T-Home\Dialerschutz-Software\Defender.exe
22:26:22.0349 0x156c  T-Home Dialerschutz-Software - ok
22:26:22.0510 0x156c  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
22:26:22.0632 0x156c  Adobe ARM - ok
22:26:22.0724 0x156c  [ 700ECB8DB6B0FCE5C077438D2C4485D5, 35E25C018E552C76474C3D384ED74D982476C4A47C39BB45A1E38F7B054B387E ] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
22:26:22.0746 0x156c  DivXMediaServer - ok
22:26:22.0800 0x156c  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
22:26:22.0808 0x156c  SunJavaUpdateSched - ok
22:26:23.0187 0x156c  [ 66FE0B9C332A513D5FB5D6279F19F662, 4691BFE34D51843C97658643283716B15556F27314D36BA4045A83B4B747F0A5 ] C:\Program Files\IDT\WDM\sttray.exe
22:26:23.0253 0x156c  SysTrayApp - ok
22:26:23.0369 0x156c  [ 16AFB34618E1286FF856DC600AC49C79, 431EC110507685A0F4472EAE35383B4C1E3DC0B56E01CDECFB18F753181DC995 ] C:\Program Files\DivX\DivX Update\DivXUpdate.exe
22:26:23.0466 0x156c  DivXUpdate - ok
22:26:23.0571 0x156c  [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files\QuickTime\QTTask.exe
22:26:23.0584 0x156c  QuickTime Task - ok
22:26:23.0613 0x156c  [ 4B555106290BD117334E9A08761C035A, 8A3808FBC197040BF0C65084514E8441E35FFFF8E31980F9CE1F41ED65E08437 ] C:\Windows\system32\rundll32.exe
22:26:23.0619 0x156c  B Register C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax - ok
22:26:23.0705 0x156c  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
22:26:23.0782 0x156c  Sidebar - ok
22:26:23.0786 0x156c  WindowsWelcomeCenter - ok
22:26:23.0879 0x156c  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
22:26:23.0900 0x156c  Sidebar - ok
22:26:23.0905 0x156c  WindowsWelcomeCenter - ok
22:26:23.0991 0x156c  [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
22:26:23.0995 0x156c  ehTray.exe - ok
22:26:24.0114 0x156c  [ 9EB925EDC8CF1C3D06E50E9348B54A0A, 99C1F8D40A65E1F4975B0D1180B3056712832E0E8FBE829785FDD505B6222AEA ] C:\Users\Fireboarder\AppData\Local\Facebook\Update\FacebookUpdate.exe
22:26:24.0120 0x156c  Facebook Update - ok
22:26:24.0246 0x156c  [ 3B6060D03FE2D982AC7F4C2CE1D4FD76, C836E0261490441AD773C821C9E9A9746ED052304A1DAF477674559ECC054D6B ] C:\Users\Fireboarder\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
22:26:24.0332 0x156c  Spotify Web Helper - ok
22:26:24.0335 0x156c  DriverTurbo - ok
22:26:24.0338 0x156c  WinFLTray - ok
22:26:24.0446 0x156c  FLBackup - ok
22:26:24.0446 0x156c  Waiting for KSN requests completion. In queue: 64
22:26:25.0446 0x156c  Waiting for KSN requests completion. In queue: 64
22:26:26.0446 0x156c  Waiting for KSN requests completion. In queue: 64
22:26:27.0542 0x156c  AV detected via SS2: Norton 360 Online, C:\Program Files\Norton 360\Engine\6.4.1.14\WSCStub.exe ( 19.9.0.0 ), 0x50010 ( disabled : outofdate )
22:26:27.0545 0x156c  FW detected via SS2: Norton 360 Online, C:\Program Files\Norton 360\Engine\6.4.1.14\WSCStub.exe ( 19.9.0.0 ), 0x50010 ( disabled )
22:26:27.0566 0x156c  Win FW state via NFP2: enabled
22:26:29.0994 0x156c  ============================================================
22:26:29.0994 0x156c  Scan finished
22:26:29.0994 0x156c  ============================================================
22:26:30.0002 0x0edc  Detected object count: 0
22:26:30.0002 0x0edc  Actual detected object count: 0
22:27:18.0821 0x1570  ============================================================
22:27:18.0822 0x1570  Scan started
22:27:18.0822 0x1570  Mode: Manual; 
22:27:18.0822 0x1570  ============================================================
22:27:18.0822 0x1570  KSN ping started
22:27:35.0252 0x1570  KSN ping finished: true
         

Alt 02.07.2014, 14:45   #5
fireboarder
 
Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus) - Standard

Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)



Und hier der zweite Teil der TDSS Killer (?) Logdatei:

Code:
ATTFilter
22:27:35.0773 0x1570  ================ Scan system memory ========================
22:27:35.0773 0x1570  System memory - ok
22:27:35.0775 0x1570  ================ Scan services =============================
22:27:36.0171 0x1570  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
22:27:36.0176 0x1570  ACPI - ok
22:27:36.0517 0x1570  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:27:36.0518 0x1570  AdobeARMservice - ok
22:27:36.0607 0x1570  [ B5D8DE922237CEDDC7992297654A4BE4, 88EF0B5EBFB383C9069A29AEA8D76EDBE1E70DD6F7C18970EE01ECAE9F408B38 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:27:36.0612 0x1570  AdobeFlashPlayerUpdateSvc - ok
22:27:36.0670 0x1570  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
22:27:36.0678 0x1570  adp94xx - ok
22:27:36.0691 0x1570  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
22:27:36.0697 0x1570  adpahci - ok
22:27:36.0736 0x1570  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
22:27:36.0738 0x1570  adpu160m - ok
22:27:36.0777 0x1570  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
22:27:36.0780 0x1570  adpu320 - ok
22:27:36.0825 0x1570  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:27:36.0826 0x1570  AeLookupSvc - ok
22:27:36.0922 0x1570  [ 827DBC22C96EECF6D36A13162FABAFD3, EBBC04A6AD3BC83E3791569C1120BBBB59AF70512FA2CEB6A8BA2A257F3F6C32 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\aestsrv.exe
22:27:36.0924 0x1570  AESTFilters - ok
22:27:37.0015 0x1570  [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD             C:\Windows\system32\drivers\afd.sys
22:27:37.0020 0x1570  AFD - ok
22:27:37.0059 0x1570  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
22:27:37.0061 0x1570  agp440 - ok
22:27:37.0083 0x1570  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
22:27:37.0085 0x1570  aic78xx - ok
22:27:37.0130 0x1570  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
22:27:37.0132 0x1570  ALG - ok
22:27:37.0143 0x1570  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
22:27:37.0144 0x1570  aliide - ok
22:27:37.0234 0x1570  [ D38A1DD45B40F31C8CF546AADBC6F513, 137173A4433B1048C969332C1CE799D19190433D615B08F85D012048654BE9FA ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:27:37.0237 0x1570  AMD External Events Utility - ok
22:27:37.0258 0x1570  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
22:27:37.0260 0x1570  amdagp - ok
22:27:37.0277 0x1570  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
22:27:37.0278 0x1570  amdide - ok
22:27:37.0287 0x1570  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
22:27:37.0289 0x1570  AmdK7 - ok
22:27:37.0307 0x1570  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
22:27:37.0308 0x1570  AmdK8 - ok
22:27:37.0350 0x1570  [ D7723A101C5CB4C0FA979E4DDA732EC0, 9CCF59C30972805A111F1557E178CBAF6BB7ADC8CA015A2B380A0C940FD14632 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
22:27:37.0354 0x1570  ApfiltrService - ok
22:27:37.0390 0x1570  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
22:27:37.0391 0x1570  Appinfo - ok
22:27:37.0467 0x1570  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:27:37.0469 0x1570  Apple Mobile Device - ok
22:27:37.0508 0x1570  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
22:27:37.0510 0x1570  arc - ok
22:27:37.0554 0x1570  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:27:37.0556 0x1570  arcsas - ok
22:27:37.0751 0x1570  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:27:37.0753 0x1570  aspnet_state - ok
22:27:37.0774 0x1570  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:27:37.0774 0x1570  AsyncMac - ok
22:27:37.0830 0x1570  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
22:27:37.0831 0x1570  atapi - ok
22:27:37.0874 0x1570  [ 8B4BDFBEE6B52216F40DF9E54E5BFCC9, AA22F1F2F8CD5FDC3453AB757B840A15A0D1153C21C32AA70FC20996B5423AC7 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
22:27:37.0876 0x1570  AtiHdmiService - ok
22:27:38.0107 0x1570  [ 7AD53CC3A290ED312D54727DDDA98927, 79589FC8E77EAB768A67C36C27B8854FEB050872A1CA7E3866BFE4545DB7B18B ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:27:38.0196 0x1570  atikmdag - ok
22:27:38.0297 0x1570  [ F0D933B42CD0594048E4D5200AE9E417, FF53E843A99948568515964C3C97107FA875BBC3F2906BADEE0B29ACE5532F0D ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
22:27:38.0302 0x1570  atksgt - ok
22:27:38.0379 0x1570  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:27:38.0385 0x1570  AudioEndpointBuilder - ok
22:27:38.0412 0x1570  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
22:27:38.0418 0x1570  Audiosrv - ok
22:27:38.0479 0x1570  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:27:38.0480 0x1570  Beep - ok
22:27:38.0751 0x1570  [ 5A55D8D9340A00B3BD2CC3413B4CB0C0, 438BB95072EC14AD597CFEF040CA7FDE8D46E4AAEE9145AC1014522F1842F713 ] BHDrvx86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20140606.001\BHDrvx86.sys
22:27:38.0771 0x1570  BHDrvx86 - ok
22:27:38.0846 0x1570  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
22:27:38.0864 0x1570  BITS - ok
22:27:38.0889 0x1570  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
22:27:38.0890 0x1570  blbdrive - ok
22:27:39.0029 0x1570  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:27:39.0036 0x1570  Bonjour Service - ok
22:27:39.0088 0x1570  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:27:39.0090 0x1570  bowser - ok
22:27:39.0100 0x1570  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
22:27:39.0101 0x1570  BrFiltLo - ok
22:27:39.0129 0x1570  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
22:27:39.0129 0x1570  BrFiltUp - ok
22:27:39.0190 0x1570  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
22:27:39.0192 0x1570  Browser - ok
22:27:39.0226 0x1570  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
22:27:39.0228 0x1570  Brserid - ok
22:27:39.0239 0x1570  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
22:27:39.0241 0x1570  BrSerWdm - ok
22:27:39.0260 0x1570  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
22:27:39.0261 0x1570  BrUsbMdm - ok
22:27:39.0312 0x1570  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
22:27:39.0313 0x1570  BrUsbSer - ok
22:27:39.0356 0x1570  [ 6D39C954799B63BA866910234CF7D726, 1D807C3410C01C76E5810D626F23C1CCED3C9C5A65F39267B770C494C8D64114 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
22:27:39.0357 0x1570  BthEnum - ok
22:27:39.0383 0x1570  [ 9A966A8E86D1771911AE34A20D11BFF3, FBD5F621A47A3530B325816E71F0C4BCE5CCE731C57DEBD42ACFC8BCAA258656 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:27:39.0384 0x1570  BTHMODEM - ok
22:27:39.0465 0x1570  [ 5904EFA25F829BF84EA6FB045134A1D8, 66E4160CC404744576BA6E9DD606B533F42B3D4A3E2FDD457DAA016CC72A81CC ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
22:27:39.0468 0x1570  BthPan - ok
22:27:39.0509 0x1570  [ 611FF3F2F095C8D4A6D4CFD9DCC09793, 2F27A1287ABCDB9C316EB720D1855100666240959CF969D5B2679C9ABCBD6050 ] BthPort         C:\Windows\system32\Drivers\BTHport.sys
22:27:39.0519 0x1570  BthPort - ok
22:27:39.0598 0x1570  [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ         C:\Windows\System32\bthserv.dll
22:27:39.0599 0x1570  BthServ - ok
22:27:39.0647 0x1570  [ D330803EAB2A15CAEC7F011F1D4CB30E, 240FFF317C90AD8966DA9666F2748F98CEC3CB99C486F399D1C68FE0E393EE68 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
22:27:39.0648 0x1570  BTHUSB - ok
22:27:39.0679 0x1570  [ 58C4B59D0EBFB637E2E296CF4A686BA0, CAF4A0F74B94792B3993353007A0F48F1F013625D6BC58B21CC5C245AD4405F3 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
22:27:39.0681 0x1570  btwaudio - ok
22:27:39.0700 0x1570  [ E8CC9436CC464D6975ADBC4AECE0BA7B, D052ECBDD09FE3297E1C5D50D40D7E0D2C9923CB05D734DA1D0320FB5D03C10C ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
22:27:39.0703 0x1570  btwavdt - ok
22:27:39.0759 0x1570  [ AA29BE5BF3D40CA73447639E293FE4C8, EE3E91A3C6205BDE6498D39642098637B43A16FA17E9381FD17BA52835D0C7A3 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
22:27:39.0768 0x1570  btwdins - ok
22:27:39.0819 0x1570  [ ECB98391C756A7B9CFBAE89D9D1235E1, 0A639D2187BDCD64320A7FB72627ED8AF2AF7CC8AAEF6E0991BDEF28BA080442 ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
22:27:39.0821 0x1570  btwl2cap - ok
22:27:39.0831 0x1570  [ 62ED55843F8216EB25A909A820613033, AC26611768395B92DD1B9571C9927E1279FCE7192BB0D8CA555409706D767C09 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
22:27:39.0832 0x1570  btwrchid - ok
22:27:39.0924 0x1570  [ ACE85AF1C31F68BDFEE9333F6592917E, 106799FCF3B375BF92A73A2BE4680D20EB9E77E9F715B9477E5AA7D43023C7B1 ] ccSet_N360      C:\Windows\system32\drivers\N360\0604010.00E\ccSetx86.sys
22:27:39.0927 0x1570  ccSet_N360 - ok
22:27:39.0953 0x1570  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:27:39.0955 0x1570  cdfs - ok
22:27:40.0109 0x1570  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:27:40.0111 0x1570  cdrom - ok
22:27:40.0129 0x1570  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
22:27:40.0131 0x1570  CertPropSvc - ok
22:27:40.0147 0x1570  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:27:40.0148 0x1570  circlass - ok
22:27:40.0309 0x1570  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
22:27:40.0315 0x1570  CLFS - ok
22:27:40.0386 0x1570  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:27:40.0388 0x1570  clr_optimization_v2.0.50727_32 - ok
22:27:40.0443 0x1570  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:27:40.0445 0x1570  clr_optimization_v4.0.30319_32 - ok
22:27:40.0516 0x1570  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:27:40.0517 0x1570  CmBatt - ok
22:27:40.0545 0x1570  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:27:40.0546 0x1570  cmdide - ok
22:27:40.0614 0x1570  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:27:40.0615 0x1570  Compbatt - ok
22:27:40.0620 0x1570  COMSysApp - ok
22:27:40.0626 0x1570  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
22:27:40.0627 0x1570  crcdisk - ok
22:27:40.0674 0x1570  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
22:27:40.0676 0x1570  Crusoe - ok
22:27:40.0716 0x1570  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:27:40.0720 0x1570  CryptSvc - ok
22:27:40.0747 0x1570  [ 281B2B60B5CB449BCF0474EECF73EBEC, B49D2F11426E6E28E1E5F8CA7DF213067A20A5AB6F0177F31A75162DB07CAE16 ] CtClsFlt        C:\Windows\system32\DRIVERS\CtClsFlt.sys
22:27:40.0750 0x1570  CtClsFlt - ok
22:27:40.0801 0x1570  [ B5ECADF7708960F1818C7FA015F4C239, A58BA71B08A9D46EB79EB3DF0858F553A11DE3461E13B6D926E25D21D4CBB2D8 ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA.sys
22:27:40.0802 0x1570  CVirtA - ok
22:27:40.0903 0x1570  [ 30443EEF52F5FB043654859EAA8E5247, 887ED8C4FE2259542E05A17973FE1549B636DA2C6888CC3A66F97D7D2600DC49 ] CVPND           C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
22:27:40.0931 0x1570  CVPND - ok
22:27:40.0969 0x1570  [ CB90B2762B1A1D0B40496400C55B6ADE, 7A8D86B223FD8A2C4A75AD0849041D56255277D491387C613E62BC76E6730F06 ] CVPNDRVA        C:\Windows\system32\Drivers\CVPNDRVA.sys
22:27:40.0975 0x1570  CVPNDRVA - ok
22:27:41.0022 0x1570  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:27:41.0037 0x1570  DcomLaunch - ok
22:27:41.0145 0x1570  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
22:27:41.0184 0x1570  DFSR - ok
22:27:41.0317 0x1570  [ 6A7DBBF0DA2EA69F573FF86C6675FB7B, 2A4CA948AFF5D62B618C6565F668167FE38D257C700DF7EC9F9C01D7A531B0A8 ] DFSVC           C:\Program Files\T-Home\Dialerschutz-Software\DFInject.exe
22:27:41.0323 0x1570  DFSVC - ok
22:27:41.0364 0x1570  [ EA29C804FCF6FED1F2F4F14BEC890DE0, 2C8D3D69A8BCF0BE63D0CFAA7DD1821C48BEFA9AB7CDD5D3D84452794DC04BBF ] DFSYS           C:\Program Files\T-Home\Dialerschutz-Software\DFSYS.SYS
22:27:41.0365 0x1570  DFSYS - ok
22:27:41.0399 0x1570  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
22:27:41.0404 0x1570  Dhcp - ok
22:27:41.0491 0x1570  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
22:27:41.0492 0x1570  disk - ok
22:27:41.0512 0x1570  [ B5AA5AA5AC327BD7C1AEC0C58F0C1144, 14C147B79786C5DCEC54AF191E8815D871906E30DE90B00C7929F0E6CC025E6A ] DNE             C:\Windows\system32\DRIVERS\dne2000.sys
22:27:41.0515 0x1570  DNE - ok
22:27:41.0563 0x1570  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:27:41.0566 0x1570  Dnscache - ok
