Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: userinit.exe Verdacht auf Virenbefall im Netzwerk

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 07.10.2014, 14:54   #1
baschi35
 
userinit.exe Verdacht auf Virenbefall im Netzwerk - Standard

userinit.exe Verdacht auf Virenbefall im Netzwerk



Hallo liebes Trojaner-Board.de Team,
die Maildomain eines Kunden wurde vor geraumer Zeit Blacklisted. Als Grund wurde eine Zeus Bot im Netzwerk genannt. Dieser konnten wir leider nicht ausfindig machen, da wir keine Logs zu den Verbindungen hatten. Ein daraufhin erzeugter Wireshark Log für den Zeitraum eines Tages, hat auch zu keinem Ergebnis geführt. Vermutlich hatte der Botnet schon wieder seine Domain gewechselt.

Nun hat der Kunde von seiner Bank einen Anruf bekommen, dass sein Computer mit Viren befallen sei. Einen Scan auf dem Computer mittels Symantec Endpoint Protection ergab keine Treffer. Daraufhin habe ich eine Hijackedthis Log erstellt den ich eingefügt habe. Bei von mir verdächtigten Dateien, steht ein "-verdacht-" daneben.
Vielen Dank

Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:57:09, on 07.10.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.17088)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Users\HPfeiffer\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe -verdacht-
O2 - BHO: Symantec Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\bin\IPS\IPSBHO.DLL
O2 - BHO: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [openvpn-gui] C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-21-3780654223-2227029125-2963824452-1166\..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe" (User 'Hxxx')
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = pxx.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = pxx.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = pxx.local
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EmbassyService - Unknown owner - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe
O23 - Service: OpenVPN Interactive Service (OpenVPNServiceInteractive) - Unknown owner - C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe
O23 - Service: Dell PBA x64 Service (PbaDrvSvc_x64) - Unknown owner - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RIB License Server (RIB.License.Server) - RIB Software AG - C:\Program Files (x86)\RIB\License\RIB.License.Server.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) -verdacht-
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) -verdacht-
O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
O23 - Service: Symantec Endpoint Protection (SepMasterService) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe
O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\snac64.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SI TSS v1.2.1.41 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe
O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) -verdacht-
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Wave Authentication Manager Service - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WvPCR - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe

--
End of file - 14291 bytes
         

Alt 07.10.2014, 15:45   #2
schrauber
/// the machine
/// TB-Ausbilder
 

userinit.exe Verdacht auf Virenbefall im Netzwerk - Standard

userinit.exe Verdacht auf Virenbefall im Netzwerk



Hi,

definier bitte erstmal das Wort "Kunde".
__________________

__________________

Alt 08.10.2014, 08:03   #3
baschi35
 
userinit.exe Verdacht auf Virenbefall im Netzwerk - Standard

userinit.exe Verdacht auf Virenbefall im Netzwerk



Hi,

Kunde ist hier wohl der falsche Ausdruck. Ich helfe einem Kumpel der ein kleines Gewerbe hat. Dieser frägt mich ab und an, ob ich untestützen kann, wenn er mal nicht weiter kommt. Er versucht viel selbst zu machen, alles kann er eben nun auch nicht. Aber wofür sind Freunde da . ..Ich dachte ich spare mal eben ein paar Textzeilen mit der Umschreibung Kunde.
Falls wir/er hier hilfe bekommt, ist er selbstverständlich auch bereit 50€ zu spenden.
__________________

Alt 08.10.2014, 16:37   #4
schrauber
/// the machine
/// TB-Ausbilder
 

userinit.exe Verdacht auf Virenbefall im Netzwerk - Standard

userinit.exe Verdacht auf Virenbefall im Netzwerk



here we go:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.10.2014, 09:13   #5
baschi35
 
userinit.exe Verdacht auf Virenbefall im Netzwerk - Standard

userinit.exe Verdacht auf Virenbefall im Netzwerk



Hallo Meister ,
hier die angeforderten Logs, diesmal als Admin ausgeführt. Nicht als User mit Admin Rechten.
Ist HijackThis kein aktuelles Tool mehr, mit dem gearbeitet wird? Also aus dem Trend gekommen?
Erkennt es bestimmte Schadsoftware nicht beim Scan?

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-10-2014 01
Ran by admin (administrator) on PSAND005 on 10-10-2014 08:29:44
Running from C:\Users\Admin\Downloads
Loaded Profile: admin (Available profiles: admin & xx)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe
() C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
(RIB Software AG) C:\Program Files (x86)\RIB\License\RIB.License.Server.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Authentec Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Desktop.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe [2907240 2011-07-21] (Realtek Semiconductor Corp.)
HKLM\...\Run: [TdmNotify] => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [370584 2012-11-08] (Wave Systems Corp.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-10-16] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284480 2012-05-30] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2013-09-03] (Adobe Systems Inc.)
HKLM-x32\...\Run: [openvpn-gui] => C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe [406112 2012-10-15] ()
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (Authentec Inc.)
HKU\S-1-5-21-3780654223-2227029125-2963824452-1163\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-04-13] (Google Inc.)
Lsa: [Authentication Packages] msv1_0 wvauth
ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)
ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll (Wave Systems Corp.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF8E243AADFDECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {D2B67C78-B37F-4E1C-AB15-4DDBFEED4087} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDRJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {D2B67C78-B37F-4E1C-AB15-4DDBFEED4087} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDRJS
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Symantec Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\bin\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.254

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-04-03]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\IPSFF
FF Extension: Symantec Vulnerability Protection - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\IPSFF [2014-03-19]

Chrome: 
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-11]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-11]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-11]
CHR Extension: (Google-Suche) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-11]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-11]
CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 EmbassyService; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe [225720 2012-11-20] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166432 2012-10-23] (Intel Corporation)
S3 OpenVPNService; C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [57952 2012-10-15] ()
R2 OpenVPNServiceInteractive; C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe [57952 2012-10-15] ()
R2 PbaDrvSvc_x64; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe [20480 2012-11-23] () [File not signed]
R2 RIB.License.Server; C:\Program Files (x86)\RIB\License\RIB.License.Server.exe [702280 2010-10-22] (RIB Software AG)
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe [144368 2014-03-18] (Symantec Corporation)
R3 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe [2377984 2014-03-18] (Symantec Corporation)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\snac64.exe [334736 2014-03-18] (Symantec Corporation)
S2 tcsd_win32.exe; C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe [1643520 2012-05-11] () [File not signed]
R2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1758720 2012-11-19] (Wave Systems Corp.) [File not signed]
S2 WvPCR; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe [254384 2012-11-08] (Wave Systems Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\BASHDefs\20140925.013\BHDrvx64.sys [1586904 2014-10-06] (Symantec Corporation)
R1 ccSettings_{B1B5C4BC-65F0-4679-B31C-7B031940DC2E}; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\ccSetx64.sys [169048 2014-03-18] (Symantec Corporation)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [39016 2012-09-23] (Dell Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\IPSDefs\20141009.011\IDSvia64.sys [525016 2014-08-25] (Symantec Corporation)
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHD64.sys [3708776 2012-02-08] (Realtek Semiconductor Corp.)
R3 NAVENG; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20141009.001\ENG64.SYS [129752 2014-10-06] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20141009.001\EX64.SYS [2137304 2014-10-06] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SRTSP64.SYS [797272 2014-03-18] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SRTSPX64.SYS [36952 2014-03-18] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMDS64.SYS [493656 2014-03-18] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMEFA64.SYS [1147480 2014-03-18] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-03-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\Ironx64.SYS [224856 2014-03-18] (Symantec Corporation)
R1 SYMNETS; C:\Windows\System32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMNETS.SYS [437336 2014-03-18] (Symantec Corporation)
R1 Teefer2; C:\Windows\System32\DRIVERS\Teefer.sys [92456 2014-03-18] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-10 08:29 - 2014-10-10 08:30 - 00018280 _____ () C:\Users\Admin\Downloads\FRST.txt
2014-10-10 08:29 - 2014-10-10 08:29 - 00000000 ____D () C:\FRST
2014-10-10 08:28 - 2014-10-10 08:28 - 02109952 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2014-10-07 11:57 - 2014-10-07 11:57 - 00014293 _____ () C:\Users\xx\Downloads\hijackthis.log
2014-10-07 11:54 - 2014-10-07 11:55 - 00014492 _____ () C:\Users\xx\Downloads\SystemTrayProzesseNichtBeendet_hijackthis.log
2014-10-07 11:54 - 2014-10-07 11:54 - 00388608 _____ (Trend Micro Inc.) C:\Users\yy\Downloads\HijackThis.exe
2014-09-25 10:42 - 2014-09-25 10:42 - 00000000 _____ () C:\Users\yy\AppData\Roaming\defrsrv.lnk
2014-09-10 17:02 - 2014-08-17 06:00 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 17:02 - 2014-08-17 06:00 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 17:02 - 2014-08-17 05:59 - 19280384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 17:02 - 2014-08-17 05:59 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 17:02 - 2014-08-17 05:59 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 17:02 - 2014-08-17 05:59 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 17:02 - 2014-08-17 05:59 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 17:02 - 2014-08-17 05:58 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 17:02 - 2014-08-17 05:58 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 17:02 - 2014-08-17 05:58 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 17:02 - 2014-08-17 05:58 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 17:02 - 2014-08-17 05:58 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-10 17:02 - 2014-08-17 05:58 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 17:02 - 2014-08-17 05:58 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 17:02 - 2014-08-17 05:58 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 17:02 - 2014-08-17 05:58 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 17:02 - 2014-08-17 05:58 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-10 17:02 - 2014-08-17 05:58 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 17:02 - 2014-08-17 05:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 17:02 - 2014-08-17 05:58 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 17:02 - 2014-08-17 05:57 - 14369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 17:02 - 2014-08-17 05:57 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 17:02 - 2014-08-17 05:57 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 17:02 - 2014-08-17 05:57 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 17:02 - 2014-08-17 05:57 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 17:02 - 2014-08-17 05:57 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 17:02 - 2014-08-17 05:57 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 17:02 - 2014-08-17 05:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-10 17:02 - 2014-08-17 05:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 17:02 - 2014-08-17 05:57 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 17:02 - 2014-08-17 05:57 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 17:02 - 2014-08-17 05:57 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 17:02 - 2014-08-17 05:57 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 17:02 - 2014-08-17 05:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 17:02 - 2014-08-17 05:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-09-10 17:02 - 2014-08-17 05:57 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 17:02 - 2014-08-17 05:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 17:02 - 2014-08-17 05:57 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 17:02 - 2014-08-17 05:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 17:02 - 2014-08-16 09:25 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 17:02 - 2014-08-16 08:43 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 17:02 - 2014-08-16 08:34 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-10 17:02 - 2014-08-16 07:53 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-09-10 17:01 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 17:01 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 17:01 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 17:01 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 17:01 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-10 08:28 - 2013-04-03 23:13 - 01707509 _____ () C:\Windows\WindowsUpdate.log
2014-10-10 08:27 - 2014-09-04 20:19 - 00005014 _____ () C:\Windows\System32\Tasks\WSCEAA
2014-10-10 08:25 - 2013-11-11 15:05 - 00001034 __RSH () C:\Users\Admin\ntuser.pol
2014-10-10 08:25 - 2013-11-11 15:05 - 00000000 ____D () C:\Users\Admin
2014-10-10 08:25 - 2013-04-13 01:15 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-10 08:24 - 2013-04-15 12:09 - 00000160 _____ () C:\Windows\system32\config\netlogon.ftl
2014-10-10 08:06 - 2013-04-03 23:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-10 07:54 - 2013-04-13 01:15 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-07 17:11 - 2009-07-14 06:45 - 00021088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-07 17:11 - 2009-07-14 06:45 - 00021088 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-07 17:04 - 2013-11-11 15:31 - 00013582 _____ () C:\Windows\setupact.log
2014-10-07 17:04 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-07 14:55 - 2013-10-29 16:45 - 00000000 ____D () C:\Users\xx\AppData\Local\CrashDumps
2014-10-07 11:54 - 2013-04-15 12:36 - 00000000 ____D () C:\Users\xx\AppData\Local\VirtualStore
2014-10-02 11:04 - 2013-04-15 23:40 - 00000000 ____D () C:\ProgramData\Symantec
2014-09-25 03:56 - 2013-10-25 14:44 - 00002177 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-10 17:00 - 2013-04-13 01:16 - 00000000 ____D () C:\ProgramData\Microsoft Help

