Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Spammail durch meinen Account

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 24.08.2015, 08:43   #1
halifax09
 
Spammail durch meinen Account - Standard

Spammail durch meinen Account



Hallo,

habe festgestellt, dass mit meiner Mailadresse Spammails verteilt wurden.

Auch an meine eigene Adresse wurden Mails gesendet.

In der Verteilerliste der Spammail habe ich dann alles mir bekannte Mailadressen gefunden, welche wiederum aus Verteilerlisten von mir empfangener Mails stammen müssen.

Die Mailkonten sind bei 1&1 und ich arbeite mit Outlook unter Windows 7.

Wo kann das Leck sein?

Wie kann man sich dagegen schützen?

Gruß
halifax

Geändert von halifax09 (24.08.2015 um 08:48 Uhr)

Alt 24.08.2015, 09:00   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Spammail durch meinen Account - Standard

Spammail durch meinen Account



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 24.08.2015, 10:21   #3
halifax09
 
Spammail durch meinen Account - Standard

Spammail durch meinen Account



Hallo,

hier die Logdateien:


FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-08-2015
durchgeführt von halifax (Administrator) auf MIRACULIX (24-08-2015 09:41:31)
Gestartet von F:\Software\Farbar Recovery Scan Tool
Geladene Profile: halifax (Verfügbare Profile: halifax)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Flexera Software, Inc.) C:\SEFlex\Program\lmgrd.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Flexera Software, Inc.) C:\SEFlex\Program\lmgrd.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(Siemens PLM Software Inc.) C:\SEFlex\Program\selmd.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
(SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
(SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
(Star Finanz - Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
() C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe
(Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\OmniPage19\OpAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Evoluent) C:\Program Files\Evoluent\VMouse\V4\EvoMouseExec.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
() C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\HPPU.exe
() C:\jAnrufmonitor\jam.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Designjet ePrintAndShare\HPePSUploader.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\agent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Create 8\PdfCreate8Hook.exe
(Flexera Software LLC.) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Designjet ePrintAndShare\HPePSPortMonitorCommunicator.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDH.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieRpcSs.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\32\SbieSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieCrypto.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\wbengine.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe [2907240 2010-10-04] (Realtek Semiconductor Corp.)
HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [1875048 2010-08-05] ()
HKLM\...\Run: [TdmNotify] => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe [257392 2011-05-27] (Wave Systems Corp.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112408 2011-08-09] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-01] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [PUStarter] => C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\Appinterfaces\HPPUDS.exe [73728 2013-08-07] (Hewlett-Packard Company)
HKLM-x32\...\Run: [RunPUTasktray] => C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\HPPU.exe [68608 2013-08-07] (Hewlett-Packard Company)
HKLM-x32\...\Run: [ItalusUploader] => C:\Program Files (x86)\Hewlett-Packard\HP Designjet ePrintAndShare\HPePSUploader.exe [398336 2013-06-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [OmniPage Preload] => C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe [2922824 2013-04-22] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Nuance OmniPage Ultimate-reminder] => C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe [334152 2013-01-14] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFCreHook] => C:\Program Files (x86)\Nuance\PDF Create 8\pdfcreate8hook.exe [1029960 2013-03-12] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF8 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Create 8\RegistryController.exe [180040 2013-03-12] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [196648 2014-09-26] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Speedup_umh] => C:\Program Files (x86)\Avira\AviraSpeedup\Speedup_umh.exe [194832 2015-06-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\spba: C:\Program Files\Common Files\SPBA\homefus2.dll (UPEK Inc.)
HKU\S-1-5-21-7558648-862555400-3682171913-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-7558648-862555400-3682171913-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-7558648-862555400-3682171913-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [784392 2014-05-29] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-7558648-862555400-3682171913-1000\...\Run: [HotFolder.FR12] => "C:\Program Files (x86)\ABBYY FineReader 12\HotFolder.exe" /AutoRun
HKU\S-1-5-21-7558648-862555400-3682171913-1000\...\Run: [OpAgent] => C:\Program Files (x86)\Nuance\OmniPage19\OpAgent.exe [2459976 2013-04-22] (Nuance Communications, Inc.)
HKU\S-1-5-21-7558648-862555400-3682171913-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [43816 2015-04-26] (Apple Inc.)
Lsa: [Authentication Packages] msv1_0 wvauth
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Evoluent Mouse Manager.lnk [2013-12-02]
ShortcutTarget: Evoluent Mouse Manager.lnk -> C:\Windows\Installer\{0F8F4447-1F0B-4703-9BD5-53F0274CE856}\_B5CB566BBFE908A7621D0F.exe ()
Startup: C:\Users\halifax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\jAnrufmonitor 5.0.lnk [2015-08-03]
ShortcutTarget: jAnrufmonitor 5.0.lnk -> C:\jAnrufmonitor\jam.exe ()
Startup: C:\Users\halifax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-08-19]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [EnabledUnlockedFDEIconOverlay] -> {30D3C2AF-9709-4D05-9CF4-13335F3C1E4A} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2011-05-27] (Wave Systems Corp.)
ShellIconOverlayIdentifiers: [UninitializedFdeIconOverlay] -> {CF08DA3E-C97D-4891-A66B-E39B28DD270F} => C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmIconOverlay.dll [2011-05-27] (Wave Systems Corp.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ACHTUNG
HKU\S-1-5-21-7558648-862555400-3682171913-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-7558648-862555400-3682171913-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USREL/8
SearchScopes: HKLM -> DefaultScope {47CCFCEC-808A-4E2E-8958-C17A54585DD6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {47CCFCEC-808A-4E2E-8958-C17A54585DD6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {47CCFCEC-808A-4E2E-8958-C17A54585DD6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {47CCFCEC-808A-4E2E-8958-C17A54585DD6} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-7558648-862555400-3682171913-1000 -> DefaultScope {47CCFCEC-808A-4E2E-8958-C17A54585DD6} URL = 
SearchScopes: HKU\S-1-5-21-7558648-862555400-3682171913-1000 -> {47CCFCEC-808A-4E2E-8958-C17A54585DD6} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-30] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-30] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: ZeonIEEventHelper Class -> {C7DA0384-42AA-428c-B832-88AC343DE1A8} -> C:\Program Files (x86)\Nuance\PDF Create 8\Bin\GZeonIEFavClient.dll [2013-03-07] (Zeon Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Nuance PDF - {BCCE15AE-AC7E-4bc9-94AF-2A714A412BCB} - C:\Program Files (x86)\Nuance\PDF Create 8\Bin\GZeonIEFavClient.dll [2013-03-07] (Zeon Corporation)
Handler-x32: HPPUDCS - {522CC7E5-F378-4F97-8BD7-125D17F5B332} - C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\APP\hplidcsapp.dll [2013-08-07] (Hewlett-Packard Company)
Handler-x32: hppufile - {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll [2013-08-07] (Hewlett-Packard Company)
Handler-x32: hppusam - {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll [2013-08-07] (Hewlett-Packard Company)
Handler-x32: hppuzip - {4BCA8E33-E18F-4358-9F6F-3C7206BCF72F} - C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\hpluCtrls.dll [2013-08-07] (Hewlett-Packard Company)
Tcpip\..\Interfaces\{2F786E70-33E7-48A6-868F-A7A02016FB47}: [NameServer] 194.25.2.129,194.25.0.53

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-30] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\halifax\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\halifax\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-17]
CHR Extension: (Google Search) - C:\Users\halifax\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-17]
CHR Extension: (Gmail) - C:\Users\halifax\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-17]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-07-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-27] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
R2 FLEXlm License Manager; C:\SEFlex\Program\lmgrd.exe [1379664 2011-08-24] (Flexera Software, Inc.)
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [64552 2014-08-14] (Haufe-Lexware GmbH & Co. KG)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [Datei ist nicht signiert]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [369952 2009-09-17] (SafeNet, Inc.)
R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1246496 2009-09-17] (SafeNet, Inc)
R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [292128 2009-09-17] (SafeNet, Inc.)
S2 Solid Edge; C:\SEFlex\Program\lmgrd.exe [1379664 2011-08-24] (Flexera Software, Inc.)
R2 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S2 tcsd_win32.exe; C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe [1633280 2011-02-17] () [Datei ist nicht signiert]
R2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1600000 2011-07-01] (Wave Systems Corp.) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-04] (Avira Operations GmbH & Co. KG)
R3 EvoMouseDriverFilterHidUsb; C:\Windows\System32\DRIVERS\EvoMouseDriverFilterHidUsb.sys [25144 2010-06-23] (Evoluent)
R3 EvoMouseDriverMini; C:\Windows\System32\drivers\EvoMouseDriverMini.sys [22584 2010-06-23] ()
R3 hhdspmc64; C:\Windows\System32\DRIVERS\hhdspmc64.sys [39472 2010-10-13] (HHD Software Ltd.)
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHD64.sys [1980648 2010-10-04] (Realtek Semiconductor Corp.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [58792 2009-09-17] (SafeNet, Inc.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-24 09:41 - 2015-08-24 09:41 - 00000000 ____D C:\FRST
2015-08-24 08:04 - 2015-08-24 08:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 9.5
2015-08-19 19:00 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 19:00 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 19:00 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 19:00 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-15 15:56 - 2015-08-15 15:56 - 00001755 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-15 15:56 - 2015-08-15 15:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-15 15:55 - 2015-08-15 15:56 - 00000000 ____D C:\Program Files\iTunes
2015-08-15 15:55 - 2015-08-15 15:55 - 00000000 ____D C:\Program Files\iPod
2015-08-15 15:55 - 2015-08-15 15:55 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-15 15:50 - 2015-08-15 15:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-08-14 17:21 - 2015-08-14 17:21 - 00000000 ____D C:\OPDE770.tmp
2015-08-12 19:07 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 19:07 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 07:41 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 07:41 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 07:41 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 07:41 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 07:41 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 07:41 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 07:41 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 07:41 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 07:41 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 07:41 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 07:41 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 07:41 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 07:41 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 07:41 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 07:41 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 07:41 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 07:41 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 07:41 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 07:41 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 07:41 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 07:41 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 07:41 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 07:41 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 07:41 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 07:41 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 07:41 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 07:41 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 07:41 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 07:41 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 07:41 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 07:41 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 07:41 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 07:41 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 07:41 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 07:41 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 07:41 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 07:41 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 07:41 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 07:41 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 07:41 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 07:41 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 07:41 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 07:41 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 07:41 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 07:41 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 07:41 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 07:41 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 07:41 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 07:41 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 07:41 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 07:41 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 07:41 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 07:41 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 07:41 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 07:41 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 07:41 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 07:41 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 07:41 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 07:41 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 07:41 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 07:41 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 07:41 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 07:41 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 07:41 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 07:41 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 07:41 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 07:41 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 07:41 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 07:41 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 07:41 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 07:41 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 07:41 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 07:41 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 07:41 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 07:41 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 07:41 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 07:41 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 07:41 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 07:41 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 07:41 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 07:41 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 07:41 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 07:41 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 07:41 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 07:41 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 07:41 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 07:41 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 07:41 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 07:41 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 07:41 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 07:41 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 07:41 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 07:41 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 07:41 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 07:41 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 07:41 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 07:41 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 07:41 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 07:41 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 07:41 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 07:41 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 07:41 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 07:41 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 07:41 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 07:41 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 07:41 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 07:41 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 07:41 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 07:40 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 07:40 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 07:40 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 07:40 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 07:40 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 07:40 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 07:40 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 07:40 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 07:40 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 07:40 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 07:40 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 07:40 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 07:40 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 07:40 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 07:40 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 07:40 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 07:40 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 07:40 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 07:40 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 07:40 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 07:40 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 07:40 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 07:40 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 07:40 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 07:40 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 07:40 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 07:40 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 07:40 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 07:40 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 07:40 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 07:40 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 07:40 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 07:40 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 07:40 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 07:40 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 07:40 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 07:40 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 07:40 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 07:40 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 07:40 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 07:40 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 07:40 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 07:40 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 07:40 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 07:40 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 07:40 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 07:40 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 07:40 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 07:40 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 07:40 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-03 14:06 - 2015-08-03 14:06 - 00000000 ____D C:\Users\halifax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jAnrufmonitor 5.0
2015-07-31 11:01 - 2015-07-31 11:01 - 00000000 _____ C:\Windows\SysWOW64\RENA354.tmp
2015-07-30 16:04 - 2015-08-24 08:19 - 00000000 ____D C:\Users\halifax\Documents\jAnrufmonitor
2015-07-30 16:04 - 2015-07-30 16:03 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-07-30 15:52 - 2015-08-03 16:03 - 00000000 ____D C:\jAnrufmonitor
2015-07-29 10:08 - 2015-07-29 10:08 - 00000000 ____D C:\OPD9CEF.tmp
2015-07-29 10:02 - 2015-07-29 10:02 - 00000000 ____D C:\OPD8FC5.tmp

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-24 09:41 - 2012-03-09 20:11 - 00000000 ____D C:\ProgramData\Temp
2015-08-24 09:40 - 2012-03-27 08:07 - 00000000 ____D C:\Users\halifax\Documents\Outlook-Dateien
2015-08-24 09:10 - 2012-04-19 07:03 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-24 08:56 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-24 08:56 - 2009-07-14 06:45 - 00021312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-24 08:18 - 2012-03-09 19:48 - 02061275 _____ C:\Windows\WindowsUpdate.log
2015-08-24 08:07 - 2013-04-26 00:16 - 00000000 ____D C:\Users\halifax\AppData\Local\D7E2E047-CDE4-4C8C-8E69-30E9564F9814.aplzod
2015-08-24 08:05 - 2015-07-04 19:28 - 00000000 ___RD C:\Users\halifax\iCloudDrive
2015-08-24 08:04 - 2013-11-11 18:27 - 00000000 ____D C:\Program Files (x86)\StarMoney 9.0 S-Edition
2015-08-24 08:03 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-24 08:03 - 2009-07-14 06:51 - 00099153 _____ C:\Windows\setupact.log
2015-08-20 09:05 - 2012-04-14 14:25 - 00007626 _____ C:\Users\halifax\AppData\Local\Resmon.ResmonCfg
2015-08-20 06:31 - 2012-03-16 15:21 - 00003554 _____ C:\Windows\Sandboxie.ini
2015-08-19 19:38 - 2014-09-26 09:37 - 00000000 ____D C:\Users\halifax\Documents\OneNote-Notizbücher
2015-08-19 06:51 - 2015-01-11 20:31 - 00002783 _____ C:\Users\Public\Desktop\Lexware financial office.lnk
2015-08-19 06:51 - 2012-03-24 11:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2015-08-15 15:55 - 2014-10-26 13:40 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-08-15 15:55 - 2013-04-26 00:14 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-14 14:46 - 2012-03-24 11:05 - 00000000 ____D C:\ProgramData\Lexware
2015-08-14 14:39 - 2014-02-03 15:58 - 00000000 ____D C:\Users\halifax\AppData\Roaming\apsec
2015-08-12 21:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-12 19:50 - 2014-02-03 15:45 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-12 19:25 - 2009-07-14 06:45 - 00428920 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 19:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-08-12 19:03 - 2013-10-06 17:26 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 19:01 - 2012-03-19 10:59 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 15:10 - 2012-04-19 07:03 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-12 15:10 - 2012-04-19 07:03 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-12 15:10 - 2012-03-09 19:50 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-09 18:07 - 2010-11-21 08:50 - 00700168 _____ C:\Windows\system32\perfh007.dat
2015-08-09 18:07 - 2010-11-21 08:50 - 00148964 _____ C:\Windows\system32\perfc007.dat
2015-08-09 18:07 - 2009-07-14 07:13 - 01621308 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-04 08:47 - 2012-08-01 08:11 - 00000000 ____D C:\Users\halifax\Documents\HPrintJobsStorage
2015-08-03 08:24 - 2012-04-14 17:05 - 00000000 ____D C:\Temp
2015-07-31 11:01 - 2012-03-09 20:01 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-30 16:03 - 2012-03-09 20:02 - 00000000 ____D C:\Program Files\Java
2015-07-30 15:48 - 2013-04-25 21:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-27 07:21 - 2013-04-25 21:50 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-27 07:21 - 2013-04-25 21:50 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-10-14 18:14 - 2013-11-19 18:23 - 0000600 _____ () C:\Users\halifax\AppData\Local\PUTTY.RND
2012-04-14 14:25 - 2015-08-20 09:05 - 0007626 _____ () C:\Users\halifax\AppData\Local\Resmon.ResmonCfg
2012-04-14 13:13 - 2012-04-14 13:13 - 0000000 _____ () C:\Users\halifax\AppData\Local\rx_image32.Cache

Einige Dateien in TEMP:
====================
C:\Users\halifax\AppData\Local\Temp\2f0y5zym.dll
C:\Users\halifax\AppData\Local\Temp\440cauy2.dll
C:\Users\halifax\AppData\Local\Temp\AskSLib.dll
C:\Users\halifax\AppData\Local\Temp\avgnt.exe
C:\Users\halifax\AppData\Local\Temp\d15xynna.dll
C:\Users\halifax\AppData\Local\Temp\d2zqqsiw.dll
C:\Users\halifax\AppData\Local\Temp\elrflwjo.dll
C:\Users\halifax\AppData\Local\Temp\hjrjrab2.dll
C:\Users\halifax\AppData\Local\Temp\hqrtvn0d.dll
C:\Users\halifax\AppData\Local\Temp\jna2327170774945663529.dll
C:\Users\halifax\AppData\Local\Temp\jna2942623285527526049.dll
C:\Users\halifax\AppData\Local\Temp\jna2966852472924258017.dll
C:\Users\halifax\AppData\Local\Temp\jna3509224287271611035.dll
C:\Users\halifax\AppData\Local\Temp\jna3623595637707095902.dll
C:\Users\halifax\AppData\Local\Temp\jna3865426379731306127.dll
C:\Users\halifax\AppData\Local\Temp\jna4668421206740494391.dll
C:\Users\halifax\AppData\Local\Temp\jna4696705230850570242.dll
C:\Users\halifax\AppData\Local\Temp\jna6140871373146773400.dll
C:\Users\halifax\AppData\Local\Temp\jna6289084436984220030.dll
C:\Users\halifax\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\halifax\AppData\Local\Temp\jre-7u3-windows-i586-iftw.exe
C:\Users\halifax\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe
C:\Users\halifax\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\halifax\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\halifax\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\halifax\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\halifax\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\halifax\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\halifax\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\halifax\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\halifax\AppData\Local\Temp\LMkRstPt.exe
C:\Users\halifax\AppData\Local\Temp\neoSearch64.exe
C:\Users\halifax\AppData\Local\Temp\repair4.exe
C:\Users\halifax\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\halifax\AppData\Local\Temp\sdpm3h2n.dll
C:\Users\halifax\AppData\Local\Temp\Setup.exe
C:\Users\halifax\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-23 15:22

==================== Ende von Ergebnis ============================
         
--- --- ---


Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-08-2015
durchgeführt von halifax (2015-08-24 09:42:15)
Gestartet von F:\Software\Farbar Recovery Scan Tool
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-7558648-862555400-3682171913-500 - Administrator - Disabled)
Gast (S-1-5-21-7558648-862555400-3682171913-501 - Limited - Disabled)
halifax (S-1-5-21-7558648-862555400-3682171913-1000 - Administrator - Enabled) => C:\Users\halifax

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-7558648-862555400-3682171913-1000\...\Amazon Amazon Music) (Version: 3.8.1.754 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}) (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 1.6.10.1246 - Avira Operations GmbH & Co. KG)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
BioAPI Framework (Version: 1.0.2 - Dell Inc.) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.8.0.1 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.9.0.6 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.8.0.17 - Canon Inc.)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities MyCamera DC (HKLM-x32\...\MyCameraDC) (Version: 7.2.0.5 - Canon Inc.)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (HKLM-x32\...\RemoteCaptureTask) (Version: 1.8.0.1 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.9.0.1 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.6.0.15 - Canon Inc.)
cobra Adress PLUS 8.0 (HKLM-x32\...\Adress PLUS 8.0 deinstall) (Version:  - )
CrystalDiskInfo 6.0.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.0.1 - Crystal Dew World)
Custom (Version: 01.00.00.000 - Wave Systems Corp.) Hidden
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.4418 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
dakota.ag (HKLM-x32\...\dakota.ag) (Version: 6.0.30 - ITSG GmbH)
dakota.ag (x32 Version: 6.0.30 - ITSG GmbH) Hidden
Data Lifeguard Diagnostic for Windows 1.24 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
Dell Data Protection | Access (HKLM-x32\...\{A7D91856-258D-4C87-8041-B170851CE432}) (Version: 2.1.00001.002 - Dell Inc.)
Dell Data Protection | Access (Version: 02.01.01.002 - Wave Systems Corp) Hidden
Dell Data Protection | Access | Drivers (HKLM-x32\...\{4E4E65EE-C456-45AC-B5AD-C62C3A325BD0}) (Version: 2.01.018 - Dell Inc.)
Dell Data Protection | Access | Middleware (HKLM-x32\...\{841CBDD5-4BB5-403E-AEE3-2FADC3890BE8}) (Version: 2.01.010 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
DellAccess (Version: 01.01.00.072 - Wave Systems Corp.) Hidden
Device IP Utility 5.0.1 (HKLM-x32\...\Device IP Utility) (Version: 5.0.1 - Schneider Electric)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular 13.1.1.8531k) (Version: 16.0.15910 - Landesfinanzdirektion Thüringen)
EMBASSY Security Center (Version: 04.03.00.121 - Wave Systems Corp.) Hidden
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Evoluent Mouse Manager (HKLM\...\{0F8F4447-1F0B-4703-9BD5-53F0274CE856}) (Version: 4.0.0 - Evoluent)
FileZilla Client 3.7.2 (HKLM-x32\...\FileZilla Client) (Version: 3.7.2 - Tim Kosse)
FluidDraw S5 Version 5.3e (HKLM-x32\...\FluidDraw S5 Version 5.3e) (Version:  - )
Gemalto (Version: 01.64.01.0010 - Wave Systems Corp) Hidden
HD Tune Pro 5.50 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
HP Designjet ePrint & Share (HKLM-x32\...\{4D1B7E4E-47B1-40E3-9E15-C50E42D81610}) (Version: 1.0.7 - Hewlett-Packard)
HP Designjet T790 und T1300-Druckerserie (HKLM-x32\...\HPDesignjetT790) (Version:  - Hewlett-Packard Co.)
HP ICC Profiles_x64 (HKLM\...\{30507920-BC51-470E-B4D8-D6E7251AA7C9}) (Version: 2.0.0 - Hewlett Packard, Co.)
HP Proactive Services (HKLM-x32\...\{7527CD9F-894E-47B3-9AFB-3E680E007051}) (Version: 1.6.0.37 - Ihr Firmenname)
HP Utility (HKLM-x32\...\{16A5318F-B334-428A-BFEA-16BFB1E3EE27}) (Version: 1.16.2.0 - Hewlett-Packard)
HP Webregistrierung (HKLM-x32\...\{167AA1D5-8412-44BC-A003-B7A3662D1CE2}) (Version: 1.3.0.0 - Hewlett Packard, Co.)
HP Webregistrierung (HKLM-x32\...\{D2FF897E-4A99-446E-8BB4-DD99CD496838}) (Version: 1.2.0.0 - Hewlett Packard, Co.)
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
IndraSize UnInstall (HKLM-x32\...\{DC7F039D-27B9-468B-B7D4-12B55F7CB855}) (Version: 05V13 - Bosch-Rexroth)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Network Connections 15.7.176.1 (HKLM\...\PROSetDX) (Version: 15.7.176.1 - Intel)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
jAnrufmonitor 5.0 (HKLM-x32\...\jam50-64) (Version:  - Thilo Brandt)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lexware Elster (x32 Version: 15.23.00.0023 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Elster 2015 (HKLM-x32\...\{3a5efc01-edc5-45bd-bd13-dec736cdc85d}) (Version: 15.23.0.23 - Haufe-Lexware GmbH & Co.KG)
Lexware financial office 2015 (x32 Version: 19.52.00.0286 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware financial office plus 2015 (HKLM-x32\...\{52030eba-338c-4953-867d-005d3ca7a6f6}) (Version: 19.4.0.134 - Haufe-Lexware GmbH & Co.KG)
Lexware Info Service (x32 Version: 5.00.00.0044 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst (x32 Version: 4.00.00.0005 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware online banking (x32 Version: 22.00.00.0035 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware PDF-Export 5 (x32 Version: 5.00.00.0005 - Haufe-Lexware GmbH & Co.KG) Hidden
Logitech SetPoint 6.32 (HKLM\...\sp6) (Version: 6.32.20 - Logitech)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 Primary Interop Assemblies (HKLM-x32\...\{90140000-1105-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1024 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Connector/ODBC 3.51 (HKLM-x32\...\{BBFD9BC5-BB9A-4F9C-AD77-0BE3897FFE0F}) (Version: 3.51.30 - Oracle Corporation)
NTRU TCG Software Stack (Version: 2.1.36 - Security Innovation, Inc.) Hidden
Nuance OmniPage Ultimate (HKLM-x32\...\{419512F9-D5E7-4ED2-BF99-E7F2C0176B6A}) (Version: 19.00.0000 - Nuance Communications, Inc.)
Nuance PDF Create 8 (HKLM\...\{D8AD8411-A273-4560-B756-A418ED4910AD}) (Version: 8.10.6293 - Nuance Communications, Inc.)
Nuance PDF Create 8 (HKLM-x32\...\{D8AD8411-A273-4560-B756-A418ED4910AD}) (Version: 8.10.6293 - Nuance Communications, Inc.)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5929 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\NVIDIA nView Desktop Manager) (Version: 6.14.10.13534 - NVIDIA Corporation)
Office Manager DMS (HKLM-x32\...\{753524E2-ABF5-4494-B272-4C12C6A0C9C1}) (Version: 13.0 - Softwarebüro Krekeler)
PC-CCID (Version: 2.0.0 - Gemalto) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Preboot Manager (Version: 03.03.00.074 - Wave Systems Corp.) Hidden
Private Information Manager (Version: 07.01.00.022 - Wave Systems Corp.) Hidden
QNAP Qfinder (HKLM-x32\...\QNAP_FINDER) (Version: 4.0.1.0530 - QNAP Systems, Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5883 - Realtek Semiconductor Corp.)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Sandboxie 4.12 (64-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
Scansoft PDF Create (x32 Version:  - ) Hidden
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.7 - Seagate Technology)
Sentinel Protection Installer 7.6.1 (HKLM-x32\...\{7B1AA2AB-ACD2-45C7-B1B1-364BEA40615F}) (Version: 7.6.1 - SafeNet, Inc.)
SerialMon (HKLM-x32\...\SerialMon) (Version: 1.5 - Joakim Ögren)
Solid Edge License Manager (HKLM-x32\...\{1AC414BD-ADD0-4694-AE59-76D4606A74FA}) (Version: 104.00.00082 - Siemens)
Solid Edge ST4 (HKLM\...\{DE02B016-E096-437F-8D96-853BB36011D5}) (Version: 104.00.0405 - Siemens)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
SPBA 5.9 (Version: 5.9.4.6686 - UPEK Inc.) Hidden
StarMoney (x32 Version: 3.0.3.19 - StarFinanz) Hidden
StarMoney (x32 Version: 4.0.1.51 - StarFinanz) Hidden
StarMoney 8.0 S-Edition (HKLM-x32\...\{E509C158-BCB2-4B27-91D7-F3E172E77CD8}) (Version: 8.0 - Star Finanz GmbH)
StarMoney 9.0 S-Edition (HKLM-x32\...\{D4DAF13D-EF53-4901-880A-FD237805F7E9}) (Version: 9.0 - Star Finanz GmbH)
sv.net (HKLM-x32\...\sv.net) (Version: 15.0 - ITSG GmbH)
Trusted Drive Manager (Version: 4.1.1.312 - Wave Systems Corp.) Hidden
Upek Touchchip Fingerprint Reader (Version: 1.2.004 - Dell Inc.) Hidden
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Wave Infrastructure Installer (Version: 07.67.17.0010 - Wave Systems Corp) Hidden
Wave Support Software Installer (Version: 05.13.00.033 - Wave Systems Corp) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Dell Inc. PBADRV System  (09/11/2009 1.0.1.6) (HKLM\...\9512AA21B791B05A54E27065C45BBC417AB282DF) (Version: 09/11/2009 1.0.1.6 - Dell Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-7558648-862555400-3682171913-1000_Classes\CLSID\{91B5EC94-B557-3F93-4138-447DEDD09CFA}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)