22:27:41.0618 0x1570  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
22:27:41.0623 0x1570  dot3svc - ok
22:27:41.0645 0x1570  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
22:27:41.0650 0x1570  DPS - ok
22:27:41.0658 0x1570  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:27:41.0659 0x1570  drmkaud - ok
22:27:41.0723 0x1570  [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:27:41.0735 0x1570  DXGKrnl - ok
22:27:41.0771 0x1570  [ 908ED85B7806E8AF3AF5E9B74F7809D4, 9A763D247035578A946094D2C1CE8204E6EDFFD7237C7BF2058B5F4ECC0306E0 ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
22:27:41.0775 0x1570  e1express - ok
22:27:41.0796 0x1570  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
22:27:41.0799 0x1570  E1G60 - ok
22:27:41.0864 0x1570  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
22:27:41.0867 0x1570  EapHost - ok
22:27:41.0921 0x1570  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
22:27:41.0924 0x1570  Ecache - ok
22:27:41.0991 0x1570  [ 10D14FAEF105DF2432D0E03860895284, 200662CD73537A8152FA0C276F20CE9B558FB2EB1AD0C171E5CCF4DC8C02F8B3 ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
22:27:41.0998 0x1570  eeCtrl - ok
22:27:42.0054 0x1570  ehdrv - ok
22:27:42.0110 0x1570  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:27:42.0116 0x1570  ehRecvr - ok
22:27:42.0142 0x1570  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
22:27:42.0145 0x1570  ehSched - ok
22:27:42.0155 0x1570  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
22:27:42.0156 0x1570  ehstart - ok
22:27:42.0304 0x1570  ekrn - ok
22:27:42.0343 0x1570  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
22:27:42.0349 0x1570  elxstor - ok
22:27:42.0429 0x1570  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
22:27:42.0441 0x1570  EMDMgmt - ok
22:27:42.0446 0x1570  epfw - ok
22:27:42.0564 0x1570  [ BDC856F11F2A8F4C9B4A59B29A33569B, ADD91A760F57C73FE6574EABBCB2F3F897A45C8DD0DE26BBFF2CCD5891FDBA6C ] EpfwLWF         C:\Windows\system32\DRIVERS\EpfwLWF.sys
22:27:42.0565 0x1570  EpfwLWF - ok
22:27:42.0569 0x1570  epfwwfp - ok
22:27:42.0661 0x1570  [ 0424EAB7549926FB864BD41E7F0639CC, 04E349F311B24239E1B4DAD073360A0D91391B69E74B43D705A1C00FDF113F45 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
22:27:42.0663 0x1570  EraserUtilRebootDrv - ok
22:27:42.0691 0x1570  [ F2A80DE2D1B7116052C09CB4D4CA1416, C21E5C078D93AE605E04D251F71B617343C908DF7EF74F96BB5B810052957572 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:27:42.0692 0x1570  ErrDev - ok
22:27:42.0793 0x1570  [ B6905802576D480505EE30D6DFE098A6, CEA60847B5ACA1651182E5525295F73C1C54A9C1CE969263B081AE8ADF8408AF ] esgiguard       C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
22:27:42.0794 0x1570  esgiguard - ok
22:27:42.0830 0x1570  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
22:27:42.0837 0x1570  EventSystem - ok
22:27:42.0960 0x1570  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:27:42.0963 0x1570  exfat - ok
22:27:42.0994 0x1570  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:27:42.0997 0x1570  fastfat - ok
22:27:43.0025 0x1570  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:27:43.0026 0x1570  fdc - ok
22:27:43.0047 0x1570  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
22:27:43.0049 0x1570  fdPHost - ok
22:27:43.0054 0x1570  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:27:43.0057 0x1570  FDResPub - ok
22:27:43.0064 0x1570  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:27:43.0065 0x1570  FileInfo - ok
22:27:43.0126 0x1570  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:27:43.0127 0x1570  Filetrace - ok
22:27:43.0137 0x1570  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:27:43.0138 0x1570  flpydisk - ok
22:27:43.0142 0x1570  FLService - ok
22:27:43.0237 0x1570  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:27:43.0241 0x1570  FltMgr - ok
22:27:43.0314 0x1570  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
22:27:43.0331 0x1570  FontCache - ok
22:27:43.0428 0x1570  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:27:43.0429 0x1570  FontCache3.0.0.0 - ok
22:27:43.0453 0x1570  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:27:43.0454 0x1570  Fs_Rec - ok
22:27:43.0495 0x1570  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:27:43.0497 0x1570  gagp30kx - ok
22:27:43.0612 0x1570  [ D3316F6E3C011435F36E3D6E49B3196C, 941DF52BA26603A146ED6B65A696DB87153868ED0469EF9C2EB09AC7E63525B7 ] GoToAssist      C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
22:27:43.0613 0x1570  GoToAssist - ok
22:27:43.0684 0x1570  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
22:27:43.0697 0x1570  gpsvc - ok
22:27:43.0775 0x1570  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
22:27:43.0778 0x1570  gupdate - ok
22:27:43.0786 0x1570  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
22:27:43.0789 0x1570  gupdatem - ok
22:27:43.0841 0x1570  [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
22:27:43.0842 0x1570  hamachi - ok
22:27:43.0909 0x1570  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:27:43.0913 0x1570  HdAudAddService - ok
22:27:43.0948 0x1570  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:27:43.0959 0x1570  HDAudBus - ok
22:27:44.0035 0x1570  [ FCB3F4BE408F72C1BD81BCABA87FC22F, F63D75904888E40889A600EF32AA77130C088014949F5A574B49F547E9F9D4AD ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:27:44.0036 0x1570  HidBth - ok
22:27:44.0083 0x1570  [ D8DF3722D5E961BAA1292AA2F12827E2, 799E194B36BA08D59500A2C45ADD2FB69C7698F3F7F837CC7CFB266D57830BD6 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:27:44.0085 0x1570  HidIr - ok
22:27:44.0120 0x1570  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
22:27:44.0123 0x1570  hidserv - ok
22:27:44.0209 0x1570  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:27:44.0210 0x1570  HidUsb - ok
22:27:44.0241 0x1570  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:27:44.0245 0x1570  hkmsvc - ok
22:27:44.0308 0x1570  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
22:27:44.0309 0x1570  HpCISSs - ok
22:27:44.0430 0x1570  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:27:44.0438 0x1570  HTTP - ok
22:27:44.0516 0x1570  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
22:27:44.0517 0x1570  i2omp - ok
22:27:44.0533 0x1570  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:27:44.0534 0x1570  i8042prt - ok
22:27:44.0573 0x1570  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
22:27:44.0578 0x1570  iaStorV - ok
22:27:44.0689 0x1570  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
22:27:44.0691 0x1570  IDriverT - ok
22:27:44.0779 0x1570  [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:27:44.0795 0x1570  idsvc - ok
22:27:44.0900 0x1570  [ 373C0F67CC49772028D311FD147F4E85, D88613EB4DCB6F0A77D947D3DAB853689FFD71331484723C7CDCBADC7F01CB34 ] IDSVix86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20140617.001\IDSvix86.sys
22:27:44.0908 0x1570  IDSVix86 - ok
22:27:44.0946 0x1570  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
22:27:44.0947 0x1570  iirsp - ok
22:27:44.0999 0x1570  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
22:27:45.0009 0x1570  IKEEXT - ok
22:27:45.0036 0x1570  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
22:27:45.0037 0x1570  intelide - ok
22:27:45.0053 0x1570  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:27:45.0055 0x1570  intelppm - ok
22:27:45.0251 0x1570  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:27:45.0255 0x1570  IPBusEnum - ok
22:27:45.0347 0x1570  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:27:45.0348 0x1570  IpFilterDriver - ok
22:27:45.0352 0x1570  IpInIp - ok
22:27:45.0419 0x1570  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
22:27:45.0421 0x1570  IPMIDRV - ok
22:27:45.0520 0x1570  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
22:27:45.0523 0x1570  IPNAT - ok
22:27:45.0550 0x1570  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:27:45.0551 0x1570  IRENUM - ok
22:27:45.0610 0x1570  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:27:45.0612 0x1570  isapnp - ok
22:27:45.0774 0x1570  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
22:27:45.0778 0x1570  iScsiPrt - ok
22:27:45.0820 0x1570  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
22:27:45.0821 0x1570  iteatapi - ok
22:27:45.0983 0x1570  [ 8BCD857C7932AD005D5F9C89329DA2E1, B2091CEA5D3D0D06E49D71E7D40E993D5653A0D8F5DC5CE5C9CEFB1242887E0D ] itecir          C:\Windows\system32\DRIVERS\itecir.sys
22:27:45.0984 0x1570  itecir - ok
22:27:46.0084 0x1570  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
22:27:46.0085 0x1570  iteraid - ok
22:27:46.0230 0x1570  [ 2FBF424E4E8D5F320D2F69D9A726DE30, 86D29A67EB73D303F6B51962BAF5125C4A111D6AC15C1D7E7D9120BD5FCCA883 ] k57nd60x        C:\Windows\system32\DRIVERS\k57nd60x.sys
22:27:46.0234 0x1570  k57nd60x - ok
22:27:46.0341 0x1570  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:27:46.0342 0x1570  kbdclass - ok
22:27:46.0434 0x1570  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:27:46.0435 0x1570  kbdhid - ok
22:27:46.0454 0x1570  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
22:27:46.0458 0x1570  KeyIso - ok
22:27:46.0507 0x1570  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:27:46.0516 0x1570  KSecDD - ok
22:27:46.0628 0x1570  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:27:46.0638 0x1570  KtmRm - ok
22:27:46.0681 0x1570  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:27:46.0689 0x1570  LanmanServer - ok
22:27:46.0755 0x1570  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:27:46.0764 0x1570  LanmanWorkstation - ok
22:27:46.0831 0x1570  [ 2479974EEECD109218FA847BE6994624, 7BE7F47D861E646B8506FEFACDE42F79170EB01663C38E61C8D78269F241E80C ] LckFldService   C:\Windows\system32\LckFldService.exe
22:27:46.0835 0x1570  LckFldService - ok
22:27:46.0908 0x1570  [ F8A7212D0864EF5E9185FB95E6623F4D, 277EAA06BD3D1CB31E6CD7B9ECD3A4B7D4AB7A369DB5FFF04EC7D749DF26E3D2 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
22:27:46.0909 0x1570  lirsgt - ok
22:27:46.0946 0x1570  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:27:46.0947 0x1570  lltdio - ok
22:27:46.0979 0x1570  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:27:46.0986 0x1570  lltdsvc - ok
22:27:47.0010 0x1570  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:27:47.0014 0x1570  lmhosts - ok
22:27:47.0057 0x1570  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:27:47.0059 0x1570  LSI_FC - ok
22:27:47.0077 0x1570  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:27:47.0079 0x1570  LSI_SAS - ok
22:27:47.0124 0x1570  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:27:47.0127 0x1570  LSI_SCSI - ok
22:27:47.0150 0x1570  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
22:27:47.0152 0x1570  luafv - ok
22:27:47.0167 0x1570  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:27:47.0171 0x1570  Mcx2Svc - ok
22:27:47.0192 0x1570  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
22:27:47.0193 0x1570  megasas - ok
22:27:47.0254 0x1570  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
22:27:47.0261 0x1570  MegaSR - ok
22:27:47.0330 0x1570  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
22:27:47.0334 0x1570  MMCSS - ok
22:27:47.0347 0x1570  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
22:27:47.0349 0x1570  Modem - ok
22:27:47.0387 0x1570  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:27:47.0389 0x1570  monitor - ok
22:27:47.0405 0x1570  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:27:47.0406 0x1570  mouclass - ok
22:27:47.0413 0x1570  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:27:47.0415 0x1570  mouhid - ok
22:27:47.0424 0x1570  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
22:27:47.0426 0x1570  MountMgr - ok
22:27:47.0479 0x1570  [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:27:47.0482 0x1570  MozillaMaintenance - ok
22:27:47.0504 0x1570  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:27:47.0507 0x1570  mpio - ok
22:27:47.0528 0x1570  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:27:47.0530 0x1570  mpsdrv - ok