Some content of TEMP:
====================
C:\Users\xx\AppData\Local\Temp\{09E1598A-B2CF-4C81-A78C-D9816E211040}-GoogleEarth-Win-Bundle-7.1.2.2041.exe
C:\Users\xx\AppData\Local\Temp\{9B8C6695-EE7A-4E36-BC48-A0FED87DF724}-33.0.1750.149_33.0.1750.146_chrome_updater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-06 09:01

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-10-2014 01
Ran by admin at 2014-10-10 08:30:19
Running from C:\Users\Admin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Symantec Endpoint Protection (Disabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Symantec Endpoint Protection (Disabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Symantec Endpoint Protection (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat X Standard - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-BA7E-000000000005}) (Version: 10.1.8 - Adobe Systems)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.6.602.168 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARRIBA® CA3D 2013 (HKLM-x32\...\{AEFB8A70-82A9-4077-948A-DAF96D9D049C}) (Version: 26.0.0087 - RIB Software AG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CodeMeter Runtime Kit v4.20 (HKLM\...\{C0C33054-2D24-4971-8913-B89E32D7A7D3}) (Version: 4.20.264.500 - WIBU-SYSTEMS AG)
Custom (Version: 01.00.00.002 - Wave Systems Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{6BDEB2BD-7C8B-4734-9E2F-E9EDC9D6C844}) (Version:  - Microsoft)
Dell Backup and Recovery Manager (HKLM\...\{50B4B603-A4C6-4739-AE96-6C76A0F8A388}) (Version: 1.3.1 - Dell Inc.)
Dell Client System Update (HKLM-x32\...\{04566294-A6B6-4462-9721-031073EB3694}) (Version: 1.3.0 - Dell Inc.)
Dell Data Protection | Access (HKLM\...\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}) (Version: 2.3.00001.021 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
DellAccess (Version: 01.03.00.046 - Wave Systems Corp.) Hidden
EMBASSY Client Core (Version: 01.03.00.092 - Wave Systems Corp.) Hidden
ERAS Connector (Version: 02.09.05.0330 - Wave Systems Corp) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Gemalto (Version: 01.64.01.0010 - Wave Systems Corp) Hidden
GemPcCCID (Version: 2.0.1 - Gemalto) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.20.1337 - Intel Corporation)
Intel(R) Network Connections 17.3.63.0 (HKLM\...\PROSetDX) (Version: 17.3.63.0 - Intel)
Intel(R) Network Connections 17.3.63.0 (Version: 17.3.63.0 - Intel) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2639 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.2.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.6.245 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.26.242.3 - Intel Corporation) Hidden
iTunes (HKLM\...\{427174C0-096E-40D9-9684-9C109BEE2CBF}) (Version: 11.0.5.5 - Apple Inc.)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Octopus Desk UC Client (HKLM-x32\...\XPhone4) (Version: 4.2.2 - Deutsche Telekom AG)
Octopus Desk UC Client (x32 Version: 4.2.2 - Deutsche Telekom AG) Hidden
PBA Driver (Version: 1.0.1.7 - Dell Inc.) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Preboot Manager (Version: 03.05.00.026 - Wave Systems Corp.) Hidden
Private Information Manager (Version: 07.03.00.016 - Wave Systems Corp.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5907 - Realtek Semiconductor Corp.)
RIB Lizenzmanagement (HKLM-x32\...\{A0E547FF-4D1C-43E2-8F58-75BB61594732}) (Version: 11.41.0754 - RIB Software AG)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SI TSS (Version: 2.1.41 - Security Innovation) Hidden
Sophos SSL VPN Client 2.0 (HKLM-x32\...\Sophos SSL VPN Client) (Version: 2.0 - )
SPBA (WBF) 5.9 (Version: 5.9.7.7232 - Authentec Inc.) Hidden
Symantec Endpoint Protection (HKLM\...\{34BBE09E-35E4-450E-A7B7-29A04DF287D4}) (Version: 12.1.4013.4013 - Symantec Corporation)
TeamViewer 8 Host (HKLM-x32\...\TeamViewer 8 Host) (Version: 8.0.30992 - TeamViewer)
toolkit32for64bit (x32 Version: 7.68.85.0013 - Wave Systems Corp) Hidden
Trusted Drive Manager (Version: 5.0.0.304 - Wave Systems Corp.) Hidden
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Wave Crypto Runtime 2.0.9.0 x64 (Version: 02.00.09.0000 - Wave Systems Corp) Hidden
Wave Crypto Runtime 2.0.9.0 x86 (x32 Version: 02.00.09.0000 - Wave Systems Corp) Hidden
Wave Infrastructure Installer (Version: 07.68.85.0014 - Wave Systems Corp) Hidden
Wave Support Software Installer (Version: 05.15.00.021 - Wave Systems Corp) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Small Business Server 2011 Standard ClientAgent (HKLM\...\{5C72F8A3-BF39-4733-B41E-0ED7EF622E37}) (Version: 6.1.7900.1 - Microsoft Corporation)
Windows Small Business Server 2011 Standard WMI Provider (x32 Version: 6.1.7900.1 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

05-09-2014 09:12:38 Geplanter Prüfpunkt
10-09-2014 15:00:14 Windows Update
17-09-2014 22:00:04 Geplanter Prüfpunkt
25-09-2014 11:11:46 Geplanter Prüfpunkt
03-10-2014 11:58:21 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1B281780-D190-41BE-99E1-44DAE1A2CECE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-13] (Google Inc.)
Task: {93B7737F-1093-438E-B9FD-F30B39978A14} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-03] (Adobe Systems Incorporated)
Task: {9746BB5B-F35F-4365-B1D8-C7C11314BF36} - System32\Tasks\WSCEAA => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\RemoteManagement\WSCEAA.exe [2012-10-17] (Wave Systems Corp.)
Task: {D7F5C3FA-B303-4771-AD1D-B2D7C8E4E209} - System32\Tasks\Dell\Client System Update => C:\Program Files (x86)\Dell\ClientSystemUpdate\DellClientSystemUpdate.exe [2012-10-11] (Dell Inc.)
Task: {D8AE2270-7C13-4FEB-997B-ECE585E8B5D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-13] (Google Inc.)
Task: {FAD25EAF-4F47-4092-A3A5-E19192A27259} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-11-20 06:52 - 2012-11-20 06:52 - 00225720 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
2012-11-20 06:51 - 2012-11-20 06:51 - 00038840 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\DeviceStatus.dll
2012-10-15 17:29 - 2012-10-15 17:29 - 00057952 _____ () C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe
2012-11-23 16:34 - 2012-11-23 16:34 - 00020480 _____ () C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
2012-05-11 09:47 - 2012-05-11 09:47 - 00003072 _____ () C:\Program Files (x86)\Security Innovation\SI TSS\bin\TspPopup_DEU.dll
2012-11-08 11:22 - 2012-11-08 11:22 - 00095744 _____ () C:\Windows\system32\Internationalization_de.dll
2013-04-04 07:58 - 2012-02-01 23:34 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-10-15 17:29 - 2012-10-15 17:29 - 00406112 _____ () C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpn-gui.exe
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-03 23:30 - 2012-05-30 13:55 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-04-03 23:34 - 2012-10-23 02:22 - 01199648 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-09-03 15:54 - 2013-09-03 15:54 - 00019968 _____ () C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\acrotray.deu

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SepMasterService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

admin (S-1-5-21-1757908752-548933892-1410109349-1000 - Administrator - Enabled)
Administrator (S-1-5-21-1757908752-548933892-1410109349-500 - Administrator - Disabled)
Gast (S-1-5-21-1757908752-548933892-1410109349-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/07/2014 05:05:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2014 02:55:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FlashUtil64_11_6_602_168_ActiveX.exe, Version: 11.6.602.168, Zeitstempel: 0x511170a7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000053290
ID des fehlerhaften Prozesses: 0x1258
Startzeit der fehlerhaften Anwendung: 0xFlashUtil64_11_6_602_168_ActiveX.exe0
Pfad der fehlerhaften Anwendung: FlashUtil64_11_6_602_168_ActiveX.exe1
Pfad des fehlerhaften Moduls: FlashUtil64_11_6_602_168_ActiveX.exe2
Berichtskennung: FlashUtil64_11_6_602_168_ActiveX.exe3

Error: (10/07/2014 02:30:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2014 00:01:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/06/2014 00:15:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/06/2014 08:38:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OUTLOOK.EXE, Version 14.0.7113.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: b64

Startzeit: 01cfe12f91d3763e

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

Berichts-ID: 4c463990-4d23-11e4-ad98-90b11c9dd296

Error: (10/06/2014 08:34:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm OUTLOOK.EXE, Version 14.0.7113.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1020

Startzeit: 01cfe12ee31e7508

Endzeit: 16

Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

Berichts-ID: c1948fe3-4d22-11e4-ad98-90b11c9dd296

Error: (10/06/2014 08:26:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/03/2014 01:18:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/02/2014 01:44:50 PM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Sicherheitsrisiko gefunden!Tracking Cookies in Datei: Cookie:xx@revsci.net/ von: Manuelle-Scan.  Aktion: Löschen erfolgreich.  Beschreibung der Aktion: Die Datei wurde erfolgreich gelöscht.


System errors:
=============
Error: (10/10/2014 07:17:43 AM) (Source: Application Management Group Policy) (EventID: 103) (User: NT-AUTORITÄT)
Description: Das Entfernen der Zuweisung der Anwendung Google Chrome von der Richtlinie Software Installieren ist fehlgeschlagen. Fehler: %%2

Error: (10/10/2014 05:30:41 AM) (Source: Application Management Group Policy) (EventID: 103) (User: NT-AUTORITÄT)
Description: Das Entfernen der Zuweisung der Anwendung Google Chrome von der Richtlinie Software Installieren ist fehlgeschlagen. Fehler: %%2

Error: (10/10/2014 03:37:40 AM) (Source: Application Management Group Policy) (EventID: 103) (User: NT-AUTORITÄT)
Description: Das Entfernen der Zuweisung der Anwendung Google Chrome von der Richtlinie Software Installieren ist fehlgeschlagen. Fehler: %%2

Error: (10/10/2014 01:41:38 AM) (Source: Application Management Group Policy) (EventID: 103) (User: NT-AUTORITÄT)
Description: Das Entfernen der Zuweisung der Anwendung Google Chrome von der Richtlinie Software Installieren ist fehlgeschlagen. Fehler: %%2

Error: (10/09/2014 11:47:35 PM) (Source: Application Management Group Policy) (EventID: 103) (User: NT-AUTORITÄT)
Description: Das Entfernen der Zuweisung der Anwendung Google Chrome von der Richtlinie Software Installieren ist fehlgeschlagen. Fehler: %%2

Error: (10/09/2014 09:49:34 PM) (Source: Application Management Group Policy) (EventID: 103) (User: NT-AUTORITÄT)
Description: Das Entfernen der Zuweisung der Anwendung Google Chrome von der Richtlinie Software Installieren ist fehlgeschlagen. Fehler: %%2

Error: (10/09/2014 08:18:31 PM) (Source: Application Management Group Policy) (EventID: 103) (User: NT-AUTORITÄT)
Description: Das Entfernen der Zuweisung der Anwendung Google Chrome von der Richtlinie Software Installieren ist fehlgeschlagen. Fehler: %%2