==================== Wiederherstellungspunkte =========================

19-08-2015 19:00:16 Windows Update
24-08-2015 09:08:42 Windows-Sicherung

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2DD31D32-591F-4E74-B45E-916BEBD51568} - System32\Tasks\{9DA1481C-C6F1-4FCA-AD8A-DFF495686979} => pcalua.exe -a C:\Temp\IndraWorks_MLC_XLC_13V14_P4.exe -d C:\Temp
Task: {433385B7-C710-4B50-AE30-3675E779D58A} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [2015-06-17] (Avira Operations GmbH & Co. KG)
Task: {5D8DB72E-4283-43FE-92F0-A8FA1287B740} - System32\Tasks\{8033C38D-5C13-4CCD-AB98-E6B0C84D4777} => pcalua.exe -a F:\Software\IndraSize\IndraSize05V13\setup.exe -d F:\Software\IndraSize\IndraSize05V13
Task: {74D3276A-3215-4222-AFBE-056789CCF943} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {845BCCEB-7B73-482A-B8C0-DD5DCF1EB0DE} - System32\Tasks\iSCSIAgentAutoStartup => C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe [2013-05-30] ()
Task: {8E177339-B294-420D-A80C-C3B5F1F994CF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {E779A90D-703A-4A04-B472-E10B27BC4571} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-11 19:42 - 2013-05-30 05:50 - 01739472 _____ () C:\Program Files (x86)\QNAP\Qfinder\iSCSIAgent.exe
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-11-11 00:53 - 2010-11-11 00:53 - 00817136 _____ () C:\Program Files\Roxio\Roxio Burn\RBVirtualFolder64.dll
2011-10-07 11:39 - 2011-10-07 11:39 - 01304856 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2010-11-17 12:35 - 2010-11-17 12:35 - 00514544 _____ () C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
2015-05-28 14:21 - 2015-05-28 14:21 - 00163328 ____N () C:\jAnrufmonitor\jam.exe
2012-03-09 18:43 - 2010-08-05 02:13 - 00615016 _____ () C:\Program Files\NVIDIA Corporation\nView\nvshell.dll
2013-04-25 22:00 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\PATCHW32.dll
2014-08-01 13:47 - 2011-01-13 12:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\PATCHW32.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2010-11-25 00:44 - 2010-11-25 00:44 - 00375280 _____ () c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll
2014-09-11 15:09 - 2014-09-11 15:09 - 00176168 _____ () C:\Program Files (x86)\Lexware\Update Manager\Haufe.Core.Diagnostics.Logging.Targets.Etw.dll
2014-09-11 15:09 - 2014-09-11 15:09 - 00043048 _____ () C:\Program Files (x86)\Lexware\Update Manager\Haufe.Core.Diagnostics.Etw.dll
2014-10-16 06:59 - 2014-10-16 06:59 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2012-03-09 20:02 - 2010-11-06 01:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-03-26 18:20 - 1996-11-28 02:15 - 00022016 _____ () C:\Windows\SysWow64\docobj.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:A303874F

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-7558648-862555400-3682171913-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\halifax\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 194.25.2.129 - 194.25.0.53
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{690D2044-3750-4FAE-AA5B-4A3AD18F30D4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{52F2585E-182C-41DD-A86D-C81A52FC020B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{0515819B-E9D5-416C-B37F-B543AF6489D5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{75A9ED0B-423D-4400-A369-0E4E5A94E7DC}] => (Allow) LPort=2869
FirewallRules: [{28193488-4CF8-4707-A53A-92136AA67BEA}] => (Allow) LPort=1900
FirewallRules: [{8BABCDDA-5431-4E0F-821F-850E50B91817}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{106F9538-AE88-43CB-8A74-BEE107893323}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{5CA28E36-148A-46F4-9392-E68F8D166144}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
FirewallRules: [{5B70E74C-79D8-4B84-97FE-13F0FA3BFCCC}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
FirewallRules: [{B15A4386-B32C-43A1-9B94-8AD2889F74CA}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
FirewallRules: [{67BBD391-1A78-4091-ADD2-D22983F73ED7}] => (Allow) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
FirewallRules: [{55ED23A0-CC0A-4A33-B226-6BF57670EC80}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{5E71751B-860D-4BD6-BBCF-B66EEBC37F61}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{47477BB7-62CA-410A-9B1D-FB06936175F1}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 S-Edition\app\StarMoney.exe
FirewallRules: [{1139DD44-5175-4F72-81DA-9570AB688ADD}] => (Allow) C:\Program Files (x86)\StarMoney 8.0 S-Edition\app\StarMoney.exe
FirewallRules: [{EEA6B35A-611C-4523-BF14-307321760F62}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{078E76DE-EDF5-4130-AECD-F793DAD68272}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{832D7A5D-D5F3-4C35-8ED8-18FD9A8C21F7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{19AA0670-73F6-4B4E-9D70-59213A8558EC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C7F11AE5-5BD8-4734-9BA7-D4BCAD27A08F}] => (Allow) C:\Program Files\Hewlett-Packard\HP ePrintAndShare\InstantPrinting\HPePrintAndShare.exe
FirewallRules: [{B95BEB42-CD5F-4197-877F-144AF10E53FA}] => (Allow) C:\Program Files\Hewlett-Packard\HP ePrintAndShare\InstantPrinting\HPePrintAndShare.exe
FirewallRules: [{3CD50C49-ABA4-4191-90A4-45C0DEA3197E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Instant Printing 3\PrintingTool\HPInstantPrinting.exe
FirewallRules: [{013EFAF9-F0A4-4B8F-A531-3DA1BD416262}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Instant Printing 3\PrintingTool\HPInstantPrinting.exe
FirewallRules: [{FBB85792-A01F-420A-965D-A089728BB484}] => (Allow) C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{ABE00138-2AD9-4842-833F-43AFB549FD84}] => (Allow) C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
FirewallRules: [{83B50F79-6950-4CE0-891F-A9FEF0A53CEB}] => (Allow) C:\Program Files (x86)\StarMoney 9.0 S-Edition\app\StarMoney.exe
FirewallRules: [{C08A0187-F8C2-4872-9ED4-BA56DD084BFC}] => (Allow) C:\Program Files (x86)\StarMoney 9.0 S-Edition\app\StarMoney.exe
FirewallRules: [{4EC39FB5-F4C6-4AEE-9BCA-5E021F137FD5}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{9E11221C-4F55-4AFE-B228-1CC4ADCD03A3}] => (Allow) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
FirewallRules: [{53A4902B-F892-42CF-A226-10E65436690F}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe
FirewallRules: [{4BAF5164-4332-4E2C-A1C0-D84D828D6639}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\OmniPage19.exe
FirewallRules: [{87848E80-B3CA-4A4C-8DFB-0CE2DFFB9421}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\PPMV.exe
FirewallRules: [{5AC70F0E-1D9C-4C10-AC82-87AA6AE06088}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\PPMV.exe
FirewallRules: [{3DB350F9-3D27-43F2-8F0E-9D875AF0EF15}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe
FirewallRules: [{986BC64A-E608-40F7-870D-7BA77CAEB830}] => (Allow) C:\Program Files (x86)\Nuance\OmniPage19\Ereg\Ereg.exe
FirewallRules: [{3BA6D9CF-B1B9-4C1C-8FF7-D6CA23A20DE0}] => (Allow) C:\Program Files\iTunes\iTunes.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\HPPU.exe] => Enabled:HP Printer Utility HPPURun
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\HPPU.exe] => Enabled:HP Printer Utility HPPURun

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: PS/2-kompatible Maus
Description: PS/2-kompatible Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/24/2015 08:06:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HPPUDH.exe, Version: 1.16.2.0, Zeitstempel: 0x52021513
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a69e20
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ced0b
ID des fehlerhaften Prozesses: 0x10e0
Startzeit der fehlerhaften Anwendung: 0xHPPUDH.exe0
Pfad der fehlerhaften Anwendung: HPPUDH.exe1
Pfad des fehlerhaften Moduls: HPPUDH.exe2
Berichtskennung: HPPUDH.exe3

Error: (08/24/2015 08:04:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/23/2015 01:12:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/21/2015 07:33:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HPPUDH.exe, Version: 1.16.2.0, Zeitstempel: 0x52021513
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a69e20
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ced0b
ID des fehlerhaften Prozesses: 0xb04
Startzeit der fehlerhaften Anwendung: 0xHPPUDH.exe0
Pfad der fehlerhaften Anwendung: HPPUDH.exe1
Pfad des fehlerhaften Moduls: HPPUDH.exe2
Berichtskennung: HPPUDH.exe3

Error: (08/21/2015 07:31:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/20/2015 06:29:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/19/2015 06:43:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HPPUDH.exe, Version: 1.16.2.0, Zeitstempel: 0x52021513
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a69e20
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ced0b
ID des fehlerhaften Prozesses: 0x13c0
Startzeit der fehlerhaften Anwendung: 0xHPPUDH.exe0
Pfad der fehlerhaften Anwendung: HPPUDH.exe1
Pfad des fehlerhaften Moduls: HPPUDH.exe2
Berichtskennung: HPPUDH.exe3

Error: (08/19/2015 06:41:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/18/2015 06:46:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2015 07:01:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HPPUDH.exe, Version: 1.16.2.0, Zeitstempel: 0x52021513
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a69e20
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000ced0b
ID des fehlerhaften Prozesses: 0x70c
Startzeit der fehlerhaften Anwendung: 0xHPPUDH.exe0
Pfad der fehlerhaften Anwendung: HPPUDH.exe1
Pfad des fehlerhaften Moduls: HPPUDH.exe2
Berichtskennung: HPPUDH.exe3


Systemfehler:
=============
Error: (08/24/2015 09:22:41 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (08/24/2015 09:22:41 AM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (08/24/2015 08:03:26 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NTRU TSS v1.2.1.36 TCS" ist vom Dienst "TPM-Basisdienste" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%0

Error: (08/23/2015 05:27:50 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (08/23/2015 05:27:50 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (08/23/2015 05:27:26 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (08/23/2015 05:27:25 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (08/23/2015 04:53:25 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 20.

Error: (08/23/2015 04:49:53 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.

Error: (08/23/2015 04:49:52 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 40.


Microsoft Office:
=========================
Error: (08/24/2015 08:06:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HPPUDH.exe1.16.2.052021513ntdll.dll6.1.7601.1893355a69e20c0000374000ced0b10e001d0de32ce6dece6C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDH.exeC:\Windows\SysWOW64\ntdll.dll3f0f88e6-4a26-11e5-b238-d4bed994502a

Error: (08/24/2015 08:04:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/23/2015 01:12:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/21/2015 07:33:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HPPUDH.exe1.16.2.052021513ntdll.dll6.1.7601.1893355a69e20c0000374000ced0bb0401d0dbd2bc874901C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDH.exeC:\Windows\SysWOW64\ntdll.dll2df2f1da-47c6-11e5-a315-d4bed994502a

Error: (08/21/2015 07:31:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/20/2015 06:29:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/19/2015 06:43:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HPPUDH.exe1.16.2.052021513ntdll.dll6.1.7601.1893355a69e20c0000374000ced0b13c001d0da39532f707dC:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDH.exeC:\Windows\SysWOW64\ntdll.dllca9ae016-462c-11e5-b370-d4bed994502a

Error: (08/19/2015 06:41:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/18/2015 06:46:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2015 07:01:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HPPUDH.exe1.16.2.052021513ntdll.dll6.1.7601.1893355a69e20c0000374000ced0b70c01d0d8a9a2b51482C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\AppInterfaces\HPPUDH.exeC:\Windows\SysWOW64\ntdll.dll1569d180-449d-11e5-993f-d4bed994502a


==================== Speicherinformationen =========================== 

Processor: Intel(R) Xeon(R) CPU E31270 @ 3.40GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 16341.02 MB
Verfügbarer physikalischer RAM: 12531.43 MB
Summe virtueller Speicher: 144339.22 MB
Verfügbarer virtueller Speicher: 139815.63 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:464.98 GB) (Free:369.43 GB) NTFS
Drive d: (DATAPART1) (Fixed) (Total:465.75 GB) (Free:89.4 GB) NTFS
Drive e: (12 Mrz 2015) (CDROM) (Total:4.38 GB) (Free:3.91 GB) UDF
Drive f: (SAMSUNG) (Fixed) (Total:465.76 GB) (Free:131.38 GB) NTFS
Drive k: () (Network) (Total:3695.18 GB) (Free:3480.89 GB) 
Drive n: () (Network) (Total:3695.18 GB) (Free:3480.89 GB) 
Drive p: () (Network) (Total:3695.18 GB) (Free:3480.89 GB) 
Drive q: () (Network) (Total:3695.18 GB) (Free:3480.89 GB) 
Drive r: () (Network) (Total:3696.66 GB) (Free:2314.66 GB) 
Drive s: () (Network) (Total:3695.18 GB) (Free:3480.89 GB) 
Drive t: () (Network) (Total:3695.18 GB) (Free:3480.89 GB) 
Drive u: () (Network) (Total:3695.18 GB) (Free:3480.89 GB) 
Drive w: () (Network) (Total:3695.18 GB) (Free:3480.89 GB) 
Drive y: () (Network) (Total:3695.18 GB) (Free:3480.89 GB) 

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 55DA09CC)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=752 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=465 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 55DA09F1)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: AC736292)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Ende von Ergebnis ============================
         
__________________

Alt 24.08.2015, 16:30   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Spammail durch meinen Account - Standard

Spammail durch meinen Account



hi,


Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 24.08.2015, 17:59   #5
halifax09
 
Spammail durch meinen Account - Standard

Spammail durch meinen Account



Hallo,

vielen Dank für die schnelle Hilfe.

Hier die Ergebnisse:

MBAR hat nichts gefunden, cleanup musste nicht ausgeführt werden. Daher auch keine Logdatei zum Posten.


TDSSKIller:

Code:
ATTFilter
17:33:44.0959 0x0948  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
17:34:13.0204 0x0948  ============================================================
17:34:13.0204 0x0948  Current date / time: 2015/08/24 17:34:13.0204
17:34:13.0204 0x0948  SystemInfo:
17:34:13.0204 0x0948  
17:34:13.0204 0x0948  OS Version: 6.1.7601 ServicePack: 1.0
17:34:13.0204 0x0948  Product type: Workstation
17:34:13.0204 0x0948  ComputerName: MIRACULIX
17:34:13.0205 0x0948  UserName: halifax
17:34:13.0205 0x0948  Windows directory: C:\Windows
17:34:13.0205 0x0948  System windows directory: C:\Windows
17:34:13.0205 0x0948  Running under WOW64
17:34:13.0205 0x0948  Processor architecture: Intel x64
17:34:13.0205 0x0948  Number of processors: 8
17:34:13.0205 0x0948  Page size: 0x1000
17:34:13.0205 0x0948  Boot type: Normal boot
17:34:13.0205 0x0948  ============================================================
17:34:13.0661 0x0948  KLMD registered as C:\Windows\system32\drivers\84346187.sys
17:34:13.0898 0x0948  System UUID: {85998D8C-47D4-41B3-2DD4-45CA71E610EC}
17:34:14.0152 0x0948  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:34:14.0153 0x0948  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:34:14.0159 0x0948  Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:34:14.0163 0x0948  ============================================================
17:34:14.0163 0x0948  \Device\Harddisk0\DR0:
17:34:14.0163 0x0948  MBR partitions:
17:34:14.0163 0x0948  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x178000
17:34:14.0163 0x0948  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x18C000, BlocksNum 0x3A1F8000
17:34:14.0163 0x0948  \Device\Harddisk1\DR1:
17:34:14.0163 0x0948  MBR partitions:
17:34:14.0163 0x0948  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x2000, BlocksNum 0x3A382000
17:34:14.0163 0x0948  \Device\Harddisk2\DR2:
17:34:14.0164 0x0948  MBR partitions:
17:34:14.0164 0x0948  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x40, BlocksNum 0x3A384C01
17:34:14.0164 0x0948  ============================================================
17:34:14.0195 0x0948  C: <-> \Device\Harddisk0\DR0\Partition2
17:34:14.0197 0x0948  D: <-> \Device\Harddisk1\DR1\Partition1
17:34:14.0198 0x0948  F: <-> \Device\Harddisk2\DR2\Partition1
17:34:14.0198 0x0948  ============================================================
17:34:14.0198 0x0948  Initialize success
17:34:14.0198 0x0948  ============================================================
17:34:41.0648 0x1a14  ============================================================
17:34:41.0648 0x1a14  Scan started
17:34:41.0648 0x1a14  Mode: Manual; SigCheck; TDLFS; 
17:34:41.0648 0x1a14  ============================================================
17:34:41.0648 0x1a14  KSN ping started
17:34:44.0412 0x1a14  KSN ping finished: true
17:34:45.0588 0x1a14  ================ Scan system memory ========================
17:34:45.0588 0x1a14  System memory - ok
17:34:45.0589 0x1a14  ================ Scan services =============================
17:34:45.0733 0x1a14  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:34:45.0806 0x1a14  1394ohci - ok
17:34:45.0836 0x1a14  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:34:45.0849 0x1a14  ACPI - ok
17:34:45.0860 0x1a14  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:34:45.0877 0x1a14  AcpiPmi - ok
17:34:45.0960 0x1a14  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:34:45.0979 0x1a14  AdobeARMservice - ok
17:34:46.0109 0x1a14  [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:34:46.0119 0x1a14  AdobeFlashPlayerUpdateSvc - ok
17:34:46.0153 0x1a14  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
17:34:46.0168 0x1a14  adp94xx - ok
17:34:46.0192 0x1a14  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
17:34:46.0205 0x1a14  adpahci - ok
17:34:46.0217 0x1a14  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
17:34:46.0226 0x1a14  adpu320 - ok
17:34:46.0253 0x1a14  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:34:46.0287 0x1a14  AeLookupSvc - ok
17:34:46.0345 0x1a14  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
17:34:46.0363 0x1a14  AFD - ok
17:34:46.0383 0x1a14  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
17:34:46.0390 0x1a14  agp440 - ok
17:34:46.0399 0x1a14  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
17:34:46.0415 0x1a14  ALG - ok
17:34:46.0425 0x1a14  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:34:46.0432 0x1a14  aliide - ok
17:34:46.0445 0x1a14  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:34:46.0452 0x1a14  amdide - ok
17:34:46.0462 0x1a14  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
17:34:46.0470 0x1a14  AmdK8 - ok
17:34:46.0479 0x1a14  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
17:34:46.0498 0x1a14  AmdPPM - ok
17:34:46.0516 0x1a14  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:34:46.0525 0x1a14  amdsata - ok
17:34:46.0554 0x1a14  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
17:34:46.0564 0x1a14  amdsbs - ok
17:34:46.0573 0x1a14  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:34:46.0580 0x1a14  amdxata - ok
17:34:46.0699 0x1a14  [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
17:34:46.0722 0x1a14  AntiVirMailService - ok
17:34:46.0772 0x1a14  [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:34:46.0785 0x1a14  AntiVirSchedulerService - ok
17:34:46.0832 0x1a14  [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:34:46.0845 0x1a14  AntiVirService - ok
17:34:46.0896 0x1a14  [ F857D22CEC14854D310C5596C8CE6006, 67448C506D3171D327A6CE3952E41BDC65587FEB45F510160A1DAFCA9491711E ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
17:34:46.0922 0x1a14  AntiVirWebService - ok
17:34:46.0958 0x1a14  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
17:34:46.0997 0x1a14  AppID - ok
17:34:47.0010 0x1a14  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:34:47.0024 0x1a14  AppIDSvc - ok
17:34:47.0059 0x1a14  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
17:34:47.0079 0x1a14  Appinfo - ok
17:34:47.0205 0x1a14  [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:34:47.0213 0x1a14  Apple Mobile Device Service - ok
17:34:47.0253 0x1a14  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
17:34:47.0278 0x1a14  AppMgmt - ok
17:34:47.0303 0x1a14  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
17:34:47.0310 0x1a14  arc - ok
17:34:47.0323 0x1a14  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:34:47.0330 0x1a14  arcsas - ok
17:34:47.0428 0x1a14  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:34:47.0437 0x1a14  aspnet_state - ok
17:34:47.0441 0x1a14  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:34:47.0489 0x1a14  AsyncMac - ok
17:34:47.0535 0x1a14  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:34:47.0543 0x1a14  atapi - ok
17:34:47.0594 0x1a14  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:34:47.0643 0x1a14  AudioEndpointBuilder - ok
17:34:47.0657 0x1a14  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:34:47.0675 0x1a14  AudioSrv - ok
17:34:47.0750 0x1a14  [ 24843902369DC82B4691F816F08F2938, 330E22C6007B10FE9C232BBCA2F388ADA17DEDBAA11BEC2A70377A4466DFB6FA ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
17:34:47.0761 0x1a14  avgntflt - ok
17:34:47.0780 0x1a14  [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
17:34:47.0789 0x1a14  avipbb - ok
17:34:47.0893 0x1a14  [ 4B3DBF1CEBE1B2346BF2F8D2251F641A, CDC5BCA35BE658007E29E94E7FBFAA499B50929E738A12904397D16268C6FBAE ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
17:34:47.0904 0x1a14  Avira.ServiceHost - ok
17:34:47.0937 0x1a14  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
17:34:47.0944 0x1a14  avkmgr - ok
17:34:47.0989 0x1a14  [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
17:34:47.0996 0x1a14  avnetflt - ok
17:34:48.0024 0x1a14  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:34:48.0044 0x1a14  AxInstSV - ok
17:34:48.0082 0x1a14  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
17:34:48.0116 0x1a14  b06bdrv - ok
17:34:48.0146 0x1a14  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:34:48.0159 0x1a14  b57nd60a - ok
17:34:48.0268 0x1a14  [ 5F685973740F289BE3C809952DB8408B, 4C0A0C06BB2B6B1879A860B0D68289A55F80CF74947FCCE7815F1D8121232F62 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe
17:34:48.0279 0x1a14  BBSvc - ok
17:34:48.0310 0x1a14  [ 76F78018F45E7F92164CEA5020176933, 76E1CA6E198417F3749864721C43913189A7EA07B5ED320DE543B2037CEA3D65 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
17:34:48.0321 0x1a14  BBUpdate - ok
17:34:48.0338 0x1a14  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:34:48.0347 0x1a14  BDESVC - ok
17:34:48.0357 0x1a14  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:34:48.0388 0x1a14  Beep - ok
17:34:48.0457 0x1a14  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
17:34:48.0517 0x1a14  BFE - ok
17:34:48.0555 0x1a14  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
17:34:48.0613 0x1a14  BITS - ok
17:34:48.0636 0x1a14  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:34:48.0645 0x1a14  blbdrive - ok
17:34:48.0697 0x1a14  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:34:48.0722 0x1a14  Bonjour Service - ok
17:34:48.0759 0x1a14  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:34:48.0768 0x1a14  bowser - ok
17:34:48.0782 0x1a14  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
17:34:48.0791 0x1a14  BrFiltLo - ok
17:34:48.0798 0x1a14  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
17:34:48.0808 0x1a14  BrFiltUp - ok
17:34:48.0860 0x1a14  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
17:34:48.0878 0x1a14  Browser - ok
17:34:48.0894 0x1a14  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:34:48.0916 0x1a14  Brserid - ok
17:34:48.0930 0x1a14  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:34:48.0940 0x1a14  BrSerWdm - ok
17:34:48.0951 0x1a14  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:34:48.0966 0x1a14  BrUsbMdm - ok
17:34:48.0969 0x1a14  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:34:48.0976 0x1a14  BrUsbSer - ok
17:34:48.0988 0x1a14  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:34:49.0005 0x1a14  BTHMODEM - ok
17:34:49.0043 0x1a14  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
17:34:49.0078 0x1a14  bthserv - ok
17:34:49.0100 0x1a14  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:34:49.0129 0x1a14  cdfs - ok
17:34:49.0166 0x1a14  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:34:49.0176 0x1a14  cdrom - ok
17:34:49.0197 0x1a14  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:34:49.0219 0x1a14  CertPropSvc - ok
17:34:49.0240 0x1a14  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
17:34:49.0255 0x1a14  circlass - ok
17:34:49.0292 0x1a14  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
17:34:49.0307 0x1a14  CLFS - ok
17:34:49.0380 0x1a14  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:34:49.0388 0x1a14  clr_optimization_v2.0.50727_32 - ok
17:34:49.0429 0x1a14  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:34:49.0438 0x1a14  clr_optimization_v2.0.50727_64 - ok
17:34:49.0484 0x1a14  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:34:49.0493 0x1a14  clr_optimization_v4.0.30319_32 - ok
17:34:49.0518 0x1a14  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:34:49.0526 0x1a14  clr_optimization_v4.0.30319_64 - ok
17:34:49.0558 0x1a14  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
17:34:49.0572 0x1a14  CmBatt - ok
17:34:49.0584 0x1a14  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:34:49.0591 0x1a14  cmdide - ok
17:34:49.0654 0x1a14  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
17:34:49.0674 0x1a14  CNG - ok
17:34:49.0682 0x1a14  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
17:34:49.0689 0x1a14  Compbatt - ok
17:34:49.0708 0x1a14  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
17:34:49.0739 0x1a14  CompositeBus - ok
17:34:49.0748 0x1a14  COMSysApp - ok
17:34:49.0762 0x1a14  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
17:34:49.0769 0x1a14  crcdisk - ok
17:34:49.0809 0x1a14  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:34:49.0828 0x1a14  CryptSvc - ok
17:34:49.0868 0x1a14  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
17:34:49.0894 0x1a14  CSC - ok
17:34:49.0919 0x1a14  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
17:34:49.0957 0x1a14  CscService - ok
17:34:50.0002 0x1a14  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:34:50.0031 0x1a14  DcomLaunch - ok
17:34:50.0056 0x1a14  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
17:34:50.0082 0x1a14  defragsvc - ok
17:34:50.0105 0x1a14  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:34:50.0138 0x1a14  DfsC - ok
17:34:50.0165 0x1a14  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:34:50.0206 0x1a14  Dhcp - ok
17:34:50.0226 0x1a14  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
17:34:50.0247 0x1a14  discache - ok
17:34:50.0292 0x1a14  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
17:34:50.0301 0x1a14  Disk - ok
17:34:50.0328 0x1a14  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
17:34:50.0342 0x1a14  dmvsc - ok
17:34:50.0372 0x1a14  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:34:50.0397 0x1a14  Dnscache - ok
17:34:50.0421 0x1a14  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:34:50.0447 0x1a14  dot3svc - ok
17:34:50.0459 0x1a14  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
17:34:50.0505 0x1a14  DPS - ok
17:34:50.0551 0x1a14  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:34:50.0570 0x1a14  drmkaud - ok
17:34:50.0616 0x1a14  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:34:50.0656 0x1a14  DXGKrnl - ok
17:34:50.0686 0x1a14  [ EAFCB4551836FF44EE775CEDDFA7A77E, 5C01EC0EA6B5B04C51F39EA3B22E1A06F47CB88470A667937C56D4A3BCC19309 ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
17:34:50.0697 0x1a14  e1cexpress - ok
17:34:50.0703 0x1a14  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
17:34:50.0733 0x1a14  EapHost - ok
17:34:50.0819 0x1a14  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
17:34:50.0911 0x1a14  ebdrv - ok
17:34:50.0946 0x1a14  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] EFS             C:\Windows\System32\lsass.exe
17:34:50.0964 0x1a14  EFS - ok
17:34:51.0028 0x1a14  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:34:51.0066 0x1a14  ehRecvr - ok
17:34:51.0076 0x1a14  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
17:34:51.0096 0x1a14  ehSched - ok
17:34:51.0145 0x1a14  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
17:34:51.0162 0x1a14  elxstor - ok
17:34:51.0171 0x1a14  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:34:51.0184 0x1a14  ErrDev - ok
17:34:51.0213 0x1a14  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
17:34:51.0242 0x1a14  EventSystem - ok
17:34:51.0280 0x1a14  [ 618B2BC3E72A2FBDF2FA4A7350DE3695, DF18CD5788FFDD08E5F746E5498E1D70799349187B774962BD220EC8C4ECD69A ] EvoMouseDriverFilterHidUsb C:\Windows\system32\DRIVERS\EvoMouseDriverFilterHidUsb.sys
17:34:51.0286 0x1a14  EvoMouseDriverFilterHidUsb - ok
17:34:51.0325 0x1a14  [ EC0FE22EB2F3B32E046E01496B88D523, 557EE9466BAB79DA1B9BFA6DC0C72AECE0FB77C74E31299C8860C547FBFE3668 ] EvoMouseDriverMini C:\Windows\system32\drivers\EvoMouseDriverMini.sys
17:34:51.0331 0x1a14  EvoMouseDriverMini - ok
17:34:51.0349 0x1a14  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:34:51.0381 0x1a14  exfat - ok
17:34:51.0401 0x1a14  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:34:51.0436 0x1a14  fastfat - ok
17:34:51.0489 0x1a14  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
17:34:51.0528 0x1a14  Fax - ok
17:34:51.0539 0x1a14  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
17:34:51.0555 0x1a14  fdc - ok
17:34:51.0566 0x1a14  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
17:34:51.0600 0x1a14  fdPHost - ok
17:34:51.0611 0x1a14  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:34:51.0633 0x1a14  FDResPub - ok
17:34:51.0661 0x1a14  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:34:51.0669 0x1a14  FileInfo - ok
17:34:51.0681 0x1a14  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:34:51.0713 0x1a14  Filetrace - ok
17:34:51.0785 0x1a14  [ 3B8B64EF1D7CE03727DEFFFEF473F5AE, D9D031C054759D0E9117021992FD08BBE3A05128B2EEA7FE97BB25DCEF8538FD ] FLEXlm License Manager C:\SEFlex\Program\lmgrd.exe
17:34:51.0813 0x1a14  FLEXlm License Manager - ok
17:34:51.0833 0x1a14  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
17:34:51.0849 0x1a14  flpydisk - ok
17:34:51.0867 0x1a14  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:34:51.0878 0x1a14  FltMgr - ok
17:34:51.0939 0x1a14  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\Windows\system32\FntCache.dll
17:34:51.0989 0x1a14  FontCache - ok
17:34:52.0041 0x1a14  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:34:52.0047 0x1a14  FontCache3.0.0.0 - ok
17:34:52.0057 0x1a14  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:34:52.0065 0x1a14  FsDepends - ok
17:34:52.0113 0x1a14  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:34:52.0121 0x1a14  Fs_Rec - ok
17:34:52.0147 0x1a14  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:34:52.0160 0x1a14  fvevol - ok
17:34:52.0182 0x1a14  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:34:52.0189 0x1a14  gagp30kx - ok
17:34:52.0244 0x1a14  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:34:52.0250 0x1a14  GEARAspiWDM - ok
17:34:52.0293 0x1a14  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:34:52.0349 0x1a14  gpsvc - ok
17:34:52.0366 0x1a14  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:34:52.0381 0x1a14  hcw85cir - ok
17:34:52.0414 0x1a14  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:34:52.0433 0x1a14  HDAudBus - ok
17:34:52.0480 0x1a14  [ DF100F69C70F3319C3F6178D21A910FE, 9CA3D657822FD1BC7B5A50FDCA163348E9FE65689157328358001032F861ABC9 ] hhdspmc64       C:\Windows\system32\DRIVERS\hhdspmc64.sys
17:34:52.0487 0x1a14  hhdspmc64 - ok
17:34:52.0498 0x1a14  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
17:34:52.0515 0x1a14  HidBatt - ok
17:34:52.0531 0x1a14  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:34:52.0547 0x1a14  HidBth - ok
17:34:52.0559 0x1a14  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
17:34:52.0579 0x1a14  HidIr - ok
17:34:52.0590 0x1a14  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
17:34:52.0625 0x1a14  hidserv - ok
17:34:52.0664 0x1a14  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:34:52.0672 0x1a14  HidUsb - ok
17:34:52.0680 0x1a14  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:34:52.0709 0x1a14  hkmsvc - ok
17:34:52.0735 0x1a14  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:34:52.0748 0x1a14  HomeGroupListener - ok
17:34:52.0771 0x1a14  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:34:52.0789 0x1a14  HomeGroupProvider - ok
17:34:52.0816 0x1a14  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:34:52.0824 0x1a14  HpSAMD - ok
17:34:52.0864 0x1a14  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:34:52.0908 0x1a14  HTTP - ok
17:34:52.0934 0x1a14  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:34:52.0941 0x1a14  hwpolicy - ok
17:34:52.0950 0x1a14  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
17:34:52.0959 0x1a14  i8042prt - ok
17:34:52.0986 0x1a14  [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor          C:\Windows\system32\drivers\iaStor.sys
17:34:52.0998 0x1a14  iaStor - ok
17:34:53.0043 0x1a14  [ 8FFF9083252C16FE3960173722605E9E, 6546FDA34B9AF94C5E86E5269BBC2F02F1E78D6D4BE5B5EC01F4B284CC934994 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:34:53.0048 0x1a14  IAStorDataMgrSvc - ok
17:34:53.0082 0x1a14  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:34:53.0095 0x1a14  iaStorV - ok
17:34:53.0146 0x1a14  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:34:53.0180 0x1a14  idsvc - ok
17:34:53.0231 0x1a14  IEEtwCollectorService - ok
17:34:53.0239 0x1a14  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
17:34:53.0246 0x1a14  iirsp - ok
17:34:53.0293 0x1a14  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
17:34:53.0327 0x1a14  IKEEXT - ok
17:34:53.0397 0x1a14  [ 19F9D8F7C996D5AE22E913491C912009, 1E733E34F2D39203216F3542F1A5818F3EA21CE51F434FE3B255CB6BF0B048FC ] IntcAzAudAddService C:\Windows\system32\drivers\RTDVHD64.sys
17:34:53.0459 0x1a14  IntcAzAudAddService - ok
17:34:53.0490 0x1a14  [ 28D387EEFAD7CC3A0BEB9C3262E83ADD, 41C3232407CEB4DA84A465018F23B842D67EA9412C02EE3C8DED4D66ABBDEC2A ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
17:34:53.0497 0x1a14  Intel(R) PROSet Monitoring Service - ok
17:34:53.0511 0x1a14  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:34:53.0517 0x1a14  intelide - ok
17:34:53.0544 0x1a14  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:34:53.0561 0x1a14  intelppm - ok
17:34:53.0582 0x1a14  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:34:53.0605 0x1a14  IPBusEnum - ok
17:34:53.0617 0x1a14  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:34:53.0648 0x1a14  IpFilterDriver - ok
17:34:53.0668 0x1a14  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:34:53.0711 0x1a14  iphlpsvc - ok
17:34:53.0722 0x1a14  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:34:53.0741 0x1a14  IPMIDRV - ok
17:34:53.0755 0x1a14  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:34:53.0784 0x1a14  IPNAT - ok
17:34:53.0852 0x1a14  [ E8D96F840994291789F0CDE6800AC1A4, 35B39474B6385DA828D4212047F5C94775FC3C55E8C72EAA503D763D86F9BFB7 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:34:53.0868 0x1a14  iPod Service - ok
17:34:53.0884 0x1a14  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:34:53.0903 0x1a14  IRENUM - ok
17:34:53.0928 0x1a14  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:34:53.0935 0x1a14  isapnp - ok
17:34:53.0947 0x1a14  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:34:53.0959 0x1a14  iScsiPrt - ok
17:34:54.0002 0x1a14  [ 6C85719A21B3F62C2C76280F4BD36C7B, 471E333467937720EF9369419EEDE5C2246C976123B437E0AC66F394CF1C056A ] jhi_service     C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
17:34:54.0012 0x1a14  jhi_service - ok
17:34:54.0034 0x1a14  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:34:54.0042 0x1a14  kbdclass - ok
17:34:54.0063 0x1a14  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:34:54.0084 0x1a14  kbdhid - ok
17:34:54.0096 0x1a14  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] KeyIso          C:\Windows\system32\lsass.exe
17:34:54.0104 0x1a14  KeyIso - ok
17:34:54.0141 0x1a14  [ 67A1743377EBB5D9A370A8C2086CFDCC, 2F0FD6C1969B1EEEEFFC1A8F972E1E90F1AD9558FF00EC159BC19ED927FD4BF5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:34:54.0150 0x1a14  KSecDD - ok
17:34:54.0162 0x1a14  [ 522A1595D5701800DD41B2D472F5AAED, B62924AE94A5AC454AD6057BC133D717BB1C6445BE36D6BECAB76E1600F60C33 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:34:54.0172 0x1a14  KSecPkg - ok
17:34:54.0185 0x1a14  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:34:54.0218 0x1a14  ksthunk - ok
17:34:54.0246 0x1a14  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:34:54.0276 0x1a14  KtmRm - ok
17:34:54.0296 0x1a14  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:34:54.0321 0x1a14  LanmanServer - ok
17:34:54.0345 0x1a14  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:34:54.0376 0x1a14  LanmanWorkstation - ok
17:34:54.0483 0x1a14  [ 7772DFAB22611050B79504E671B06E6E, 331FE235EDBCF48EE96A5A9D5D0560457CD85FA3FD7BEACD3700055F815D9F13 ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:34:54.0497 0x1a14  LBTServ - ok
17:34:54.0548 0x1a14  [ ED7EC050CD6C20E1A93A4DAFB7EFD14D, 9B3B9FA23788680D13E3DC2EEA2F127591A368578AEAB70F03AC379BA7379184 ] LEqdUsb         C:\Windows\system32\DRIVERS\LEqdUsb.Sys
17:34:54.0556 0x1a14  LEqdUsb - ok
17:34:54.0666 0x1a14  [ EAECE4EE45F0AD26E96136BF8A4CFF8E, 729BBE537F2A0A40CFAC26F65B6B2D00A94EB1E63B43E282B31E7936DABB7224 ] Lexware_Update_Service C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
17:34:54.0673 0x1a14  Lexware_Update_Service - ok
17:34:54.0702 0x1a14  [ 3267BC698E29474A8381E68904EB0390, A653ED6364D4B7E02FB7087D364E33D029B15A92E0FAAB176877DE5F93B36B65 ] LHidEqd         C:\Windows\system32\DRIVERS\LHidEqd.Sys
17:34:54.0708 0x1a14  LHidEqd - ok
17:34:54.0744 0x1a14  [ 241F2648ADF090E2A10095BD6D6F5DCB, D31F50F7A70A62E3CA45071F75C56FFA21464BFAF4CA4A3AD2482D7477D78D4E ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
17:34:54.0751 0x1a14  LHidFilt - ok
17:34:54.0762 0x1a14  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:34:54.0792 0x1a14  lltdio - ok
17:34:54.0820 0x1a14  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:34:54.0852 0x1a14  lltdsvc - ok
17:34:54.0861 0x1a14  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:34:54.0891 0x1a14  lmhosts - ok
17:34:54.0901 0x1a14  [ 342ED5A4B3326014438F36D22D803737, 45488402BD919D84729A19E618B3595D615EB1F73FB9BC77675A21E7DB80AB6C ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
17:34:54.0907 0x1a14  LMouFilt - ok
17:34:54.0957 0x1a14  [ 519D66259DF1672AABCE9D2E0ACC5552, 953EAEC04D45574ED9260726383438AA18A5EBEB2E0C93869DF4C57B9998BB27 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:34:54.0968 0x1a14  LMS - ok
17:34:55.0003 0x1a14  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:34:55.0012 0x1a14  LSI_FC - ok
17:34:55.0021 0x1a14  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
17:34:55.0030 0x1a14  LSI_SAS - ok
17:34:55.0042 0x1a14  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
17:34:55.0049 0x1a14  LSI_SAS2 - ok
17:34:55.0058 0x1a14  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:34:55.0067 0x1a14  LSI_SCSI - ok
17:34:55.0093 0x1a14  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
17:34:55.0115 0x1a14  luafv - ok
17:34:55.0158 0x1a14  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:34:55.0169 0x1a14  Mcx2Svc - ok
17:34:55.0188 0x1a14  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
17:34:55.0195 0x1a14  megasas - ok
17:34:55.0211 0x1a14  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
17:34:55.0223 0x1a14  MegaSR - ok
17:34:55.0279 0x1a14  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
17:34:55.0285 0x1a14  MEIx64 - ok
17:34:55.0306 0x1a14  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
17:34:55.0329 0x1a14  MMCSS - ok
17:34:55.0353 0x1a14  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
17:34:55.0384 0x1a14  Modem - ok
17:34:55.0420 0x1a14  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:34:55.0430 0x1a14  monitor - ok
17:34:55.0438 0x1a14  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:34:55.0445 0x1a14  mouclass - ok
17:34:55.0460 0x1a14  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:34:55.0474 0x1a14  mouhid - ok
17:34:55.0508 0x1a14  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:34:55.0517 0x1a14  mountmgr - ok
17:34:55.0530 0x1a14  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:34:55.0539 0x1a14  mpio - ok
17:34:55.0555 0x1a14  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:34:55.0578 0x1a14  mpsdrv - ok
17:34:55.0620 0x1a14  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:34:55.0667 0x1a14  MpsSvc - ok
17:34:55.0703 0x1a14  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:34:55.0725 0x1a14  MRxDAV - ok
17:34:55.0755 0x1a14  [ B2081803D510DCE174992BA880EDCA70, 37DB53C9756EC03EB7165DEB58251615D70B7C86DF32A54DE25ADAF30A04D792 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:34:55.0766 0x1a14  mrxsmb - ok
17:34:55.0801 0x1a14  [ 552FA62B0EFECD22D8D52499324BCA4F, C3A02C9C30C36928AC7B1025496544967187A05BEF5D100B54F2C0155E47145C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:34:55.0828 0x1a14  mrxsmb10 - ok
17:34:55.0860 0x1a14  [ 97687971F9CB30E2633DE0F1296B9F61, 865DA87523E4C32D65D55D5475A5CDDFA10699780DA500E6D606384FB3BEB1BE ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:34:55.0877 0x1a14  mrxsmb20 - ok
17:34:55.0895 0x1a14  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:34:55.0902 0x1a14  msahci - ok
17:34:55.0927 0x1a14  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:34:55.0937 0x1a14  msdsm - ok
17:34:55.0950 0x1a14  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
17:34:55.0961 0x1a14  MSDTC - ok
17:34:55.0977 0x1a14  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:34:56.0009 0x1a14  Msfs - ok
17:34:56.0030 0x1a14  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:34:56.0062 0x1a14  mshidkmdf - ok
17:34:56.0081 0x1a14  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:34:56.0088 0x1a14  msisadrv - ok
17:34:56.0111 0x1a14  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:34:56.0145 0x1a14  MSiSCSI - ok
17:34:56.0147 0x1a14  msiserver - ok
17:34:56.0167 0x1a14  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:34:56.0194 0x1a14  MSKSSRV - ok
17:34:56.0207 0x1a14  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:34:56.0237 0x1a14  MSPCLOCK - ok
17:34:56.0246 0x1a14  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:34:56.0278 0x1a14  MSPQM - ok
17:34:56.0295 0x1a14  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:34:56.0307 0x1a14  MsRPC - ok
17:34:56.0316 0x1a14  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
17:34:56.0323 0x1a14  mssmbios - ok
17:34:56.0332 0x1a14  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:34:56.0364 0x1a14  MSTEE - ok
17:34:56.0375 0x1a14  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
17:34:56.0387 0x1a14  MTConfig - ok
17:34:56.0395 0x1a14  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
17:34:56.0403 0x1a14  Mup - ok
17:34:56.0433 0x1a14  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
17:34:56.0472 0x1a14  napagent - ok
17:34:56.0502 0x1a14  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:34:56.0531 0x1a14  NativeWifiP - ok
17:34:56.0575 0x1a14  [ C38B8AE57F78915905064A9A24DC1586, 5A24A490AC5DB4FCC745182BDBAEA8836E8FBEC635609AE4CF51DAC3A30A8221 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:34:56.0608 0x1a14  NDIS - ok
17:34:56.0628 0x1a14  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:34:56.0650 0x1a14  NdisCap - ok
17:34:56.0674 0x1a14  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:34:56.0703 0x1a14  NdisTapi - ok
17:34:56.0719 0x1a14  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:34:56.0741 0x1a14  Ndisuio - ok
17:34:56.0757 0x1a14  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:34:56.0780 0x1a14  NdisWan - ok
17:34:56.0794 0x1a14  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:34:56.0815 0x1a14  NDProxy - ok
17:34:56.0860 0x1a14  [ 2C723E42FC8D7B0209492828F921FB50, 2ECF9F4D91F317432FB5A6D01D8271BB7E2A5B8A6CA9EF2F2036890D2B072E52 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
17:34:56.0873 0x1a14  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
17:34:59.0764 0x1a14  Detect skipped due to KSN trusted
17:34:59.0764 0x1a14  Net Driver HPZ12 - ok
17:34:59.0783 0x1a14  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:34:59.0817 0x1a14  NetBIOS - ok
17:34:59.0837 0x1a14  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:34:59.0862 0x1a14  NetBT - ok
17:34:59.0871 0x1a14  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] Netlogon        C:\Windows\system32\lsass.exe
17:34:59.0878 0x1a14  Netlogon - ok
17:34:59.0907 0x1a14  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
17:34:59.0943 0x1a14  Netman - ok
17:34:59.0977 0x1a14  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:34:59.0985 0x1a14  NetMsmqActivator - ok
17:34:59.0988 0x1a14  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:34:59.0995 0x1a14  NetPipeActivator - ok
17:35:00.0013 0x1a14  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
17:35:00.0043 0x1a14  netprofm - ok
17:35:00.0048 0x1a14  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:35:00.0055 0x1a14  NetTcpActivator - ok
17:35:00.0058 0x1a14  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:35:00.0065 0x1a14  NetTcpPortSharing - ok
17:35:00.0096 0x1a14  [ 73CE12B8BDD747B0063CB0A7EF44CEA7, F570BB52BE460DBA6203698CC96FFD9674E1903D0E0F5C49375BE3F8D8E89582 ] netvsc          C:\Windows\system32\DRIVERS\netvsc60.sys
17:35:00.0111 0x1a14  netvsc - ok
17:35:00.0142 0x1a14  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
17:35:00.0151 0x1a14  nfrd960 - ok
17:35:00.0184 0x1a14  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:35:00.0219 0x1a14  NlaSvc - ok
17:35:00.0233 0x1a14  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:35:00.0255 0x1a14  Npfs - ok
17:35:00.0288 0x1a14  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
17:35:00.0316 0x1a14  nsi - ok
17:35:00.0331 0x1a14  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:35:00.0352 0x1a14  nsiproxy - ok
17:35:00.0418 0x1a14  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:35:00.0452 0x1a14  Ntfs - ok
17:35:00.0464 0x1a14  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
17:35:00.0491 0x1a14  Null - ok
17:35:00.0536 0x1a14  [ A7127E86F9FFE2A53E271B56B2C4CEDF, 9C8D60290B66976BBC6E6FE0C2B8EBBCF65B019C95116565CA75098E9F66C05D ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
17:35:00.0545 0x1a14  nusb3hub - ok
17:35:00.0564 0x1a14  [ 49BBEC6F48D5F9284B03ABF3A959B19B, 688AFDFA9E2F0AB3BDE22EC55C70FD592AA0236557DA9310E1557C083307CEC5 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:35:00.0586 0x1a14  nusb3xhc - ok
17:35:00.0614 0x1a14  [ E20ABD5B229760158F753CA90B97E090, 9970A8ECFA13647B4F2032CB3C21C48458B5ED137254E3FB9C9B93E4A0EBD709 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
17:35:00.0623 0x1a14  NVHDA - ok
17:35:00.0915 0x1a14  [ BCB3F822CE0AE87818982B1AADFCCB85, 45B813DC3282E6B156D41DB3690D08D38790DD1DC923F376A21AB1D1F9D33746 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:35:01.0234 0x1a14  nvlddmkm - ok
17:35:01.0266 0x1a14  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:35:01.0276 0x1a14  nvraid - ok
17:35:01.0300 0x1a14  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:35:01.0310 0x1a14  nvstor - ok
17:35:01.0319 0x1a14  [ 35D7B9216A08509FF38035DD9B5A7919, 51BF943E78FF042502D10DAFBEEEB202B8C83B4E40091B57CDFF3622288BF30C ] nvsvc           C:\Windows\system32\nvvsvc.exe