22:27:47.0539 0x1570  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
22:27:47.0540 0x1570  Mraid35x - ok
22:27:47.0588 0x1570  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:27:47.0591 0x1570  MRxDAV - ok
22:27:47.0634 0x1570  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:27:47.0636 0x1570  mrxsmb - ok
22:27:47.0678 0x1570  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:27:47.0682 0x1570  mrxsmb10 - ok
22:27:47.0756 0x1570  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:27:47.0759 0x1570  mrxsmb20 - ok
22:27:47.0815 0x1570  [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] msahci          C:\Windows\system32\drivers\msahci.sys
22:27:47.0817 0x1570  msahci - ok
22:27:47.0860 0x1570  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:27:47.0862 0x1570  msdsm - ok
22:27:47.0885 0x1570  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
22:27:47.0890 0x1570  MSDTC - ok
22:27:47.0936 0x1570  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:27:47.0937 0x1570  Msfs - ok
22:27:47.0973 0x1570  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:27:47.0975 0x1570  msisadrv - ok
22:27:48.0000 0x1570  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:27:48.0005 0x1570  MSiSCSI - ok
22:27:48.0009 0x1570  msiserver - ok
22:27:48.0041 0x1570  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:27:48.0042 0x1570  MSKSSRV - ok
22:27:48.0060 0x1570  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:27:48.0061 0x1570  MSPCLOCK - ok
22:27:48.0076 0x1570  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:27:48.0076 0x1570  MSPQM - ok
22:27:48.0116 0x1570  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:27:48.0119 0x1570  MsRPC - ok
22:27:48.0171 0x1570  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
22:27:48.0173 0x1570  mssmbios - ok
22:27:48.0187 0x1570  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:27:48.0188 0x1570  MSTEE - ok
22:27:48.0204 0x1570  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:27:48.0206 0x1570  Mup - ok
22:27:48.0283 0x1570  [ F2840DBFE9322F35557219AE82CC4597, 51AADE48DB7F61DFB3AF7CADF46250211B210DF35EA12E7767F1CACBA3B8F4D3 ] N360            C:\Program Files\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
22:27:48.0286 0x1570  N360 - ok
22:27:48.0331 0x1570  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
22:27:48.0341 0x1570  napagent - ok
22:27:48.0393 0x1570  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:27:48.0396 0x1570  NativeWifiP - ok
22:27:48.0522 0x1570  [ 81E928EE3751FAF725C87CC17726C05D, 8AB84270DCB35F239B00FA4B9AC90E9520967B8188085D897F28E994CBF911FB ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20140618.001\NAVENG.SYS
22:27:48.0524 0x1570  NAVENG - ok
22:27:48.0654 0x1570  [ E0C39FA6C76AE8ED53ABF043F35ECDFF, CD2F87D3CB64F3362508D1855B24F40F1C44CF4132E3626971CCF4E7C49E61D6 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20140618.001\NAVEX15.SYS
22:27:48.0683 0x1570  NAVEX15 - ok
22:27:48.0806 0x1570  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:27:48.0816 0x1570  NDIS - ok
22:27:48.0879 0x1570  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:27:48.0881 0x1570  NdisTapi - ok
22:27:48.0888 0x1570  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:27:48.0889 0x1570  Ndisuio - ok
22:27:48.0930 0x1570  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:27:48.0933 0x1570  NdisWan - ok
22:27:48.0978 0x1570  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:27:48.0980 0x1570  NDProxy - ok
22:27:49.0052 0x1570  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:27:49.0054 0x1570  NetBIOS - ok
22:27:49.0091 0x1570  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
22:27:49.0096 0x1570  netbt - ok
22:27:49.0115 0x1570  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
22:27:49.0119 0x1570  Netlogon - ok
22:27:49.0665 0x1570  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
22:27:49.0673 0x1570  Netman - ok
22:27:49.0744 0x1570  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:27:49.0748 0x1570  NetMsmqActivator - ok
22:27:49.0755 0x1570  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:27:49.0758 0x1570  NetPipeActivator - ok
22:27:49.0843 0x1570  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
22:27:49.0851 0x1570  netprofm - ok
22:27:49.0889 0x1570  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:27:49.0893 0x1570  NetTcpActivator - ok
22:27:49.0900 0x1570  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:27:49.0903 0x1570  NetTcpPortSharing - ok
22:27:50.0201 0x1570  [ 9CA26DCCF0B84A6FF2B54FBB2A94520B, B602543D61BA8756E6D0BDBFC729B3678D0E7ECE1053AE5842EFE55ABCFA3166 ] NETw5v32        C:\Windows\system32\DRIVERS\NETw5v32.sys
22:27:50.0267 0x1570  NETw5v32 - ok
22:27:50.0278 0x1570  NEWDRIVER - ok
22:27:50.0331 0x1570  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
22:27:50.0332 0x1570  nfrd960 - ok
22:27:50.0354 0x1570  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:27:50.0361 0x1570  NlaSvc - ok
22:27:50.0422 0x1570  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:27:50.0423 0x1570  Npfs - ok
22:27:50.0457 0x1570  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
22:27:50.0462 0x1570  nsi - ok
22:27:50.0503 0x1570  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:27:50.0504 0x1570  nsiproxy - ok
22:27:50.0585 0x1570  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:27:50.0605 0x1570  Ntfs - ok
22:27:50.0670 0x1570  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
22:27:50.0671 0x1570  ntrigdigi - ok
22:27:50.0764 0x1570  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
22:27:50.0765 0x1570  Null - ok
22:27:50.0784 0x1570  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:27:50.0787 0x1570  nvraid - ok
22:27:50.0854 0x1570  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:27:50.0856 0x1570  nvstor - ok
22:27:50.0875 0x1570  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:27:50.0877 0x1570  nv_agp - ok
22:27:50.0881 0x1570  NwlnkFlt - ok
22:27:50.0886 0x1570  NwlnkFwd - ok
22:27:50.0922 0x1570  [ 2CF21D5F8F1B74BB1922135AC2B12DDB, A6D6296A5477CB2AF7252CB1A0C4B5C384D0BFAE9F4860CAB466209BDC72C747 ] OA001Ufd        C:\Windows\system32\DRIVERS\OA001Ufd.sys
22:27:50.0925 0x1570  OA001Ufd - ok
22:27:50.0962 0x1570  [ 4075063D25AF9DA64101769854B83787, CF98600A3649B629A97CC4E0D2FD3904BC2D03CDD9716BF67A23237DF8D4AA64 ] OA001Vid        C:\Windows\system32\DRIVERS\OA001Vid.sys
22:27:50.0967 0x1570  OA001Vid - ok
22:27:51.0207 0x1570  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:27:51.0216 0x1570  odserv - ok
22:27:51.0297 0x1570  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
22:27:51.0298 0x1570  ohci1394 - ok
22:27:51.0329 0x1570  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:27:51.0332 0x1570  ose - ok
22:27:51.0562 0x1570  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
22:27:51.0578 0x1570  p2pimsvc - ok
22:27:51.0651 0x1570  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:27:51.0666 0x1570  p2psvc - ok
22:27:51.0733 0x1570  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
22:27:51.0736 0x1570  Parport - ok
22:27:51.0781 0x1570  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:27:51.0782 0x1570  partmgr - ok
22:27:51.0795 0x1570  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
22:27:51.0796 0x1570  Parvdm - ok
22:27:51.0831 0x1570  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:27:51.0836 0x1570  PcaSvc - ok
22:27:51.0869 0x1570  PCD5SRVC{3F6A8B78-EC003E00-05040104} - ok
22:27:51.0925 0x1570  [ 92FDDBED716BF5C3CB766101563CFCE5, BD77BEB532483FBDBE2D69A7D5193F1EB43514CA7A65934F17AE71DCF397CCD4 ] PCDSRVC{E9D79540-57D5953E-06020101}_0 c:\program files\dell support center\pcdsrvc.pkms
22:27:51.0926 0x1570  PCDSRVC{E9D79540-57D5953E-06020101}_0 - ok
22:27:51.0985 0x1570  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
22:27:51.0988 0x1570  pci - ok
22:27:52.0016 0x1570  [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:27:52.0018 0x1570  pciide - ok
22:27:52.0039 0x1570  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:27:52.0043 0x1570  pcmcia - ok
22:27:52.0140 0x1570  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:27:52.0156 0x1570  PEAUTH - ok
22:27:52.0280 0x1570  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
22:27:52.0312 0x1570  pla - ok
22:27:52.0387 0x1570  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:27:52.0396 0x1570  PlugPlay - ok
22:27:52.0467 0x1570  [ 205E1B699FD3F2F9B036EEA2EC30C620, 9D5C8009BC3F6F76438FC82C3DAAA3E9CC87F74CDE841A0ADD9EF00E98DB6890 ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
22:27:52.0473 0x1570  PnkBstrA - ok
22:27:52.0529 0x1570  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
22:27:52.0545 0x1570  PNRPAutoReg - ok
22:27:52.0596 0x1570  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
22:27:52.0612 0x1570  PNRPsvc - ok
22:27:52.0718 0x1570  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:27:52.0727 0x1570  PolicyAgent - ok
22:27:52.0794 0x1570  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:27:52.0796 0x1570  PptpMiniport - ok
22:27:52.0809 0x1570  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
22:27:52.0810 0x1570  Processor - ok
22:27:52.0856 0x1570  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
22:27:52.0864 0x1570  ProfSvc - ok
22:27:52.0884 0x1570  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
22:27:52.0888 0x1570  ProtectedStorage - ok
22:27:52.0940 0x1570  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
22:27:52.0943 0x1570  PSched - ok
22:27:52.0979 0x1570  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
22:27:52.0981 0x1570  PxHelp20 - ok
22:27:53.0115 0x1570  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:27:53.0135 0x1570  ql2300 - ok
22:27:53.0208 0x1570  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:27:53.0211 0x1570  ql40xx - ok
22:27:53.0240 0x1570  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
22:27:53.0249 0x1570  QWAVE - ok
22:27:53.0274 0x1570  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:27:53.0276 0x1570  QWAVEdrv - ok
22:27:53.0497 0x1570  [ 7AD53CC3A290ED312D54727DDDA98927, 79589FC8E77EAB768A67C36C27B8854FEB050872A1CA7E3866BFE4545DB7B18B ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
22:27:53.0586 0x1570  R300 - ok
22:27:53.0674 0x1570  [ 70DBDAB246C18B78E2200D6401D038BE, 18395D084AA9BEAF9C20736C90063CE1F862AF3A80F7752DB4FC0D1870D9996D ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
22:27:53.0678 0x1570  RapiMgr - ok
22:27:53.0682 0x1570  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:27:53.0684 0x1570  RasAcd - ok
22:27:53.0740 0x1570  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
22:27:53.0746 0x1570  RasAuto - ok
22:27:54.0163 0x1570  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:27:54.0165 0x1570  Rasl2tp - ok
22:27:54.0200 0x1570  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
22:27:54.0209 0x1570  RasMan - ok
22:27:54.0305 0x1570  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:27:54.0307 0x1570  RasPppoe - ok
22:27:54.0346 0x1570  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:27:54.0348 0x1570  RasSstp - ok
22:27:54.0443 0x1570  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:27:54.0448 0x1570  rdbss - ok
22:27:54.0512 0x1570  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:27:54.0513 0x1570  RDPCDD - ok
22:27:54.0537 0x1570  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
22:27:54.0543 0x1570  rdpdr - ok
22:27:54.0547 0x1570  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:27:54.0548 0x1570  RDPENCDD - ok
22:27:54.0611 0x1570  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:27:54.0615 0x1570  RDPWD - ok
22:27:54.0678 0x1570  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:27:54.0682 0x1570  RemoteAccess - ok
22:27:54.0733 0x1570  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:27:54.0740 0x1570  RemoteRegistry - ok
22:27:54.0821 0x1570  [ 6482707F9F4DA0ECBAB43B2E0398A101, 7D57FC36577121D7E26A4F2D46DCA8725D55EC9F75B91DF994DB742BC4FB89C2 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
22:27:54.0824 0x1570  RFCOMM - ok