Error: (10/09/2014 06:42:29 PM) (Source: Application Management Group Policy) (EventID: 103) (User: NT-AUTORITÄT)
Description: Das Entfernen der Zuweisung der Anwendung Google Chrome von der Richtlinie Software Installieren ist fehlgeschlagen. Fehler: %%2

Error: (10/09/2014 05:23:23 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (10/09/2014 05:02:27 PM) (Source: Application Management Group Policy) (EventID: 103) (User: NT-AUTORITÄT)
Description: Das Entfernen der Zuweisung der Anwendung Google Chrome von der Richtlinie Software Installieren ist fehlgeschlagen. Fehler: %%2


Microsoft Office Sessions:
=========================
Error: (10/07/2014 05:05:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2014 02:55:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashUtil64_11_6_602_168_ActiveX.exe11.6.602.168511170a7ntdll.dll6.1.7601.18247521eaf24c00000050000000000053290125801cfe22dfa876dbdC:\Windows\System32\Macromed\Flash\FlashUtil64_11_6_602_168_ActiveX.exeC:\Windows\SYSTEM32\ntdll.dll3b20d8f5-4e21-11e4-9d4f-90b11c9dd296

Error: (10/07/2014 02:30:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/07/2014 00:01:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/06/2014 00:15:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/06/2014 08:38:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: OUTLOOK.EXE14.0.7113.5000b6401cfe12f91d3763e0C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE4c463990-4d23-11e4-ad98-90b11c9dd296

Error: (10/06/2014 08:34:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: OUTLOOK.EXE14.0.7113.5000102001cfe12ee31e750816C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXEc1948fe3-4d22-11e4-ad98-90b11c9dd296

Error: (10/06/2014 08:26:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/03/2014 01:18:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/02/2014 01:44:50 PM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Sicherheitsrisiko gefunden!Tracking Cookies in Datei: Cookie:xxr@revsci.net/ von: Manuelle-Scan.  Aktion: Löschen erfolgreich.  Beschreibung der Aktion: Die Datei wurde erfolgreich gelöscht.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-3225 CPU @ 3.30GHz
Percentage of memory in use: 28%
Total physical RAM: 8078.54 MB
Available physical RAM: 5809.63 MB
Total Pagefile: 16155.27 MB
Available Pagefile: 14026.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:454.93 GB) (Free:339.61 GB) NTFS
Drive d: (MeineCD) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: F617DEFD)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=10.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Danke schonmal


Alt 10.10.2014, 19:29   #6
schrauber
/// the machine
/// TB-Ausbilder
 

userinit.exe Verdacht auf Virenbefall im Netzwerk - Standard

userinit.exe Verdacht auf Virenbefall im Netzwerk



Hijackthis wird seit Jahren nicht mehr benutzt. Dazu gibt es im Forum auch einen gepinnten Thread


Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> userinit.exe Verdacht auf Virenbefall im Netzwerk