17:35:01.0327 0x1a14  nvsvc - ok
17:35:01.0356 0x1a14  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:35:01.0366 0x1a14  nv_agp - ok
17:35:01.0379 0x1a14  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:35:01.0399 0x1a14  ohci1394 - ok
17:35:01.0469 0x1a14  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:35:01.0478 0x1a14  ose - ok
17:35:01.0634 0x1a14  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:35:01.0721 0x1a14  osppsvc - ok
17:35:01.0753 0x1a14  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:35:01.0773 0x1a14  p2pimsvc - ok
17:35:01.0792 0x1a14  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
17:35:01.0808 0x1a14  p2psvc - ok
17:35:01.0824 0x1a14  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
17:35:01.0844 0x1a14  Parport - ok
17:35:01.0873 0x1a14  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:35:01.0882 0x1a14  partmgr - ok
17:35:01.0901 0x1a14  [ 363B3F857ABEE85767E01E3044C539CD, F6CB6C4B5B206E75BC8EB125363B1A095BA24FCC997A10605D59FCE44BA8651C ] PBADRV          C:\Windows\system32\DRIVERS\PBADRV.sys
17:35:01.0907 0x1a14  PBADRV - ok
17:35:01.0939 0x1a14  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:35:01.0959 0x1a14  PcaSvc - ok
17:35:01.0984 0x1a14  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
17:35:01.0995 0x1a14  pci - ok
17:35:02.0012 0x1a14  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:35:02.0019 0x1a14  pciide - ok
17:35:02.0044 0x1a14  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:35:02.0056 0x1a14  pcmcia - ok
17:35:02.0066 0x1a14  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:35:02.0073 0x1a14  pcw - ok
17:35:02.0116 0x1a14  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:35:02.0140 0x1a14  PEAUTH - ok
17:35:02.0195 0x1a14  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
17:35:02.0250 0x1a14  PeerDistSvc - ok
17:35:02.0324 0x1a14  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:35:02.0334 0x1a14  PerfHost - ok
17:35:02.0388 0x1a14  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
17:35:02.0446 0x1a14  pla - ok
17:35:02.0487 0x1a14  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:35:02.0503 0x1a14  PlugPlay - ok
17:35:02.0546 0x1a14  [ 171E6D91A20AAC8D02172A64E82CE90B, 0D51F00D6C0376CD12893620E0A15E687263048CFE20E953F6BB4B7D6CDC3F50 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:35:02.0551 0x1a14  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
17:35:05.0442 0x1a14  Detect skipped due to KSN trusted
17:35:05.0442 0x1a14  Pml Driver HPZ12 - ok
17:35:05.0456 0x1a14  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:35:05.0488 0x1a14  PNRPAutoReg - ok
17:35:05.0503 0x1a14  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:35:05.0516 0x1a14  PNRPsvc - ok
17:35:05.0554 0x1a14  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:35:05.0588 0x1a14  PolicyAgent - ok
17:35:05.0614 0x1a14  [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power           C:\Windows\system32\umpo.dll
17:35:05.0639 0x1a14  Power - ok
17:35:05.0674 0x1a14  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:35:05.0707 0x1a14  PptpMiniport - ok
17:35:05.0723 0x1a14  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
17:35:05.0737 0x1a14  Processor - ok
17:35:05.0767 0x1a14  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:35:05.0779 0x1a14  ProfSvc - ok
17:35:05.0787 0x1a14  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:35:05.0795 0x1a14  ProtectedStorage - ok
17:35:05.0806 0x1a14  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:35:05.0829 0x1a14  Psched - ok
17:35:05.0870 0x1a14  [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
17:35:05.0877 0x1a14  PxHlpa64 - ok
17:35:05.0932 0x1a14  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:35:05.0996 0x1a14  ql2300 - ok
17:35:06.0011 0x1a14  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:35:06.0020 0x1a14  ql40xx - ok
17:35:06.0046 0x1a14  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
17:35:06.0063 0x1a14  QWAVE - ok
17:35:06.0087 0x1a14  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:35:06.0112 0x1a14  QWAVEdrv - ok
17:35:06.0122 0x1a14  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:35:06.0153 0x1a14  RasAcd - ok
17:35:06.0187 0x1a14  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:35:06.0223 0x1a14  RasAgileVpn - ok
17:35:06.0237 0x1a14  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
17:35:06.0260 0x1a14  RasAuto - ok
17:35:06.0277 0x1a14  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:35:06.0300 0x1a14  Rasl2tp - ok
17:35:06.0331 0x1a14  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
17:35:06.0367 0x1a14  RasMan - ok
17:35:06.0380 0x1a14  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:35:06.0414 0x1a14  RasPppoe - ok
17:35:06.0423 0x1a14  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:35:06.0446 0x1a14  RasSstp - ok
17:35:06.0462 0x1a14  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:35:06.0488 0x1a14  rdbss - ok
17:35:06.0498 0x1a14  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:35:06.0508 0x1a14  rdpbus - ok
17:35:06.0512 0x1a14  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:35:06.0532 0x1a14  RDPCDD - ok
17:35:06.0553 0x1a14  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
17:35:06.0563 0x1a14  RDPDR - ok
17:35:06.0585 0x1a14  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:35:06.0612 0x1a14  RDPENCDD - ok
17:35:06.0626 0x1a14  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:35:06.0648 0x1a14  RDPREFMP - ok
17:35:06.0685 0x1a14  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:35:06.0703 0x1a14  RDPWD - ok
17:35:06.0729 0x1a14  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:35:06.0740 0x1a14  rdyboost - ok
17:35:06.0760 0x1a14  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:35:06.0795 0x1a14  RemoteAccess - ok
17:35:06.0817 0x1a14  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:35:06.0846 0x1a14  RemoteRegistry - ok
17:35:06.0893 0x1a14  [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb          C:\Windows\system32\Drivers\RimUsb_AMD64.sys
17:35:06.0911 0x1a14  RimUsb - ok
17:35:06.0994 0x1a14  [ 3C957189B31C34D3AD21967B12B6AED7, 878FE6EA03F60592D6D557B905A5119E2CC836C2A6A86ED2867C3C9B0F0FDBA2 ] RoxMediaDB12OEM C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
17:35:07.0037 0x1a14  RoxMediaDB12OEM - ok
17:35:07.0069 0x1a14  [ 2B73088CC2CA757A172B425C9398E5BC, 3D296B4D6F66F7729CC48FE54456E6E6D8207DBA7E31D66653566C128E53163B ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
17:35:07.0079 0x1a14  RoxWatch12 - ok
17:35:07.0100 0x1a14  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:35:07.0130 0x1a14  RpcEptMapper - ok
17:35:07.0152 0x1a14  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
17:35:07.0171 0x1a14  RpcLocator - ok
17:35:07.0192 0x1a14  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
17:35:07.0221 0x1a14  RpcSs - ok
17:35:07.0252 0x1a14  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:35:07.0287 0x1a14  rspndr - ok
17:35:07.0310 0x1a14  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
17:35:07.0341 0x1a14  s3cap - ok
17:35:07.0362 0x1a14  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] SamSs           C:\Windows\system32\lsass.exe
17:35:07.0369 0x1a14  SamSs - ok
17:35:07.0447 0x1a14  [ F22189298ABFC75F2A2D87BCCD3CA092, 8408FBC2C05A437F4382C3D9822E857E660C7656F2B10C4A5FC4802FE4721B2F ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
17:35:07.0458 0x1a14  SbieDrv - ok
17:35:07.0501 0x1a14  [ 53A64997DEC2AA75C611B376E5A9D03F, 1BE87A3F148EBCBB7311D5BFD4C616E000C4CD4335C8A69966161EDA47FBE1C6 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
17:35:07.0511 0x1a14  SbieSvc - ok
17:35:07.0521 0x1a14  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:35:07.0529 0x1a14  sbp2port - ok
17:35:07.0551 0x1a14  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:35:07.0586 0x1a14  SCardSvr - ok
17:35:07.0620 0x1a14  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:35:07.0647 0x1a14  scfilter - ok
17:35:07.0706 0x1a14  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
17:35:07.0790 0x1a14  Schedule - ok
17:35:07.0822 0x1a14  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:35:07.0845 0x1a14  SCPolicySvc - ok
17:35:07.0849 0x1a14  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:35:07.0860 0x1a14  SDRSVC - ok
17:35:07.0880 0x1a14  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:35:07.0901 0x1a14  secdrv - ok
17:35:07.0907 0x1a14  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
17:35:07.0929 0x1a14  seclogon - ok
17:35:08.0048 0x1a14  [ 8365191D0FE7DF5972B889821ADBE62B, A3CC36FBF7962166D0E6A6B277130882BED623708C7F14EC158614F30F982420 ] SecureStorageService C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe
17:35:08.0109 0x1a14  SecureStorageService - ok
17:35:08.0135 0x1a14  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
17:35:08.0165 0x1a14  SENS - ok
17:35:08.0175 0x1a14  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:35:08.0194 0x1a14  SensrSvc - ok
17:35:08.0236 0x1a14  [ 255476B54C82A89416EFDF09FD62F107, 000A6F7F15177A08ED4E22DB1C06F9FF0F8D324541A3E7AF7F35123D9CA4122D ] Sentinel64      C:\Windows\System32\Drivers\Sentinel64.sys
17:35:08.0244 0x1a14  Sentinel64 - ok
17:35:08.0266 0x1a14  [ 1BA2C677C6146A8B3ADEA7B69D2EED56, B8BA275B748C0F729CED224A415CC0D0EBB1EE2FC0F59DA0275C18EE9BDC1604 ] SentinelKeysServer C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe
17:35:08.0276 0x1a14  SentinelKeysServer - ok
17:35:08.0330 0x1a14  [ D1A2BA8BF092DDF18F3D3DB1D5AC7803, EE1B349DD8D5C00B4E13F9F71BFDBA73A4870C6BC90F1845D2AEAD8EFEE02322 ] SentinelProtectionServer C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe
17:35:08.0355 0x1a14  SentinelProtectionServer - ok
17:35:08.0392 0x1a14  [ E80B91AEC007711B1EEC9C83487754E2, 8C417EF2FC3460F05C3BCA955C628A65AA86E9DB080235CCF61FB98745BB2F90 ] SentinelSecurityRuntime C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe
17:35:08.0402 0x1a14  SentinelSecurityRuntime - ok
17:35:08.0420 0x1a14  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:35:08.0436 0x1a14  Serenum - ok
17:35:08.0470 0x1a14  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:35:08.0493 0x1a14  Serial - ok
17:35:08.0516 0x1a14  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:35:08.0525 0x1a14  sermouse - ok
17:35:08.0551 0x1a14  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
17:35:08.0580 0x1a14  SessionEnv - ok
17:35:08.0592 0x1a14  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:35:08.0607 0x1a14  sffdisk - ok
17:35:08.0609 0x1a14  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:35:08.0625 0x1a14  sffp_mmc - ok
17:35:08.0641 0x1a14  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:35:08.0657 0x1a14  sffp_sd - ok
17:35:08.0659 0x1a14  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
17:35:08.0667 0x1a14  sfloppy - ok
17:35:08.0695 0x1a14  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:35:08.0736 0x1a14  SharedAccess - ok
17:35:08.0758 0x1a14  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:35:08.0786 0x1a14  ShellHWDetection - ok
17:35:08.0809 0x1a14  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
17:35:08.0816 0x1a14  SiSRaid2 - ok
17:35:08.0828 0x1a14  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:35:08.0835 0x1a14  SiSRaid4 - ok
17:35:08.0854 0x1a14  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:35:08.0882 0x1a14  Smb - ok
17:35:08.0908 0x1a14  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:35:08.0926 0x1a14  SNMPTRAP - ok
17:35:08.0964 0x1a14  [ 2D5576C01C8A34AA614870E745FE8F19, FAAD06A4B912B8A7B6971E152D89356191C9655DDA494A04F0AA086DFB46BD11 ] SNTUSB64        C:\Windows\system32\DRIVERS\SNTUSB64.SYS
17:35:08.0971 0x1a14  SNTUSB64 - ok
17:35:09.0052 0x1a14  [ 3B8B64EF1D7CE03727DEFFFEF473F5AE, D9D031C054759D0E9117021992FD08BBE3A05128B2EEA7FE97BB25DCEF8538FD ] Solid Edge      C:\SEFlex\Program\lmgrd.exe
17:35:09.0079 0x1a14  Solid Edge - ok
17:35:09.0089 0x1a14  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:35:09.0096 0x1a14  spldr - ok
17:35:09.0121 0x1a14  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
17:35:09.0156 0x1a14  Spooler - ok
17:35:09.0242 0x1a14  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
17:35:09.0365 0x1a14  sppsvc - ok
17:35:09.0378 0x1a14  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:35:09.0414 0x1a14  sppuinotify - ok
17:35:09.0442 0x1a14  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:35:09.0472 0x1a14  srv - ok
17:35:09.0494 0x1a14  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:35:09.0518 0x1a14  srv2 - ok
17:35:09.0533 0x1a14  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:35:09.0554 0x1a14  srvnet - ok
17:35:09.0588 0x1a14  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:35:09.0615 0x1a14  SSDPSRV - ok
17:35:09.0622 0x1a14  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:35:09.0653 0x1a14  SstpSvc - ok
17:35:09.0748 0x1a14  [ 98CC6BDCB5F593394CE2000EC454AEE4, 13973E69DDFB5A0494141C60ABF0E6F7EF555B476AC4171B18A31FF04618D54B ] StarMoney 8.0 OnlineUpdate C:\Program Files (x86)\StarMoney 8.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
17:35:09.0766 0x1a14  StarMoney 8.0 OnlineUpdate - ok
17:35:09.0846 0x1a14  [ 3BF022F8064A83A23DF90971DD78CA83, 85754DF1C6DE745ADF9A0BAB1948AFF2CA16C4569128DA90AF610D199E621BF4 ] StarMoney 9.0 OnlineUpdate C:\Program Files (x86)\StarMoney 9.0 S-Edition\ouservice\StarMoneyOnlineUpdate.exe
17:35:09.0863 0x1a14  StarMoney 9.0 OnlineUpdate - ok
17:35:09.0881 0x1a14  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
17:35:09.0888 0x1a14  stexstor - ok
17:35:09.0936 0x1a14  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
17:35:09.0984 0x1a14  stisvc - ok
17:35:10.0026 0x1a14  [ 7731F46EC0D687A931CBA063E8F90EF0, 5CF996A209756B901316C4406C7D3E52ECC9C15A1BDB0D4D9C77846AB29FD040 ] stllssvr        C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
17:35:10.0034 0x1a14  stllssvr - ok
17:35:10.0060 0x1a14  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
17:35:10.0068 0x1a14  StorSvc - ok
17:35:10.0102 0x1a14  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
17:35:10.0110 0x1a14  storvsc - ok
17:35:10.0133 0x1a14  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
17:35:10.0139 0x1a14  swenum - ok
17:35:10.0169 0x1a14  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
17:35:10.0201 0x1a14  swprv - ok
17:35:10.0212 0x1a14  [ 4CDD7DF58730D23BA9CB5829A6E2ECEA, 89A2A1604C2BF985894000F51D9D376B32F1327197866850B5BF8640272DE828 ] SynthVid        C:\Windows\system32\DRIVERS\VMBusVideoM.sys
17:35:10.0220 0x1a14  SynthVid - ok
17:35:10.0279 0x1a14  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
17:35:10.0344 0x1a14  SysMain - ok
17:35:10.0358 0x1a14  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:35:10.0371 0x1a14  TabletInputService - ok
17:35:10.0387 0x1a14  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:35:10.0415 0x1a14  TapiSrv - ok
17:35:10.0426 0x1a14  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
17:35:10.0455 0x1a14  TBS - ok
17:35:10.0526 0x1a14  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:35:10.0597 0x1a14  Tcpip - ok
17:35:10.0650 0x1a14  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:35:10.0687 0x1a14  TCPIP6 - ok
17:35:10.0706 0x1a14  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:35:10.0739 0x1a14  tcpipreg - ok
17:35:10.0828 0x1a14  [ 3D52B206D9F6F3ECFDB5D676614E47B6, 909C5C362D35E6D0264E9F2DC42B535AB39DD99FEDD483C7DEE8E8EA91A081DA ] tcsd_win32.exe  C:\Program Files (x86)\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
17:35:10.0878 0x1a14  tcsd_win32.exe - detected UnsignedFile.Multi.Generic ( 1 )
17:35:13.0765 0x1a14  Detect skipped due to KSN trusted
17:35:13.0765 0x1a14  tcsd_win32.exe - ok
17:35:13.0885 0x1a14  [ E2F626E4A23E12DE31D8820FF143A456, FF1CBFD52A32B25E31167D9AE3F4826818623C03DA92EE1B7B99A5DA1A1C4FC5 ] TdmService      C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
17:35:13.0952 0x1a14  TdmService - ok
17:35:13.0966 0x1a14  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:35:13.0977 0x1a14  TDPIPE - ok
17:35:14.0008 0x1a14  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:35:14.0038 0x1a14  TDTCP - ok
17:35:14.0056 0x1a14  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:35:14.0084 0x1a14  tdx - ok
17:35:14.0093 0x1a14  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
17:35:14.0101 0x1a14  TermDD - ok
17:35:14.0139 0x1a14  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
17:35:14.0168 0x1a14  TermService - ok
17:35:14.0187 0x1a14  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
17:35:14.0205 0x1a14  Themes - ok
17:35:14.0230 0x1a14  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
17:35:14.0262 0x1a14  THREADORDER - ok
17:35:14.0274 0x1a14  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
17:35:14.0298 0x1a14  TrkWks - ok
17:35:14.0337 0x1a14  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:35:14.0362 0x1a14  TrustedInstaller - ok
17:35:14.0392 0x1a14  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:35:14.0401 0x1a14  tssecsrv - ok
17:35:14.0427 0x1a14  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:35:14.0435 0x1a14  TsUsbFlt - ok
17:35:14.0446 0x1a14  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
17:35:14.0466 0x1a14  TsUsbGD - ok
17:35:14.0498 0x1a14  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:35:14.0526 0x1a14  tunnel - ok
17:35:14.0542 0x1a14  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:35:14.0550 0x1a14  uagp35 - ok
17:35:14.0565 0x1a14  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:35:14.0591 0x1a14  udfs - ok
17:35:14.0613 0x1a14  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:35:14.0629 0x1a14  UI0Detect - ok
17:35:14.0650 0x1a14  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:35:14.0659 0x1a14  uliagpkx - ok
17:35:14.0680 0x1a14  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:35:14.0695 0x1a14  umbus - ok
17:35:14.0714 0x1a14  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
17:35:14.0727 0x1a14  UmPass - ok
17:35:14.0750 0x1a14  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
17:35:14.0763 0x1a14  UmRdpService - ok
17:35:14.0891 0x1a14  [ 1B71370AEC1115F80D9A4A209317C968, C6886F556E87C1750991C27EF818B3A2CAB5DD84A26290457A005CFDECBEF884 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:35:14.0943 0x1a14  UNS - ok
17:35:14.0965 0x1a14  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
17:35:14.0994 0x1a14  upnphost - ok
17:35:15.0035 0x1a14  [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:35:15.0056 0x1a14  usbccgp - ok
17:35:15.0098 0x1a14  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:35:15.0113 0x1a14  usbcir - ok
17:35:15.0136 0x1a14  [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
17:35:15.0152 0x1a14  usbehci - ok
17:35:15.0208 0x1a14  [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:35:15.0222 0x1a14  usbhub - ok
17:35:15.0257 0x1a14  [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:35:15.0288 0x1a14  usbohci - ok
17:35:15.0307 0x1a14  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
17:35:15.0318 0x1a14  usbprint - ok
17:35:15.0344 0x1a14  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:35:15.0353 0x1a14  USBSTOR - ok
17:35:15.0385 0x1a14  [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:35:15.0393 0x1a14  usbuhci - ok
17:35:15.0411 0x1a14  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
17:35:15.0434 0x1a14  UxSms - ok
17:35:15.0437 0x1a14  [ 0D48E93C6BE3143C0198CB252B992D16, AF34A41BAAE967045C8078E80B070E66ED60FDA0945FA752F715E49FD43373A4 ] VaultSvc        C:\Windows\system32\lsass.exe
17:35:15.0445 0x1a14  VaultSvc - ok
17:35:15.0466 0x1a14  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:35:15.0473 0x1a14  vdrvroot - ok
17:35:15.0492 0x1a14  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
17:35:15.0544 0x1a14  vds - ok
17:35:15.0561 0x1a14  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:35:15.0580 0x1a14  vga - ok
17:35:15.0588 0x1a14  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:35:15.0621 0x1a14  VgaSave - ok
17:35:15.0637 0x1a14  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:35:15.0648 0x1a14  vhdmp - ok
17:35:15.0658 0x1a14  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:35:15.0665 0x1a14  viaide - ok
17:35:15.0686 0x1a14  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
17:35:15.0694 0x1a14  VMBusHID - ok
17:35:15.0715 0x1a14  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:35:15.0723 0x1a14  volmgr - ok
17:35:15.0741 0x1a14  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:35:15.0754 0x1a14  volmgrx - ok
17:35:15.0769 0x1a14  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:35:15.0781 0x1a14  volsnap - ok
17:35:15.0800 0x1a14  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
17:35:15.0810 0x1a14  vsmraid - ok
17:35:15.0863 0x1a14  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
17:35:15.0938 0x1a14  VSS - ok
17:35:15.0953 0x1a14  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
17:35:15.0972 0x1a14  vwifibus - ok
17:35:15.0993 0x1a14  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
17:35:16.0037 0x1a14  W32Time - ok
17:35:16.0051 0x1a14  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:35:16.0059 0x1a14  WacomPen - ok
17:35:16.0085 0x1a14  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:35:16.0107 0x1a14  WANARP - ok
17:35:16.0110 0x1a14  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:35:16.0132 0x1a14  Wanarpv6 - ok
17:35:16.0219 0x1a14  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:35:16.0259 0x1a14  WatAdminSvc - ok
17:35:16.0349 0x1a14  [ E45BCE01F15EEB240FE9DB83B9D86BE3, D423C4193CE65409173557424FA49A9E75DA7377E2C9F6A46E37316D29EB5785 ] Wave Authentication Manager Service C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
17:35:16.0399 0x1a14  Wave Authentication Manager Service - detected UnsignedFile.Multi.Generic ( 1 )
17:35:19.0322 0x1a14  Detect skipped due to KSN trusted
17:35:19.0322 0x1a14  Wave Authentication Manager Service - ok
17:35:19.0381 0x1a14  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
17:35:19.0445 0x1a14  wbengine - ok
17:35:19.0465 0x1a14  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:35:19.0488 0x1a14  WbioSrvc - ok
17:35:19.0506 0x1a14  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:35:19.0524 0x1a14  wcncsvc - ok
17:35:19.0537 0x1a14  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:35:19.0546 0x1a14  WcsPlugInService - ok
17:35:19.0562 0x1a14  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
17:35:19.0569 0x1a14  Wd - ok
17:35:19.0616 0x1a14  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:35:19.0650 0x1a14  Wdf01000 - ok
17:35:19.0659 0x1a14  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:35:19.0684 0x1a14  WdiServiceHost - ok
17:35:19.0687 0x1a14  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:35:19.0700 0x1a14  WdiSystemHost - ok
17:35:19.0733 0x1a14  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
17:35:19.0747 0x1a14  WebClient - ok
17:35:19.0762 0x1a14  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:35:19.0789 0x1a14  Wecsvc - ok
17:35:19.0796 0x1a14  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:35:19.0832 0x1a14  wercplsupport - ok
17:35:19.0854 0x1a14  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:35:19.0888 0x1a14  WerSvc - ok
17:35:19.0919 0x1a14  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:35:19.0943 0x1a14  WfpLwf - ok
17:35:19.0947 0x1a14  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:35:19.0954 0x1a14  WIMMount - ok
17:35:19.0976 0x1a14  WinDefend - ok
17:35:19.0978 0x1a14  WinHttpAutoProxySvc - ok
17:35:20.0018 0x1a14  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:35:20.0055 0x1a14  Winmgmt - ok
17:35:20.0114 0x1a14  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
17:35:20.0191 0x1a14  WinRM - ok
17:35:20.0235 0x1a14  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:35:20.0245 0x1a14  WinUsb - ok
17:35:20.0280 0x1a14  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:35:20.0327 0x1a14  Wlansvc - ok
17:35:20.0377 0x1a14  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:35:20.0384 0x1a14  wlcrasvc - ok
17:35:20.0480 0x1a14  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:35:20.0522 0x1a14  wlidsvc - ok
17:35:20.0543 0x1a14  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:35:20.0559 0x1a14  WmiAcpi - ok
17:35:20.0585 0x1a14  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:35:20.0610 0x1a14  wmiApSrv - ok
17:35:20.0645 0x1a14  WMPNetworkSvc - ok
17:35:20.0663 0x1a14  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:35:20.0684 0x1a14  WPCSvc - ok
17:35:20.0693 0x1a14  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:35:20.0705 0x1a14  WPDBusEnum - ok
17:35:20.0716 0x1a14  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:35:20.0738 0x1a14  ws2ifsl - ok
17:35:20.0754 0x1a14  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
17:35:20.0768 0x1a14  wscsvc - ok
17:35:20.0808 0x1a14  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
17:35:20.0818 0x1a14  WSDPrintDevice - ok
17:35:20.0866 0x1a14  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
17:35:20.0874 0x1a14  WSDScan - ok
17:35:20.0877 0x1a14  WSearch - ok
17:35:20.0966 0x1a14  [ 499034D7F1F6AF49F9EE12F8822793CB, 55D591C4861AF66C6B9201BF78808B2ECE7B79D95C6BB07FF0ED87EFE63DD99E ] wuauserv        C:\Windows\system32\wuaueng.dll
17:35:21.0048 0x1a14  wuauserv - ok
17:35:21.0065 0x1a14  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:35:21.0088 0x1a14  WudfPf - ok
17:35:21.0113 0x1a14  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:35:21.0147 0x1a14  WUDFRd - ok
17:35:21.0169 0x1a14  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:35:21.0192 0x1a14  wudfsvc - ok
17:35:21.0209 0x1a14  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:35:21.0224 0x1a14  WwanSvc - ok
17:35:21.0235 0x1a14  ================ Scan global ===============================
17:35:21.0266 0x1a14  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
17:35:21.0297 0x1a14  [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
17:35:21.0306 0x1a14  [ E80CA72FA43BF258E72C408CEF9839BE, 06482E80F43AD91F4B9E5919A0C50219382213D59EACF9FBAE7AFD7A321F30D2 ] C:\Windows\system32\winsrv.dll
17:35:21.0327 0x1a14  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:35:21.0358 0x1a14  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
17:35:21.0364 0x1a14  [ Global ] - ok
17:35:21.0365 0x1a14  ================ Scan MBR ==================================
17:35:21.0375 0x1a14  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:35:21.0650 0x1a14  \Device\Harddisk0\DR0 - ok
17:35:21.0659 0x1a14  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:35:21.0725 0x1a14  \Device\Harddisk1\DR1 - ok
17:35:21.0726 0x1a14  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
17:35:23.0485 0x1a14  \Device\Harddisk2\DR2 - ok
17:35:23.0485 0x1a14  ================ Scan VBR ==================================
17:35:23.0486 0x1a14  [ 1CA4D98FED1D0EAADAD5C47EC03F7E34 ] \Device\Harddisk0\DR0\Partition1
17:35:23.0491 0x1a14  \Device\Harddisk0\DR0\Partition1 - ok
17:35:23.0492 0x1a14  [ CC896EEFA59B848BDE40E620C16DFCE9 ] \Device\Harddisk0\DR0\Partition2
17:35:23.0493 0x1a14  \Device\Harddisk0\DR0\Partition2 - ok
17:35:23.0494 0x1a14  [ 6B803490111BA929AEC703E3A190DF9A ] \Device\Harddisk1\DR1\Partition1
17:35:23.0495 0x1a14  \Device\Harddisk1\DR1\Partition1 - ok
17:35:23.0497 0x1a14  [ A5CDA7F5DD9779BEE96423C0FB7CACCC ] \Device\Harddisk2\DR2\Partition1
17:35:23.0566 0x1a14  \Device\Harddisk2\DR2\Partition1 - ok
17:35:23.0566 0x1a14  ================ Scan generic autorun ======================
17:35:23.0644 0x1a14  [ 4C748E4BBFF7795A623A6D122A16C5EB, 24C9EE6023B020B21F68C187B34DD7FC46A4FF27F2B565AA3DF35641CD64ACBB ] C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe
17:35:23.0696 0x1a14  RtHDVCpl - ok
17:35:23.0770 0x1a14  [ 9953AA19D2C70443A1955160312D6D06, F3B7FA6D1829ED54D2D45C7EACA8924F1287E9F087F17D837A35E6D6019122D5 ] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe
17:35:23.0830 0x1a14  nwiz - ok
17:35:23.0856 0x1a14  [ EBC5436427CD4D8C92AA36F3F7AC441A, 52BD1528EE768A5B413B557EC7D51CF81219D00CD997B6E8C4237A05ADA06AF4 ] C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
17:35:23.0877 0x1a14  TdmNotify - ok
17:35:23.0950 0x1a14  [ DF72D700CC33611206675B8A2FD4D4F9, AB3AF6FD92140A1432FEAFFF2015CFAD5E9362F0018EA1D859A2DA349E95847D ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
17:35:23.0996 0x1a14  EvtMgr6 - ok
17:35:24.0063 0x1a14  [ 838258B7655F2309F7BE63F844AF51BB, 50E5831663E8BD4627C9D532AB4B0D451D668CFC519163E5D75952BA9BD6EE12 ] C:\Program Files\iTunes\iTunesHelper.exe
17:35:24.0072 0x1a14  iTunesHelper - ok
17:35:24.0102 0x1a14  [ 4A73AB8412D3AA6CFAD24051FF9DBFA7, 7C1F6BDECE92F2A58E88FC603F1BEE9B0F72130136AE9A368892323A9A327FD1 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
17:35:24.0112 0x1a14  IAStorIcon - ok
17:35:24.0145 0x1a14  [ 1EAD2147E5633CB26AF77B694F070777, 762159FA5985D0562A425967E39716C8953742D485245C5A8BF87501B95203EA ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
17:35:24.0153 0x1a14  IMSS - ok
17:35:24.0189 0x1a14  [ 88FD47E3BD31BC358AD1EF14E75C7681, 0177A849A8E63122628D42AAB97F29224413B10C5E9720F7ED9E109E509EC7ED ] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
17:35:24.0196 0x1a14  RemoteControl9 - ok
17:35:24.0215 0x1a14  [ A4A59E38A82781985AF76BA2038C78BE, 0E349A07EFC7FB0BB6E9CD3A6B9E72CDA4FD45001EEAB3AAC5D885E2AE0CEF77 ] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe
17:35:24.0229 0x1a14  PDVD9LanguageShortcut - ok
17:35:24.0244 0x1a14  [ A7749965A3923D024922A86BAAECAFF4, 70CC52E58881F405B334EDE68913EAB1B7FADBFB19B92F42B40E4737C6F073F7 ] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe
17:35:24.0254 0x1a14  RoxWatchTray - ok
17:35:24.0301 0x1a14  [ 4164A47F3A2DA7EA44572904C3DF44A4, 192097A694949269CD642C4F832715F48F4448669951D027DBECE9D873E9DA94 ] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
17:35:24.0314 0x1a14  Desktop Disc Tool - ok
17:35:24.0402 0x1a14  [ 28DEF0EFB36D172EAA5A08EB09CF75DF, 62D07A28167AEBFB9511830BFBBEAAB17CC24D57FF8D07F1414D921135BC9024 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
17:35:24.0436 0x1a14  avgnt - ok
17:35:24.0497 0x1a14  [ 0080EB1CDD83F14C01534B1DC754234D, D0FC9B95A12D0C92730F8031B3DB287D1309008CF15EA0C02FC14B56FAE8C320 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
17:35:24.0504 0x1a14  APSDaemon - ok
17:35:24.0537 0x1a14  [ 41F8D76CAFAA8A9FD0F1F2B7361DDC2C, 7B16573ED3ADFA794923A6DD2F9B1679909DB15BE657464DE944D9D050CB5957 ] C:\Program Files (x86)\Common Files\Hewlett-Packard\HP Printer Utility DCS\Appinterfaces\HPPUDS.exe
17:35:24.0550 0x1a14  PUStarter - detected UnsignedFile.Multi.Generic ( 1 )
17:35:27.0443 0x1a14  Detect skipped due to KSN trusted
17:35:27.0443 0x1a14  PUStarter - ok
17:35:27.0498 0x1a14  [ C59B1DA2B3E5D35A08787A5B85681668, 2AFFABDCB05B1172F6CF9DB464EF78A3357CE548B727092A1699115C526E9D62 ] C:\Program Files (x86)\Hewlett-Packard\HP Printer Utility\HPPU.exe
17:35:27.0502 0x1a14  RunPUTasktray - detected UnsignedFile.Multi.Generic ( 1 )
17:35:30.0395 0x1a14  Detect skipped due to KSN trusted
17:35:30.0395 0x1a14  RunPUTasktray - ok
17:35:30.0461 0x1a14  [ 18C384C8FA1A0A5CA6484D545A6E748A, C978961D4C6A4FA87E28B639E296977A743AF1463AE5B50BA78CCE9C9F8AB202 ] C:\Program Files (x86)\Hewlett-Packard\HP Designjet ePrintAndShare\HPePSUploader.exe
17:35:30.0479 0x1a14  ItalusUploader - detected UnsignedFile.Multi.Generic ( 1 )
17:35:33.0420 0x1a14  ItalusUploader ( UnsignedFile.Multi.Generic ) - warning
17:35:36.0214 0x1a14  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:35:36.0279 0x1a14  Sidebar - ok
17:35:36.0302 0x1a14  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:35:36.0315 0x1a14  mctadmin - ok
17:35:36.0336 0x1a14  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:35:36.0363 0x1a14  Sidebar - ok
17:35:36.0367 0x1a14  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:35:36.0379 0x1a14  mctadmin - ok
17:35:36.0434 0x1a14  [ F341DD6145F779CE5B732BC6BC6A3370, 67CE7E6DD5969C8DE34473E01D60D52FABC740B056287C2E261A36F97993ED0D ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
17:35:36.0441 0x1a14  iCloudServices - ok
17:35:36.0461 0x1a14  [ 944E77A49DBAF8F6BB473118C116E59E, 0DA67736F1841A270AB24C13BA8FF4021A8950EB58B4985774F4B224B832B0DA ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
17:35:36.0467 0x1a14  ApplePhotoStreams - ok
17:35:36.0540 0x1a14  [ 55F751FD10B5CE32FD44BD658438A0AE, 26FAE4ADA494D28872EA4323B53FCC590C7126C5348B893665FEA4714894CBF2 ] C:\Program Files\Sandboxie\SbieCtrl.exe
17:35:36.0559 0x1a14  SandboxieControl - ok
17:35:36.0559 0x1a14  HotFolder.FR12 - ok
17:35:36.0693 0x1a14  [ ACD6AED54DFF3E2E4C6A1753BF3BEA98, F718D1ED1E00145396FFB3A00AB795BD53CB77BE16975C1512E7FB02ECE3B6BB ] C:\Program Files (x86)\Nuance\OmniPage19\OpAgent.exe
17:35:36.0738 0x1a14  OpAgent - ok
17:35:36.0765 0x1a14  [ 4016CE43255F0BE4FBE4A54F4500B021, 125A4BA4F0EF844F8320829ECED5D5CB1503A066E0D1A9D17702220F4C32F1E3 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
17:35:36.0770 0x1a14  iCloudDrive - ok
17:35:36.0771 0x1a14  Waiting for KSN requests completion. In queue: 9
17:35:37.0771 0x1a14  Waiting for KSN requests completion. In queue: 9
17:35:38.0771 0x1a14  Waiting for KSN requests completion. In queue: 9
17:35:39.0802 0x1a14  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.12.402 ), 0x41000 ( enabled : updated )
17:35:39.0805 0x1a14  Win FW state via NFP2: enabled ( trusted )
17:35:42.0520 0x1a14  ============================================================
17:35:42.0520 0x1a14  Scan finished
17:35:42.0520 0x1a14  ============================================================
17:35:42.0525 0x2d44  Detected object count: 1
17:35:42.0525 0x2d44  Actual detected object count: 1
17:38:09.0649 0x2d44  ItalusUploader ( UnsignedFile.Multi.Generic ) - skipped by user
17:38:09.0649 0x2d44  ItalusUploader ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
Das gefundene Objekt im Anhang.