22:27:54.0856 0x1570  [ C2EF513BBE069F0D4EE0938A76F975D3, DDF90CDBCF3422BA9A39C5B372E617CE0047EC8D99148795E12204AC75BA7CE2 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
22:27:54.0858 0x1570  rimmptsk - ok
22:27:54.0907 0x1570  [ C398BCA91216755B098679A8DA8A2300, 1FDDC3D927509AB10C3B0B7900DCE78DEC6B1C3CAE80F78EFCFBB628673B2143 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
22:27:54.0908 0x1570  rimsptsk - ok
22:27:54.0914 0x1570  [ 2A2554CB24506E0A0508FC395C4A1B42, B989AE65727C971D508E7284707258FCCC9213B510F4C2A257D3069A3DABE20B ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
22:27:54.0916 0x1570  rismxdp - ok
22:27:54.0953 0x1570  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
22:27:54.0956 0x1570  RpcLocator - ok
22:27:54.0997 0x1570  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
22:27:55.0012 0x1570  RpcSs - ok
22:27:55.0049 0x1570  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:27:55.0051 0x1570  rspndr - ok
22:27:55.0055 0x1570  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
22:27:55.0059 0x1570  SamSs - ok
22:27:55.0092 0x1570  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:27:55.0094 0x1570  sbp2port - ok
22:27:55.0141 0x1570  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:27:55.0147 0x1570  SCardSvr - ok
22:27:55.0237 0x1570  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
22:27:55.0252 0x1570  Schedule - ok
22:27:55.0356 0x1570  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:27:55.0358 0x1570  SCPolicySvc - ok
22:27:55.0388 0x1570  [ 8F36B54688C31EED4580129040C6A3D3, DC150689CBAEEC94B9DE0CA6A633FAD16CDDDC452521232E0C2A44BAE61E08D9 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
22:27:55.0390 0x1570  sdbus - ok
22:27:55.0445 0x1570  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:27:55.0451 0x1570  SDRSVC - ok
22:27:55.0486 0x1570  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:27:55.0487 0x1570  secdrv - ok
22:27:55.0505 0x1570  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
22:27:55.0511 0x1570  seclogon - ok
22:27:55.0527 0x1570  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
22:27:55.0532 0x1570  SENS - ok
22:27:55.0567 0x1570  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
22:27:55.0568 0x1570  Serenum - ok
22:27:55.0586 0x1570  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
22:27:55.0588 0x1570  Serial - ok
22:27:55.0606 0x1570  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:27:55.0607 0x1570  sermouse - ok
22:27:55.0671 0x1570  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:27:55.0677 0x1570  SessionEnv - ok
22:27:55.0685 0x1570  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
22:27:55.0687 0x1570  sffdisk - ok
22:27:55.0696 0x1570  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:27:55.0697 0x1570  sffp_mmc - ok
22:27:55.0758 0x1570  [ 9F66A46C55D6F1CCABC79BB7AFCCC545, 029115C69315D2298F7FC944A53EF7F120FF74919208EB5ABC190022176D9B16 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
22:27:55.0759 0x1570  sffp_sd - ok
22:27:55.0791 0x1570  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
22:27:55.0792 0x1570  sfloppy - ok
22:27:55.0854 0x1570  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:27:55.0861 0x1570  SharedAccess - ok
22:27:55.0940 0x1570  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:27:55.0949 0x1570  ShellHWDetection - ok
22:27:56.0008 0x1570  [ 1644C3814E0DAE66CD68E39FFB97D869, C68CCCFDC4A1B984434BA512CF5CC52D27E2D56B15519CEA3B0383E1C7C482B9 ] SipIMNDI        C:\Windows\system32\DRIVERS\SipIMNDI.sys
22:27:56.0010 0x1570  SipIMNDI - ok
22:27:56.0028 0x1570  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
22:27:56.0030 0x1570  sisagp - ok
22:27:56.0035 0x1570  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
22:27:56.0037 0x1570  SiSRaid2 - ok
22:27:56.0074 0x1570  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:27:56.0076 0x1570  SiSRaid4 - ok
22:27:56.0153 0x1570  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
22:27:56.0157 0x1570  SkypeUpdate - ok
22:27:56.0363 0x1570  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
22:27:56.0433 0x1570  slsvc - ok
22:27:56.0495 0x1570  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
22:27:56.0502 0x1570  SLUINotify - ok
22:27:56.0578 0x1570  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:27:56.0580 0x1570  Smb - ok
22:27:56.0633 0x1570  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:27:56.0639 0x1570  SNMPTRAP - ok
22:27:56.0665 0x1570  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:27:56.0667 0x1570  spldr - ok
22:27:56.0695 0x1570  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
22:27:56.0702 0x1570  Spooler - ok
22:27:56.0770 0x1570  [ CDDDEC541BC3C96F91ECB48759673505, B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB ] sptd            C:\Windows\system32\Drivers\sptd.sys
22:27:56.0771 0x1570  Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505, sha256: B030FFA02832317AC5626BF1BF8A4A95A5992C9A6E81BC1C002D5F4D667C27FB
22:27:56.0772 0x1570  sptd - detected LockedFile.Multi.Generic ( 1 )
22:27:56.0773 0x1570  Detect skipped due to KSN trusted
22:27:56.0773 0x1570  sptd - ok
22:27:56.0839 0x1570  [ 7BB297CADA42903328E92425D9761DA6, D23D933E770A21CDB57CAC274DD1DC3AB9A3F62F859D7AA069F8E7A5075796BE ] SRTSP           C:\Windows\System32\Drivers\N360\0604010.00E\SRTSP.SYS
22:27:56.0850 0x1570  SRTSP - ok
22:27:56.0876 0x1570  [ 475FCF0F28D845BF1C8ABAC27F19003E, 908F17A694D0979BBCBF26D24452912A8E7BAD17E28905EB53828AE76DD2BD28 ] SRTSPX          C:\Windows\system32\drivers\N360\0604010.00E\SRTSPX.SYS
22:27:56.0877 0x1570  SRTSPX - ok
22:27:56.0914 0x1570  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:27:56.0920 0x1570  srv - ok
22:27:56.0953 0x1570  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:27:56.0957 0x1570  srv2 - ok
22:27:56.0973 0x1570  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:27:56.0975 0x1570  srvnet - ok
22:27:57.0009 0x1570  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:27:57.0017 0x1570  SSDPSRV - ok
22:27:57.0057 0x1570  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:27:57.0064 0x1570  SstpSvc - ok
22:27:57.0201 0x1570  [ DDEB942850278D67EDC108D57F774BF8, 8212F3FC56587FC26ECFDD1E1AF6919F86671395B7614BFCDF698B5252F0BA55 ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f6ef8056\STacSV.exe
22:27:57.0206 0x1570  STacSV - ok
22:27:57.0271 0x1570  [ C4BE9C3AF8AF6F2E4CDD22FCABF77A1B, F65FB294790DF77D2E8C98CF6352025C7F02A3E8B54E55755418F1F3447631CA ] STHDA           C:\Windows\system32\DRIVERS\stwrt.sys
22:27:57.0279 0x1570  STHDA - ok
22:27:57.0363 0x1570  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
22:27:57.0377 0x1570  stisvc - ok
22:27:57.0492 0x1570  [ 1D0063597C3666404FCF97698ABEB019, 352A63C97F930499BC598C2A398663377D7CCD4A42770E35635C90EDC4DA530A ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
22:27:57.0494 0x1570  stllssvr - ok
22:27:57.0517 0x1570  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:27:57.0518 0x1570  swenum - ok
22:27:57.0574 0x1570  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
22:27:57.0585 0x1570  swprv - ok
22:27:57.0647 0x1570  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
22:27:57.0649 0x1570  Symc8xx - ok
22:27:57.0720 0x1570  [ 690FA0E61B90084C4D9A721BD4F3D779, 6DBED961CB0BC154D8BC862A018B5BA5A956590527AEAB9FA4149251195A3F2A ] SymDS           C:\Windows\system32\drivers\N360\0604010.00E\SYMDS.SYS
22:27:57.0727 0x1570  SymDS - ok
22:27:57.0796 0x1570  [ 8F88EDB211B12537D2DC2A6D73D6067C, 7BBD3B1C779BB2CADFAC36A72BB1177A082AFFC5CF5F2972DA479FFC9C5F0012 ] SymEFA          C:\Windows\system32\drivers\N360\0604010.00E\SYMEFA.SYS
22:27:57.0813 0x1570  SymEFA - ok
22:27:57.0858 0x1570  [ 74E2521E96176A4449570E50BE91954D, 731EACC486C77DE9006094B45F3C778095E8F31B183E09D6DBD32F89229474AB ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
22:27:57.0861 0x1570  SymEvent - ok
22:27:57.0872 0x1570  [ 2C356CCA706505CF63CBE39D532B9236, F4F00C3BC6A3939E594FFB60475348992AA3E8EA7381AC0AD3CD0CD30724DF52 ] SymIRON         C:\Windows\system32\drivers\N360\0604010.00E\Ironx86.SYS
22:27:57.0876 0x1570  SymIRON - ok
22:27:57.0915 0x1570  [ 40C6E6417C8B7D7FCF82CFBE71525795, D34092E594AF27EC17B106758C71D9D3AB7BE9BBD190D5C5E27684891D08EB70 ] SYMTDIv         C:\Windows\System32\Drivers\N360\0604010.00E\SYMTDIV.SYS
22:27:57.0922 0x1570  SYMTDIv - ok
22:27:58.0325 0x1570  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
22:27:58.0326 0x1570  Sym_hi - ok
22:27:58.0388 0x1570  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
22:27:58.0389 0x1570  Sym_u3 - ok
22:27:58.0489 0x1570  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
22:27:58.0504 0x1570  SysMain - ok
22:27:58.0553 0x1570  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:27:58.0559 0x1570  TabletInputService - ok
22:27:58.0631 0x1570  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:27:58.0640 0x1570  TapiSrv - ok
22:27:58.0672 0x1570  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
22:27:58.0679 0x1570  TBS - ok
22:27:58.0770 0x1570  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:27:58.0787 0x1570  Tcpip - ok
22:27:58.0914 0x1570  [ A4196D394207369E1431E8681B373312, BEF96BAB70FDF94F8CB2942BDEA9B4D934443E5305E3FD737809C3F7524B1E8E ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
22:27:58.0932 0x1570  Tcpip6 - ok
22:27:59.0018 0x1570  [ 95389980F70FC4990A4395A0B8BBE1D6, FB5CBC85733A4EC4FB9F210A5D4E5989F6A3F2995D895F5B41163CDFC04DB82C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:27:59.0019 0x1570  tcpipreg - ok
22:27:59.0044 0x1570  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:27:59.0045 0x1570  TDPIPE - ok
22:27:59.0095 0x1570  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:27:59.0097 0x1570  TDTCP - ok
22:27:59.0129 0x1570  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:27:59.0131 0x1570  tdx - ok
22:27:59.0189 0x1570  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:27:59.0191 0x1570  TermDD - ok
22:27:59.0365 0x1570  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
22:27:59.0379 0x1570  TermService - ok
22:27:59.0431 0x1570  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
22:27:59.0440 0x1570  Themes - ok
22:27:59.0526 0x1570  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
22:27:59.0530 0x1570  THREADORDER - ok
22:27:59.0579 0x1570  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
22:27:59.0586 0x1570  TrkWks - ok
22:27:59.0649 0x1570  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:27:59.0650 0x1570  TrustedInstaller - ok
22:27:59.0794 0x1570  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:27:59.0795 0x1570  tssecsrv - ok
22:27:59.0871 0x1570  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
22:27:59.0873 0x1570  tunmp - ok
22:27:59.0893 0x1570  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:27:59.0895 0x1570  tunnel - ok
22:27:59.0925 0x1570  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:27:59.0927 0x1570  uagp35 - ok
22:27:59.0953 0x1570  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:27:59.0958 0x1570  udfs - ok
22:28:00.0060 0x1570  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:28:00.0066 0x1570  UI0Detect - ok
22:28:00.0089 0x1570  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:28:00.0091 0x1570  uliagpkx - ok
22:28:00.0116 0x1570  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
22:28:00.0121 0x1570  uliahci - ok
22:28:00.0184 0x1570  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
22:28:00.0186 0x1570  UlSata - ok
22:28:00.0221 0x1570  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
22:28:00.0224 0x1570  ulsata2 - ok
22:28:00.0267 0x1570  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:28:00.0269 0x1570  umbus - ok
22:28:00.0313 0x1570  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
22:28:00.0323 0x1570  upnphost - ok
22:28:00.0396 0x1570  [ E8C1B9EBAC65288E1B51E8A987D98AF6, 9DD752EE9DB12EB284AFA894723511C7BF2ED02CFE0931083DF5CB1707720DCA ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
22:28:00.0398 0x1570  USBAAPL - ok
22:28:00.0481 0x1570  [ 1114579556DB85E9FAF9590DBC64CD62, 10479A3C12BBBB9B5759082358FE11AC20BAEFA6B4977C8AE6E60AA17BE6C7FA ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
22:28:00.0483 0x1570  usbaudio - ok