Alt 13.10.2014, 10:02   #7
baschi35
 
userinit.exe Verdacht auf Virenbefall im Netzwerk - Standard

userinit.exe Verdacht auf Virenbefall im Netzwerk



Code:
ATTFilter
10:58:18.0974 0x1c0c  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
10:58:23.0170 0x1c0c  ============================================================
10:58:23.0170 0x1c0c  Current date / time: 2014/10/13 10:58:23.0170
10:58:23.0170 0x1c0c  SystemInfo:
10:58:23.0170 0x1c0c  
10:58:23.0170 0x1c0c  OS Version: 6.1.7601 ServicePack: 1.0
10:58:23.0170 0x1c0c  Product type: Workstation
10:58:23.0170 0x1c0c  ComputerName: PSAND005
10:58:23.0170 0x1c0c  UserName: ITRESOR
10:58:23.0170 0x1c0c  Windows directory: C:\Windows
10:58:23.0170 0x1c0c  System windows directory: C:\Windows
10:58:23.0170 0x1c0c  Running under WOW64
10:58:23.0170 0x1c0c  Processor architecture: Intel x64
10:58:23.0170 0x1c0c  Number of processors: 4
10:58:23.0170 0x1c0c  Page size: 0x1000
10:58:23.0170 0x1c0c  Boot type: Normal boot
10:58:23.0170 0x1c0c  ============================================================
10:58:23.0630 0x1c0c  KLMD registered as C:\Windows\system32\drivers\37566634.sys
10:58:24.0230 0x1c0c  System UUID: {E7217582-4840-A92D-5ACD-43086687CD97}
10:58:24.0610 0x1c0c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:58:24.0615 0x1c0c  ============================================================
10:58:24.0615 0x1c0c  \Device\Harddisk0\DR0:
10:58:24.0615 0x1c0c  MBR partitions:
10:58:24.0615 0x1c0c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1592000
10:58:24.0615 0x1c0c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x15A6000, BlocksNum 0x38DDE000
10:58:24.0615 0x1c0c  ============================================================
10:58:24.0640 0x1c0c  C: <-> \Device\Harddisk0\DR0\Partition2
10:58:24.0640 0x1c0c  ============================================================
10:58:24.0640 0x1c0c  Initialize success
10:58:24.0640 0x1c0c  ============================================================
10:58:53.0994 0x2d64  ============================================================
10:58:53.0994 0x2d64  Scan started
10:58:53.0994 0x2d64  Mode: Manual; SigCheck; TDLFS; 
10:58:53.0994 0x2d64  ============================================================
10:58:53.0994 0x2d64  KSN ping started
10:59:00.0626 0x2d64  KSN ping finished: true
10:59:01.0696 0x2d64  ================ Scan system memory ========================
10:59:01.0696 0x2d64  System memory - ok
10:59:01.0696 0x2d64  ================ Scan services =============================
10:59:01.0866 0x2d64  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:59:01.0986 0x2d64  1394ohci - ok
10:59:02.0016 0x2d64  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:59:02.0031 0x2d64  ACPI - ok
10:59:02.0061 0x2d64  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:59:02.0116 0x2d64  AcpiPmi - ok
10:59:02.0226 0x2d64  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:59:02.0246 0x2d64  AdobeARMservice - ok
10:59:02.0346 0x2d64  [ 563CDCFEEAEF97163E206AF71A61AA6E, 3A894AF2ECC61506D91B0B7BB5A31E4E8AEB289EECD9E0100050201F0A639369 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:59:02.0371 0x2d64  AdobeFlashPlayerUpdateSvc - ok
10:59:02.0401 0x2d64  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
10:59:02.0421 0x2d64  adp94xx - ok
10:59:02.0461 0x2d64  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
10:59:02.0491 0x2d64  adpahci - ok
10:59:02.0506 0x2d64  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
10:59:02.0521 0x2d64  adpu320 - ok
10:59:02.0546 0x2d64  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:59:02.0646 0x2d64  AeLookupSvc - ok
10:59:02.0706 0x2d64  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
10:59:02.0746 0x2d64  AFD - ok
10:59:02.0781 0x2d64  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:59:02.0796 0x2d64  agp440 - ok
10:59:02.0816 0x2d64  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:59:02.0851 0x2d64  ALG - ok
10:59:02.0896 0x2d64  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:59:02.0911 0x2d64  aliide - ok
10:59:02.0926 0x2d64  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:59:02.0931 0x2d64  amdide - ok
10:59:02.0956 0x2d64  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
10:59:02.0986 0x2d64  AmdK8 - ok
10:59:03.0011 0x2d64  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
10:59:03.0046 0x2d64  AmdPPM - ok
10:59:03.0076 0x2d64  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:59:03.0096 0x2d64  amdsata - ok
10:59:03.0111 0x2d64  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
10:59:03.0121 0x2d64  amdsbs - ok
10:59:03.0131 0x2d64  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:59:03.0141 0x2d64  amdxata - ok
10:59:03.0156 0x2d64  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
10:59:03.0256 0x2d64  AppID - ok
10:59:03.0286 0x2d64  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:59:03.0351 0x2d64  AppIDSvc - ok
10:59:03.0381 0x2d64  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
10:59:03.0421 0x2d64  Appinfo - ok
10:59:03.0476 0x2d64  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:59:03.0491 0x2d64  Apple Mobile Device - ok
10:59:03.0541 0x2d64  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
10:59:03.0586 0x2d64  AppMgmt - ok
10:59:03.0611 0x2d64  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
10:59:03.0621 0x2d64  arc - ok
10:59:03.0651 0x2d64  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:59:03.0661 0x2d64  arcsas - ok
10:59:03.0766 0x2d64  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:59:03.0786 0x2d64  aspnet_state - ok
10:59:03.0801 0x2d64  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:59:03.0836 0x2d64  AsyncMac - ok
10:59:03.0881 0x2d64  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:59:03.0896 0x2d64  atapi - ok
10:59:03.0956 0x2d64  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:59:04.0026 0x2d64  AudioEndpointBuilder - ok
10:59:04.0041 0x2d64  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:59:04.0076 0x2d64  AudioSrv - ok
10:59:04.0111 0x2d64  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:59:04.0181 0x2d64  AxInstSV - ok
10:59:04.0236 0x2d64  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
10:59:04.0286 0x2d64  b06bdrv - ok
10:59:04.0316 0x2d64  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:59:04.0356 0x2d64  b57nd60a - ok
10:59:04.0391 0x2d64  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:59:04.0416 0x2d64  BDESVC - ok
10:59:04.0426 0x2d64  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:59:04.0471 0x2d64  Beep - ok
10:59:04.0521 0x2d64  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
10:59:04.0586 0x2d64  BFE - ok
10:59:04.0816 0x2d64  [ B20C7345F7EAD6C5E3EFA52E044411B6, 63DC57908D77B77907A278AD219240AEDD502272D5D3D35D5339172CDE36DA86 ] BHDrvx64        C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\BASHDefs\20140925.013\BHDrvx64.sys
10:59:04.0861 0x2d64  BHDrvx64 - ok
10:59:04.0906 0x2d64  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:59:04.0966 0x2d64  BITS - ok
10:59:05.0001 0x2d64  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:59:05.0026 0x2d64  blbdrive - ok
10:59:05.0116 0x2d64  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:59:05.0146 0x2d64  Bonjour Service - ok
10:59:05.0171 0x2d64  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:59:05.0191 0x2d64  bowser - ok
10:59:05.0226 0x2d64  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
10:59:05.0256 0x2d64  BrFiltLo - ok
10:59:05.0271 0x2d64  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
10:59:05.0281 0x2d64  BrFiltUp - ok
10:59:05.0316 0x2d64  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
10:59:05.0347 0x2d64  Browser - ok
10:59:05.0362 0x2d64  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:59:05.0402 0x2d64  Brserid - ok
10:59:05.0417 0x2d64  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:59:05.0442 0x2d64  BrSerWdm - ok
10:59:05.0457 0x2d64  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:59:05.0487 0x2d64  BrUsbMdm - ok
10:59:05.0512 0x2d64  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:59:05.0532 0x2d64  BrUsbSer - ok
10:59:05.0542 0x2d64  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
10:59:05.0572 0x2d64  BTHMODEM - ok
10:59:05.0602 0x2d64  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:59:05.0647 0x2d64  bthserv - ok
10:59:05.0722 0x2d64  [ 0C2CF42167BC0B8C76D713F0BB36A6F7, B26D0141F7D5AC881DA9708B88CCA94532EF7C912A6172F09721CA4E8D125651 ] ccSettings_{B1B5C4BC-65F0-4679-B31C-7B031940DC2E} C:\Windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x64\ccSetx64.sys
10:59:05.0742 0x2d64  ccSettings_{B1B5C4BC-65F0-4679-B31C-7B031940DC2E} - ok
10:59:05.0762 0x2d64  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:59:05.0797 0x2d64  cdfs - ok
10:59:05.0842 0x2d64  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:59:05.0872 0x2d64  cdrom - ok
10:59:05.0907 0x2d64  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:59:05.0962 0x2d64  CertPropSvc - ok
10:59:05.0982 0x2d64  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
10:59:06.0002 0x2d64  circlass - ok
10:59:06.0022 0x2d64  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
10:59:06.0037 0x2d64  CLFS - ok
10:59:06.0102 0x2d64  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:59:06.0122 0x2d64  clr_optimization_v2.0.50727_32 - ok
10:59:06.0157 0x2d64  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:59:06.0172 0x2d64  clr_optimization_v2.0.50727_64 - ok
10:59:06.0227 0x2d64  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:59:06.0247 0x2d64  clr_optimization_v4.0.30319_32 - ok
10:59:06.0272 0x2d64  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:59:06.0282 0x2d64  clr_optimization_v4.0.30319_64 - ok
10:59:06.0312 0x2d64  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
10:59:06.0337 0x2d64  CmBatt - ok
10:59:06.0362 0x2d64  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:59:06.0372 0x2d64  cmdide - ok
10:59:06.0427 0x2d64  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
10:59:06.0462 0x2d64  CNG - ok
10:59:06.0567 0x2d64  [ F4715E16E8CA5AAF0523F1C7EA25C29C, 62D1C4042BBE377EEE80B5899FFF48EC6DACFF9242FD09B207BA7E381780A938 ] CodeMeter.exe   C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
10:59:06.0607 0x2d64  CodeMeter.exe - ok
10:59:06.0627 0x2d64  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
10:59:06.0637 0x2d64  Compbatt - ok
10:59:06.0652 0x2d64  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
10:59:06.0692 0x2d64  CompositeBus - ok
10:59:06.0707 0x2d64  COMSysApp - ok
10:59:06.0747 0x2d64  [ 83AC6152F53976F92D0AF19393E02C80, 3CA6A63B63F89CB4A3ED0ED110366CA875239E444DCEDD201A519298787CE4E8 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
10:59:06.0767 0x2d64  cphs - ok
10:59:06.0777 0x2d64  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
10:59:06.0787 0x2d64  crcdisk - ok
10:59:06.0832 0x2d64  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:59:06.0872 0x2d64  CryptSvc - ok
10:59:06.0912 0x2d64  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
10:59:07.0017 0x2d64  CSC - ok
10:59:07.0042 0x2d64  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
10:59:07.0107 0x2d64  CscService - ok
10:59:07.0147 0x2d64  [ E1617EC33B0B88FEC429BF6EB7B9FA52, 8F9A784674DDF4B2924645836AB03BA54D714FA16BB9130EE36E96C6D2073D6A ] dcdbas          C:\Windows\system32\DRIVERS\dcdbas64.sys
10:59:07.0167 0x2d64  dcdbas - ok
10:59:07.0217 0x2d64  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:59:07.0267 0x2d64  DcomLaunch - ok
10:59:07.0297 0x2d64  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:59:07.0337 0x2d64  defragsvc - ok
10:59:07.0347 0x2d64  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:59:07.0387 0x2d64  DfsC - ok
10:59:07.0417 0x2d64  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:59:07.0472 0x2d64  Dhcp - ok
10:59:07.0507 0x2d64  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:59:07.0552 0x2d64  discache - ok
10:59:07.0582 0x2d64  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
10:59:07.0592 0x2d64  Disk - ok
10:59:07.0622 0x2d64  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
10:59:07.0652 0x2d64  dmvsc - ok
10:59:07.0687 0x2d64  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:59:07.0717 0x2d64  Dnscache - ok
10:59:07.0747 0x2d64  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:59:07.0797 0x2d64  dot3svc - ok
10:59:07.0812 0x2d64  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
10:59:07.0852 0x2d64  DPS - ok
10:59:07.0892 0x2d64  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:59:07.0917 0x2d64  drmkaud - ok
10:59:07.0962 0x2d64  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:59:07.0997 0x2d64  DXGKrnl - ok
10:59:08.0047 0x2d64  [ 1BEF2C2E229452EC49FFE5A27283341D, 7010273570BD38E578FCF1DD2EB00C21E8FA3504CE2342AEE3755F6EFC4581E9 ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
10:59:08.0062 0x2d64  e1cexpress - ok
10:59:08.0107 0x2d64  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:59:08.0152 0x2d64  EapHost - ok
10:59:08.0262 0x2d64  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
10:59:08.0352 0x2d64  ebdrv - ok
10:59:08.0427 0x2d64  [ 03E1B8BA59327D186C7C533A6998FEF9, 224937A697B55BD9CCD790771DBE9D135021AD1DC3E6D6AC7C431C56F0FFBBB5 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
10:59:08.0452 0x2d64  eeCtrl - ok
10:59:08.0492 0x2d64  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
10:59:08.0537 0x2d64  EFS - ok
10:59:08.0587 0x2d64  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:59:08.0637 0x2d64  ehRecvr - ok
10:59:08.0647 0x2d64  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
10:59:08.0672 0x2d64  ehSched - ok
10:59:08.0717 0x2d64  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
10:59:08.0737 0x2d64  elxstor - ok
10:59:08.0817 0x2d64  [ 4BF31477A5AB8B15E741E71F446A7EE2, 261764CEBBF1EE7E03BB122AC9DD2A405BBBE243EDEFDB40CE939F77F0B26875 ] EmbassyService  C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe
10:59:08.0837 0x2d64  EmbassyService - ok
10:59:08.0922 0x2d64  [ 142EA7DF1851C563571F2DCFC7AFBB40, 14DE008B68D127F246A64290DFCBD7ECDE8FF7932B3BAE660EB131860E826EAD ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
10:59:08.0942 0x2d64  EraserUtilRebootDrv - ok
10:59:08.0957 0x2d64  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:59:08.0982 0x2d64  ErrDev - ok
10:59:09.0042 0x2d64  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:59:09.0097 0x2d64  EventSystem - ok
10:59:09.0117 0x2d64  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:59:09.0172 0x2d64  exfat - ok
10:59:09.0197 0x2d64  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:59:09.0242 0x2d64  fastfat - ok
10:59:09.0287 0x2d64  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
10:59:09.0362 0x2d64  Fax - ok
10:59:09.0387 0x2d64  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
10:59:09.0422 0x2d64  fdc - ok
10:59:09.0457 0x2d64  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:59:09.0512 0x2d64  fdPHost - ok
10:59:09.0532 0x2d64  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:59:09.0557 0x2d64  FDResPub - ok
10:59:09.0582 0x2d64  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:59:09.0597 0x2d64  FileInfo - ok
10:59:09.0627 0x2d64  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:59:09.0682 0x2d64  Filetrace - ok
10:59:09.0707 0x2d64  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
10:59:09.0717 0x2d64  flpydisk - ok
10:59:09.0757 0x2d64  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:59:09.0772 0x2d64  FltMgr - ok
10:59:09.0817 0x2d64  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
10:59:09.0857 0x2d64  FontCache - ok
10:59:09.0902 0x2d64  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:59:09.0917 0x2d64  FontCache3.0.0.0 - ok