Ich denke bisher wurde nichts gefunden?

Grüße
halifax

Angehängte Grafiken
Dateityp: png Gefundenes Objekt.png (35,1 KB, 123x aufgerufen)

Alt 25.08.2015, 06:49   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Spammail durch meinen Account - Standard

Spammail durch meinen Account



hi,

Passwort zum Account geändert? Auf wievielen Geräten ist der Account eingerichtet?
__________________
--> Spammail durch meinen Account

Alt 25.08.2015, 07:47   #7
halifax09
 
Spammail durch meinen Account - Standard

Spammail durch meinen Account



Hallo,

die Passwörter habe ich gestern geändert.

Der Account ist noch auf 3 weiteren Geräten (1x Win 7, 2x iOS).

Alt 25.08.2015, 11:49   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Spammail durch meinen Account - Standard

Spammail durch meinen Account



Von den beiden IOS den Account komplett löschen. Logs von dem andern Win7 bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.08.2015, 14:11   #9
halifax09
 
Spammail durch meinen Account - Standard

Spammail durch meinen Account



Hallo,

hier die Logs vom 2. Win7:

1. FRST


Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-08-2015
durchgeführt von halifax (Administrator) auf THINKPADW520 (25-08-2015 13:43:39)
Gestartet von C:\TEMP
Geladene Profile: halifax (Verfügbare Profile: UpdatusUser & halifax)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(UPEK Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
(Bosch Rexroth AG) C:\Program Files (x86)\Rexroth\IndraWorks\IndraLogic\ENI Server\ENI.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Flexera Software, Inc.) C:\SEFlex\Program\lmgrd.exe
(Flexera Software, Inc.) C:\SEFlex\Program\lmgrd.exe
(Bosch Rexroth AG) C:\Program Files (x86)\Rexroth\IndraWorks\GatewayPLC\ServiceControl.exe
(Bosch Rexroth AG) C:\Program Files (x86)\Rexroth\IndraWorks\GatewayPLC\GatewayService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Siemens AG) C:\Program Files\Common Files\Siemens\AlmPanelPlugin\ALMPanelPlugin.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SIEMENS AG) C:\Program Files (x86)\Siemens\Step7\S7BIN\s7hspsvx.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Siemens AG) C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7epasrv64x.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\pniomgr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\AutoLock\ALCKRESI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieCtrl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Lenovo) C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
(Bosch Rexroth AG) C:\Program Files (x86)\Rexroth\IndraWorks\GatewayPLC\IndraLogicGatewaySysTray.exe
(Bosch Rexroth AG) C:\Windows\SysWOW64\Gateway.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(SIEMENS AG) C:\Program Files (x86)\Common Files\Siemens\S7UBTOOX\S7ubTstx.exe
(SIEMENS AG) C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Bosch Rexroth AG) C:\Program Files (x86)\Rexroth\IndraWorks\IndraLogic\ENI Server\ENISysTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(iAnywhere Solutions, Inc.) C:\Program Files (x86)\Common Files\Siemens\SQLANY\dbsrv9.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvbubble64x.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Bosch Rexroth AG) C:\Program Files (x86)\Rexroth\IndraWorks\IndraWorks.Service.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(SIEMENS AG) C:\Windows\SysWOW64\pniopcac.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2789160 2011-05-19] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [380776 2010-12-09] (Lenovo.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2011-03-14] (Conexant systems, Inc.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [40808 2011-05-31] (Lenovo Group Limited)
HKLM\...\Run: [ALCKRESI.EXE] => C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE [281960 2011-05-25] (Lenovo Group Limited)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112152 2011-01-17] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [S7UB Start] => C:\Program Files (x86)\Common Files\Siemens\S7ubtoox\s7ubtstx.exe [102453 2010-06-03] (SIEMENS AG)
HKLM-x32\...\Run: [WinCC flexible Smart Start] => C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiSmartStart.exe [118784 2011-12-14] (SIEMENS AG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ENISysTray] => C:\Program Files (x86)\Rexroth\IndraWorks\IndraLogic\ENI Server\ENISysTray.exe [40960 2013-06-25] (Bosch Rexroth AG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\psfus: C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll (UPEK Inc.)
HKU\S-1-5-21-2831858354-3733170835-1677986244-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [694032 2012-06-17] (SANDBOXIE L.T.D)
HKU\S-1-5-21-2831858354-3733170835-1677986244-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKU\S-1-5-21-2831858354-3733170835-1677986244-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-02-28] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-02-28] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-05-18]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Gateway Control.lnk [2015-04-24]
ShortcutTarget: Gateway Control.lnk -> C:\Program Files (x86)\Rexroth\IndraWorks\GatewayPLC\IndraLogicGatewaySysTray.exe (Bosch Rexroth AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Gateway Server.lnk [2015-04-24]
ShortcutTarget: Gateway Server.lnk -> C:\Windows\SysWOW64\Gateway.exe (Bosch Rexroth AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk [2012-08-27]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
GroupPolicyScripts: Gruppenrichtline erkannt <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-21-2831858354-3733170835-1677986244-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-2831858354-3733170835-1677986244-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-2831858354-3733170835-1677986244-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-2831858354-3733170835-1677986244-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2831858354-3733170835-1677986244-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE485
SearchScopes: HKU\S-1-5-21-2831858354-3733170835-1677986244-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE485
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll [2013-04-08] (pdfforge GmbH)
Toolbar: HKU\S-1-5-21-2831858354-3733170835-1677986244-1001 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
DPF: HKLM-x32 {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} hxxps://juniper.net/dana-cached/setup/JuniperSetupSP1.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4BC0D719-E6BE-4B69-BC92-65F7BF5D72CB}: [NameServer] 194.25.2.129
Tcpip\..\Interfaces\{D7169D49-9723-4CD6-AB15-1F0A74B64CFC}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\halifax\AppData\Roaming\Mozilla\Firefox\Profiles\1v40iiq1.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-24] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-24] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-10] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npatgpc.dll [2015-04-28] (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\halifax\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-04-28] (Cisco WebEx LLC)
FF Extension: Avira Browser Safety - C:\Users\halifax\AppData\Roaming\Mozilla\Firefox\Profiles\1v40iiq1.default\Extensions\abs@avira.com [2015-08-17]
FF Extension: Firebug - C:\Users\halifax\AppData\Roaming\Mozilla\Firefox\Profiles\1v40iiq1.default\Extensions\firebug@software.joehewitt.com.xpi [2013-10-07]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-04-25]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AceServer; C:\Program Files (x86)\Adept Technology\Adept ACE\bin\AceService.exe [18432 2012-10-09] (Adept Technology, Inc.) [Datei ist nicht signiert]
R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [1543816 2011-12-11] (SIEMENS AG) [Datei ist nicht signiert]
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-18] (Avira Operations GmbH & Co. KG)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [478056 2012-02-27] (Lenovo.)
R2 ENI Server; C:\Program Files (x86)\Rexroth\IndraWorks\IndraLogic\ENI Server\ENI.exe [651264 2013-06-25] (Bosch Rexroth AG) [Datei ist nicht signiert]
R2 FLEXlm License Manager; C:\SEFlex\Program\lmgrd.exe [1379664 2011-08-24] (Flexera Software, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 IndraLogic Service Control; C:\Program Files (x86)\Rexroth\IndraWorks\GatewayPLC\ServiceControl.exe [303104 2012-08-02] (Bosch Rexroth AG) [Datei ist nicht signiert]
R2 IndraLogic V13 Gateway; C:\Program Files (x86)\Rexroth\IndraWorks\GatewayPLC\GatewayService.exe [671744 2014-06-04] (Bosch Rexroth AG) [Datei ist nicht signiert]
R2 IndraWorksService; C:\Program Files (x86)\Rexroth\IndraWorks\IndraWorks.Service.exe [94208 2014-12-16] (Bosch Rexroth AG) [Datei ist nicht signiert]
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
R2 MSSQL$WINCCFLEXEXPRESS; C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-02-08] (Hewlett-Packard) [Datei ist nicht signiert]
S3 OpcEnum; C:\Windows\SysWOW64\opcenum.exe [225280 2014-12-16] (Bosch Rexroth AG) [Datei ist nicht signiert]
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-02-08] (Hewlett-Packard) [Datei ist nicht signiert]
R2 s7hspsvx; C:\Program Files (x86)\Siemens\Step7\s7bin\s7hspsvx.exe [61493 2011-10-31] (SIEMENS AG) [Datei ist nicht signiert]
R2 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [139864 2011-11-03] (SIEMENS AG)
R2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe [229976 2011-11-03] (SIEMENS AG)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [98576 2012-06-17] (SANDBOXIE L.T.D)
U2 smartserver; C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe [558416 2011-12-06] (Siemens AG)
S2 Solid Edge; C:\SEFlex\Program\lmgrd.exe [1379664 2011-08-24] (Flexera Software, Inc.)
R2 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [28672 2011-07-25] (Lenovo Group Limited) [Datei ist nicht signiert]
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [61440 2008-01-10] (Ulead Systems, Inc.) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-06-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-04-09] (Avira Operations GmbH & Co. KG)
S3 cgnxcdc_x64; C:\Windows\System32\DRIVERS\cgnxcdc_x64.sys [74456 2015-04-24] (Cognex Corporation)
R3 dpmconv; C:\Windows\System32\DRIVERS\dpmconv.sys [259072 2011-04-19] (SIEMENS AG)
S3 dpmcslv; C:\Windows\System32\Drivers\dpmcslv.sys [68280 2005-07-04] (Siemens AG)
R3 fwkbdrtm; C:\Windows\system32\drivers\fwkbdrtm.sys [24152 2011-12-06] (Windows (R) Win 7 DDK provider)
S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [130944 2014-10-28] (Gemalto)
R3 hhdspmc64; C:\Windows\System32\DRIVERS\hhdspmc64.sys [39472 2010-10-13] (HHD Software Ltd.)
R3 KbdBlock2; C:\Windows\System32\Drivers\KbdBlock2.sys [14416 2013-02-01] (ILLC)
R3 LenovoRd; C:\Windows\System32\Drivers\LenovoRd.sys [118016 2009-05-11] (Lenovo)
S3 mxuwdrv2; C:\Windows\System32\DRIVERS\mxuwdrv2.sys [83480 2009-04-27] (Moxa Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [284448 2013-02-28] (NVIDIA Corporation)
S3 PcaSp60; C:\Windows\SysWOW64\DRIVERS\PcaSp60.sys [38912 2010-09-07] (Printing Communications Assoc., Inc. (PCAUSA))
S3 pln1394bus; C:\Windows\System32\DRIVERS\pln1394bus_x64.sys [197720 2011-02-09] (Basler AG)
R2 PYNWAGNT; C:\Windows\System32\Drivers\pynwagnt.sys [56408 2010-07-08] (Basler AG)
R3 PyNwFlt; C:\Windows\System32\DRIVERS\pynwflt.sys [59480 2010-07-08] (Basler AG)
R3 s7odpx2x64; C:\Windows\System32\DRIVERS\s7odpx2x64.sys [71168 2011-10-20] (SIEMENS AG)
R3 s7oppinx64; C:\Windows\System32\DRIVERS\s7oppinx64.sys [107520 2011-10-20] (SIEMENS AG)
R3 s7oserix64; C:\Windows\System32\Drivers\s7oserix64.sys [121344 2011-05-06] (SIEMENS AG)
R3 s7osmcax64; C:\Windows\System32\DRIVERS\s7osmcax64.sys [195584 2011-09-29] (SIEMENS AG)
R3 s7osobux64; C:\Windows\System32\DRIVERS\s7osobux64.sys [152576 2011-05-06] (SIEMENS AG)
R3 s7otmcd64x; C:\Windows\System32\Drivers\s7otmcd64x.sys [199680 2011-05-06] (SIEMENS AG)
R3 s7otranx64; C:\Windows\System32\DRIVERS\s7otranx64.sys [260096 2011-05-06] (SIEMENS AG)
R3 s7otsadx64; C:\Windows\System32\DRIVERS\s7otsadx64.sys [192000 2011-09-29] (SIEMENS AG)
R2 s7ousbu64x; C:\Windows\System32\DRIVERS\s7ousbu64x.sys [193024 2011-09-29] (SIEMENS AG)
R2 s7sn2srtx; C:\Windows\System32\DRIVERS\s7sn2srtx.sys [83032 2011-06-16] (SIEMENS AG)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [166576 2012-06-17] (SANDBOXIE L.T.D)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13840 2009-03-13] (UPEK Inc.)
R2 SNTIE; C:\Windows\System32\DRIVERS\sntie.sys [179288 2011-10-11] (SIEMENS AG)
S3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [63528 2011-09-22] (SafeNet, Inc.)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [41536 2009-09-24] (Lenovo (United States) Inc.)
R3 vsnl2ada; C:\Windows\System32\DRIVERS\vsnl2ada.sys [120832 2011-04-19] (SIEMENS AG)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-25 13:32 - 2015-08-25 13:43 - 00000000 ____D C:\FRST
2015-08-14 18:29 - 2015-08-14 18:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-14 08:00 - 2015-08-14 08:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Juniper Networks
2015-08-14 07:18 - 2015-08-14 07:18 - 00000000 ____D C:\Program Files (x86)\Gemalto
2015-08-14 07:09 - 2015-08-14 07:09 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-08-14 07:02 - 2015-08-14 08:00 - 00001352 _____ C:\Users\Public\Desktop\Network Connect.lnk
2015-08-14 07:00 - 2015-08-14 07:02 - 00000000 ____D C:\Users\halifax\AppData\Roaming\Juniper Networks
2015-08-14 07:00 - 2015-08-14 07:00 - 00000000 ____D C:\Users\Public\Juniper Networks
2015-08-14 07:00 - 2014-06-25 14:48 - 00594032 _____ (Juniper Networks, Inc.) C:\Windows\system32\dsNcSmartCardProv.dll
2015-08-14 07:00 - 2014-06-25 14:48 - 00423536 _____ (Juniper Networks, Inc.) C:\Windows\system32\dsNcCredProv.dll
2015-08-14 06:59 - 2015-08-14 07:02 - 00000000 ____D C:\Program Files (x86)\Juniper Networks
2015-08-14 06:59 - 2015-08-14 06:59 - 00000000 ____D C:\Users\halifax\AppData\Local\Juniper Networks

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-25 13:29 - 2012-07-09 14:36 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-25 13:29 - 2012-05-18 19:55 - 01988641 _____ C:\Windows\WindowsUpdate.log
2015-08-25 10:43 - 2009-07-14 06:45 - 00031072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-25 10:43 - 2009-07-14 06:45 - 00031072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-25 10:34 - 2012-05-18 20:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-25 10:34 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-25 10:34 - 2009-07-14 06:51 - 00110300 _____ C:\Windows\setupact.log
2015-08-17 13:55 - 2012-06-04 11:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-17 13:55 - 2010-11-21 05:47 - 02026002 _____ C:\Windows\PFRO.log
2015-08-14 19:10 - 2015-06-18 12:54 - 00984902 _____ C:\Windows\SysWOW64\avgnt.log
2015-08-14 19:03 - 2015-06-18 12:54 - 00021602 _____ C:\Windows\SysWOW64\Avira.ServiceHost.log
2015-08-14 18:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-14 10:58 - 2012-08-27 17:43 - 00000000 ____D C:\ProgramData\TEMP
2015-08-14 07:48 - 2015-06-18 12:54 - 02097002 _____ C:\Windows\SysWOW64\avgnt0011.log
2015-08-14 07:43 - 2015-06-18 11:29 - 00001131 _____ C:\Users\Public\Desktop\Avira.lnk
2015-08-14 07:43 - 2015-01-13 11:38 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-14 07:43 - 2013-09-21 17:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-08-14 07:15 - 2012-05-25 22:09 - 00002142 _____ C:\Windows\Sandboxie.ini
2015-08-14 07:10 - 2013-04-25 22:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-08-07 13:29 - 2012-05-19 05:35 - 00756844 _____ C:\Windows\system32\perfh007.dat
2015-08-07 13:29 - 2012-05-19 05:35 - 00172542 _____ C:\Windows\system32\perfc007.dat
2015-08-07 13:29 - 2009-07-14 07:13 - 01781582 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-28 14:30 - 2015-06-18 12:54 - 02097002 _____ C:\Windows\SysWOW64\avgnt0010.log

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-24 09:07 - 2015-07-17 08:52 - 0001865 _____ () C:\Users\halifax\AppData\Roaming\APStartupCulture
2015-04-24 09:07 - 2015-07-17 08:52 - 0001865 _____ () C:\ProgramData\APStartupCulture
2012-07-08 19:41 - 2012-07-08 19:41 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2012-11-08 10:58 - 2012-11-08 10:59 - 0000304 _____ () C:\ProgramData\Rexroth.IWDsInstall.log

Einige Dateien in TEMP:
====================
C:\Users\halifax\AppData\Local\Temp\avgnt.exe
C:\Users\halifax\AppData\Local\Temp\dsNCInst64.exe
C:\Users\halifax\AppData\Local\Temp\exie.exe
C:\Users\halifax\AppData\Local\Temp\expb.exe
C:\Users\halifax\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\halifax\AppData\Local\Temp\IW_InstUtil.exe
C:\Users\halifax\AppData\Local\Temp\PsKill.exe
C:\Users\halifax\AppData\Local\Temp\SandboxieInstall.exe
C:\Users\halifax\AppData\Local\Temp\simaticn.exe
C:\Users\halifax\AppData\Local\Temp\_is8F54.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-14 11:28

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-08-2015
durchgeführt von halifax (2015-08-25 13:44:56)
Gestartet von C:\TEMP
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2831858354-3733170835-1677986244-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2831858354-3733170835-1677986244-1003 - Limited - Enabled)
Gast (S-1-5-21-2831858354-3733170835-1677986244-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2831858354-3733170835-1677986244-1009 - Limited - Enabled)
halifax (S-1-5-21-2831858354-3733170835-1677986244-1001 - Administrator - Enabled) => C:\Users\halifax
UpdatusUser (S-1-5-21-2831858354-3733170835-1677986244-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden
ACCONfigurator (HKLM-x32\...\ACCONfigurator) (Version: 3.83.0.013 - DELTALOGIC Automatisierungstechnik GmbH)
ACCON-S7-NET (HKLM-x32\...\ACCON-S7-NET) (Version: 3.0.2.3 - DELTALOGIC Automatisierungstechnik GmbH)
Adept ACE (HKLM-x32\...\{FD967DD1-359A-4AD4-A207-087C02A1A5C7}) (Version: 3.3.2.18 - Adept Technology)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.60.03 - )
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS WL-330N3G Wireless Router Utilities (HKLM-x32\...\{914B74BD-2E42-46DB-BD43-8CE09BF5B245}) (Version: 4.2.5.8 - ASUS)
Avira (HKLM-x32\...\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}) (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.579 - Avira Operations GmbH & Co. KG)
Balluff IO-Link Device Tool (HKLM-x32\...\{72BDF610-B2A6-4A7D-B3C4-DE9B61770F9D}) (Version: 2.1.10 - Balluff GmbH)
Baselib Runtime (x32 Version: 3.0.1 - Pleora Technologies Inc.) Hidden
Baselib Runtime 64 (Version: 3.0.1 - Pleora Technologies Inc.) Hidden
Basler pylon SDK x64 2.3.5.2633 (HKLM\...\{D7F97581-F17B-48AD-B4BB-634AF0F78D39}) (Version: 2.3.2633 - Basler Vision Technologies)
BCL Configuration Tool 04.04.02 (HKLM-x32\...\{01EE69EB-F826-4C07-A867-5B0B73085904}_is1) (Version:  - Leuze electronic GmbH & Co. KG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1500 - Broadcom Corporation)
Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden
C3MGR2_R09-30 (HKLM-x32\...\{E23B4114-015B-497C-B727-0CE5A6574CFE}) (Version: 1.00.0000 - Parker Hannifin)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.1.3243 - CDBurnerXP)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Checker Vision Sensors 3.4  (HKLM\...\{A5ECA4A3-CC43-4D7D-8E9A-3E7DF19F8DEB}) (Version: 3.4.7.0 - Cognex Corporation)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
CoDeSys for Automation Alliance (HKLM-x32\...\{07976ABB-1EBD-4A65-A7C7-155A0DC17173}) (Version:  - 3S-Smart Software Solutions GmbH)
Cognex DataMan Software (x32 Version: 1.00.0001 - COGNEX Inc.) Hidden
Cognex DataMan Software v5.5.0 (HKLM-x32\...\{809DA373-D98E-4238-9326-244471BAABAA}) (Version: 5.5.0 - Cognex)
Conexant 20672 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.32.23.2 - Conexant)
Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.890 - Corel Inc.)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dienstprogramm "ThinkPad UltraNav" (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Disable AMT Profile Synchronization Pop-up for Windows XP/Vista/7 (HKLM\...\DisableAMTPopup) (Version: 1.00 - )
eBUS Drivers (64 bits) (Version: 3.0.1 - Pleora Technologies Inc.) Hidden
eBUS Drivers (x32 Version: 3.0.1 - Pleora Technologies Inc.) Hidden
eBUS GEV Protocol Driver Object (64 bits) (Version: 3.0.1 - Pleora Technologies Inc.) Hidden
eBUS GEV Protocol Driver Object (x32 Version: 3.0.1 - Pleora Technologies Inc.) Hidden
eBUS Runtime (64 bits) (Version: 3.0.1 - Pleora Technologies Inc.) Hidden
eBUS Runtime (x32 Version: 3.0.1 - Pleora Technologies Inc.) Hidden
eBUS Universal Pro (64 bits) (Version: 3.0.1 - Pleora Technologies Inc.) Hidden
eBUS Universal Pro (x32 Version: 3.0.1 - Pleora Technologies Inc.) Hidden
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
GemPcCCID (HKLM\...\{B6FF55F4-1C4B-4A91-B479-4E32EE1CFB46}) (Version: 2.0.5 - Gemalto)
HexSight 4.2 (HKLM-x32\...\HexSight 4.2) (Version:  - )
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
IndraLogic (HKLM-x32\...\{F50F362A-AF43-4187-A34A-984E5F2FCA26}) (Version: 1.80.239.40 #2 - Bosch Rexroth AG)
IndraWorks 13.14.579.0 (HKLM-x32\...\{65BCFBA2-01CC-4B80-A7CF-4A5D59EC72CE}) (Version: 13.14.579.0 - Bosch Rexroth AG)
IndraWorks Ds (HKLM-x32\...\IndraWorks Ds) (Version: 12V06 - Bosch Rexroth AG)
IndraWorksManager (HKLM\...\{74bfa03b-803e-4a6e-9d19-10f59dd11112}.sdb) (Version:  - )
Integrated Camera Driver Installer Package Ver.1.1.0.1147 (HKLM-x32\...\{B2CA6F37-1602-4823-81B5-0384B6888AA6}) (Version: 1.1.0.1147 - RICOH)
Integrated Camera TWAIN (HKLM-x32\...\{9CA0DEE4-E84B-466F-9B96-FC255F3A929F}) (Version: 1.0.11.1223 - Chicony Electronics Co.,Ltd.)
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2321 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
Juniper Installer Service (x32 Version: 8.0.31739 - Juniper Networks) Hidden
Juniper Installer Service 8.0 (HKLM-x32\...\Juniper Installer Service 8.0) (Version: 8.0.31739 - Juniper Networks, Inc.)
Juniper Networks Network Connect 8.0 (HKLM-x32\...\Juniper Network Connect 8.0) (Version: 8.0.5.31739 - Juniper Networks)
Juniper Networks Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Patch Utility (HKLM-x32\...\{24E92E7A-6848-4747-A3EA-3AAC0576BE52}) (Version: 1.0.1.1 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{39A04221-294E-4D90-A0F2-CCB1EF15CB56}) (Version: 1.2.0.1 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.66.00.22 - )
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo SimpleTap (HKLM\...\{EFC9FE7C-ECE8-4282-8F77-FEDCAD374C77}) (Version: 3.0.0010.00 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{828CE72E-718B-4FDC-A469-8DE674CE8C4D}) (Version: 1.0.006.00 - Lenovo Group Limited)
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0008.00 - Ihr Firmenname)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\Lenovo Welcome_is1) (Version: 3.00.006.0 - Lenovo)
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
LOGO!Soft Comfort V8.0  (HKLM\...\LOGO!Soft Comfort V8.0 ) (Version: 8.0.0.0 - Siemens AG)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM-x32\...\{7F8205DE-DDFA-4156-ADA2-766E9CB4FABC}) (Version: 3.0.0011.00 - Lenovo Group Limited)
MetroSet2_3.2.42 (HKLM-x32\...\{2D6B9594-2795-40DD-8A74-F6CF75C8EDA1}) (Version: 3.2.0042 - Honeywell International Inc)
Microsoft .NET Compact Framework 2.0 SP2 (HKLM-x32\...\{B1060346-9388-4C5B-AA52-176C39819E43}) (Version: 2.0.7045 - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MotionStudio (HKLM-x32\...\{0934A6DC-CFEF-45B3-89D7-D5F69008C4D2}) (Version: 5.8.0 - SEW-EURODRIVE GmbH & Co KG)
MOVITOOLS® 4.90 (HKLM-x32\...\{6A2D840F-065F-40F7-8F92-9EE1188EDD9B}) (Version: 4.9.0 - SEW-EURODRIVE GmbH & Co KG)
MOVITOOLS-MotionStudio (HKLM-x32\...\SEW MotionStudio Uninstall) (Version:  - SEW-EURODRIVE GmbH & Co KG)
MOXA UPort 1110/1130/1150 Windows Driver Ver1.6 (HKLM\...\MOXA UPort 1110/1130/1150 Windows Driver_is1) (Version: 1.6 - Moxa Inc.)
Mozilla Firefox 40.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 de)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)
Mozilla Thunderbird 24.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.0 (x86 de)) (Version: 24.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 311.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.00 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.00 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.2.23.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.23.3 - NVIDIA Corporation)
OPC Core Components Redistributable (x86) 101.0 (HKLM-x32\...\{FE1BD42E-EF10-4277-9DCE-1B144D1A8937}) (Version: 3.00.10100 - OPC Foundation)
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
PCAN OEM 64-Bit (HKLM\...\{5F790368-CC5C-4571-B3D3-BEA8EB068401}) (Version: 2.1.18 - PEAK-System Technik GmbH)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
PKZIP Server for Windows 12.40.0008 (HKLM-x32\...\{134A51EB-1BBB-4249-BAF5-494C3D186A06}) (Version: 12.40.0008 - PKWARE, Inc)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.1.0 - Prolific Technology INC)
PLCEditor (HKLM-x32\...\{EFE16766-5940-4038-9C02-4094B6E8608E}) (Version: 2.3.0935 - SEW Eurodrive GmbH & Co. KG)
PLCEditorGatewayServer (HKLM-x32\...\{CDAB0996-9AEB-4B64-8492-D4C40ABB3B7C}) (Version: 2.3.0925 - SEW Eurodrive GmbH & Co. KG)
PLCEditorOPCServer (HKLM-x32\...\{4F24ABD3-5163-4DB3-90B9-841F040650C6}) (Version: 2.3.1308 - SEW Eurodrive GmbH & Co. KG)
Pleora GenICam Package (64 bits) (Version: 3.0.1 - Pleora Technologies Inc.) Hidden
Pleora GenICam Package (x32 Version: 3.0.1 - Pleora Technologies Inc.) Hidden
Pleora Protocol Functional Device Object for eBUS (64 bits) (Version: 3.0.1 - Pleora Technologies Inc.) Hidden
Pleora Protocol Functional Device Object for eBUS (x32 Version: 3.0.1 - Pleora Technologies Inc.) Hidden
PureGEV GEV Protocol eBUS Streaming Runtime (64 bits) (Version: 2.0.1 - Pleora Technologies Inc.) Hidden
PureGEV GEV Protocol eBUS Streaming Runtime (x32 Version: 2.0.1 - Pleora Technologies Inc.) Hidden
PureGEV Runtime (64 bit GenICam dependent layers) (Version: 2.0.1 - Pleora Technologies Inc.) Hidden
PureGEV Runtime (GenICam dependent layers) (x32 Version: 2.0.1 - Pleora Technologies Inc.) Hidden
RapidBoot (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.11 - Lenovo)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH)
Sandboxie 3.72 (64-bit) (HKLM\...\Sandboxie) (Version: 3.72 - SANDBOXIE L.T.D)
Sentinel Protection Installer 7.6.5 (HKLM-x32\...\{DE09967A-E9E2-4562-A58D-989CA70FA65E}) (Version: 7.6.5 - SafeNet, Inc.)
SerialMon (HKLM-x32\...\SerialMon) (Version: 1.5 - Joakim Ögren)
SEW-Communication-Server (HKLM-x32\...\{310358D8-48D1-4B35-A984-7DE3E88B6469}) (Version: 1.0.0 - SEW Eurodrive GmbH)
Siemens Automation License Manager (Version: 05.01.0103 - Siemens AG) Hidden
Siemens Automation License Manager V5.1 + SP1 + Upd3   (HKLM\...\{4EA2F07F-BD6B-4765-B7C1-53674EED70F6}LicenseManager) (Version: 05.01.0103 - Siemens AG)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - Silicon Laboratories)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{36D71176-4A63-4D4A-A5E0-425474C0B873}) (Version: 6.2.00 - Silicon Laboratories, Inc.)
SIMATIC  STEP 7 (x32 Version: 05.05.0200 - Siemens AG) Hidden
SIMATIC  STEP 7 V5.5 + SP2 Professional 2010 SR2   (HKLM-x32\...\{7B427E8E-F76D-4C8C-B155-7F24DF46DB67}STEP7) (Version: 05.05.0200 - Siemens AG)
SIMATIC Device Drivers (Version: 01.00.0200 - Siemens AG) Hidden
SIMATIC Device Drivers WoW (x32 Version: 20.00.0200 - Siemens AG) Hidden
SIMATIC HMI License Manager Panel Plugin (x64) (Version: 11.00.0100 - Siemens AG) Hidden
SIMATIC HMI Symbol Library (x32 Version: 11.00.0200 - Siemens AG) Hidden
SIMATIC LanguageSupportTool (x32 Version: 05.08.0200 - Siemens AG) Hidden
SIMATIC NCM FWL 64 (Version: 05.05.0100 - Siemens AG) Hidden
SIMATIC PLCSIM 64 (Version: 01.00.0001 - Siemens AG) Hidden
SIMATIC Prosave (x32 Version: 09.00.0300 - Siemens AG) Hidden
SIMATIC Prosave V9.0 incl. SP3   (HKLM-x32\...\{AE533A06-4655-41E8-88BB-48293AAF1FA0}Prosave) (Version: 09.00.0300 - Siemens AG)
SIMATIC S7 CP PtP Param (x32 Version: 5.1.1300 - Siemens AG) Hidden
SIMATIC S7 CP PtP Param V5.1 + SP13   (HKLM-x32\...\{62B332B3-65AB-419D-ACFA-4A5361CFB116}CPPTP) (Version: 5.1.1300 - Siemens AG)
SIMATIC S7-GRAPH (x32 Version: 05.03.0700 - Siemens AG) Hidden
SIMATIC S7-GRAPH V5.3 + SP7 Professional 2010 SR2   (HKLM-x32\...\{4FF24C45-A4EE-4A99-B287-E3468EC41CBD}S7GRAPH) (Version: 05.03.0700 - Siemens AG)
SIMATIC S7-PCT (x32 Version: 02.03.0000 - Siemens AG) Hidden
SIMATIC S7-PCT V2.3 Professional 2010 SR2   (HKLM-x32\...\{06AF0F82-E926-48A6-8C5F-ECB195DB2CB4}S7PCT) (Version: 02.03.0000 - Siemens AG)
SIMATIC S7-PDIAG (x32 Version: 05.03.0600 - Siemens AG) Hidden
SIMATIC S7-PDIAG V5.3 + SP6   (HKLM-x32\...\{68851FEA-BB6B-4700-B822-F42D61919EFD}S7-PDIAG) (Version: 05.03.0600 - Siemens AG)
SIMATIC S7-PLCSIM (x32 Version: 5.4.0502 - Siemens AG) Hidden
SIMATIC S7-PLCSIM V5.4 + SP5 + Upd2 Professional 2010 SR2   (HKLM-x32\...\{1CBF27F6-24A4-488D-940A-678F1C691C49}PLCSim) (Version: 5.4.0502 - Siemens AG)
SIMATIC S7-SCL (x32 Version: 5.3.6.0 - Siemens AG) Hidden
SIMATIC S7-SCL V5.3 + SP6 Professional 2010 SR2   (HKLM-x32\...\{5B1B0682-EEC6-4EDD-BAB0-3FEC2E55090D}SCL) (Version: 5.3.6.0 - Siemens AG)
SIMATIC Version View (x32 Version: 01.07.0700 - Siemens AG) Hidden
SIMATIC WinCC flexible 2008 SP3 (HKLM-x32\...\InstallShield_{4859C171-B826-4B74-ABCE-501B4C725EA2}) (Version: 01.04.0000 - Siemens AG)
SIMATIC WinCC flexible OCX (x32 Version: 01.04.0000 - Siemens AG) Hidden
SIMATIC WinCC flexible Runtime (x32 Version: 01.04.0000 - Siemens AG) Hidden
SIMATIC WinCC flexible Runtime 2008 SP3   (HKLM-x32\...\{BA076DAD-B2E9-4DE6-8DC3-A12C0E569EAC}HmiRTm) (Version: 01.04.0000 - Siemens AG)
SIMATIC WinCC flexible Runtime Driver (x64) (Version: 01.04.0000 - Siemens AG) Hidden
SIMATIC WinCC flexible Simulator (x32 Version: 01.08.0300 - Siemens AG) Hidden
SIMATIC WinCC flexible Tag Simulator (x32 Version: 01.04.0000 - Siemens AG) Hidden
SmartVision EX Utility Client (HKLM-x32\...\{7F6BC921-9098-4E55-9C20-C03CEBAF1837}) (Version: 1.0.12 - Adept Technology)
Solid Edge License Manager (HKLM-x32\...\{1AC414BD-ADD0-4694-AE59-76D4606A74FA}) (Version: 104.00.00082 - Siemens)
Solid Edge ST4 (HKLM\...\{DE02B016-E096-437F-8D96-853BB36011D5}) (Version: 104.00.0405 - Siemens)
Standard-HMI (HKLM-x32\...\{6161DE40-F09C-11D5-8B61-0040952A05E4}) (Version:  - )
System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.01.0015 - Lenovo)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.1500 - Broadcom Corporation)
ThinkPad Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.67 - )
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.8.0 - )
ThinkVantage AutoLock (HKLM\...\{E224B44B-B5EB-4af3-A80A-A255358E241A}_is1) (Version: 1.03 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.07 - Lenovo)
ThinkVantage Fingerprint Software (HKLM\...\{502EE63C-9A62-4330-8F8B-1EAB51B7BB46}) (Version: 5.9.4.6882 - UPEK Inc.)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.73 - Lenovo)
WinCC flexible (x32 Version: 01.04.0000 - Siemens AG) Hidden
WinCC flexible Graphics (x32 Version: 1.04.0000 - Siemens AG) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - FTDI CDM Driver Package (07/12/2010 2.08.02) (HKLM\...\498B9978CE49397903524B0761200F43EC650044) (Version: 07/12/2010 2.08.02 - FTDI)
Windows-Treiberpaket - FTDI CDM Driver Package (07/12/2010 2.08.02) (HKLM\...\67170FB0228B69BCCBEF8CE14A76953A5505D8EA) (Version: 07/12/2010 2.08.02 - FTDI)
Windows-Treiberpaket - Intel (e1cexpress) Net  (12/21/2010 11.8.84.0) (HKLM\...\6D23A494E9A245843FB8584D9307D3E328DF8613) (Version: 12/21/2010 11.8.84.0 - Intel)
Windows-Treiberpaket - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\0CDBDD444A1F5FFEA227B4E7DCE195F11F08240A) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System  (09/10/2010 9.2.0.1011) (HKLM\...\8058FF31D7C7F4818DC176DAF53CD379968C86E4) (Version: 09/10/2010 9.2.0.1011 - Intel)
Windows-Treiberpaket - Intel System  (11/20/2010 9.2.0.1016) (HKLM\...\43B5066463CEBC83E99586A67037B6F9FC4193FE) (Version: 11/20/2010 9.2.0.1016 - Intel)
Windows-Treiberpaket - Intel USB  (12/21/2010 9.2.0.1021) (HKLM\...\0DD5528A211904214F70A66DE6ADBD378B21566D) (Version: 12/21/2010 9.2.0.1021 - Intel)
Windows-Treiberpaket - Lenovo (LenovoRd) SmartCardReader  (05/11/2009 4.1.0.1) (HKLM\...\9B84710FFAE6C50914FCE568B59E426F1386E7F6) (Version: 05/11/2009 4.1.0.1 - Lenovo)
Windows-Treiberpaket - Lenovo 1.61.00.11 (11/11/2010 1.61.00.11) (HKLM\...\466E9B20D871055D6D3CDA2CDD1D355E978A61AF) (Version: 11/11/2010 1.61.00.11 - Lenovo)
Windows-Treiberpaket - libusb-win32 (libusb0) libusb-win32 devices  (10/02/2010 1.2.2.0) (HKLM\...\D799FADEEBD9F7950736A4761F35786956C03D1B) (Version: 10/02/2010 1.2.2.0 - libusb-win32)
Windows-Treiberpaket - Synaptics (SynTP) Mouse  (05/19/2011 15.3.8.0) (HKLM\...\DDD8A532E361E9A878EBEF69C338B306810DF059) (Version: 05/19/2011 15.3.8.0 - Synaptics)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