22:28:00.0487 0x1570  usbbus - ok
22:28:00.0538 0x1570  [ 39263BF5DD85B31F30B9A4CE30955C45, A05D426931E55304F4E136FB1654607EF2430F071BD91B84AFE280158C8B13DF ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:28:00.0540 0x1570  usbccgp - ok
22:28:00.0602 0x1570  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:28:00.0604 0x1570  usbcir - ok
22:28:00.0609 0x1570  UsbDiag - ok
22:28:00.0635 0x1570  [ BC65492B34F7827CDE8A187BCDCF9CD9, 198DD98B70A6A3BFAED43477C5675695627034161221E6B922EC1A3CBF295D17 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:28:00.0636 0x1570  usbehci - ok
22:28:00.0680 0x1570  [ 5578CE68BD063186451BCC95EF0B6E13, A834BDDACE7F413E46AF0B77766C1F68223C28813E3E83BC445803F85D0FDD0D ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:28:00.0684 0x1570  usbhub - ok
22:28:00.0689 0x1570  USBModem - ok
22:28:00.0715 0x1570  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:28:00.0716 0x1570  usbohci - ok
22:28:00.0732 0x1570  [ B51E52ACF758BE00EF3A58EA452FE360, 79E629EC5DE8AB7F31B0EE9AE94C71E8F703FED5C09A816228726974F7790C85 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
22:28:00.0734 0x1570  usbprint - ok
22:28:00.0785 0x1570  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:28:00.0787 0x1570  USBSTOR - ok
22:28:00.0800 0x1570  [ 616BB8DBDF2BE053195F7FB66524F25B, 4FE065FE2542973AFF44E6ED678CF69B4090D798175F92F5F20D78FE429DBD37 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
22:28:00.0801 0x1570  usbuhci - ok
22:28:00.0821 0x1570  [ 73FF24E21B690625A58109637DDA0DF7, 62B1F9CD82678E2110D4BB5CC86EE8A7AB0757681443916620B6AAA1EF0DECEB ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
22:28:00.0825 0x1570  usbvideo - ok
22:28:00.0853 0x1570  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
22:28:00.0859 0x1570  UxSms - ok
22:28:00.0931 0x1570  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
22:28:00.0943 0x1570  vds - ok
22:28:00.0960 0x1570  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:28:00.0961 0x1570  vga - ok
22:28:00.0966 0x1570  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:28:00.0968 0x1570  VgaSave - ok
22:28:01.0036 0x1570  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
22:28:01.0038 0x1570  viaagp - ok
22:28:01.0056 0x1570  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
22:28:01.0057 0x1570  ViaC7 - ok
22:28:01.0080 0x1570  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
22:28:01.0081 0x1570  viaide - ok
22:28:01.0127 0x1570  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:28:01.0129 0x1570  volmgr - ok
22:28:01.0215 0x1570  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:28:01.0221 0x1570  volmgrx - ok
22:28:01.0266 0x1570  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:28:01.0271 0x1570  volsnap - ok
22:28:01.0275 0x1570  vpnva - ok
22:28:01.0307 0x1570  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:28:01.0310 0x1570  vsmraid - ok
22:28:01.0375 0x1570  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
22:28:01.0399 0x1570  VSS - ok
22:28:01.0480 0x1570  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
22:28:01.0490 0x1570  W32Time - ok
22:28:01.0533 0x1570  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:28:01.0534 0x1570  WacomPen - ok
22:28:01.0555 0x1570  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
22:28:01.0557 0x1570  Wanarp - ok
22:28:01.0561 0x1570  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:28:01.0565 0x1570  Wanarpv6 - ok
22:28:01.0647 0x1570  [ 779F9C90D3FE9C70B6FFD8EF035F3E83, 4E38026BA53139B4A10D5E8F00413FAF442A2A42FE1388FCF2155F07BE826750 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
22:28:01.0654 0x1570  WcesComm - ok
22:28:01.0697 0x1570  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:28:01.0710 0x1570  wcncsvc - ok
22:28:01.0746 0x1570  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:28:01.0753 0x1570  WcsPlugInService - ok
22:28:01.0817 0x1570  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
22:28:01.0818 0x1570  Wd - ok
22:28:01.0935 0x1570  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:28:01.0945 0x1570  Wdf01000 - ok
22:28:01.0990 0x1570  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:28:01.0997 0x1570  WdiServiceHost - ok
22:28:02.0005 0x1570  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:28:02.0013 0x1570  WdiSystemHost - ok
22:28:02.0089 0x1570  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
22:28:02.0098 0x1570  WebClient - ok
22:28:02.0138 0x1570  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:28:02.0146 0x1570  Wecsvc - ok
22:28:02.0215 0x1570  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:28:02.0222 0x1570  wercplsupport - ok
22:28:02.0303 0x1570  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:28:02.0311 0x1570  WerSvc - ok
22:28:02.0375 0x1570  [ CB79207A1E4F697533678B7DF0C91648, CE132852070BDAF9B95513E88A7214FA2D927FDF25258F5F5D0DEBD6A46462CB ] WinFLAdrv       C:\Windows\system32\WinFLAdrv.sys
22:28:02.0381 0x1570  WinFLAdrv - ok
22:28:02.0384 0x1570  WinHttpAutoProxySvc - ok
22:28:02.0518 0x1570  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:28:02.0522 0x1570  Winmgmt - ok
22:28:02.0619 0x1570  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
22:28:02.0646 0x1570  WinRM - ok
22:28:02.0687 0x1570  [ 676F4B665BDD8053EAA53AC1695B8074, 98521FCB6B6B33DD8BF38A703745053481681C7981DFE5A59116D6BDE187D6F6 ] winusb          C:\Windows\system32\DRIVERS\winusb.sys
22:28:02.0689 0x1570  winusb - ok
22:28:02.0693 0x1570  WinVDEDrv - ok
22:28:02.0733 0x1570  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:28:02.0747 0x1570  Wlansvc - ok
22:28:02.0850 0x1570  [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:28:02.0878 0x1570  wlidsvc - ok
22:28:02.0917 0x1570  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
22:28:02.0919 0x1570  WmiAcpi - ok
22:28:02.0954 0x1570  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:28:02.0957 0x1570  wmiApSrv - ok
22:28:03.0026 0x1570  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
22:28:03.0042 0x1570  WMPNetworkSvc - ok
22:28:03.0107 0x1570  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:28:03.0115 0x1570  WPCSvc - ok
22:28:03.0170 0x1570  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:28:03.0177 0x1570  WPDBusEnum - ok
22:28:03.0245 0x1570  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
22:28:03.0247 0x1570  WpdUsb - ok
22:28:03.0446 0x1570  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:28:03.0461 0x1570  WPFFontCache_v0400 - ok
22:28:03.0518 0x1570  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:28:03.0520 0x1570  ws2ifsl - ok
22:28:03.0524 0x1570  WSearch - ok
22:28:03.0629 0x1570  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:28:03.0670 0x1570  wuauserv - ok
22:28:03.0718 0x1570  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:28:03.0721 0x1570  WudfPf - ok
22:28:03.0759 0x1570  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:28:03.0762 0x1570  WUDFRd - ok
22:28:03.0797 0x1570  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:28:03.0805 0x1570  wudfsvc - ok
22:28:03.0816 0x1570  ================ Scan global ===============================
22:28:03.0839 0x1570  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
22:28:03.0891 0x1570  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
22:28:03.0958 0x1570  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
22:28:04.0024 0x1570  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
22:28:04.0034 0x1570  [ Global ] - ok
22:28:04.0034 0x1570  ================ Scan MBR ==================================
22:28:04.0099 0x1570  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
22:28:04.0620 0x1570  \Device\Harddisk0\DR0 - ok
22:28:04.0620 0x1570  ================ Scan VBR ==================================
22:28:04.0623 0x1570  [ 7C7E9249E69BD420B5A8CC30BBD10143 ] \Device\Harddisk0\DR0\Partition1
22:28:04.0666 0x1570  \Device\Harddisk0\DR0\Partition1 - ok
22:28:04.0669 0x1570  [ AA8BA382C734AC267F0BC5E1330238EC ] \Device\Harddisk0\DR0\Partition2
22:28:04.0706 0x1570  \Device\Harddisk0\DR0\Partition2 - ok
22:28:04.0707 0x1570  ================ Scan generic autorun ======================
22:28:04.0778 0x1570  [ C111FFD56FF6F5E15266A55057487102, A27B293E424434DEF6004A2C890ABF65C7E1A889B642035C58ACE090653038EA ] C:\Program Files\DellTPad\Apoint.exe
22:28:04.0783 0x1570  Apoint - ok
22:28:04.0875 0x1570  [ 8D703E1BCF8389C155E00DF652545E4C, 02045665B0BBAEE96FD64C1D3AF30A390D7A58347AB3D38E0EF8A08063339DD0 ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
22:28:04.0878 0x1570  StartCCC - ok
22:28:04.0900 0x1570  [ 4AB05041D5C922B9A7A5D9059F5538CD, 554885535DB523D25DBDB43FBA9384B8E4EC9DF79B02F3B9FFDE3C498106D463 ] C:\Windows\WindowsMobile\wmdSync.exe
22:28:04.0903 0x1570  Windows Mobile-based device management - ok
22:28:05.0045 0x1570  [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
22:28:05.0046 0x1570  APSDaemon - ok
22:28:05.0123 0x1570  [ 900633A911F86D7F941B3089EAFD6D15, 0DFB096B65F248D962DEBA0D35B85F27A1B65616E920C1075A87F6F64D6600B7 ] C:\Program Files\T-Home\Dialerschutz-Software\Defender.exe
22:28:05.0147 0x1570  T-Home Dialerschutz-Software - ok
22:28:05.0272 0x1570  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
22:28:05.0289 0x1570  Adobe ARM - ok
22:28:05.0363 0x1570  [ 700ECB8DB6B0FCE5C077438D2C4485D5, 35E25C018E552C76474C3D384ED74D982476C4A47C39BB45A1E38F7B054B387E ] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
22:28:05.0372 0x1570  DivXMediaServer - ok
22:28:05.0472 0x1570  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
22:28:05.0478 0x1570  SunJavaUpdateSched - ok
22:28:05.0541 0x1570  [ 66FE0B9C332A513D5FB5D6279F19F662, 4691BFE34D51843C97658643283716B15556F27314D36BA4045A83B4B747F0A5 ] C:\Program Files\IDT\WDM\sttray.exe
22:28:05.0549 0x1570  SysTrayApp - ok
22:28:05.0685 0x1570  [ 16AFB34618E1286FF856DC600AC49C79, 431EC110507685A0F4472EAE35383B4C1E3DC0B56E01CDECFB18F753181DC995 ] C:\Program Files\DivX\DivX Update\DivXUpdate.exe
22:28:05.0717 0x1570  DivXUpdate - ok
22:28:05.0799 0x1570  [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files\QuickTime\QTTask.exe
22:28:05.0806 0x1570  QuickTime Task - ok
22:28:05.0885 0x1570  [ 4B555106290BD117334E9A08761C035A, 8A3808FBC197040BF0C65084514E8441E35FFFF8E31980F9CE1F41ED65E08437 ] C:\Windows\system32\rundll32.exe
22:28:05.0891 0x1570  B Register C:\Program Files\DivX\DivX Transcode Engine\plugins\mc_demux_mp2_ds.ax - ok
22:28:05.0967 0x1570  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
22:28:05.0988 0x1570  Sidebar - ok
22:28:05.0993 0x1570  WindowsWelcomeCenter - ok
22:28:06.0067 0x1570  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
22:28:06.0088 0x1570  Sidebar - ok
22:28:06.0093 0x1570  WindowsWelcomeCenter - ok
22:28:06.0742 0x1570  [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
22:28:06.0745 0x1570  ehTray.exe - ok
22:28:07.0298 0x1570  [ 9EB925EDC8CF1C3D06E50E9348B54A0A, 99C1F8D40A65E1F4975B0D1180B3056712832E0E8FBE829785FDD505B6222AEA ] C:\Users\Fireboarder\AppData\Local\Facebook\Update\FacebookUpdate.exe
22:28:07.0301 0x1570  Facebook Update - ok
22:28:07.0395 0x1570  [ 3B6060D03FE2D982AC7F4C2CE1D4FD76, C836E0261490441AD773C821C9E9A9746ED052304A1DAF477674559ECC054D6B ] C:\Users\Fireboarder\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
22:28:07.0416 0x1570  Spotify Web Helper - ok
22:28:07.0418 0x1570  DriverTurbo - ok
22:28:07.0422 0x1570  WinFLTray - ok
22:28:07.0674 0x1570  FLBackup - ok
22:28:07.0683 0x1570  AV detected via SS2: Norton 360 Online, C:\Program Files\Norton 360\Engine\6.4.1.14\WSCStub.exe ( 19.9.0.0 ), 0x50010 ( disabled : outofdate )
22:28:07.0687 0x1570  FW detected via SS2: Norton 360 Online, C:\Program Files\Norton 360\Engine\6.4.1.14\WSCStub.exe ( 19.9.0.0 ), 0x50010 ( disabled )
22:28:07.0692 0x1570  Win FW state via NFP2: enabled
22:28:10.0050 0x1570  ============================================================
22:28:10.0050 0x1570  Scan finished
22:28:10.0050 0x1570  ============================================================
22:28:10.0056 0x1070  Detected object count: 0
22:28:10.0056 0x1070  Actual detected object count: 0
22:30:24.0763 0x0c74  Deinitialize success
         