10:59:09.0937 0x2d64  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:59:09.0947 0x2d64  FsDepends - ok
10:59:09.0977 0x2d64  [ B16B626996C74B564005BA855C5DEE90, B432C669EB610C262B18F3F8308EEE1B910DE7F7BC2A8EB5483419DC52A07AE1 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
10:59:10.0002 0x2d64  fssfltr - ok
10:59:10.0102 0x2d64  [ 812E1BA5C52A78F13EA6AA10DF708B1D, CF1C4D8E072CF0D66C977DFA4C852E5CE757843BEAF5D29454D26A9AC5766E61 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
10:59:10.0137 0x2d64  fsssvc - ok
10:59:10.0167 0x2d64  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:59:10.0177 0x2d64  Fs_Rec - ok
10:59:10.0222 0x2d64  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:59:10.0247 0x2d64  fvevol - ok
10:59:10.0282 0x2d64  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:59:10.0302 0x2d64  gagp30kx - ok
10:59:10.0332 0x2d64  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:59:10.0342 0x2d64  GEARAspiWDM - ok
10:59:10.0387 0x2d64  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:59:10.0432 0x2d64  gpsvc - ok
10:59:10.0467 0x2d64  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:59:10.0477 0x2d64  gupdate - ok
10:59:10.0492 0x2d64  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:59:10.0502 0x2d64  gupdatem - ok
10:59:10.0522 0x2d64  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:59:10.0532 0x2d64  gusvc - ok
10:59:10.0572 0x2d64  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:59:10.0607 0x2d64  hcw85cir - ok
10:59:10.0637 0x2d64  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
10:59:10.0677 0x2d64  HDAudBus - ok
10:59:10.0692 0x2d64  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
10:59:10.0717 0x2d64  HidBatt - ok
10:59:10.0737 0x2d64  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:59:10.0772 0x2d64  HidBth - ok
10:59:10.0807 0x2d64  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
10:59:10.0822 0x2d64  HidIr - ok
10:59:10.0847 0x2d64  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
10:59:10.0872 0x2d64  hidserv - ok
10:59:10.0917 0x2d64  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
10:59:10.0932 0x2d64  HidUsb - ok
10:59:10.0947 0x2d64  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:59:11.0007 0x2d64  hkmsvc - ok
10:59:11.0027 0x2d64  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:59:11.0052 0x2d64  HomeGroupListener - ok
10:59:11.0082 0x2d64  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:59:11.0117 0x2d64  HomeGroupProvider - ok
10:59:11.0142 0x2d64  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:59:11.0152 0x2d64  HpSAMD - ok
10:59:11.0197 0x2d64  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:59:11.0252 0x2d64  HTTP - ok
10:59:11.0262 0x2d64  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:59:11.0272 0x2d64  hwpolicy - ok
10:59:11.0287 0x2d64  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:59:11.0297 0x2d64  i8042prt - ok
10:59:11.0347 0x2d64  [ CCFA835960E35F30D28A868E0B3B8722, 47D95E75685F9D40229902A92426FBCB358EA929202EAFBBF79C72873B8B9032 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
10:59:11.0367 0x2d64  iaStor - ok
10:59:11.0427 0x2d64  [ 1F35EFEC56CD1BF62435EAF97EABC3B3, 0246EB0295D28A33FC4C430117FFEE2B553C007040DB975EFCBB29FF881F2D4B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
10:59:11.0442 0x2d64  IAStorDataMgrSvc - ok
10:59:11.0487 0x2d64  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:59:11.0512 0x2d64  iaStorV - ok
10:59:11.0572 0x2d64  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:59:11.0607 0x2d64  idsvc - ok
10:59:11.0752 0x2d64  [ 47D561365913893120FC651419745FDA, B1D61C40A2EA1CF2440FF8C154C085600B2E6B68F4376B4D33B5AC1E87D9181E ] IDSVia64        C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\IPSDefs\20141010.011\IDSvia64.sys
10:59:11.0782 0x2d64  IDSVia64 - ok
10:59:12.0147 0x2d64  [ E910E770A54E55973FFBE663C3254000, ED0C945CC5D7D7389F5D5A3AAF966B51AF3FDD95E15A1AEC8A31B4550B6301A2 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
10:59:12.0662 0x2d64  igfx - ok
10:59:12.0707 0x2d64  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
10:59:12.0722 0x2d64  iirsp - ok
10:59:12.0777 0x2d64  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
10:59:12.0827 0x2d64  IKEEXT - ok
10:59:12.0947 0x2d64  [ 392FC7BC8144D0072335AF1F69BDCE9D, 614D3523B24F2963718D196222099E6BD25338D8F126CA5F5D7A1D593F5510AA ] IntcAzAudAddService C:\Windows\system32\drivers\RTDVHD64.sys
10:59:13.0027 0x2d64  IntcAzAudAddService - ok
10:59:13.0077 0x2d64  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
10:59:13.0112 0x2d64  IntcDAud - ok
10:59:13.0197 0x2d64  [ C2712BF2D18C0D4214065A170E80C664, 4266F6259D2762D761EA5A478FCCC84E8C9F961FF1169D8A10F4A7BA0D587B4C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
10:59:13.0227 0x2d64  Intel(R) Capability Licensing Service Interface - ok
10:59:13.0247 0x2d64  [ 42CEE1BA152FA267AE8587B4DE3B7B28, A16989C875F1794E2AB82B24AF63F7E0BFA0CBDDCBB527C73A6B4F6CA574E014 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
10:59:13.0257 0x2d64  Intel(R) PROSet Monitoring Service - ok
10:59:13.0292 0x2d64  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:59:13.0302 0x2d64  intelide - ok
10:59:13.0332 0x2d64  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:59:13.0368 0x2d64  intelppm - ok
10:59:13.0403 0x2d64  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:59:13.0463 0x2d64  IPBusEnum - ok
10:59:13.0483 0x2d64  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:59:13.0503 0x2d64  IpFilterDriver - ok
10:59:13.0543 0x2d64  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:59:13.0578 0x2d64  iphlpsvc - ok
10:59:13.0598 0x2d64  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:59:13.0628 0x2d64  IPMIDRV - ok
10:59:13.0648 0x2d64  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:59:13.0683 0x2d64  IPNAT - ok
10:59:13.0748 0x2d64  [ 78486992AC657AE5065C4A2135838570, E958E2977843A15A73F06A2D2F24130C7F62305A9AA0488F419E2D729BA6939A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:59:13.0773 0x2d64  iPod Service - ok
10:59:13.0798 0x2d64  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:59:13.0828 0x2d64  IRENUM - ok
10:59:13.0843 0x2d64  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:59:13.0858 0x2d64  isapnp - ok
10:59:13.0888 0x2d64  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:59:13.0903 0x2d64  iScsiPrt - ok
10:59:13.0948 0x2d64  [ C8A3C909F0EFF13CAE0C17503B1F5DB2, 48B83C625AD4FFF4B8D92C70FEFDE70354C18193A8DDFE6D716776228FF691D5 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
10:59:13.0963 0x2d64  iusb3hcs - ok
10:59:13.0983 0x2d64  [ BB47E889BA2ADB7D1A438F9824F5899B, CE074B540154501C2B77A11BD27996D652BA3C81B7CBD2E8DF2E57B3DF770517 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
10:59:14.0003 0x2d64  iusb3hub - ok
10:59:14.0033 0x2d64  [ 7971B368F36042A0EC31FEA15945187B, E5EDD32316549644708DFD84ECC899C12C5095A16A607ACE0E23A9F49DCCC0BC ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
10:59:14.0053 0x2d64  iusb3xhc - ok
10:59:14.0113 0x2d64  [ 06B53A0BBC4848E0919EAEF83B54D8CB, 5E2954BEF76A179E0874AEA4AA22DDA78271EDD4405CC6C43C7223B86C4B9FEE ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
10:59:14.0138 0x2d64  jhi_service - ok
10:59:14.0173 0x2d64  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:59:14.0183 0x2d64  kbdclass - ok
10:59:14.0198 0x2d64  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:59:14.0223 0x2d64  kbdhid - ok
10:59:14.0233 0x2d64  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
10:59:14.0248 0x2d64  KeyIso - ok
10:59:14.0278 0x2d64  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:59:14.0288 0x2d64  KSecDD - ok
10:59:14.0303 0x2d64  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:59:14.0313 0x2d64  KSecPkg - ok
10:59:14.0328 0x2d64  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:59:14.0358 0x2d64  ksthunk - ok
10:59:14.0393 0x2d64  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:59:14.0448 0x2d64  KtmRm - ok
10:59:14.0493 0x2d64  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:59:14.0538 0x2d64  LanmanServer - ok
10:59:14.0558 0x2d64  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:59:14.0593 0x2d64  LanmanWorkstation - ok
10:59:14.0623 0x2d64  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:59:14.0683 0x2d64  lltdio - ok
10:59:14.0713 0x2d64  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:59:14.0768 0x2d64  lltdsvc - ok
10:59:14.0793 0x2d64  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:59:14.0843 0x2d64  lmhosts - ok
10:59:14.0893 0x2d64  [ FBA91398A65A85E89E4270F7658BAEA2, A322F1C8F8B6710FB77D1AC66FD69AD290B0C2F2B0F3DAAEE0F5DC04E9D3903B ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:59:14.0918 0x2d64  LMS - ok
10:59:14.0953 0x2d64  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:59:14.0973 0x2d64  LSI_FC - ok
10:59:14.0988 0x2d64  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:59:14.0998 0x2d64  LSI_SAS - ok
10:59:15.0018 0x2d64  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
10:59:15.0028 0x2d64  LSI_SAS2 - ok
10:59:15.0043 0x2d64  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:59:15.0053 0x2d64  LSI_SCSI - ok
10:59:15.0078 0x2d64  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:59:15.0138 0x2d64  luafv - ok
10:59:15.0163 0x2d64  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:59:15.0198 0x2d64  Mcx2Svc - ok
10:59:15.0218 0x2d64  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
10:59:15.0233 0x2d64  megasas - ok
10:59:15.0258 0x2d64  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
10:59:15.0273 0x2d64  MegaSR - ok
10:59:15.0313 0x2d64  [ D71FD7A4FDB01C554AE144037B688DF1, 74D33303DA559A3A2EB809FC0EC3722D24F7F1A37BC7370680CFEB951BE735AF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
10:59:15.0328 0x2d64  MEIx64 - ok
10:59:15.0348 0x2d64  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:59:15.0383 0x2d64  MMCSS - ok
10:59:15.0398 0x2d64  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:59:15.0433 0x2d64  Modem - ok
10:59:15.0458 0x2d64  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:59:15.0488 0x2d64  monitor - ok
10:59:15.0518 0x2d64  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:59:15.0523 0x2d64  mouclass - ok
10:59:15.0538 0x2d64  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:59:15.0568 0x2d64  mouhid - ok
10:59:15.0598 0x2d64  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:59:15.0608 0x2d64  mountmgr - ok
10:59:15.0623 0x2d64  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:59:15.0633 0x2d64  mpio - ok
10:59:15.0653 0x2d64  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:59:15.0678 0x2d64  mpsdrv - ok
10:59:15.0728 0x2d64  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:59:15.0773 0x2d64  MpsSvc - ok
10:59:15.0808 0x2d64  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:59:15.0818 0x2d64  MRxDAV - ok
10:59:15.0843 0x2d64  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:59:15.0868 0x2d64  mrxsmb - ok
10:59:15.0903 0x2d64  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:59:15.0938 0x2d64  mrxsmb10 - ok
10:59:15.0953 0x2d64  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:59:15.0963 0x2d64  mrxsmb20 - ok
10:59:15.0998 0x2d64  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:59:16.0013 0x2d64  msahci - ok
10:59:16.0048 0x2d64  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:59:16.0068 0x2d64  msdsm - ok
10:59:16.0088 0x2d64  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:59:16.0123 0x2d64  MSDTC - ok
10:59:16.0138 0x2d64  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:59:16.0188 0x2d64  Msfs - ok
10:59:16.0218 0x2d64  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:59:16.0273 0x2d64  mshidkmdf - ok
10:59:16.0303 0x2d64  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:59:16.0323 0x2d64  msisadrv - ok
10:59:16.0343 0x2d64  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:59:16.0373 0x2d64  MSiSCSI - ok
10:59:16.0373 0x2d64  msiserver - ok
10:59:16.0403 0x2d64  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:59:16.0438 0x2d64  MSKSSRV - ok
10:59:16.0458 0x2d64  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:59:16.0488 0x2d64  MSPCLOCK - ok
10:59:16.0498 0x2d64  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:59:16.0533 0x2d64  MSPQM - ok
10:59:16.0558 0x2d64  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:59:16.0568 0x2d64  MsRPC - ok
10:59:16.0583 0x2d64  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
10:59:16.0593 0x2d64  mssmbios - ok
10:59:16.0603 0x2d64  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:59:16.0638 0x2d64  MSTEE - ok
10:59:16.0648 0x2d64  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
10:59:16.0658 0x2d64  MTConfig - ok
10:59:16.0668 0x2d64  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:59:16.0678 0x2d64  Mup - ok
10:59:16.0713 0x2d64  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:59:16.0763 0x2d64  napagent - ok
10:59:16.0803 0x2d64  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:59:16.0848 0x2d64  NativeWifiP - ok
10:59:16.0953 0x2d64  [ C180A82874D3CDC390A27F2F1E1AF025, 9F473661524D645D5C1D616BF2BEC2996DFAE9268B7CF280FCCBD19AA072E567 ] NAVENG          C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20141012.018\ENG64.SYS
10:59:16.0973 0x2d64  NAVENG - ok
10:59:17.0033 0x2d64  [ E66CA6C321614D7BC0AFC9C8436131B9, BF732419D56E1B8AB3B11B19403087D4EDBF9108F0252ACBB561235040AB4436 ] NAVEX15         C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Data\Definitions\VirusDefs\20141012.018\EX64.SYS
10:59:17.0083 0x2d64  NAVEX15 - ok
10:59:17.0143 0x2d64  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:59:17.0168 0x2d64  NDIS - ok
10:59:17.0208 0x2d64  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:59:17.0263 0x2d64  NdisCap - ok
10:59:17.0283 0x2d64  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:59:17.0308 0x2d64  NdisTapi - ok
10:59:17.0308 0x2d64  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:59:17.0333 0x2d64  Ndisuio - ok
10:59:17.0353 0x2d64  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:59:17.0393 0x2d64  NdisWan - ok
10:59:17.0408 0x2d64  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:59:17.0443 0x2d64  NDProxy - ok
10:59:17.0488 0x2d64  [ 6F4607E2333FE21E9E3FF8133A88B35B, F7B7B262D85D03552A8D0F3F91E795B31E3D09020DDA1E3D62A4A3209D916BB6 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
10:59:17.0513 0x2d64  Netaapl - ok
10:59:17.0538 0x2d64  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:59:17.0583 0x2d64  NetBIOS - ok
10:59:17.0603 0x2d64  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:59:17.0628 0x2d64  NetBT - ok
10:59:17.0663 0x2d64  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
10:59:17.0683 0x2d64  Netlogon - ok
10:59:17.0708 0x2d64  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:59:17.0743 0x2d64  Netman - ok
10:59:17.0818 0x2d64  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:59:17.0838 0x2d64  NetMsmqActivator - ok
10:59:17.0853 0x2d64  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:59:17.0858 0x2d64  NetPipeActivator - ok
10:59:17.0873 0x2d64  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:59:17.0918 0x2d64  netprofm - ok
10:59:17.0923 0x2d64  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:59:17.0933 0x2d64  NetTcpActivator - ok
10:59:17.0938 0x2d64  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:59:17.0943 0x2d64  NetTcpPortSharing - ok
10:59:17.0978 0x2d64  [ 73CE12B8BDD747B0063CB0A7EF44CEA7, F570BB52BE460DBA6203698CC96FFD9674E1903D0E0F5C49375BE3F8D8E89582 ] netvsc          C:\Windows\system32\DRIVERS\netvsc60.sys
10:59:17.0988 0x2d64  netvsc - ok