08-07-2015 10:39:19 Geplanter Prüfpunkt
17-07-2015 08:57:59 Gerätetreiber-Paketinstallation: Printing Communications Assoc. (PCAUSA) Netzwerkprotokoll
17-07-2015 09:18:39 Installiert ASUS WL-330N3G Wireless Router Utilities
28-07-2015 12:23:34 Geplanter Prüfpunkt
14-08-2015 07:01:17 Installed Juniper Installer Service
14-08-2015 07:17:41 Installed GemPcCCID

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {462CECFC-2B4A-402A-ABD4-79A1CFA1FD63} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {4A73A5AA-8B5E-44B6-AB42-83BCEC209FA0} - System32\Tasks\{F7F5D493-CCBA-424B-9598-52781194B897} => pcalua.exe -a "D:\Vision Sensor Checker C4G\Software Checker\Checker_3_4_Release\setup.exe" -d "D:\Vision Sensor Checker C4G\Software Checker\Checker_3_4_Release"
Task: {4FC53E9F-5E35-4547-A25E-840283C0A174} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {54FF7A75-F37C-4252-91F9-EB13194E9317} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-24] (Adobe Systems Incorporated)
Task: {61C7B0DE-6B03-49C6-8D6E-295A4F972862} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for ThinkPad_W520.halifax => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2011-12-21] (Lenovo)
Task: {68A22C0E-63E2-4057-A39A-87307C2A61F9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2012-01-09] (Lenovo)
Task: {957B5C24-C10D-4D98-801C-0DA3B72D49FE} - System32\Tasks\{54064CF3-0307-41AC-8BF3-5E84091C8990} => pcalua.exe -a D:\Setup_PtP_V5113.exe -d D:\
Task: {A3855F2E-7D4C-49EF-A256-B71717D666B8} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2012-02-27] (Lenovo Group Limited)
Task: {CA19B814-5662-4B4F-B532-31E300CDB2AE} - System32\Tasks\MCP => C:\Program Files (x86)\LENOVO\Message Center Plus\MCPLaunch.exe [2011-12-21] (Lenovo)
Task: {D9E6DACE-665F-4F09-8B69-9C8567158A7C} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2011-12-21] (Lenovo)
Task: {E663363B-D967-493A-ACAB-62CDB9A0C949} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for THINKPADW520.halifax => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2011-12-21] (Lenovo)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2012-12-06 04:12 - 2013-01-10 23:36 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-07-27 20:07 - 2011-07-27 20:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-03-10 00:43 - 2011-03-10 00:43 - 00774144 _____ () C:\Program Files\Common Files\Siemens\SWS\PlugIns\SCP\Scpwin64.dll
2011-06-14 18:24 - 2011-06-14 18:24 - 00824320 _____ () C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\sn_regbase.dll
2011-12-21 00:28 - 2012-01-11 16:25 - 00636216 _____ () C:\SWTOOLS\SimpleTap DeskBand\DeskBand64.dll
2012-05-18 20:08 - 2012-02-27 20:07 - 00055808 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2010-12-18 15:50 - 2010-12-18 15:50 - 00173856 _____ () C:\Program Files\ThinkPad\Bluetooth Software\btkeyind.dll
2012-05-19 05:30 - 2011-05-19 14:04 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2012-05-18 20:01 - 2010-10-26 06:40 - 00049056 ____N () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2012-05-18 20:05 - 2011-03-06 13:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-27 08:49 - 2009-07-20 12:35 - 00018960 _____ () C:\Program Files\Logitech\SetPoint\khalwrapper.dll
2012-08-27 08:49 - 2009-07-20 04:00 - 00077824 _____ () C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
2011-12-06 22:11 - 2011-12-06 22:11 - 00061776 _____ () C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\zlib.dll
2012-05-18 20:09 - 2010-04-06 09:05 - 02085888 _____ () C:\Program Files\Lenovo\AutoLock\cv210.dll
2012-05-18 20:09 - 2010-04-06 09:04 - 02201088 _____ () C:\Program Files\Lenovo\AutoLock\cxcore210.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2012-05-19 05:30 - 2011-05-19 14:04 - 00066856 _____ () C:\Windows\SysWOW64\SynTPEnhPS.dll
2011-06-14 18:24 - 2011-06-14 18:24 - 00749568 _____ () C:\Windows\SysWOW64\sn_regbase.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:9A32E6D3

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2831858354-3733170835-1677986244-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{9DFA7748-24BC-4A9C-9E59-30B4F4D94EB3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{EF18C5D6-BB3A-41D9-9403-E5E376D65FA5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{4BDBC899-2013-4FE1-9195-4AA2864C7D40}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{395F6B66-E05E-423F-9911-7B8CA1945464}] => (Allow) LPort=2869
FirewallRules: [{C8373DCF-454C-4344-B78A-7A5F8583B4AF}] => (Allow) LPort=1900
FirewallRules: [{242FDCEB-4515-4563-BC69-ACC1798B16A3}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{01B9E93F-30F5-402B-A3B3-6CA9297DC53B}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{6F1FF28F-7342-4E0C-A4D1-9CC95AAA3B31}] => (Allow) C:\Users\halifax\AppData\Local\Temp\7zSBD36.tmp\SymNRT.exe
FirewallRules: [{7EB4A71F-F37F-49E7-962E-68164A86B03A}] => (Allow) C:\Users\halifax\AppData\Local\Temp\7zSBD36.tmp\SymNRT.exe
FirewallRules: [{BBF8B453-A2A7-416B-963C-BFB7DA247962}] => (Allow) C:\Users\halifax\AppData\Local\Temp\7zS5C11.tmp\SymNRT.exe
FirewallRules: [{76EC315B-9990-4CB2-A81F-5D9A04836179}] => (Allow) C:\Users\halifax\AppData\Local\Temp\7zS5C11.tmp\SymNRT.exe
FirewallRules: [{67FC1B1B-2A94-4788-A7C5-52EB75F670FC}] => (Allow) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
FirewallRules: [{17250FE2-F28F-4301-9944-9BF76739627B}] => (Allow) C:\Program Files (x86)\Common Files\Siemens\SQLANY\Dbsrv9.exe
FirewallRules: [{90AE6944-4B73-46C2-8259-428F8C429028}] => (Allow) C:\Program Files (x86)\Common Files\Siemens\SQLANY\Dbeng9.exe
FirewallRules: [{AC237726-54CC-4FDF-AD7F-30108CD4536E}] => (Allow) C:\Windows\system32\S7otbxsx.exe
FirewallRules: [{D9BC46F5-DF66-493A-96AB-07D8CDC5FFB2}] => (Allow) C:\Program Files (x86)\Siemens\Step7\S7INF\S7usiapx.exe
FirewallRules: [{991BB5B2-33B5-43FF-8B36-D9FB908860F2}] => (Allow) C:\Program Files (x86)\Siemens\Step7\S7BIN\S7tgtopx.exe
FirewallRules: [{CA492B0E-F8F3-494B-A72F-F56165FFD3DC}] => (Allow) C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\HmiES.exe
FirewallRules: [{1E9842E1-147A-43CC-BD09-8E7F29FF2905}] => (Allow) C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008\TraceServer.exe
FirewallRules: [{01634614-769E-4D64-9101-E70CD59F12AE}] => (Allow) C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\MiniWeb.exe
FirewallRules: [{18D4593B-5C0F-49BB-9783-472BC13B012A}] => (Allow) C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe
FirewallRules: [{33C13528-B5B2-4B65-BEA6-5A990F2EEC14}] => (Allow) C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\HmiLoad.exe
FirewallRules: [{E9BAA8E0-7675-4C2C-BEEC-B9655C0DBDAE}] => (Allow) C:\Program Files\di-soric\Checker Vision Sensors 3.4\Checker.exe
FirewallRules: [{6FC5FADD-3DD6-4A53-BF40-A563853A9782}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{5EBEBC15-8B2C-4C5D-8B01-C4E11855BE65}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8FD248F0-33C5-4CF1-B3CE-B7388A38DEE8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{7D93FE52-1805-4B36-9F9E-BD7FE47C3FB2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{32D0047A-EBA3-4A72-926F-B1C234D6812B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3BA7FF70-8ECD-4E4E-BD88-0BAE223B16F4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{14477482-B0A5-4BCE-9B7A-8885972B4265}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BC57EFB2-9519-4F5E-92ED-B35F0DE60990}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{10385D7E-C68E-44D4-89C7-DE2DDE0FA10F}] => (Allow) C:\Program Files (x86)\Common Files\Siemens\SQLANY\dbsrv9.exe
FirewallRules: [{7D5F695E-C502-49D2-B7BE-F921BA9B0AE4}] => (Allow) C:\Program Files (x86)\Common Files\Siemens\SQLANY\dbsrv9.exe
FirewallRules: [{A7210BC8-7504-4654-9789-FC9D710FC145}] => (Allow) C:\Program Files (x86)\Siemens\Step7\S7BIN\S7tgtopx.exe
FirewallRules: [{E28BA11E-CB74-4A53-96BA-72A8B40A6ACE}] => (Allow) C:\Program Files (x86)\Siemens\Step7\S7BIN\S7tgtopx.exe
FirewallRules: [{E721023F-01AB-440F-BA51-A4F8BF0F933A}] => (Allow) C:\Program Files (x86)\Siemens\Step7\S7INF\S7usiapx.exe
FirewallRules: [{6A6C75D5-FBE6-4B8E-874A-D424E18F535F}] => (Allow) C:\Program Files (x86)\Siemens\Step7\S7INF\S7usiapx.exe
FirewallRules: [{C76EE630-B0FC-44F6-9B20-8F69F3B1BFDF}] => (Allow) C:\Windows\SysWOW64\s7otbxsx.exe
FirewallRules: [{05D177E4-27D0-4E9C-8705-42A1EFB63A21}] => (Allow) C:\Windows\SysWOW64\s7otbxsx.exe
FirewallRules: [TCP Query User{A5A26E4C-277A-49A1-BEE6-373B1D7B9268}C:\program files\siemens\logocomfort_v8\jre\bin\javaw.exe] => (Allow) C:\program files\siemens\logocomfort_v8\jre\bin\javaw.exe
FirewallRules: [UDP Query User{8A43B8F2-09A4-4462-A0AF-A8A895021407}C:\program files\siemens\logocomfort_v8\jre\bin\javaw.exe] => (Allow) C:\program files\siemens\logocomfort_v8\jre\bin\javaw.exe
FirewallRules: [{66874D90-7787-453F-83CB-BA6F6F8F4493}] => (Block) C:\program files\siemens\logocomfort_v8\jre\bin\javaw.exe
FirewallRules: [{E244F12E-9BAE-42B3-B78C-F86E9E7D7C48}] => (Block) C:\program files\siemens\logocomfort_v8\jre\bin\javaw.exe
FirewallRules: [TCP Query User{70427FEE-3151-4530-89A6-8991E3693903}C:\program files\siemens\logocomfort_v8\jre\bin\java.exe] => (Allow) C:\program files\siemens\logocomfort_v8\jre\bin\java.exe
FirewallRules: [UDP Query User{17CE695D-B428-4AFA-BAAE-E25FBA5ADDF0}C:\program files\siemens\logocomfort_v8\jre\bin\java.exe] => (Allow) C:\program files\siemens\logocomfort_v8\jre\bin\java.exe
FirewallRules: [{FD3D73F0-2D0B-4998-9A8D-F9900B4428F9}] => (Block) C:\program files\siemens\logocomfort_v8\jre\bin\java.exe
FirewallRules: [{C74A55AE-0067-4D8E-B74A-0F872C4CC46A}] => (Block) C:\program files\siemens\logocomfort_v8\jre\bin\java.exe
FirewallRules: [{F20B6846-96E4-4971-944C-BED80AEDB7A6}] => (Allow) C:\Windows\SysWOW64\Gateway.exe
FirewallRules: [{FC9175AA-5D1E-4963-862A-E5AD6A333F21}] => (Allow) C:\Windows\SysWOW64\Gateway.exe
FirewallRules: [{A764C461-5D85-4401-8E92-F7FF5D680891}] => (Allow) C:\Windows\SysWOW64\Gateway.exe
FirewallRules: [{49E79BB0-B2B1-4111-8E06-90072409E470}] => (Allow) C:\Windows\SysWOW64\Gateway.exe
FirewallRules: [{43A34002-A132-49B4-A9D9-5782FB559447}] => (Allow) C:\Windows\SysWOW64\GatewayDDE.exe
FirewallRules: [{A7134CC0-5123-49B1-AE19-5C4FFFADEFD9}] => (Allow) C:\Windows\SysWOW64\GatewayDDE.exe
FirewallRules: [{D538F327-B798-4314-99DA-1FEDB93EA5FC}] => (Allow) C:\Windows\SysWOW64\GatewayDDE.exe
FirewallRules: [{64F0C6E9-BB3F-4A9C-BA15-63D3156960E8}] => (Allow) C:\Windows\SysWOW64\GatewayDDE.exe
FirewallRules: [TCP Query User{20306B15-5772-4E4F-9170-743AB487B2BD}C:\program files (x86)\cognex\dataman\dataman software v5.5.0\setuptool.exe] => (Allow) C:\program files (x86)\cognex\dataman\dataman software v5.5.0\setuptool.exe
FirewallRules: [UDP Query User{97DAD424-FAE7-4D28-8D92-9BE2C17BE114}C:\program files (x86)\cognex\dataman\dataman software v5.5.0\setuptool.exe] => (Allow) C:\program files (x86)\cognex\dataman\dataman software v5.5.0\setuptool.exe
FirewallRules: [{C7E27173-86A9-413F-9C17-8EBF6CA1D361}] => (Block) C:\program files (x86)\cognex\dataman\dataman software v5.5.0\setuptool.exe
FirewallRules: [{E05A42BA-1410-4B01-BC99-19892E0B3A62}] => (Block) C:\program files (x86)\cognex\dataman\dataman software v5.5.0\setuptool.exe
FirewallRules: [{F75A74E8-9BD8-4B90-87BE-6C478F0974CE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{09015D10-7BD5-4AD1-BE46-09544B587184}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{76EC456F-C806-44FB-B34A-B688487DE2EA}C:\program files (x86)\rexroth\indraworks ds\iwds.exe] => (Allow) C:\program files (x86)\rexroth\indraworks ds\iwds.exe
FirewallRules: [UDP Query User{951F56CA-1413-417B-983A-84635359279C}C:\program files (x86)\rexroth\indraworks ds\iwds.exe] => (Allow) C:\program files (x86)\rexroth\indraworks ds\iwds.exe
FirewallRules: [{166FAE5D-744B-4234-BE22-AE3B1A61ABE0}] => (Block) C:\program files (x86)\rexroth\indraworks ds\iwds.exe
FirewallRules: [{91C0FB7D-2531-40B0-8357-51C150085FCB}] => (Block) C:\program files (x86)\rexroth\indraworks ds\iwds.exe
FirewallRules: [{82011EE8-6BEB-4E61-813E-F00FEBF5351A}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DDP.ENGINEERINGDESKTOP.EXE
FirewallRules: [{FDBF3BD9-18BB-45E5-B12B-8A383430856F}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DDP.ENGINEERINGDESKTOP.EXE
FirewallRules: [{01BF67E5-42C5-40FD-9619-31A5D72C76E5}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DDP.OPERATIONDESKTOP.EXE
FirewallRules: [{74ED0FD9-38DF-42DE-84B3-1BCF88402CA5}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DDP.OPERATIONDESKTOP.EXE
FirewallRules: [{67D740E9-7DAC-455C-B2E8-11ACFEF044D8}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB03VRS.EXE
FirewallRules: [{6FEF3B17-5031-4C70-81CE-80B744BFB6C3}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB03VRS.EXE
FirewallRules: [{C55F2E00-232C-400A-B637-12002A9E6EC5}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD03VRS.EXE
FirewallRules: [{ADF6F61E-8728-432A-8DED-6B5695484D33}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD03VRS.EXE
FirewallRules: [{60D7DC71-D635-488C-B571-56F0BCBDB565}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH03VRS.EXE
FirewallRules: [{3A47ACFD-1413-42A0-AD1B-E5168612B265}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH03VRS.EXE
FirewallRules: [{2A976217-0A7D-4402-88A9-5D6C78EFF3F8}] => (Allow) C:\WINDOWS\SYSWOW64\GATEWAY.EXE
FirewallRules: [{AA42D969-A782-483C-B131-4644433C0356}] => (Allow) C:\WINDOWS\SYSWOW64\GATEWAY.EXE
FirewallRules: [{B0BF8466-3E3E-4A2A-A4EF-F21479BF0B6D}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\PDA.SERVER.EXE
FirewallRules: [{92922AD9-A4D2-4317-823F-E6AA679971E0}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\PDA.SERVER.EXE
FirewallRules: [{798611C9-89E7-493C-9587-B2680D135933}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB04VRS.EXE
FirewallRules: [{34ECA275-7987-4156-8C3E-2D6F137E8951}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB04VRS.EXE
FirewallRules: [{B0AE0702-EF29-4F60-B7DC-208F9F861CD5}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD04VRS.EXE
FirewallRules: [{FF36B6DA-CFDA-49FE-B8E7-0C41FEF55EC2}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD04VRS.EXE
FirewallRules: [{23533677-60F2-4A0B-A5AC-880BD3D09799}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH04VRS.EXE
FirewallRules: [{7802153D-B9D5-4E78-B85F-EF9D4FACC584}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH04VRS.EXE
FirewallRules: [{471D4B60-5DA0-42FD-A3B3-1F3561C0D131}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\SCPSERVER.EXE
FirewallRules: [{F1AE0861-26A6-42AB-B578-594FCCA62BAC}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\SCPSERVER.EXE
FirewallRules: [{F579FD9D-8831-4228-ACE8-EA7CA98F5A77}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB05VRS.EXE
FirewallRules: [{BFE42D9D-D9D0-4397-B3F6-B98CA7CBD649}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB05VRS.EXE
FirewallRules: [{11B02297-D998-4533-9217-71071714BFD0}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD05VRS.EXE
FirewallRules: [{EB4C7A65-A6D1-4CDC-82DC-C052096C0DF5}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD05VRS.EXE
FirewallRules: [{930C98D9-0C30-4134-B159-9397F08FEBC1}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH05VRS.EXE
FirewallRules: [{B8272C5A-6F82-48EA-A2AC-4B732E7A2010}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH05VRS.EXE
FirewallRules: [{0FDBFB4F-1B92-4422-8E47-33D18FE8C656}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\HNC\OFFLINE\DRIVESERVER_HDH05VRS.EXE
FirewallRules: [{47D3A18F-A2E0-4F9D-AE20-514A34B12BAB}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\HNC\OFFLINE\DRIVESERVER_HDH05VRS.EXE
FirewallRules: [{506DBA83-586D-42C0-A4DE-EB1FDA059180}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB06VRS.EXE
FirewallRules: [{E4CB4553-BB5E-4CC4-85BC-AE496B327E93}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB06VRS.EXE
FirewallRules: [{0A6BABCE-F7D4-4588-805C-488C55F82632}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPC06VRS.EXE
FirewallRules: [{5E584781-C031-45EF-9B4A-D4EEFBEEA34E}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPC06VRS.EXE
FirewallRules: [{CDE2A0F7-3F62-42D7-A658-F6949152EA32}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD06VRS.EXE
FirewallRules: [{36C4F617-0A91-43FF-801B-F91E22D72DBF}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD06VRS.EXE
FirewallRules: [{67752BBD-E358-4DFD-9425-2D5848DE6113}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH06VRS.EXE
FirewallRules: [{32A5F599-062F-475D-8217-B9E976E91CB9}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH06VRS.EXE
FirewallRules: [{00B4CFFC-2177-4A45-8417-AA516DBE16FD}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB07VRS.EXE
FirewallRules: [{B03E3869-5C67-4F8F-9BDC-0E3A5427B909}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB07VRS.EXE
FirewallRules: [{810F3864-4AEF-4D16-B285-9DB30B66CD01}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPC07VRS.EXE
FirewallRules: [{46650305-FD0D-414D-9453-C9218B24DD59}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPC07VRS.EXE
FirewallRules: [{57532F2B-5AA7-47BE-9E07-DF809E0730F6}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD07VRS.EXE
FirewallRules: [{3A75440B-4480-4A35-BFEB-A3EBA96EA843}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD07VRS.EXE
FirewallRules: [{77D92FD9-D90D-437E-B39E-BB15DB7D4105}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH07VRS.EXE
FirewallRules: [{5FBCF6D0-4575-4BCB-B861-6B62B4B9BA03}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH07VRS.EXE
FirewallRules: [{707399A4-7E8A-4BD4-BB60-7AFFC2BADBA8}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\WINSTUDIO\BIN\CESERVER.EXE
FirewallRules: [{7D4D5F86-9638-490D-8912-C28117C008DB}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\WINSTUDIO\BIN\CESERVER.EXE
FirewallRules: [{8F169E3D-EF42-40B6-B73D-8703A954145F}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB16VRS.EXE
FirewallRules: [{C44D1138-30AB-49AD-A392-E3F17F310931}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB16VRS.EXE
FirewallRules: [{F70C5193-BB3B-4714-A3C9-77D4B4396210}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DDP.HOSTEDOPERATIONDESKTOP.EXE
FirewallRules: [{764F6A87-9BB9-4259-BD8F-BE1630967990}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DDP.HOSTEDOPERATIONDESKTOP.EXE
FirewallRules: [{5EAFBD6D-86A4-481B-AFEB-0F8BE93BDB4D}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\IWDS.EXE
FirewallRules: [{D4DD9C31-B071-4AD4-8321-66379F63C400}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\IWDS.EXE
FirewallRules: [{104A1C1C-6A9B-418A-B7D0-3970452D54BF}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB17VRS.EXE
FirewallRules: [{F145CA25-5FE2-4CC0-9302-A01DBFDD4F0F}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB17VRS.EXE
FirewallRules: [{688F5FF1-13DC-4FEA-B113-035BF2900AE5}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB08VRS.EXE
FirewallRules: [{FD8633AA-7463-4FE6-B9E3-82648B2ADF9B}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB08VRS.EXE
FirewallRules: [{3E5E45CE-6348-41E5-BBBF-34ACB0B51779}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPC08VRS.EXE
FirewallRules: [{AF722B8B-D594-46FC-9E1B-AED3DD27BE2A}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPC08VRS.EXE
FirewallRules: [{EA75B90D-1C10-4714-89D2-A6AC10674337}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD08VRS.EXE
FirewallRules: [{DBD9DE21-A08A-4319-9911-5CA7E14BBA8E}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPD08VRS.EXE
FirewallRules: [{04C58702-8543-498A-9343-0126050EB75E}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH08VRS.EXE
FirewallRules: [{938F98A1-01F2-4A4B-8E40-0026B08915E9}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPH08VRS.EXE
FirewallRules: [{0C273D83-7470-484B-A08A-F446251B47EF}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\ILNG.IPMCLI.EXE
FirewallRules: [{D6A064B3-ACA2-47FD-99BA-3D31D842B8A8}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\ILNG.IPMCLI.EXE
FirewallRules: [{9180AC9A-919C-4D1F-8B5A-7F4019AE17A2}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\ILNG.REPTOOL.EXE
FirewallRules: [{77B0FCCB-6272-4A51-8E49-EAA19981DECC}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\ILNG.REPTOOL.EXE
FirewallRules: [{A42238BF-CB3B-4E3C-B206-29BD5C1EB600}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\GATEWAYPLC\GATEWAYSERVICE.EXE
FirewallRules: [{C9342228-F438-4C5B-87D5-3FDDCBA762CB}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\GATEWAYPLC\GATEWAYSERVICE.EXE
FirewallRules: [{37337DCC-64DF-4117-BE96-548EB4F8B936}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\MLC\OFFLINE\MOTIONSERVER_MLC12VRS.EXE
FirewallRules: [{A866272C-3C58-46D1-8A49-87E37958D421}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\MLC\OFFLINE\MOTIONSERVER_MLC12VRS.EXE
FirewallRules: [{F8D59899-CCC5-4791-ACF8-EC3E16FE91BB}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPE17VRS.EXE
FirewallRules: [{3A722412-3123-4108-BB4F-AF13CBA0ED49}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPE17VRS.EXE
FirewallRules: [{D3092615-68D2-4165-9432-AE2BF672F1A7}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPC17VRS.EXE
FirewallRules: [{2B0EDCCD-7634-4A35-B5C9-9BAEB986D8D0}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPC17VRS.EXE
FirewallRules: [{0AEDD56F-5657-4BE7-B1F3-275E6E0018E9}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\WinStudio\BIN\TAGINTEGRATIONMANAGER.EXE
FirewallRules: [{EFD9D560-78F6-4C49-B97A-A32CD924AB20}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\WinStudio\BIN\TAGINTEGRATIONMANAGER.EXE
FirewallRules: [{086D45F8-C9FD-4029-B644-DF6E732A28B1}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\INDRAWORKS.LICENSEIMPORT.EXE
FirewallRules: [{24110D02-52EC-489A-85E9-676BBD6AFDFC}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\INDRAWORKS.LICENSEIMPORT.EXE
FirewallRules: [{DB31592D-79B4-4AB5-AF6F-9BB9ACD80C89}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\WINSTUDIO\BIN\STUDIO MANAGER.EXE
FirewallRules: [{9F9F9599-4ACD-495A-AC29-866AA782EA54}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\WINSTUDIO\BIN\STUDIO MANAGER.EXE
FirewallRules: [{AAAE5AC6-FEDF-4283-9D4E-C9FB123DCEE1}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB18VRS.EXE
FirewallRules: [{18FE605B-DCB3-489E-BC11-F233F844A36C}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPB18VRS.EXE
FirewallRules: [{985B5815-4C3E-4611-8D3F-B824AF9B436F}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPC18VRS.EXE
FirewallRules: [{A0F514BB-5F4E-4A6C-B4E5-74AD6E2FCD72}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPC18VRS.EXE
FirewallRules: [{3D0A6AB2-2372-497D-A1C8-F3493C34A5B0}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPE18VRS.EXE
FirewallRules: [{EB363B1E-3C10-4CB0-BD1A-232E12806860}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPE18VRS.EXE
FirewallRules: [{6ED4F92C-DB0A-42E4-AEE7-B9237F2A49EE}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPM18VRS.EXE
FirewallRules: [{AB325812-ED38-41D3-9C28-182E7EB6262A}] => (Allow) C:\Program Files (x86)\Rexroth\IndraWorks\DRIVE\OFFLINE\DRIVESERVER_MPM18VRS.EXE
FirewallRules: [{A7A0C9E2-60F7-4003-94D0-165E142E021C}] => (Allow) LPort=135
FirewallRules: [{A2BDC04D-8C68-410C-BED0-4122A7DCCF52}] => (Allow) F:\RouterSetup\QISWizard.exe
FirewallRules: [{F6D25695-5A75-4FA9-82D7-E82E96F8BEC0}] => (Allow) F:\RouterSetup\QISWizard.exe
FirewallRules: [{117C0A73-9632-4EC4-8A04-78FDBC1D57A1}] => (Allow) C:\Program Files (x86)\ASUS\WL-330N3G Wireless Router Utilities\Discovery.exe
FirewallRules: [{C734605A-BC2D-46AC-853E-82E6D0810D8F}] => (Allow) C:\Program Files (x86)\ASUS\WL-330N3G Wireless Router Utilities\Discovery.exe
FirewallRules: [{EDBBCD2E-3870-4DF6-BA1D-48100E327D74}] => (Allow) C:\Program Files (x86)\ASUS\WL-330N3G Wireless Router Utilities\Rescue.exe
FirewallRules: [{73ABEF46-818C-4A66-85DA-A1B9CE951A5D}] => (Allow) C:\Program Files (x86)\ASUS\WL-330N3G Wireless Router Utilities\Rescue.exe
FirewallRules: [{6179C186-3916-42FD-8636-ABCF45C2FD7A}] => (Allow) C:\Program Files (x86)\ASUS\WL-330N3G Wireless Router Utilities\QISWizard.exe
FirewallRules: [{4A387716-1D97-49A3-AE4C-B6FEC63AD35E}] => (Allow) C:\Program Files (x86)\ASUS\WL-330N3G Wireless Router Utilities\QISWizard.exe
FirewallRules: [TCP Query User{CBC377E3-66EB-483D-BF23-654CBA56686C}C:\program files (x86)\asus\wl-330n3g wireless router utilities\discovery.exe] => (Allow) C:\program files (x86)\asus\wl-330n3g wireless router utilities\discovery.exe
FirewallRules: [UDP Query User{8826A3B7-5D9F-40A9-BEAC-94B9FA013E5E}C:\program files (x86)\asus\wl-330n3g wireless router utilities\discovery.exe] => (Allow) C:\program files (x86)\asus\wl-330n3g wireless router utilities\discovery.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/25/2015 12:43:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 998