Alt 02.07.2014, 14:48   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus) - Standard

Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)



Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
--> Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)

Alt 02.07.2014, 14:52   #7
fireboarder
 
Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus) - Standard

Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)



Habe seit sieben Tagen keine weiteren Scans gemacht.

Nur wie oben beschrieben die zwei mit Malware-Bytes (mehrere Funde und in Quarantäne geschoben), einen mit TDSS Killer (glaube mich daran zu erinnern:keine Funde) und zwei Systemvollscans mit Norton Security (keine Funde).

Alt 02.07.2014, 15:07   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus) - Standard

Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)



Bitte die Logs mit Funden von MBAM posten
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 02.07.2014, 15:22   #9
fireboarder
 
Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus) - Standard

Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)



Bin mir nicht sicher, aber meinst du hier? Andere habe ich nicht gefunden ?!


Nummer eins

Code:
ATTFilter
  <?xml version="1.0" encoding="UTF-8" ?> 
- <logs>
  <record severity="debug" LoggingEventType="2" datetime="2014-07-02T14:54:46.212853+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="3fcb3aa5-1677-416b-a75a-9e1225b16e5d" result="Starting" subtype="Malware Protection" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-07-02T14:54:46.218853+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="296537be-6db4-49df-898b-62dc590c1363" result="Started" subtype="Malware Protection" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-07-02T14:54:46.243853+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="e69495c4-4f97-45a7-870c-894b1fe16ec0" result="Starting" subtype="Malicious Website Protection" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-07-02T14:54:46.311853+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="f0118af3-a6e8-4a93-88a9-bf89cfc61eb9" result="Failed" subtype="Malicious Website Protection" /> 
  <record severity="debug" LoggingEventType="4" datetime="2014-07-02T14:54:46.316853+02:00" source="Protection" type="Error" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="30117850-00d8-466e-8f3c-7a050286411a" code="3221225473" message="MWAC::CreateList - Block List" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-07-02T14:56:09.250853+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="79eb9155-e774-4ef2-bc7e-12e9c9c8ff86" result="Stopping" subtype="Malware Protection" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-07-02T14:56:09.642853+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="8428fcf3-dc4c-4f9c-9991-4c801048c6da" result="Stopped" subtype="Malware Protection" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-07-02T16:10:29.363653+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="88c13e79-0ba1-4238-89df-4e2b6e6104d4" result="Starting" subtype="Malware Protection" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-07-02T16:10:29.368653+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="75f4e802-8a63-41ae-a687-9b8ae25e26fa" result="Started" subtype="Malware Protection" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-07-02T16:10:29.404653+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="1b663574-f899-4b37-a300-beeb9193fc97" result="Starting" subtype="Malicious Website Protection" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-07-02T16:10:29.507653+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="6f2aeacc-5d18-4723-8c5a-335ac6553017" result="Failed" subtype="Malicious Website Protection" /> 
  <record severity="debug" LoggingEventType="4" datetime="2014-07-02T16:10:29.512653+02:00" source="Protection" type="Error" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="c7fd94ec-eee1-4899-80ee-9dbd10b861c4" code="3221225473" message="MWAC::CreateList - Block List" /> 
  </logs>
         
Nummer zwei

Code:
ATTFilter
  <?xml version="1.0" encoding="UTF-8" ?> 
- <logs>
  <record severity="debug" LoggingEventType="2" datetime="2014-06-27T18:40:32.859600+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="d4b400fd-4bb3-4537-a038-53c61357d538" result="Starting" subtype="Malware Protection" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-06-27T18:40:33.052600+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="0d0a3bff-cbb0-4e88-a1c8-4f1afdcdd890" result="Started" subtype="Malware Protection" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-06-27T18:40:33.152600+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="29e22b24-5f08-4da8-9511-47a3dae12ff8" result="Starting" subtype="Malicious Website Protection" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-06-27T18:40:34.643600+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="3563791f-fd16-45f6-bf67-ce8c8418f824" result="Failed" subtype="Malicious Website Protection" /> 
  <record severity="debug" LoggingEventType="4" datetime="2014-06-27T18:40:34.648600+02:00" source="Protection" type="Error" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="9739ab06-cd71-4b35-a5ec-745bfda5f3cb" code="3221225473" message="MWAC::CreateList - Block List" /> 
  <record severity="debug" LoggingEventType="1" datetime="2014-06-27T18:40:39.604600+02:00" source="Manual" type="Update" username="SYSTEM" systemname="FIREBOARDERS-PC" fromVersion="2014.2.20.1" last_modified_tag="481e22c8-b5b2-4c08-a0e7-4e210e2e761f" name="Rootkit Database" toVersion="2014.6.23.2" /> 
  <record severity="debug" LoggingEventType="1" datetime="2014-06-27T18:41:14.663600+02:00" source="Manual" type="Update" username="SYSTEM" systemname="FIREBOARDERS-PC" fromVersion="2014.3.4.9" last_modified_tag="f4f34c03-15dc-45f9-98b8-e92848fa1a29" name="Malware Database" toVersion="2014.6.27.6" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-06-27T18:41:15.945600+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="5abfe128-d500-4db0-a2ef-a485206211e3" result="Starting" subtype="Refresh" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-06-27T18:41:20.764600+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="d02c2d98-1453-4308-ae98-2370e1f3babe" result="Success" subtype="Refresh" /> 
  <record severity="debug" LoggingEventType="1" datetime="2014-06-27T19:02:30.005000+02:00" source="Manual" type="Update" username="SYSTEM" systemname="FIREBOARDERS-PC" fromVersion="2014.6.27.6" last_modified_tag="964a19f1-268b-40ab-8865-95fba49236d0" name="Malware Database" toVersion="2014.6.27.7" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-06-27T19:03:02.533400+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="f83dbd63-a584-4d40-8727-db9bdf3a9bb7" result="Starting" subtype="Refresh" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-06-27T19:03:32.020400+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="5f7258e0-5ac8-458a-b365-998765301ad1" result="Success" subtype="Refresh" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-06-27T19:10:58.486400+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="106fa751-2bc6-4c22-a738-723d45165fa1" result="Stopping" subtype="Malware Protection" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-06-27T19:10:58.873400+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="b7c2b163-c31c-4e37-8f75-7c72fe7d419c" result="Stopped" subtype="Malware Protection" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-06-27T19:12:31.275000+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="b2853025-709e-41ec-bd74-06835d338a22" result="Starting" subtype="Malware Protection" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-06-27T19:12:31.275000+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="7df37b73-93af-4300-a5c7-5e01900f099c" result="Started" subtype="Malware Protection" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-06-27T19:12:31.321800+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="d767bf83-e05a-466d-bcb1-776fb4d09e25" result="Starting" subtype="Malicious Website Protection" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-06-27T19:12:31.415400+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="3f560314-6aa0-435a-94e2-4a844f6eca17" result="Failed" subtype="Malicious Website Protection" /> 
  <record severity="debug" LoggingEventType="4" datetime="2014-06-27T19:12:31.415400+02:00" source="Protection" type="Error" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="503388b8-8d7c-4bd5-b98c-792e4dbb525d" code="3221225473" message="MWAC::CreateList - Block List" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-06-27T19:27:17.058800+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="20b4c5c6-29fc-48a5-953a-92b734976793" result="Stopping" subtype="Malware Protection" /> 
  <record severity="debug" LoggingEventType="2" datetime="2014-06-27T19:27:50.817200+02:00" source="Protection" type="Protection" username="SYSTEM" systemname="FIREBOARDERS-PC" last_modified_tag="886c8a67-27a3-4881-8a07-319ae5369785" result="Stopped" subtype="Malware Protection" /> 
  </logs>
         

Alt 02.07.2014, 15:23   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus) - Standard

Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)



Bitte NICHT als XML sondern als TXT Format
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 02.07.2014, 15:29   #11
fireboarder
 
Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus) - Standard

Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)



Sorry...!