10:59:18.0028 0x2d64  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
10:59:18.0033 0x2d64  nfrd960 - ok
10:59:18.0058 0x2d64  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:59:18.0083 0x2d64  NlaSvc - ok
10:59:18.0103 0x2d64  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:59:18.0123 0x2d64  Npfs - ok
10:59:18.0148 0x2d64  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:59:18.0228 0x2d64  nsi - ok
10:59:18.0243 0x2d64  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:59:18.0278 0x2d64  nsiproxy - ok
10:59:18.0353 0x2d64  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:59:18.0393 0x2d64  Ntfs - ok
10:59:18.0413 0x2d64  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:59:18.0468 0x2d64  Null - ok
10:59:18.0493 0x2d64  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:59:18.0503 0x2d64  nvraid - ok
10:59:18.0533 0x2d64  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:59:18.0543 0x2d64  nvstor - ok
10:59:18.0573 0x2d64  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:59:18.0583 0x2d64  nv_agp - ok
10:59:18.0593 0x2d64  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:59:18.0618 0x2d64  ohci1394 - ok
10:59:18.0653 0x2d64  [ F82DD2EC601C414450A1DC86B2048814, A62B0B509D342202395669914605606CD49AD4CF048C6CA8E8A7A811FC7EEE63 ] OpenVPNService  C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe
10:59:18.0673 0x2d64  OpenVPNService - ok
10:59:18.0678 0x2d64  [ F82DD2EC601C414450A1DC86B2048814, A62B0B509D342202395669914605606CD49AD4CF048C6CA8E8A7A811FC7EEE63 ] OpenVPNServiceInteractive C:\Program Files (x86)\Sophos\Sophos SSL VPN Client\bin\openvpnserv.exe
10:59:18.0683 0x2d64  OpenVPNServiceInteractive - ok
10:59:18.0758 0x2d64  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:59:18.0778 0x2d64  ose - ok
10:59:18.0933 0x2d64  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:59:19.0038 0x2d64  osppsvc - ok
10:59:19.0083 0x2d64  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:59:19.0118 0x2d64  p2pimsvc - ok
10:59:19.0138 0x2d64  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:59:19.0158 0x2d64  p2psvc - ok
10:59:19.0183 0x2d64  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
10:59:19.0218 0x2d64  Parport - ok
10:59:19.0238 0x2d64  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:59:19.0248 0x2d64  partmgr - ok
10:59:19.0273 0x2d64  [ E5EE2F0C619F6B6FBD6D06008428FE01, 613CEA8472E1593FC38F92E4ECBC2E8F7EB581871B46223C80627850F8DF80E6 ] PbaDrvSvc_x64   C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe
10:59:19.0293 0x2d64  PbaDrvSvc_x64 - detected UnsignedFile.Multi.Generic ( 1 )
10:59:21.0594 0x2d64  Detect skipped due to KSN trusted
10:59:21.0594 0x2d64  PbaDrvSvc_x64 - ok
10:59:21.0644 0x2d64  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:59:21.0679 0x2d64  PcaSvc - ok
10:59:21.0704 0x2d64  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
10:59:21.0724 0x2d64  pci - ok
10:59:21.0759 0x2d64  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:59:21.0764 0x2d64  pciide - ok
10:59:21.0794 0x2d64  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:59:21.0814 0x2d64  pcmcia - ok
10:59:21.0829 0x2d64  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:59:21.0839 0x2d64  pcw - ok
10:59:21.0869 0x2d64  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:59:21.0919 0x2d64  PEAUTH - ok
10:59:21.0969 0x2d64  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
10:59:22.0019 0x2d64  PeerDistSvc - ok
10:59:22.0079 0x2d64  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:59:22.0099 0x2d64  PerfHost - ok
10:59:22.0154 0x2d64  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
10:59:22.0234 0x2d64  pla - ok
10:59:22.0279 0x2d64  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:59:22.0314 0x2d64  PlugPlay - ok
10:59:22.0324 0x2d64  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:59:22.0349 0x2d64  PNRPAutoReg - ok
10:59:22.0369 0x2d64  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:59:22.0384 0x2d64  PNRPsvc - ok
10:59:22.0414 0x2d64  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:59:22.0454 0x2d64  PolicyAgent - ok
10:59:22.0479 0x2d64  [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power           C:\Windows\system32\umpo.dll
10:59:22.0504 0x2d64  Power - ok
10:59:22.0529 0x2d64  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:59:22.0584 0x2d64  PptpMiniport - ok
10:59:22.0594 0x2d64  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
10:59:22.0609 0x2d64  Processor - ok
10:59:22.0639 0x2d64  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
10:59:22.0684 0x2d64  ProfSvc - ok
10:59:22.0694 0x2d64  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:59:22.0704 0x2d64  ProtectedStorage - ok
10:59:22.0729 0x2d64  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:59:22.0764 0x2d64  Psched - ok
10:59:22.0844 0x2d64  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:59:22.0879 0x2d64  ql2300 - ok
10:59:22.0899 0x2d64  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:59:22.0909 0x2d64  ql40xx - ok
10:59:22.0934 0x2d64  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:59:22.0954 0x2d64  QWAVE - ok
10:59:22.0969 0x2d64  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:59:22.0994 0x2d64  QWAVEdrv - ok
10:59:23.0004 0x2d64  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:59:23.0029 0x2d64  RasAcd - ok
10:59:23.0059 0x2d64  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:59:23.0099 0x2d64  RasAgileVpn - ok
10:59:23.0109 0x2d64  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:59:23.0139 0x2d64  RasAuto - ok
10:59:23.0169 0x2d64  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:59:23.0214 0x2d64  Rasl2tp - ok
10:59:23.0249 0x2d64  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:59:23.0279 0x2d64  RasMan - ok
10:59:23.0289 0x2d64  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:59:23.0324 0x2d64  RasPppoe - ok
10:59:23.0349 0x2d64  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:59:23.0394 0x2d64  RasSstp - ok
10:59:23.0419 0x2d64  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:59:23.0449 0x2d64  rdbss - ok
10:59:23.0469 0x2d64  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:59:23.0484 0x2d64  rdpbus - ok
10:59:23.0499 0x2d64  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:59:23.0529 0x2d64  RDPCDD - ok
10:59:23.0564 0x2d64  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
10:59:23.0589 0x2d64  RDPDR - ok
10:59:23.0604 0x2d64  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:59:23.0634 0x2d64  RDPENCDD - ok
10:59:23.0664 0x2d64  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:59:23.0684 0x2d64  RDPREFMP - ok
10:59:23.0714 0x2d64  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:59:23.0739 0x2d64  RdpVideoMiniport - ok
10:59:23.0764 0x2d64  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:59:23.0794 0x2d64  RDPWD - ok
10:59:23.0819 0x2d64  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:59:23.0839 0x2d64  rdyboost - ok
10:59:23.0859 0x2d64  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:59:23.0919 0x2d64  RemoteAccess - ok
10:59:23.0944 0x2d64  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:59:23.0984 0x2d64  RemoteRegistry - ok
10:59:24.0074 0x2d64  [ 50B6C12529D4D6858C1492F1FB0B3056, ADEEE5DEA20AB50DEF4D7254849C913EA63129E24EBCD451547D525FEB67B672 ] RIB.License.Server C:\Program Files (x86)\RIB\License\RIB.License.Server.exe
10:59:24.0094 0x2d64  RIB.License.Server - ok
10:59:24.0109 0x2d64  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:59:24.0134 0x2d64  RpcEptMapper - ok
10:59:24.0159 0x2d64  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:59:24.0184 0x2d64  RpcLocator - ok
10:59:24.0209 0x2d64  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
10:59:24.0239 0x2d64  RpcSs - ok
10:59:24.0274 0x2d64  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:59:24.0299 0x2d64  rspndr - ok
10:59:24.0324 0x2d64  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
10:59:24.0339 0x2d64  s3cap - ok
10:59:24.0354 0x2d64  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
10:59:24.0364 0x2d64  SamSs - ok
10:59:24.0379 0x2d64  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:59:24.0389 0x2d64  sbp2port - ok
10:59:24.0419 0x2d64  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:59:24.0459 0x2d64  SCardSvr - ok
10:59:24.0469 0x2d64  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:59:24.0499 0x2d64  scfilter - ok
10:59:24.0539 0x2d64  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
10:59:24.0584 0x2d64  Schedule - ok
10:59:24.0609 0x2d64  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:59:24.0634 0x2d64  SCPolicySvc - ok
10:59:24.0649 0x2d64  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:59:24.0679 0x2d64  SDRSVC - ok
10:59:24.0719 0x2d64  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:59:24.0775 0x2d64  secdrv - ok
10:59:24.0805 0x2d64  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
10:59:24.0825 0x2d64  seclogon - ok
10:59:24.0955 0x2d64  [ E2756DB7B61C76654710821D402048C9, 53B79D0D3E59626BCC95F485115B61E32CEB89B19CC0D0418E94FECD1E9C1719 ] SecureStorageService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
10:59:25.0005 0x2d64  SecureStorageService - ok
10:59:25.0030 0x2d64  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
10:59:25.0065 0x2d64  SENS - ok
10:59:25.0085 0x2d64  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:59:25.0100 0x2d64  SensrSvc - ok
10:59:25.0220 0x2d64  [ 18E1127C5341E2F037439033EE0D0D4B, 74ABC4EC09F7050A35C353D2367900CBD92ADD4785CF379CBD46DFAADAFE8844 ] SepMasterService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\ccSvcHst.exe
10:59:25.0235 0x2d64  SepMasterService - ok
10:59:25.0260 0x2d64  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:59:25.0285 0x2d64  Serenum - ok
10:59:25.0315 0x2d64  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:59:25.0345 0x2d64  Serial - ok
10:59:25.0375 0x2d64  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:59:25.0395 0x2d64  sermouse - ok
10:59:25.0430 0x2d64  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:59:25.0470 0x2d64  SessionEnv - ok
10:59:25.0485 0x2d64  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:59:25.0505 0x2d64  sffdisk - ok
10:59:25.0520 0x2d64  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:59:25.0540 0x2d64  sffp_mmc - ok
10:59:25.0570 0x2d64  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:59:25.0600 0x2d64  sffp_sd - ok
10:59:25.0615 0x2d64  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
10:59:25.0640 0x2d64  sfloppy - ok
10:59:25.0680 0x2d64  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:59:25.0730 0x2d64  SharedAccess - ok
10:59:25.0755 0x2d64  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:59:25.0790 0x2d64  ShellHWDetection - ok
10:59:25.0825 0x2d64  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
10:59:25.0845 0x2d64  SiSRaid2 - ok
10:59:25.0855 0x2d64  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:59:25.0865 0x2d64  SiSRaid4 - ok
10:59:25.0890 0x2d64  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:59:25.0925 0x2d64  Smb - ok
10:59:26.0050 0x2d64  [ 512F8C6392948420A6EAA368BE1286EE, 539CB7E36FD0BB304C190C25164CE15A538FF03C0E94DACA2D2EE9821D13365A ] SmcService      C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe
10:59:26.0115 0x2d64  SmcService - ok
10:59:26.0140 0x2d64  [ DE3B5E34B8952C59B08B0819509F4989, 3EFD63F8DD0F1EA03B32126E656E816F84445469432E79922F0AB661BD1F9046 ] SNAC            C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\snac64.exe
10:59:26.0155 0x2d64  SNAC - ok
10:59:26.0185 0x2d64  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:59:26.0205 0x2d64  SNMPTRAP - ok
10:59:26.0220 0x2d64  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:59:26.0230 0x2d64  spldr - ok
10:59:26.0255 0x2d64  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
10:59:26.0280 0x2d64  Spooler - ok
10:59:26.0380 0x2d64  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:59:26.0490 0x2d64  sppsvc - ok
10:59:26.0505 0x2d64  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:59:26.0530 0x2d64  sppuinotify - ok
10:59:26.0615 0x2d64  [ A6E487C2CA115C329B786AE94AADE2AF, E7A9A2762EEA9811D5D08545D1EE3052A71A3B7B36F1008B947696FE95C6E81C ] SRTSP           C:\Windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x64\SRTSP64.SYS
10:59:26.0645 0x2d64  SRTSP - ok
10:59:26.0660 0x2d64  [ 0E76CEF892C45734F7AED09FDDF35D4D, C25AF31E411AC3A090859C883132B9AE6A80C8D791168FF219BC0895E35A0359 ] SRTSPX          C:\Windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x64\SRTSPX64.SYS
10:59:26.0670 0x2d64  SRTSPX - ok
10:59:26.0700 0x2d64  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:59:26.0730 0x2d64  srv - ok
10:59:26.0755 0x2d64  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:59:26.0780 0x2d64  srv2 - ok
10:59:26.0800 0x2d64  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:59:26.0815 0x2d64  srvnet - ok
10:59:26.0840 0x2d64  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:59:26.0870 0x2d64  SSDPSRV - ok
10:59:26.0880 0x2d64  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:59:26.0905 0x2d64  SstpSvc - ok
10:59:26.0930 0x2d64  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
10:59:26.0935 0x2d64  stexstor - ok
10:59:26.0960 0x2d64  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:59:27.0000 0x2d64  stisvc - ok
10:59:27.0020 0x2d64  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
10:59:27.0035 0x2d64  StorSvc - ok
10:59:27.0070 0x2d64  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
10:59:27.0080 0x2d64  storvsc - ok
10:59:27.0095 0x2d64  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
10:59:27.0105 0x2d64  swenum - ok
10:59:27.0135 0x2d64  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:59:27.0185 0x2d64  swprv - ok
10:59:27.0225 0x2d64  [ 52DC0048D667757A8A2E4C87182890AC, 7B43DF6DADFDDBBC5402477FE832052ADB6A39B90111CDA89B5E01CE900F55C5 ] SymDS           C:\Windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMDS64.SYS
10:59:27.0240 0x2d64  SymDS - ok
10:59:27.0280 0x2d64  [ 08AF51153E441687130B759A8F6892ED, C9DFC0667EF9CE7FACBBB0DE53BD6E0DC9E0ED582CB89FBB2E7FE91CEAC47C5B ] SymEFA          C:\Windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMEFA64.SYS
10:59:27.0305 0x2d64  SymEFA - ok
10:59:27.0366 0x2d64  [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
10:59:27.0386 0x2d64  SymEvent - ok
10:59:27.0431 0x2d64  [ 9731606207EB55259268CDA8C97D17A0, 4D78C1F5A28988B28336C7339801F3E723E2B86ED8C67EFF926C292DDF6D6296 ] SymIRON         C:\Windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x64\Ironx64.SYS
10:59:27.0451 0x2d64  SymIRON - ok
10:59:27.0481 0x2d64  [ 35854DB767D19CECB58BE70BAB3BCE42, CB81943FD46B33B6DA326620473138F0C6F17FA761F36AAC5FBD8E8A5C93CDC5 ] SYMNETS         C:\Windows\system32\Drivers\SEP\0C010FAD\0FAD.105\x64\SYMNETS.SYS
10:59:27.0501 0x2d64  SYMNETS - ok
10:59:27.0536 0x2d64  [ 4CDD7DF58730D23BA9CB5829A6E2ECEA, 89A2A1604C2BF985894000F51D9D376B32F1327197866850B5BF8640272DE828 ] SynthVid        C:\Windows\system32\DRIVERS\VMBusVideoM.sys
10:59:27.0561 0x2d64  SynthVid - ok
10:59:27.0631 0x2d64  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
10:59:27.0691 0x2d64  SysMain - ok
10:59:27.0706 0x2d64  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:59:27.0721 0x2d64  TabletInputService - ok
10:59:27.0751 0x2d64  [ 3B192513BAFB5AD2098C5A78034A05AE, 18F5A78C9C1E21E1E574737BB8EAA4B1B38D798E375B157801E2B421FF3717A2 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
10:59:27.0761 0x2d64  tap0901 - ok
10:59:27.0776 0x2d64  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:59:27.0806 0x2d64  TapiSrv - ok
10:59:27.0816 0x2d64  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
10:59:27.0846 0x2d64  TBS - ok