Error: (08/25/2015 12:43:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 998

Error: (08/25/2015 12:43:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/25/2015 10:46:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5008

Error: (08/25/2015 10:46:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5008

Error: (08/25/2015 10:46:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/25/2015 10:46:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4009

Error: (08/25/2015 10:46:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4009

Error: (08/25/2015 10:46:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/25/2015 10:46:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3011


Systemfehler:
=============
Error: (08/25/2015 01:32:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/25/2015 10:38:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (08/25/2015 10:38:40 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/25/2015 10:35:35 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (08/17/2015 02:00:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (08/17/2015 02:00:55 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/14/2015 06:07:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (08/14/2015 06:07:00 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/14/2015 09:22:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (08/14/2015 09:22:42 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).


Microsoft Office:
=========================
Error: (08/25/2015 12:43:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 998

Error: (08/25/2015 12:43:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 998

Error: (08/25/2015 12:43:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/25/2015 10:46:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5008

Error: (08/25/2015 10:46:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5008

Error: (08/25/2015 10:46:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/25/2015 10:46:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4009

Error: (08/25/2015 10:46:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4009

Error: (08/25/2015 10:46:23 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/25/2015 10:46:22 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3011


CodeIntegrity:
===================================
  Date: 2012-07-08 19:42:01.770
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-08 19:42:01.750
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-08 19:42:01.728
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-08 19:42:01.676
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-08 19:42:01.643
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-08 19:42:01.598
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-08 19:42:01.569
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-08 19:42:01.549
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-08 19:42:01.526
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2012-07-08 19:42:01.459
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\cryptnet.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Processor: Intel(R) Core(TM) i7-2760QM CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 16267.23 MB
Verfügbarer physikalischer RAM: 13116.46 MB
Summe virtueller Speicher: 32532.65 MB
Verfügbarer virtueller Speicher: 28975.74 MB

==================== Laufwerke ================================

Drive c: (Windows7_OS) (Fixed) (Total:448.67 GB) (Free:328.62 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive k: () (Network) (Total:3695.18 GB) (Free:3480.92 GB) 
Drive m: (OS) (Network) (Total:464.98 GB) (Free:372.3 GB) NTFS
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:5.11 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 78C1E17D)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS)

==================== Ende von FRST.txt ============================
         

2. Malwarebytes

No malware found!

Geändert von halifax09 (25.08.2015 um 15:05 Uhr)