Nummer eins

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 02.07.2014 14:54:46, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Starting, 
Protection, 02.07.2014 14:54:46, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Started, 
Protection, 02.07.2014 14:54:46, SYSTEM, FIREBOARDERS-PC, Protection, Malicious Website Protection, Starting, 
Protection, 02.07.2014 14:54:46, SYSTEM, FIREBOARDERS-PC, Protection, Malicious Website Protection, Failed, 
Error, 02.07.2014 14:54:46, SYSTEM, FIREBOARDERS-PC, Protection, MWAC::CreateList - Block List, 3221225473, 
Protection, 02.07.2014 14:56:09, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Stopping, 
Protection, 02.07.2014 14:56:09, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Stopped, 
Protection, 02.07.2014 16:10:29, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Starting, 
Protection, 02.07.2014 16:10:29, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Started, 
Protection, 02.07.2014 16:10:29, SYSTEM, FIREBOARDERS-PC, Protection, Malicious Website Protection, Starting, 
Protection, 02.07.2014 16:10:29, SYSTEM, FIREBOARDERS-PC, Protection, Malicious Website Protection, Failed, 
Error, 02.07.2014 16:10:29, SYSTEM, FIREBOARDERS-PC, Protection, MWAC::CreateList - Block List, 3221225473, 

(end)
         

Nummer zwei

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 27.06.2014 18:40:32, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Starting, 
Protection, 27.06.2014 18:40:33, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Started, 
Protection, 27.06.2014 18:40:33, SYSTEM, FIREBOARDERS-PC, Protection, Malicious Website Protection, Starting, 
Protection, 27.06.2014 18:40:34, SYSTEM, FIREBOARDERS-PC, Protection, Malicious Website Protection, Failed, 
Error, 27.06.2014 18:40:34, SYSTEM, FIREBOARDERS-PC, Protection, MWAC::CreateList - Block List, 3221225473, 
Update, 27.06.2014 18:40:39, SYSTEM, FIREBOARDERS-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.6.23.2, 
Update, 27.06.2014 18:41:14, SYSTEM, FIREBOARDERS-PC, Manual, Malware Database, 2014.3.4.9, 2014.6.27.6, 
Protection, 27.06.2014 18:41:15, SYSTEM, FIREBOARDERS-PC, Protection, Refresh, Starting, 
Protection, 27.06.2014 18:41:20, SYSTEM, FIREBOARDERS-PC, Protection, Refresh, Success, 
Update, 27.06.2014 19:02:30, SYSTEM, FIREBOARDERS-PC, Manual, Malware Database, 2014.6.27.6, 2014.6.27.7, 
Protection, 27.06.2014 19:03:02, SYSTEM, FIREBOARDERS-PC, Protection, Refresh, Starting, 
Protection, 27.06.2014 19:03:32, SYSTEM, FIREBOARDERS-PC, Protection, Refresh, Success, 
Protection, 27.06.2014 19:10:58, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Stopping, 
Protection, 27.06.2014 19:10:58, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Stopped, 
Protection, 27.06.2014 19:12:31, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Starting, 
Protection, 27.06.2014 19:12:31, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Started, 
Protection, 27.06.2014 19:12:31, SYSTEM, FIREBOARDERS-PC, Protection, Malicious Website Protection, Starting, 
Protection, 27.06.2014 19:12:31, SYSTEM, FIREBOARDERS-PC, Protection, Malicious Website Protection, Failed, 
Error, 27.06.2014 19:12:31, SYSTEM, FIREBOARDERS-PC, Protection, MWAC::CreateList - Block List, 3221225473, 
Protection, 27.06.2014 19:27:17, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Stopping, 
Protection, 27.06.2014 19:27:50, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Stopped, 

(end)
         

Alt 02.07.2014, 15:33   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus) - Standard

Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)



Die Dinger hast du doch schon am Anfang gepostet. Das sind nicht die Logs mit Funden die ich meinte, denn das sind Protection Logs!

Die Logs die ich sehen will, sind die Logs durch deine selbst angestoßenen Suchläufe
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 02.07.2014, 15:43   #13
fireboarder
 
Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus) - Standard

Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)



Hatte mich schon gewundert warum du die nochmals sehen willst. Habe allerdings keine anderen Log-Dateien gefunden?!

Habe auch unter C:Programme, etc. und C:ProgramData, etc. geschaut aber nichts gefunden. Allerdings habe ich ja zwei Scans gemacht und es wurden auch Dateien in die Quarantäne verschoben. Im Programm selber kann ich eine Liste der verschobenen Dateien aufrufen aber nicht in eine txt-Datei exportieren.

Mein Layout von MBAM ist auch anders als hier im Forum dargestellt. Schicke anbei mal einen Screenshot vom Layout und von der Quarantäne-Liste.
Sorry habe echt keine Ahnung wie ich die anderen Logs jetzt finden soll.
Miniaturansicht angehängter Grafiken
Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)-mbam-liste.jpg   Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)-malware-layout.jpg  

Alt 02.07.2014, 23:27   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus) - Standard

Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)



Einfach mal auf "Anwendungsprotokolle" klicken...
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 03.07.2014, 08:39   #15
fireboarder
 
Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus) - Standard

Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)



Da sind nur die, die ich oben schon gepostet habe.

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 02.07.2014 14:54:46, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Starting, 
Protection, 02.07.2014 14:54:46, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Started, 
Protection, 02.07.2014 14:54:46, SYSTEM, FIREBOARDERS-PC, Protection, Malicious Website Protection, Starting, 
Protection, 02.07.2014 14:54:46, SYSTEM, FIREBOARDERS-PC, Protection, Malicious Website Protection, Failed, 
Error, 02.07.2014 14:54:46, SYSTEM, FIREBOARDERS-PC, Protection, MWAC::CreateList - Block List, 3221225473, 
Protection, 02.07.2014 14:56:09, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Stopping, 
Protection, 02.07.2014 14:56:09, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Stopped, 
Protection, 02.07.2014 16:10:29, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Starting, 
Protection, 02.07.2014 16:10:29, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Started, 
Protection, 02.07.2014 16:10:29, SYSTEM, FIREBOARDERS-PC, Protection, Malicious Website Protection, Starting, 
Protection, 02.07.2014 16:10:29, SYSTEM, FIREBOARDERS-PC, Protection, Malicious Website Protection, Failed, 
Error, 02.07.2014 16:10:29, SYSTEM, FIREBOARDERS-PC, Protection, MWAC::CreateList - Block List, 3221225473, 
Update, 02.07.2014 16:30:17, SYSTEM, FIREBOARDERS-PC, Scheduler, Rootkit Database, 2014.6.23.2, 2014.7.1.1, 
Update, 02.07.2014 16:30:34, SYSTEM, FIREBOARDERS-PC, Scheduler, Malware Database, 2014.6.27.7, 2014.7.2.3, 
Protection, 02.07.2014 16:30:35, SYSTEM, FIREBOARDERS-PC, Protection, Refresh, Starting, 
Protection, 02.07.2014 16:30:40, SYSTEM, FIREBOARDERS-PC, Protection, Refresh, Success, 
Update, 02.07.2014 17:21:24, SYSTEM, FIREBOARDERS-PC, Scheduler, Malware Database, 2014.7.2.3, 2014.7.2.4, 
Protection, 02.07.2014 17:21:34, SYSTEM, FIREBOARDERS-PC, Protection, Refresh, Starting, 
Protection, 02.07.2014 17:21:58, SYSTEM, FIREBOARDERS-PC, Protection, Refresh, Success, 
Protection, 02.07.2014 18:07:54, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Stopping, 
Protection, 02.07.2014 18:08:17, SYSTEM, FIREBOARDERS-PC, Protection, Malware Protection, Stopped, 

(end)
         

Geändert von fireboarder (03.07.2014 um 08:49 Uhr) Grund: Rechtschreibfehler

Antwort

Themen zu Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)
autostart, browser, computer, dateien, failed, fehlermeldung, folge, frage, funktioniert nicht, funktioniert nicht mehr, google, log, malwarebytes, problem, programm, redirect google virus, refresh, required, rootkit, surfen, tan, tdss, umgeleitet, umleitung, vista, weiterleitung, werbung, windows, windows vista



Ähnliche Themen: Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)


  1. Windows 7 Prof SP1: Ständig Umleitung auf Umfrage- und Werbeseiten
    Log-Analyse und Auswertung - 12.11.2015 (32)
  2. Google Redirect Virus entfernen bei Windows 8
    Log-Analyse und Auswertung - 07.06.2015 (5)
  3. Redirect auf Werbeseiten im Internet explorer mit Windows 8.1
    Log-Analyse und Auswertung - 17.02.2015 (3)
  4. Windows 8: Werbetafeln auf Webseiten und Umleitung auf Werbeseiten
    Log-Analyse und Auswertung - 21.05.2014 (13)
  5. Ständige Umleitung. Google Redirect??
    Plagegeister aller Art und deren Bekämpfung - 03.04.2014 (11)
  6. Windows-XP Google Redirect Virus?
    Plagegeister aller Art und deren Bekämpfung - 15.02.2014 (27)
  7. Umleitung von Google-Links auf Werbeseiten
    Log-Analyse und Auswertung - 31.08.2013 (29)
  8. Firefox: Bei Anklicken von Links nach Google-Suche erfolgt Umleitung auf Werbeseiten
    Log-Analyse und Auswertung - 12.07.2013 (13)
  9. Blekko-Virus (Google-Redirect) auf Windows XP Pc
    Plagegeister aller Art und deren Bekämpfung - 16.01.2013 (26)
  10. BOO/TDss im Masterboot und Google Redirect Virus - windows fährt runter
    Log-Analyse und Auswertung - 28.06.2012 (1)
  11. Google Redirect Virus unter Vista
    Plagegeister aller Art und deren Bekämpfung - 30.12.2011 (13)
  12. goingonearth virus - umleitung auf werbeseiten, windows sicherheitscenter deaktiviert
    Plagegeister aller Art und deren Bekämpfung - 12.08.2011 (11)
  13. Befall Goingonearth Virus - Umleitung auf Werbeseiten
    Plagegeister aller Art und deren Bekämpfung - 05.08.2011 (32)
  14. Google-Umleitung auf Werbeseiten über 100ksearches.com
    Plagegeister aller Art und deren Bekämpfung - 14.07.2011 (1)
  15. TROJANER GOOGLE Umleitung Redirect
    Log-Analyse und Auswertung - 14.04.2011 (28)
  16. Google Virus mit Umleitung auf Werbeseiten
    Plagegeister aller Art und deren Bekämpfung - 09.09.2010 (5)
  17. Google Redirect / Umleitung bei jeder Suche - Rootkit?
    Log-Analyse und Auswertung - 18.01.2010 (4)

Zum Thema Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus) - Hallo zusammen, meine Name ist David und ich habe seit circa 2-3 Wochen das Problem, dass ich andauernd beim surfen auf Werbeseiten umgeleitet werde, wenn ich Google-Ergebnisse aufrufen möchte oder - Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus)...
Archiv
Du betrachtest: Windows Vista: Umleitung auf Werbeseiten (Google Redirect-Virus) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.