10:59:27.0921 0x2d64  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:59:27.0966 0x2d64  Tcpip - ok
10:59:28.0011 0x2d64  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:59:28.0051 0x2d64  TCPIP6 - ok
10:59:28.0071 0x2d64  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:59:28.0081 0x2d64  tcpipreg - ok
10:59:28.0166 0x2d64  [ 40C2F1FAEBF7D5E15A5F264B06D8CC70, AE4816932918E37AD33DBFFE51853B74FE9D1339AEF1B0BCE1C84EE07ADAD62F ] tcsd_win32.exe  C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe
10:59:28.0216 0x2d64  tcsd_win32.exe - detected UnsignedFile.Multi.Generic ( 1 )
10:59:30.0516 0x2d64  Detect skipped due to KSN trusted
10:59:30.0516 0x2d64  tcsd_win32.exe - ok
10:59:30.0721 0x2d64  [ 6F12E6B316F7481DE7FE0D735C39728F, 45F163AB886E39E93E3F489DE9EC370020486778F2C3BCE1B9D0AF60AC306E62 ] TdmService      C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
10:59:30.0831 0x2d64  TdmService - ok
10:59:30.0856 0x2d64  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:59:30.0871 0x2d64  TDPIPE - ok
10:59:30.0896 0x2d64  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:59:30.0926 0x2d64  TDTCP - ok
10:59:30.0951 0x2d64  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:59:30.0981 0x2d64  tdx - ok
10:59:31.0176 0x2d64  [ D095703A3CA7118203F92E2FEEB7D6B9, 89ECB3C2A8029BAC01410EE9AD51D813ED9CF1BDFA5935A0E276B224AFA35046 ] TeamViewer8     C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
10:59:31.0281 0x2d64  TeamViewer8 - ok
10:59:31.0316 0x2d64  [ 28404202DCCB7AEFE10C0B4EBC17C8CC, 6D4EC6C1FD67AB11D7176082AF8DCCAFB2938A4FA04B5FC53370ED2B4400E91A ] Teefer2         C:\Windows\system32\DRIVERS\Teefer.sys
10:59:31.0331 0x2d64  Teefer2 - ok
10:59:31.0366 0x2d64  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
10:59:31.0376 0x2d64  TermDD - ok
10:59:31.0421 0x2d64  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
10:59:31.0461 0x2d64  TermService - ok
10:59:31.0471 0x2d64  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:59:31.0496 0x2d64  Themes - ok
10:59:31.0516 0x2d64  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:59:31.0541 0x2d64  THREADORDER - ok
10:59:31.0556 0x2d64  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:59:31.0591 0x2d64  TrkWks - ok
10:59:31.0641 0x2d64  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:59:31.0681 0x2d64  TrustedInstaller - ok
10:59:31.0716 0x2d64  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:59:31.0746 0x2d64  tssecsrv - ok
10:59:31.0786 0x2d64  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:59:31.0831 0x2d64  TsUsbFlt - ok
10:59:31.0866 0x2d64  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
10:59:31.0881 0x2d64  TsUsbGD - ok
10:59:31.0921 0x2d64  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:59:31.0986 0x2d64  tunnel - ok
10:59:31.0996 0x2d64  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:59:32.0006 0x2d64  uagp35 - ok
10:59:32.0031 0x2d64  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:59:32.0071 0x2d64  udfs - ok
10:59:32.0091 0x2d64  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:59:32.0111 0x2d64  UI0Detect - ok
10:59:32.0136 0x2d64  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:59:32.0146 0x2d64  uliagpkx - ok
10:59:32.0181 0x2d64  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:59:32.0206 0x2d64  umbus - ok
10:59:32.0236 0x2d64  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
10:59:32.0261 0x2d64  UmPass - ok
10:59:32.0296 0x2d64  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
10:59:32.0331 0x2d64  UmRdpService - ok
10:59:32.0436 0x2d64  [ DF323C85A71B774EE5D3DEC723D27FDF, 3DE4233374C3B931EFCC2B6E360ABABAB5FC6FE7D269E979959E061E60A36536 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:59:32.0456 0x2d64  UNS - ok
10:59:32.0481 0x2d64  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:59:32.0521 0x2d64  upnphost - ok
10:59:32.0556 0x2d64  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
10:59:32.0566 0x2d64  USBAAPL64 - ok
10:59:32.0591 0x2d64  [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
10:59:32.0621 0x2d64  usbccgp - ok
10:59:32.0661 0x2d64  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:59:32.0691 0x2d64  usbcir - ok
10:59:32.0726 0x2d64  [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
10:59:32.0746 0x2d64  usbehci - ok
10:59:32.0776 0x2d64  [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:59:32.0801 0x2d64  usbhub - ok
10:59:32.0821 0x2d64  [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
10:59:32.0841 0x2d64  usbohci - ok
10:59:32.0866 0x2d64  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
10:59:32.0896 0x2d64  usbprint - ok
10:59:32.0906 0x2d64  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:59:32.0936 0x2d64  USBSTOR - ok
10:59:32.0946 0x2d64  [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:59:32.0961 0x2d64  usbuhci - ok
10:59:32.0991 0x2d64  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:59:33.0031 0x2d64  UxSms - ok
10:59:33.0056 0x2d64  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
10:59:33.0061 0x2d64  VaultSvc - ok
10:59:33.0096 0x2d64  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:59:33.0106 0x2d64  vdrvroot - ok
10:59:33.0126 0x2d64  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
10:59:33.0166 0x2d64  vds - ok
10:59:33.0186 0x2d64  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:59:33.0201 0x2d64  vga - ok
10:59:33.0211 0x2d64  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:59:33.0246 0x2d64  VgaSave - ok
10:59:33.0261 0x2d64  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:59:33.0271 0x2d64  vhdmp - ok
10:59:33.0306 0x2d64  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:59:33.0311 0x2d64  viaide - ok
10:59:33.0331 0x2d64  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
10:59:33.0361 0x2d64  VMBusHID - ok
10:59:33.0386 0x2d64  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:59:33.0396 0x2d64  volmgr - ok
10:59:33.0421 0x2d64  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:59:33.0441 0x2d64  volmgrx - ok
10:59:33.0461 0x2d64  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:59:33.0471 0x2d64  volsnap - ok
10:59:33.0501 0x2d64  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:59:33.0511 0x2d64  vsmraid - ok
10:59:33.0591 0x2d64  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
10:59:33.0656 0x2d64  VSS - ok
10:59:33.0681 0x2d64  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
10:59:33.0711 0x2d64  vwifibus - ok
10:59:33.0736 0x2d64  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:59:33.0771 0x2d64  W32Time - ok
10:59:33.0791 0x2d64  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:59:33.0811 0x2d64  WacomPen - ok
10:59:33.0836 0x2d64  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:59:33.0871 0x2d64  WANARP - ok
10:59:33.0891 0x2d64  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:59:33.0916 0x2d64  Wanarpv6 - ok
10:59:33.0991 0x2d64  [ D9211C457D9050604AE2467B3612B793, C6014A00C7F8337E3092C119A2E087D0497CA09C813225AB92F7AB3F28DD4622 ] Wave Authentication Manager Service C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
10:59:34.0031 0x2d64  Wave Authentication Manager Service - detected UnsignedFile.Multi.Generic ( 1 )
10:59:36.0442 0x2d64  Detect skipped due to KSN trusted
10:59:36.0442 0x2d64  Wave Authentication Manager Service - ok
10:59:36.0532 0x2d64  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:59:36.0582 0x2d64  wbengine - ok
10:59:36.0597 0x2d64  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:59:36.0617 0x2d64  WbioSrvc - ok
10:59:36.0632 0x2d64  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:59:36.0667 0x2d64  wcncsvc - ok
10:59:36.0687 0x2d64  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:59:36.0707 0x2d64  WcsPlugInService - ok
10:59:36.0732 0x2d64  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
10:59:36.0742 0x2d64  Wd - ok
10:59:36.0792 0x2d64  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:59:36.0817 0x2d64  Wdf01000 - ok
10:59:36.0842 0x2d64  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:59:36.0902 0x2d64  WdiServiceHost - ok
10:59:36.0907 0x2d64  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:59:36.0927 0x2d64  WdiSystemHost - ok
10:59:36.0962 0x2d64  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
10:59:36.0982 0x2d64  WebClient - ok
10:59:37.0007 0x2d64  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:59:37.0047 0x2d64  Wecsvc - ok
10:59:37.0067 0x2d64  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:59:37.0092 0x2d64  wercplsupport - ok
10:59:37.0097 0x2d64  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:59:37.0137 0x2d64  WerSvc - ok
10:59:37.0167 0x2d64  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:59:37.0192 0x2d64  WfpLwf - ok
10:59:37.0202 0x2d64  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:59:37.0212 0x2d64  WIMMount - ok
10:59:37.0237 0x2d64  WinDefend - ok
10:59:37.0242 0x2d64  WinHttpAutoProxySvc - ok
10:59:37.0302 0x2d64  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:59:37.0347 0x2d64  Winmgmt - ok
10:59:37.0407 0x2d64  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:59:37.0472 0x2d64  WinRM - ok
10:59:37.0527 0x2d64  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
10:59:37.0562 0x2d64  WinUsb - ok
10:59:37.0617 0x2d64  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:59:37.0662 0x2d64  Wlansvc - ok
10:59:37.0772 0x2d64  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:59:37.0822 0x2d64  wlidsvc - ok
10:59:37.0842 0x2d64  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:59:37.0857 0x2d64  WmiAcpi - ok
10:59:37.0882 0x2d64  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:59:37.0902 0x2d64  wmiApSrv - ok
10:59:37.0922 0x2d64  WMPNetworkSvc - ok
10:59:37.0952 0x2d64  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:59:37.0972 0x2d64  WPCSvc - ok
10:59:37.0987 0x2d64  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:59:38.0012 0x2d64  WPDBusEnum - ok
10:59:38.0027 0x2d64  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:59:38.0067 0x2d64  ws2ifsl - ok
10:59:38.0082 0x2d64  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
10:59:38.0112 0x2d64  wscsvc - ok
10:59:38.0142 0x2d64  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
10:59:38.0172 0x2d64  WSDPrintDevice - ok
10:59:38.0217 0x2d64  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\drivers\WSDScan.sys
10:59:38.0262 0x2d64  WSDScan - ok
10:59:38.0267 0x2d64  WSearch - ok
10:59:38.0362 0x2d64  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:59:38.0417 0x2d64  wuauserv - ok
10:59:38.0437 0x2d64  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:59:38.0457 0x2d64  WudfPf - ok
10:59:38.0502 0x2d64  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:59:38.0537 0x2d64  WUDFRd - ok
10:59:38.0557 0x2d64  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:59:38.0577 0x2d64  wudfsvc - ok
10:59:38.0622 0x2d64  [ EA0DFCD1345CADDA8B1AFC4ACAFA627F, FCF9DE59F55A4F6C5FB350DBC6E655C744890FB451DD0C0E402C9E8E36130F9B ] WvPCR           C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe
10:59:38.0642 0x2d64  WvPCR - ok
10:59:38.0677 0x2d64  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:59:38.0702 0x2d64  WwanSvc - ok
10:59:38.0737 0x2d64  ================ Scan global ===============================
10:59:38.0762 0x2d64  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:59:38.0807 0x2d64  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:59:38.0822 0x2d64  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:59:38.0847 0x2d64  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:59:38.0882 0x2d64  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:59:38.0897 0x2d64  [ Global ] - ok
10:59:38.0897 0x2d64  ================ Scan MBR ==================================
10:59:38.0907 0x2d64  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
10:59:39.0762 0x2d64  \Device\Harddisk0\DR0 - ok
10:59:39.0762 0x2d64  ================ Scan VBR ==================================
10:59:39.0787 0x2d64  [ 31883D6FE4EB8DCE9CFF4013FE3B4F20 ] \Device\Harddisk0\DR0\Partition1
10:59:39.0802 0x2d64  \Device\Harddisk0\DR0\Partition1 - ok
10:59:39.0817 0x2d64  [ 55141F2262155D38FA684D4E696F2EDE ] \Device\Harddisk0\DR0\Partition2
10:59:39.0832 0x2d64  \Device\Harddisk0\DR0\Partition2 - ok
10:59:39.0832 0x2d64  ================ Scan generic autorun ======================
10:59:39.0932 0x2d64  [ B10B692825D7FAE41CB7C3F92AE17233, C1F7B347CF04D5881E2F17FFB5C7AB8DD0EB83261166D0AD94E4C8843E2863A2 ] C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe
10:59:39.0997 0x2d64  RtHDVCpl - ok
10:59:40.0017 0x2d64  [ 725E327524A337421D07C531A2B96904, 72182E4306C132F65B5C720A9543E1E7748016CE9EC5C6125B9F081F007547FA ] C:\Windows\system32\igfxtray.exe
10:59:40.0027 0x2d64  IgfxTray - ok
10:59:40.0047 0x2d64  [ 34801F330C71FE67842E6D788222F677, 319887B37DB7B438AD7C8A772B963904E1DB428FDAFD08254D7C690239C89C78 ] C:\Windows\system32\hkcmd.exe
10:59:40.0062 0x2d64  HotKeysCmds - ok
10:59:40.0087 0x2d64  [ 74FDF7BD75DEC62036380713F903E151, 36547A7EAE12923160D26871A5E5E0E5D46278BBE013086EE55BEB1874E7C731 ] C:\Windows\system32\igfxpers.exe
10:59:40.0102 0x2d64  Persistence - ok
10:59:40.0127 0x2d64  [ 594A517703DA8709203223F5B7438DF8, CE0CEDE04546831591DFAB88BDDAF89409552264E671F0EDE6212016C990FB6B ] C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
10:59:40.0142 0x2d64  TdmNotify - ok
10:59:40.0197 0x2d64  [ A24B9F75B9535B7CCDDC1E2DE7CBF64F, 6E7F259709BEF6C89E3BE19C02707DF88FB71029AFA9011D032665BDB5D5F308 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
10:59:40.0217 0x2d64  USB3MON - ok
10:59:40.0267 0x2d64  [ BB43C092AE2CC1B02E59FB259247D26E, E6AF6F29E9145C317972617284EF2B52C40933C4F1E0936DDDE7567929481408 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
10:59:40.0277 0x2d64  IAStorIcon - ok
10:59:40.0357 0x2d64  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:59:40.0382 0x2d64  Adobe ARM - ok
10:59:40.0447 0x2d64  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:59:40.0497 0x2d64  Sidebar - ok
10:59:40.0522 0x2d64  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:59:40.0547 0x2d64  mctadmin - ok
10:59:40.0567 0x2d64  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:59:40.0597 0x2d64  Sidebar - ok
10:59:40.0602 0x2d64  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:59:40.0617 0x2d64  mctadmin - ok
10:59:40.0667 0x2d64  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
10:59:40.0682 0x2d64  swg - ok
10:59:40.0767 0x2d64  [ B4B4AC96FA230F7D6BCD72E90E4B49E0, CD73446F0961614F334689C6548A20F39FFCA480AE12708820D001C847053E49 ] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe
10:59:40.0802 0x2d64  Adobe Acrobat Synchronizer - ok
10:59:40.0807 0x2d64  [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
10:59:40.0812 0x2d64  swg - ok
10:59:40.0812 0x2d64  Waiting for KSN requests completion. In queue: 48
10:59:41.0812 0x2d64  Waiting for KSN requests completion. In queue: 48
10:59:42.0812 0x2d64  Waiting for KSN requests completion. In queue: 48
10:59:43.0857 0x2d64  AV detected via SS2: Symantec Endpoint Protection, C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin\WSCSavNotifier.exe ( 12.1.4013.4013 ), 0x71000 ( enabled : updated )
10:59:43.0862 0x2d64  FW detected via SS2: Symantec Endpoint Protection, C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.4013.4013.105\Bin64\Smc.exe ( 12.1.4013.4013 ), 0x41010 ( enabled )
10:59:46.0557 0x2d64  ============================================================
10:59:46.0557 0x2d64  Scan finished
10:59:46.0557 0x2d64  ============================================================
10:59:46.0567 0x1bf0  Detected object count: 0
10:59:46.0567 0x1bf0  Actual detected object count: 0
         

Alt 14.10.2014, 08:05   #8
schrauber
/// the machine
/// TB-Ausbilder
 

userinit.exe Verdacht auf Virenbefall im Netzwerk - Standard

userinit.exe Verdacht auf Virenbefall im Netzwerk



ich seh nix in den Logs
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.10.2014, 11:19   #9
baschi35
 
userinit.exe Verdacht auf Virenbefall im Netzwerk - Standard

userinit.exe Verdacht auf Virenbefall im Netzwerk



Wunderbar, danke für die Hilfe. Gespendet wurde auch (von einer anderen Email-Adresse, aber der besagte Betrag )

Alt 15.10.2014, 18:52   #10
schrauber
/// the machine
/// TB-Ausbilder
 

userinit.exe Verdacht auf Virenbefall im Netzwerk - Standard

userinit.exe Verdacht auf Virenbefall im Netzwerk



Ich würde auf jeden Fall zugänge ändern und das Ganze im Auge behalten
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu userinit.exe Verdacht auf Virenbefall im Netzwerk
adobe, bho, bonjour, bot, computer, explorer, flash player, google, hijackthis, hängen, internet, internet explorer, kunde, logfile, netzwerk, pdf, scan, security, senden, server, software, symantec, usb, viren, windows, wireshark



Ähnliche Themen: userinit.exe Verdacht auf Virenbefall im Netzwerk


  1. Möglicher Virenbefall im kompletten Netzwerk
    Antiviren-, Firewall- und andere Schutzprogramme - 27.07.2015 (4)
  2. Verdacht auf Virenbefall
    Log-Analyse und Auswertung - 20.08.2014 (3)
  3. Windows Vista -64 Bit - Verdacht auf Virenbefall
    Log-Analyse und Auswertung - 20.08.2014 (15)
  4. Windows 7: Eventueller Virenbefall durch Netzwerk?
    Log-Analyse und Auswertung - 04.07.2014 (11)
  5. Starker Verdacht auf Virenbefall
    Plagegeister aller Art und deren Bekämpfung - 30.05.2014 (13)
  6. Verdacht auf Virenbefall
    Log-Analyse und Auswertung - 10.12.2013 (14)
  7. Windows 7: Druckerfreigabe im Netzwerk nicht sichtbar/möglich, Virenbefall
    Log-Analyse und Auswertung - 09.12.2013 (9)
  8. Win 7 - Verdacht auf Virenbefall, Internet spinnt
    Plagegeister aller Art und deren Bekämpfung - 06.09.2013 (5)
  9. Verdacht auf Virenbefall - Internet langsam/laggt
    Plagegeister aller Art und deren Bekämpfung - 28.03.2013 (13)
  10. Verdacht auf Virenbefall - Rechner ist langsamer geworden
    Plagegeister aller Art und deren Bekämpfung - 07.03.2013 (6)
  11. Datensicherung bei Virenbefall über LAN-Netzwerk sicher?
    Plagegeister aller Art und deren Bekämpfung - 27.11.2012 (7)
  12. verdacht auf virenbefall bitte um unterstützung
    Log-Analyse und Auswertung - 06.06.2012 (5)
  13. Verdacht auf Virenbefall
    Log-Analyse und Auswertung - 21.02.2010 (4)
  14. Rechner friert ein und Browser stürzt ab. Verdacht auf Virenbefall.
    Plagegeister aller Art und deren Bekämpfung - 28.01.2010 (2)
  15. Virenbefall im ganzen Netzwerk
    Plagegeister aller Art und deren Bekämpfung - 23.10.2008 (1)
  16. Virenbefall im Netzwerk .. ich auch?
    Log-Analyse und Auswertung - 01.04.2007 (1)
  17. verdacht auf virenbefall aber ich finde nix
    Plagegeister aller Art und deren Bekämpfung - 25.01.2006 (3)

Zum Thema userinit.exe Verdacht auf Virenbefall im Netzwerk - Hallo liebes Trojaner-Board.de Team, die Maildomain eines Kunden wurde vor geraumer Zeit Blacklisted. Als Grund wurde eine Zeus Bot im Netzwerk genannt. Dieser konnten wir leider nicht ausfindig machen, da - userinit.exe Verdacht auf Virenbefall im Netzwerk...
Archiv
Du betrachtest: userinit.exe Verdacht auf Virenbefall im Netzwerk auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.