Alt 25.08.2015, 15:33   #10
halifax09
 
Spammail durch meinen Account - Standard

Spammail durch meinen Account



3. TDSSKiller

Teil 1

Code:
ATTFilter
15:06:54.0910 0x1090  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
15:07:04.0138 0x1090  ============================================================
15:07:04.0138 0x1090  Current date / time: 2015/08/25 15:07:04.0137
15:07:04.0138 0x1090  SystemInfo:
15:07:04.0138 0x1090  
15:07:04.0138 0x1090  OS Version: 6.1.7601 ServicePack: 1.0
15:07:04.0138 0x1090  Product type: Workstation
15:07:04.0138 0x1090  ComputerName: THINKPADW520
15:07:04.0139 0x1090  UserName: halifax
15:07:04.0139 0x1090  Windows directory: C:\Windows
15:07:04.0139 0x1090  System windows directory: C:\Windows
15:07:04.0139 0x1090  Running under WOW64
15:07:04.0139 0x1090  Processor architecture: Intel x64
15:07:04.0139 0x1090  Number of processors: 8
15:07:04.0139 0x1090  Page size: 0x1000
15:07:04.0139 0x1090  Boot type: Normal boot
15:07:04.0139 0x1090  ============================================================
15:07:04.0504 0x1090  KLMD registered as C:\Windows\system32\drivers\97492273.sys
15:07:05.0087 0x1090  System UUID: {F9F72BB6-18FE-BC6D-3968-090B3CD33066}
15:07:05.0968 0x1090  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:07:05.0989 0x1090  ============================================================
15:07:05.0989 0x1090  \Device\Harddisk0\DR0:
15:07:05.0989 0x1090  MBR partitions:
15:07:05.0989 0x1090  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000
15:07:05.0989 0x1090  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38157000
15:07:05.0990 0x1090  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38445800, BlocksNum 0x1F40000
15:07:05.0990 0x1090  ============================================================
15:07:06.0003 0x1090  C: <-> \Device\Harddisk0\DR0\Partition2
15:07:06.0046 0x1090  Q: <-> \Device\Harddisk0\DR0\Partition3
15:07:06.0046 0x1090  ============================================================
15:07:06.0046 0x1090  Initialize success
15:07:06.0046 0x1090  ============================================================
15:07:43.0279 0x14dc  ============================================================
15:07:43.0279 0x14dc  Scan started
15:07:43.0279 0x14dc  Mode: Manual; SigCheck; TDLFS; 
15:07:43.0279 0x14dc  ============================================================
15:07:43.0279 0x14dc  KSN ping started
15:07:57.0077 0x14dc  KSN ping finished: true
15:07:58.0823 0x14dc  ================ Scan system memory ========================
15:07:58.0823 0x14dc  System memory - ok
15:07:58.0824 0x14dc  ================ Scan services =============================
15:07:58.0998 0x14dc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
15:07:59.0139 0x14dc  1394ohci - ok
15:07:59.0188 0x14dc  [ F4AF97702BAD85BFEF64B9A557F11B6F, 8255B2FBE64C60562A7DAAAD575EED49EE0D23DD42E5C76C988B8A3673843EA6 ] 5U877           C:\Windows\system32\DRIVERS\5U877.sys
15:07:59.0232 0x14dc  5U877 - ok
15:07:59.0397 0x14dc  [ 1225A5F7EBEF1EFF4E90BA37DA9B3839, D7D18839CF2496CE53A0B806153FA0BED54021D0D4ADBAF037A0E9F828517A6A ] AceServer       C:\Program Files (x86)\Adept Technology\Adept ACE\bin\AceService.exe
15:07:59.0432 0x14dc  AceServer - detected UnsignedFile.Multi.Generic ( 1 )
15:08:02.0089 0x14dc  AceServer ( UnsignedFile.Multi.Generic ) - warning
15:08:04.0642 0x14dc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:08:04.0695 0x14dc  ACPI - ok
15:08:04.0735 0x14dc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:08:04.0775 0x14dc  AcpiPmi - ok
15:08:04.0894 0x14dc  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:08:04.0925 0x14dc  AdobeARMservice - ok
15:08:05.0063 0x14dc  [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:08:05.0104 0x14dc  AdobeFlashPlayerUpdateSvc - ok
15:08:05.0164 0x14dc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:08:05.0226 0x14dc  adp94xx - ok
15:08:05.0283 0x14dc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:08:05.0333 0x14dc  adpahci - ok
15:08:05.0363 0x14dc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:08:05.0403 0x14dc  adpu320 - ok
15:08:05.0437 0x14dc  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:08:05.0538 0x14dc  AeLookupSvc - ok
15:08:05.0620 0x14dc  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
15:08:05.0694 0x14dc  AFD - ok
15:08:05.0729 0x14dc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:08:05.0772 0x14dc  agp440 - ok
15:08:05.0823 0x14dc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:08:05.0864 0x14dc  ALG - ok
15:08:05.0914 0x14dc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:08:05.0942 0x14dc  aliide - ok
15:08:06.0131 0x14dc  [ 6A896356FF660AB7DA9778C9DDBC6730, A10BF331F2653245278BF2EE97A2FA40CD7A05CCA86883F3A7AC26078743466B ] almservice      C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
15:08:06.0290 0x14dc  almservice - detected UnsignedFile.Multi.Generic ( 1 )
15:08:08.0734 0x14dc  Detect skipped due to KSN trusted
15:08:08.0734 0x14dc  almservice - ok
15:08:08.0769 0x14dc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:08:08.0797 0x14dc  amdide - ok
15:08:08.0824 0x14dc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:08:08.0862 0x14dc  AmdK8 - ok
15:08:08.0887 0x14dc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
15:08:08.0925 0x14dc  AmdPPM - ok
15:08:08.0948 0x14dc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:08:08.0983 0x14dc  amdsata - ok
15:08:09.0013 0x14dc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:08:09.0053 0x14dc  amdsbs - ok
15:08:09.0073 0x14dc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:08:09.0101 0x14dc  amdxata - ok
15:08:09.0217 0x14dc  [ 3358CAD1887DDDDD2A36B7796B579292, 40BA1A836276C2AA78914F294661C3C918F2D6DFAA9D6EF3FEB6D1EE3B07F584 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
15:08:09.0297 0x14dc  AntiVirMailService - ok
15:08:09.0385 0x14dc  [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:08:09.0437 0x14dc  AntiVirSchedulerService - ok
15:08:09.0501 0x14dc  [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:08:09.0553 0x14dc  AntiVirService - ok
15:08:09.0665 0x14dc  [ 6FD5165364D88FDABE4FA59E1768376F, B82D11E6FCC297F822E29A49D46C9985955C9F5676D107A397B00D0468F93504 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
15:08:09.0767 0x14dc  AntiVirWebService - ok
15:08:09.0802 0x14dc  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
15:08:09.0898 0x14dc  AppID - ok
15:08:09.0927 0x14dc  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:08:10.0022 0x14dc  AppIDSvc - ok
15:08:10.0062 0x14dc  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
15:08:10.0099 0x14dc  Appinfo - ok
15:08:10.0132 0x14dc  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:08:10.0180 0x14dc  AppMgmt - ok
15:08:10.0208 0x14dc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
15:08:10.0241 0x14dc  arc - ok
15:08:10.0269 0x14dc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:08:10.0303 0x14dc  arcsas - ok
15:08:10.0417 0x14dc  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:08:10.0453 0x14dc  aspnet_state - ok
15:08:10.0476 0x14dc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:08:10.0571 0x14dc  AsyncMac - ok
15:08:10.0611 0x14dc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:08:10.0639 0x14dc  atapi - ok
15:08:10.0722 0x14dc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:08:10.0866 0x14dc  AudioEndpointBuilder - ok
15:08:10.0918 0x14dc  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:08:11.0064 0x14dc  AudioSrv - ok
15:08:11.0167 0x14dc  [ CC1ABBD9E61B7AA5CCBB45EA87CB033F, 4E5DE485833721E19B36455C017B9D908BAA7D12637A878934A0FAF2326E000B ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
15:08:11.0219 0x14dc  avgntflt - ok
15:08:11.0265 0x14dc  [ 07C8454D3A94BA478752FAFA2B94E0FE, EB19396D4A6D51D6C33ED55C8EF0259045801D39CCE2945931F9163D6006C133 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
15:08:11.0299 0x14dc  avipbb - ok
15:08:11.0420 0x14dc  [ 4B3DBF1CEBE1B2346BF2F8D2251F641A, CDC5BCA35BE658007E29E94E7FBFAA499B50929E738A12904397D16268C6FBAE ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
15:08:11.0462 0x14dc  Avira.ServiceHost - ok
15:08:11.0498 0x14dc  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
15:08:11.0526 0x14dc  avkmgr - ok
15:08:11.0562 0x14dc  [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
15:08:11.0590 0x14dc  avnetflt - ok
15:08:11.0636 0x14dc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:08:11.0691 0x14dc  AxInstSV - ok
15:08:11.0748 0x14dc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:08:11.0817 0x14dc  b06bdrv - ok
15:08:11.0857 0x14dc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:08:11.0911 0x14dc  b57nd60a - ok
15:08:11.0950 0x14dc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:08:11.0989 0x14dc  BDESVC - ok
15:08:11.0999 0x14dc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:08:12.0093 0x14dc  Beep - ok
15:08:12.0161 0x14dc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:08:12.0252 0x14dc  BFE - ok
15:08:12.0328 0x14dc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:08:12.0491 0x14dc  BITS - ok
15:08:12.0517 0x14dc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:08:12.0553 0x14dc  blbdrive - ok
15:08:12.0623 0x14dc  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:08:12.0679 0x14dc  Bonjour Service - ok
15:08:12.0724 0x14dc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:08:12.0762 0x14dc  bowser - ok
15:08:12.0794 0x14dc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:08:12.0834 0x14dc  BrFiltLo - ok
15:08:12.0843 0x14dc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:08:12.0884 0x14dc  BrFiltUp - ok
15:08:12.0930 0x14dc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:08:12.0974 0x14dc  Browser - ok
15:08:13.0011 0x14dc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:08:13.0068 0x14dc  Brserid - ok
15:08:13.0094 0x14dc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:08:13.0137 0x14dc  BrSerWdm - ok
15:08:13.0160 0x14dc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:08:13.0200 0x14dc  BrUsbMdm - ok
15:08:13.0209 0x14dc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:08:13.0243 0x14dc  BrUsbSer - ok
15:08:13.0297 0x14dc  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
15:08:13.0331 0x14dc  BthEnum - ok
15:08:13.0358 0x14dc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:08:13.0404 0x14dc  BTHMODEM - ok
15:08:13.0435 0x14dc  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:08:13.0484 0x14dc  BthPan - ok
15:08:13.0534 0x14dc  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
15:08:13.0610 0x14dc  BTHPORT - ok
15:08:13.0645 0x14dc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:08:13.0746 0x14dc  bthserv - ok
15:08:13.0785 0x14dc  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
15:08:13.0821 0x14dc  BTHUSB - ok
15:08:13.0888 0x14dc  [ 8834F87A6A745872894DF8223201A6C3, B8C26E11EAAB4A93E4241B4B6F00C1CA05501011E28D6A06D4B009BA4E3AB7CD ] BTWAMPFL        C:\Windows\system32\DRIVERS\btwampfl.sys
15:08:13.0940 0x14dc  BTWAMPFL - ok
15:08:13.0968 0x14dc  [ 9863D82ECBEC6106D377ED73680D99D8, 27DA7335BB14BBF9DC627C8F97ED59BA3479E5E084704AE4C16B1A3E67CB184C ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
15:08:13.0999 0x14dc  btwaudio - ok
15:08:14.0029 0x14dc  [ 3432DD66AE75AB2DE6D0527AD78DBFC7, C2DEB409CDA3621E33E429E592A81E09095C52CDCE36732C9BEA00B92994E44D ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
15:08:14.0061 0x14dc  btwavdt - ok
15:08:14.0157 0x14dc  [ EB4AFE08FB39BB444F221D7D501E0915, 2AF8ECEEAB5A0E972660C1553B555E49C49F19500ABD67DFEB9BEBA7E577A700 ] btwdins         C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
15:08:14.0244 0x14dc  btwdins - ok
15:08:14.0257 0x14dc  [ 382DC5A631CED0462EA09B7EB898BDBF, 7457145E194310F4EB9273471EA41100D3A1448BC2A366064B25A212B389AACB ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
15:08:14.0281 0x14dc  btwl2cap - ok
15:08:14.0312 0x14dc  [ 13A9C2CEDD44C175E6CA39A536795CA6, 13D6D24C2127E6A5E9AB2DFAA9729D57AA6CFCC72DFACF78E4DE7E63ABA122DF ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
15:08:14.0334 0x14dc  btwrchid - ok
15:08:14.0358 0x14dc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:08:14.0459 0x14dc  cdfs - ok
15:08:14.0507 0x14dc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:08:14.0551 0x14dc  cdrom - ok
15:08:14.0579 0x14dc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:08:14.0676 0x14dc  CertPropSvc - ok
15:08:14.0722 0x14dc  [ 5BCA4B2551CE016A2FECBC50BC216BC7, DAE13DEDF91226397CD4873C1F622557FBFA3C3C181079F05458182E86F8FAD2 ] cgnxcdc_x64     C:\Windows\system32\DRIVERS\cgnxcdc_x64.sys
15:08:14.0751 0x14dc  cgnxcdc_x64 - ok
15:08:14.0773 0x14dc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:08:14.0816 0x14dc  circlass - ok
15:08:14.0872 0x14dc  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
15:08:14.0924 0x14dc  CLFS - ok
15:08:14.0979 0x14dc  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:08:15.0007 0x14dc  clr_optimization_v2.0.50727_32 - ok
15:08:15.0058 0x14dc  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:08:15.0087 0x14dc  clr_optimization_v2.0.50727_64 - ok
15:08:15.0161 0x14dc  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:08:15.0200 0x14dc  clr_optimization_v4.0.30319_32 - ok
15:08:15.0225 0x14dc  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:08:15.0264 0x14dc  clr_optimization_v4.0.30319_64 - ok
15:08:15.0295 0x14dc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:08:15.0330 0x14dc  CmBatt - ok
15:08:15.0358 0x14dc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:08:15.0386 0x14dc  cmdide - ok
15:08:15.0456 0x14dc  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
15:08:15.0532 0x14dc  CNG - ok
15:08:15.0669 0x14dc  [ 8DE541B4CFA281A204BAA3EA2109809E, FD3F9F0C7FD88D04CCC8A249D94EFEB3FBAD7192ABCAFAF5A3F23B830925DE68 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
15:08:15.0803 0x14dc  CnxtHdAudService - ok
15:08:15.0840 0x14dc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:08:15.0868 0x14dc  Compbatt - ok
15:08:15.0893 0x14dc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
15:08:15.0937 0x14dc  CompositeBus - ok
15:08:15.0947 0x14dc  COMSysApp - ok
15:08:15.0969 0x14dc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:08:15.0997 0x14dc  crcdisk - ok
15:08:16.0043 0x14dc  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:08:16.0090 0x14dc  CryptSvc - ok
15:08:16.0142 0x14dc  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
15:08:16.0216 0x14dc  CSC - ok
15:08:16.0288 0x14dc  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
15:08:16.0397 0x14dc  CscService - ok
15:08:16.0436 0x14dc  [ 9D0D050170D47E778B624A28C90F23DE, 48528AA9EB0C9FB5086D992EF1F9556C8249D267C2E3D4E681D5C8B6BC316C71 ] CxAudMsg        C:\Windows\system32\CxAudMsg64.exe
15:08:16.0471 0x14dc  CxAudMsg - ok
15:08:16.0530 0x14dc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:08:16.0678 0x14dc  DcomLaunch - ok
15:08:16.0731 0x14dc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:08:16.0847 0x14dc  defragsvc - ok
15:08:16.0884 0x14dc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:08:16.0981 0x14dc  DfsC - ok
15:08:17.0025 0x14dc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:08:17.0084 0x14dc  Dhcp - ok
15:08:17.0108 0x14dc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:08:17.0204 0x14dc  discache - ok
15:08:17.0246 0x14dc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
15:08:17.0277 0x14dc  Disk - ok
15:08:17.0302 0x14dc  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
15:08:17.0338 0x14dc  dmvsc - ok
15:08:17.0381 0x14dc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:08:17.0427 0x14dc  Dnscache - ok
15:08:17.0470 0x14dc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:08:17.0583 0x14dc  dot3svc - ok
15:08:17.0666 0x14dc  [ 277247B79DA2230D0C3AEB83E6CD8CA7, E6C1BD8374AAA17F20E8C4D7E8B729537E4CB14537D55B7D6C3C8863A431D64E ] DozeSvc         C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE
15:08:17.0720 0x14dc  DozeSvc - ok
15:08:17.0787 0x14dc  [ 84E9BE1A67C14EDF514E379FD610D210, 259B7C87E5177F5C15ACA24D977F3AB7F67FA54302FE5FA2C5799034DEA97F7C ] dpmconv         C:\Windows\system32\DRIVERS\dpmconv.sys
15:08:17.0836 0x14dc  dpmconv - ok
15:08:17.0883 0x14dc  [ 0BD72E62C3974C4F5E4372DBA971901B, E3A6ACA940A92B7721773E38141FC7C4E353423C007DB72CF2361E95DFDE5B93 ] dpmcslv         C:\Windows\system32\drivers\dpmcslv.sys
15:08:17.0900 0x14dc  dpmcslv - detected UnsignedFile.Multi.Generic ( 1 )
15:08:20.0342 0x14dc  Detect skipped due to KSN trusted
15:08:20.0342 0x14dc  dpmcslv - ok
15:08:20.0406 0x14dc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:08:20.0511 0x14dc  DPS - ok
15:08:20.0549 0x14dc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:08:20.0580 0x14dc  drmkaud - ok
15:08:20.0632 0x14dc  [ F2D97A85F4F6E0942BC17C4EECEEE6B7, 3583D00634C36B16880766F7635BFF48D04CECA4F2489E2720EBE33007CA0B9B ] dsNcAdpt        C:\Windows\system32\DRIVERS\dsNcAdpt.sys
15:08:20.0671 0x14dc  dsNcAdpt - ok
15:08:20.0884 0x14dc  [ B3B6C72AD1464CE3DE31005DB7C0D2DF, D7D087D6417BDD62D9BB1C77F1FE817E237DB3C4AA562EA6E335CBF57FFD9004 ] dsNcService     C:\Program Files (x86)\Juniper Networks\Common Files\dsNcService.exe
15:08:20.0955 0x14dc  dsNcService - ok
15:08:21.0054 0x14dc  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:08:21.0149 0x14dc  DXGKrnl - ok
15:08:21.0181 0x14dc  [ CE4CFFD9F64B86BCEB1C343FC9924D72, A7E03531661C808F34560765136E1912A1389C459BA996880761539F4967056E ] DzHDD64         C:\Windows\system32\DRIVERS\DzHDD64.sys
15:08:21.0205 0x14dc  DzHDD64 - ok
15:08:21.0255 0x14dc  [ DC1776D086AA9733B1929A3D979D9FDD, C7EEF160C615948CCCDE3B56C43F8A1E348B4E1212E0DDDB8A9EC2EC14FF73EE ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
15:08:21.0299 0x14dc  e1cexpress - ok
15:08:21.0350 0x14dc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:08:21.0453 0x14dc  EapHost - ok
15:08:21.0696 0x14dc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:08:21.0999 0x14dc  ebdrv - ok
15:08:22.0079 0x14dc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
15:08:22.0114 0x14dc  EFS - ok
15:08:22.0202 0x14dc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:08:22.0293 0x14dc  ehRecvr - ok
15:08:22.0312 0x14dc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:08:22.0355 0x14dc  ehSched - ok
15:08:22.0416 0x14dc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:08:22.0480 0x14dc  elxstor - ok
15:08:22.0669 0x14dc  [ 3151725A59EC0D6B4A75150E7995E45E, 8529D135A296C66CE4DAD2A3BB2B1BBDFB6EE954B002964A1637912C8CF2A2FE ] ENI Server      C:\Program Files (x86)\Rexroth\IndraWorks\IndraLogic\ENI Server\ENI.exe
15:08:22.0736 0x14dc  ENI Server - detected UnsignedFile.Multi.Generic ( 1 )
15:08:25.0434 0x14dc  ENI Server ( UnsignedFile.Multi.Generic ) - warning
15:08:27.0914 0x14dc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:08:27.0947 0x14dc  ErrDev - ok
15:08:28.0024 0x14dc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:08:28.0153 0x14dc  EventSystem - ok
15:08:28.0318 0x14dc  [ E3A96D5AE6E5C7B5472011BA77353368, 846D8E5AF471CEAB3E12D6CB2ED0D25EF28B768AC10AD873F33F3F5BEC80CF25 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
15:08:28.0447 0x14dc  EvtEng - ok
15:08:28.0488 0x14dc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:08:28.0598 0x14dc  exfat - ok
15:08:28.0642 0x14dc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:08:28.0752 0x14dc  fastfat - ok
15:08:28.0828 0x14dc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:08:28.0917 0x14dc  Fax - ok
15:08:28.0941 0x14dc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
15:08:28.0976 0x14dc  fdc - ok
15:08:29.0001 0x14dc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:08:29.0097 0x14dc  fdPHost - ok
15:08:29.0127 0x14dc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:08:29.0224 0x14dc  FDResPub - ok
15:08:29.0259 0x14dc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:08:29.0290 0x14dc  FileInfo - ok
15:08:29.0303 0x14dc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:08:29.0399 0x14dc  Filetrace - ok
15:08:29.0540 0x14dc  [ 3B8B64EF1D7CE03727DEFFFEF473F5AE, D9D031C054759D0E9117021992FD08BBE3A05128B2EEA7FE97BB25DCEF8538FD ] FLEXlm License Manager C:\SEFlex\Program\lmgrd.exe
15:08:29.0658 0x14dc  FLEXlm License Manager - ok
15:08:29.0691 0x14dc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:08:29.0725 0x14dc  flpydisk - ok
15:08:29.0758 0x14dc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:08:29.0805 0x14dc  FltMgr - ok
15:08:29.0929 0x14dc  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
15:08:30.0058 0x14dc  FontCache - ok
15:08:30.0108 0x14dc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:08:30.0134 0x14dc  FontCache3.0.0.0 - ok
15:08:30.0160 0x14dc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:08:30.0190 0x14dc  FsDepends - ok
15:08:30.0206 0x14dc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:08:30.0234 0x14dc  Fs_Rec - ok
15:08:30.0274 0x14dc  [ 82D4BD620F7E27EA268EA0E2F701A7AE, 744014A791C07CF3B9387ADECB94552D8B6AC523433F7063411198509155F3E9 ] FTDIBUS         C:\Windows\system32\drivers\ftdibus.sys
15:08:30.0298 0x14dc  FTDIBUS - ok
15:08:30.0311 0x14dc  [ 1FA21FF2D7B50B528D8B73DB34AD06BC, 77B670CA00AC56C59307F154608462197DDF9A367701A5C687B4A93AFB759554 ] FTSER2K         C:\Windows\system32\drivers\ftser2k.sys
15:08:30.0337 0x14dc  FTSER2K - ok
15:08:30.0392 0x14dc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:08:30.0442 0x14dc  fvevol - ok
15:08:30.0484 0x14dc  [ 4CB5DE14E7DF5CE501CF8521BDB2FD37, F966EE158C7EE53AFECD9B0AB9D321CDE1318BC6D160CD996FF66EED28F89224 ] fwkbdrtm        C:\Windows\system32\drivers\fwkbdrtm.sys
15:08:30.0507 0x14dc  fwkbdrtm - ok
15:08:30.0543 0x14dc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:08:30.0574 0x14dc  gagp30kx - ok
15:08:30.0629 0x14dc  [ A28F068F74FFB64B9DEA922D267801BE, F4C9904C3206DC039DD539B8B073EB85FAD47982C5455B7085E73D329B1F4221 ] GemCCID         C:\Windows\system32\DRIVERS\GemCCID.sys
15:08:30.0674 0x14dc  GemCCID - ok
15:08:30.0759 0x14dc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:08:30.0915 0x14dc  gpsvc - ok
15:08:30.0931 0x14dc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:08:30.0965 0x14dc  hcw85cir - ok
15:08:31.0015 0x14dc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:08:31.0082 0x14dc  HdAudAddService - ok
15:08:31.0115 0x14dc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:08:31.0164 0x14dc  HDAudBus - ok
15:08:31.0227 0x14dc  [ DF100F69C70F3319C3F6178D21A910FE, 9CA3D657822FD1BC7B5A50FDCA163348E9FE65689157328358001032F861ABC9 ] hhdspmc64       C:\Windows\system32\DRIVERS\hhdspmc64.sys
15:08:31.0255 0x14dc  hhdspmc64 - ok
15:08:31.0269 0x14dc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:08:31.0304 0x14dc  HidBatt - ok
15:08:31.0331 0x14dc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:08:31.0379 0x14dc  HidBth - ok
15:08:31.0405 0x14dc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:08:31.0448 0x14dc  HidIr - ok
15:08:31.0475 0x14dc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
15:08:31.0572 0x14dc  hidserv - ok
15:08:31.0629 0x14dc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:08:31.0662 0x14dc  HidUsb - ok
15:08:31.0693 0x14dc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:08:31.0790 0x14dc  hkmsvc - ok
15:08:31.0822 0x14dc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:08:31.0873 0x14dc  HomeGroupListener - ok
15:08:31.0915 0x14dc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:08:31.0964 0x14dc  HomeGroupProvider - ok
15:08:31.0996 0x14dc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:08:32.0027 0x14dc  HpSAMD - ok
15:08:32.0096 0x14dc  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:08:32.0245 0x14dc  HTTP - ok
15:08:32.0259 0x14dc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:08:32.0287 0x14dc  hwpolicy - ok
15:08:32.0348 0x14dc  [ E935C8099F9196BF19224D9EE4808612, 7F39ACF763E042EFB9B41C7D805CF7C9E1261B14FC6E5C09BCA11623312E2C7B ] HyperW7Svc      C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
15:08:32.0377 0x14dc  HyperW7Svc - ok
15:08:32.0425 0x14dc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:08:32.0466 0x14dc  i8042prt - ok
15:08:32.0527 0x14dc  [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor          C:\Windows\system32\drivers\iaStor.sys
15:08:32.0580 0x14dc  iaStor - ok
15:08:32.0633 0x14dc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:08:32.0687 0x14dc  iaStorV - ok
15:08:32.0721 0x14dc  [ B21087E1A64FD474BF3E1A602A714F1F, 1122D26F938E1A331D0BEBBEA4BACC75276E8502291B3FCB45D53ACA1562C422 ] IBMPMDRV        C:\Windows\system32\DRIVERS\ibmpmdrv.sys
15:08:32.0749 0x14dc  IBMPMDRV - ok
15:08:32.0770 0x14dc  [ A3E4DE0F77031061972485EF9BD8E4D0, 5F9E293898553281DAECE577CCB3F83178C46FB9078FB7D2E9FF609EF5709373 ] IBMPMSVC        C:\Windows\system32\ibmpmsvc.exe
15:08:32.0796 0x14dc  IBMPMSVC - ok
15:08:32.0848 0x14dc  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:08:32.0866 0x14dc  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
15:08:35.0310 0x14dc  Detect skipped due to KSN trusted
15:08:35.0310 0x14dc  IDriverT - ok
15:08:35.0432 0x14dc  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:08:35.0515 0x14dc  idsvc - ok
15:08:35.0542 0x14dc  IEEtwCollectorService - ok
15:08:36.0391 0x14dc  [ 66DC0CE2D1867B8178EAA0E11930DBD7, 8870CBBEDD81E0886E9021FB43A3B26486C2E8CD05A805028A136950B3FA809A ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:08:37.0476 0x14dc  igfx - ok
15:08:37.0548 0x14dc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:08:37.0577 0x14dc  iirsp - ok
15:08:37.0665 0x14dc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:08:37.0767 0x14dc  IKEEXT - ok
15:08:37.0889 0x14dc  [ 9E952C8897A0839C4ED18827A95F5613, A9E4CF47FC368C5250194677F37344B3593B09B0196E275C0E5D990B5C518EDC ] IndraLogic Service Control C:\Program Files (x86)\Rexroth\IndraWorks\GatewayPLC\ServiceControl.exe
15:08:37.0927 0x14dc  IndraLogic Service Control - detected UnsignedFile.Multi.Generic ( 1 )
15:08:40.0364 0x14dc  Detect skipped due to KSN trusted
15:08:40.0364 0x14dc  IndraLogic Service Control - ok
15:08:40.0433 0x14dc  [ 18754965A54167979B957F8B776241FC, FAC8C854E86A31BC182889A240BF6B11FC28502DA0A859FF46E2604E9E8327F1 ] IndraLogic V13 Gateway C:\Program Files (x86)\Rexroth\IndraWorks\GatewayPLC\GatewayService.exe
15:08:40.0503 0x14dc  IndraLogic V13 Gateway - detected UnsignedFile.Multi.Generic ( 1 )
15:08:42.0946 0x14dc  IndraLogic V13 Gateway ( UnsignedFile.Multi.Generic ) - warning
15:08:45.0437 0x14dc  [ 18A1E7CC285B910656C2AB650367D9F6, 3C5140C37061890DF26E0E5692E45EEE1E7F489DAE5BC0C73EEFE0A28A62BD53 ] IndraWorksService C:\Program Files (x86)\Rexroth\IndraWorks\IndraWorks.Service.exe
15:08:45.0459 0x14dc  IndraWorksService - detected UnsignedFile.Multi.Generic ( 1 )
15:08:47.0896 0x14dc  IndraWorksService ( UnsignedFile.Multi.Generic ) - warning
15:08:47.0896 0x14dc  Force sending object to P2P due to detect: IndraWorksService
15:08:50.0469 0x14dc  Object send P2P result: true
15:08:52.0967 0x14dc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:08:52.0995 0x14dc  intelide - ok
15:08:53.0031 0x14dc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:08:53.0069 0x14dc  intelppm - ok
15:08:53.0104 0x14dc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:08:53.0208 0x14dc  IPBusEnum - ok
15:08:53.0242 0x14dc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:08:53.0338 0x14dc  IpFilterDriver - ok
15:08:53.0414 0x14dc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:08:53.0493 0x14dc  iphlpsvc - ok
15:08:53.0515 0x14dc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:08:53.0554 0x14dc  IPMIDRV - ok
15:08:53.0589 0x14dc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:08:53.0690 0x14dc  IPNAT - ok
15:08:53.0715 0x14dc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:08:53.0761 0x14dc  IRENUM - ok
15:08:53.0782 0x14dc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:08:53.0810 0x14dc  isapnp - ok
15:08:53.0866 0x14dc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:08:53.0911 0x14dc  iScsiPrt - ok
15:08:53.0997 0x14dc  [ 6C85719A21B3F62C2C76280F4BD36C7B, 471E333467937720EF9369419EEDE5C2246C976123B437E0AC66F394CF1C056A ] jhi_service     C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
15:08:54.0035 0x14dc  jhi_service - ok
15:08:54.0136 0x14dc  [ B38CA9E61ADEEA7845FB74422217AE78, 5BC54E6A7487953A300C619118E223C6BBDF58A571DCFA6F3BCBF3B9AED99073 ] JuniperAccessService C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
15:08:54.0168 0x14dc  JuniperAccessService - ok
15:08:54.0220 0x14dc  [ 047A17C944D1B29B2A4A7F63B2FE1DF5, 86B13C910CC3D128AE71CA9B31D31AC9D1E2D193834467CA13A42640280DDB3E ] KbdBlock2       C:\Windows\system32\drivers\KbdBlock2.sys
15:08:54.0243 0x14dc  KbdBlock2 - ok
15:08:54.0263 0x14dc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:08:54.0293 0x14dc  kbdclass - ok
15:08:54.0327 0x14dc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:08:54.0362 0x14dc  kbdhid - ok
15:08:54.0390 0x14dc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
15:08:54.0424 0x14dc  KeyIso - ok
15:08:54.0472 0x14dc  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:08:54.0505 0x14dc  KSecDD - ok
15:08:54.0529 0x14dc  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:08:54.0566 0x14dc  KSecPkg - ok
15:08:54.0587 0x14dc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:08:54.0681 0x14dc  ksthunk - ok
15:08:54.0735 0x14dc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:08:54.0861 0x14dc  KtmRm - ok
15:08:54.0902 0x14dc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:08:55.0013 0x14dc  LanmanServer - ok
15:08:55.0048 0x14dc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:08:55.0151 0x14dc  LanmanWorkstation - ok
15:08:55.0226 0x14dc  [ 88E52495B47C67126B510AF53FDB0BC7, 75027CE5F578592BBA29F4FB8D820AC5D4E5C8F3095CAF9441818B14128BB4E4 ] LBTServ         C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
15:08:55.0259 0x14dc  LBTServ - ok
15:08:55.0306 0x14dc  [ 56B74943929BC575914631EDC0E72220, 47AC85C1837FB412AD08EB9E81411E3560826F978910A89354CF689B0BCDF78B ] LENOVO.CAMMUTE  C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
15:08:55.0327 0x14dc  LENOVO.CAMMUTE - ok
15:08:55.0375 0x14dc  [ 340288B3B2EDC8AFD5FF127DF85142A7, 595103B5CCDC83D8E4617D2C3E8ED91C88A78ACF11BC9478E9244C510DD50A80 ] LENOVO.MICMUTE  C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
15:08:55.0401 0x14dc  LENOVO.MICMUTE - ok
15:08:55.0429 0x14dc  [ 2B9D8555DC004E240082D18E7725CE20, 9DEF9463CB099C0BC8782C1E5FCE62F038B971ABC12966774D1F83569B081A42 ] lenovo.smi      C:\Windows\system32\DRIVERS\smiifx64.sys
15:08:55.0452 0x14dc  lenovo.smi - ok
15:08:55.0470 0x14dc  [ F9B51B2A5DA1222A910021C71E9EA559, 4B7040808828991B2C075B91E41E6AB03A50FADDCC477444A673B08FE77BE96A ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
15:08:55.0493 0x14dc  LENOVO.TPKNRSVC - ok
15:08:55.0516 0x14dc  [ F7DE50781DC4D162C1005EB30D98F931, CDD07CD2E300DCD818CF97AC05CAFD2BA5568CEA10622D69E156CFC936DD4769 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
15:08:55.0544 0x14dc  Lenovo.VIRTSCRLSVC - ok
15:08:55.0588 0x14dc  [ 606DA892A53FA863B67F8D3F8FF016A0, FB026285C07C8A77C1702698E40C2EA694B054C35C62E45C9A5C498BC94BAD49 ] LenovoRd        C:\Windows\system32\Drivers\LenovoRd.sys
15:08:55.0626 0x14dc  LenovoRd - ok
15:08:55.0663 0x14dc  [ BECBD7CD46776B8739EE18061F45A581, 5379671AB2C04F9F9F4E5197255A9562B4E5EA2463355F996066E6FAB4F25EC9 ] LEqdUsb         C:\Windows\system32\DRIVERS\LEqdUsb.Sys
15:08:55.0689 0x14dc  LEqdUsb - ok
15:08:55.0708 0x14dc  [ 21D6BD7D62C270059EB8E2B1D4095880, 93DD175A37C8BAE95BD922965D75E4D479375F009BF531E47A5853B00E17FC45 ] LHidEqd         C:\Windows\system32\DRIVERS\LHidEqd.Sys
15:08:55.0730 0x14dc  LHidEqd - ok
15:08:55.0748 0x14dc  [ B6552D382FF070B4ED34CBD6737277C0, 7C2C24454037170311B0267DEFB797E8DF8D157D62157D271BF7F5F74B2A12F3 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
15:08:55.0773 0x14dc  LHidFilt - ok
15:08:55.0810 0x14dc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:08:55.0908 0x14dc  lltdio - ok
15:08:55.0941 0x14dc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:08:56.0061 0x14dc  lltdsvc - ok
15:08:56.0090 0x14dc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:08:56.0187 0x14dc  lmhosts - ok
15:08:56.0202 0x14dc  [ 73C1F563AB73D459DFFE682D66476558, 9B8BEE384C968DC6C37DD54B9128D9C2BA92EDBF7BDF49D753AA7DB165F18D00 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
15:08:56.0227 0x14dc  LMouFilt - ok
15:08:56.0293 0x14dc  [ 97F9EAAC985A663394CD8F54DCD3E73A, D5BA3E7ED36BA361B1941F12D83568C30F7E49A8B9D54D3EBBBD05767E1F3B0A ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:08:56.0337 0x14dc  LMS - ok
15:08:56.0368 0x14dc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:08:56.0402 0x14dc  LSI_FC - ok
15:08:56.0437 0x14dc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:08:56.0470 0x14dc  LSI_SAS - ok
15:08:56.0488 0x14dc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:08:56.0519 0x14dc  LSI_SAS2 - ok
15:08:56.0547 0x14dc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:08:56.0581 0x14dc  LSI_SCSI - ok
15:08:56.0611 0x14dc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:08:56.0714 0x14dc  luafv - ok
15:08:56.0744 0x14dc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:08:56.0785 0x14dc  Mcx2Svc - ok
15:08:56.0801 0x14dc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:08:56.0830 0x14dc  megasas - ok
15:08:56.0865 0x14dc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:08:56.0911 0x14dc  MegaSR - ok
15:08:56.0937 0x14dc  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
15:08:56.0962 0x14dc  MEIx64 - ok
15:08:56.0983 0x14dc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:08:57.0083 0x14dc  MMCSS - ok
15:08:57.0100 0x14dc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:08:57.0196 0x14dc  Modem - ok
15:08:57.0228 0x14dc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:08:57.0269 0x14dc  monitor - ok
15:08:57.0305 0x14dc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:08:57.0334 0x14dc  mouclass - ok
15:08:57.0351 0x14dc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:08:57.0386 0x14dc  mouhid - ok
15:08:57.0420 0x14dc  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:08:57.0453 0x14dc  mountmgr - ok
15:08:57.0510 0x14dc  [ 2E1F005987F6C31ADE25B67C2D172DF6, 7DDEA05F80158FECCF37A31F056D04E8E76115B178557450056DEC516D3027C8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:08:57.0546 0x14dc  MozillaMaintenance - ok
15:08:57.0570 0x14dc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:08:57.0607 0x14dc  mpio - ok
15:08:57.0630 0x14dc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:08:57.0729 0x14dc  mpsdrv - ok
15:08:57.0814 0x14dc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:08:57.0975 0x14dc  MpsSvc - ok
15:08:58.0030 0x14dc  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:08:58.0073 0x14dc  MRxDAV - ok
15:08:58.0117 0x14dc  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:08:58.0160 0x14dc  mrxsmb - ok
15:08:58.0198 0x14dc  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:08:58.0252 0x14dc  mrxsmb10 - ok
15:08:58.0279 0x14dc  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:08:58.0319 0x14dc  mrxsmb20 - ok
15:08:58.0362 0x14dc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:08:58.0389 0x14dc  msahci - ok
15:08:58.0426 0x14dc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:08:58.0462 0x14dc  msdsm - ok
15:08:58.0485 0x14dc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:08:58.0532 0x14dc  MSDTC - ok
15:08:58.0569 0x14dc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:08:58.0664 0x14dc  Msfs - ok
15:08:58.0686 0x14dc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:08:58.0780 0x14dc  mshidkmdf - ok
15:08:58.0792 0x14dc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:08:58.0820 0x14dc  msisadrv - ok
15:08:58.0853 0x14dc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:08:58.0960 0x14dc  MSiSCSI - ok
15:08:58.0968 0x14dc  msiserver - ok
15:08:59.0001 0x14dc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:08:59.0094 0x14dc  MSKSSRV - ok
15:08:59.0102 0x14dc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:08:59.0196 0x14dc  MSPCLOCK - ok
15:08:59.0205 0x14dc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:08:59.0299 0x14dc  MSPQM - ok
15:08:59.0337 0x14dc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:08:59.0391 0x14dc  MsRPC - ok
15:08:59.0413 0x14dc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:08:59.0441 0x14dc  mssmbios - ok
15:08:59.0489 0x14dc  MSSQL$WINCCFLEXEXPRESS - ok
15:08:59.0523 0x14dc  [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
15:08:59.0548 0x14dc  MSSQLServerADHelper - ok
15:08:59.0566 0x14dc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:08:59.0660 0x14dc  MSTEE - ok
15:08:59.0669 0x14dc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:08:59.0703 0x14dc  MTConfig - ok
15:08:59.0731 0x14dc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:08:59.0761 0x14dc  Mup - ok
15:08:59.0803 0x14dc  [ 49BCB8E4E93C7C12D5551DAE583CF1AB, 277C78F10EA8B1DB75FA01630029D0EB08674C074D9A6DE42E55CF313838D54C ] mxuwdrv2        C:\Windows\system32\DRIVERS\mxuwdrv2.sys
15:08:59.0830 0x14dc  mxuwdrv2 - ok
15:08:59.0881 0x14dc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:09:00.0012 0x14dc  napagent - ok
15:09:00.0065 0x14dc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:09:00.0136 0x14dc  NativeWifiP - ok
15:09:00.0239 0x14dc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:09:00.0332 0x14dc  NDIS - ok
15:09:00.0358 0x14dc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:09:00.0454 0x14dc  NdisCap - ok
15:09:00.0478 0x14dc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:09:00.0573 0x14dc  NdisTapi - ok
15:09:00.0594 0x14dc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:09:00.0689 0x14dc  Ndisuio - ok
15:09:00.0717 0x14dc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:09:00.0820 0x14dc  NdisWan - ok
15:09:00.0846 0x14dc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:09:00.0941 0x14dc  NDProxy - ok
15:09:00.0985 0x14dc  [ 76C4D5C98A808D8C8E0C46280036FAF8, A808DFA8B6949D44698122CDA43CD01B3B1CD14029B368F1686D023426239B87 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:09:01.0003 0x14dc  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
15:09:11.0003 0x14dc  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:09:11.0003 0x14dc  Force sending object to P2P due to detect: Net Driver HPZ12
15:09:15.0641 0x14dc  Object send P2P result: true
15:09:18.0170 0x14dc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:09:18.0268 0x14dc  NetBIOS - ok
15:09:18.0303 0x14dc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:09:18.0414 0x14dc  NetBT - ok
15:09:18.0434 0x14dc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
15:09:18.0469 0x14dc  Netlogon - ok
15:09:18.0514 0x14dc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:09:18.0638 0x14dc  Netman - ok
15:09:18.0713 0x14dc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:09:18.0753 0x14dc  NetMsmqActivator - ok
15:09:18.0768 0x14dc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:09:18.0808 0x14dc  NetPipeActivator - ok
15:09:18.0857 0x14dc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:09:18.0991 0x14dc  netprofm - ok
15:09:19.0008 0x14dc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:09:19.0048 0x14dc  NetTcpActivator - ok
15:09:19.0063 0x14dc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:09:19.0103 0x14dc  NetTcpPortSharing - ok
15:09:19.0707 0x14dc  [ 50AD7F7040C22BB7CAA59A0880875A21, 34A3BE5C708F3498F6350EF041CE33847C1D041D610DFDA41AA877F87DD26050 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
15:09:20.0446 0x14dc  NETwNs64 - ok
15:09:20.0522 0x14dc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:09:20.0551 0x14dc  nfrd960 - ok
15:09:20.0585 0x14dc  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:09:20.0643 0x14dc  NlaSvc - ok
15:09:20.0673 0x14dc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:09:20.0770 0x14dc  Npfs - ok
15:09:20.0793 0x14dc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:09:20.0890 0x14dc  nsi - ok
15:09:20.0917 0x14dc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:09:21.0013 0x14dc  nsiproxy - ok
15:09:21.0157 0x14dc  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:09:21.0302 0x14dc  Ntfs - ok
15:09:21.0322 0x14dc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:09:21.0416 0x14dc  Null - ok
15:09:21.0454 0x14dc  [ 158AD24745BD85BA9BE3C51C38F48C32, B053A3B5A5CAE2CBC47E2C19E636AD70F376334EFFBB391A76562E67CBF3AC86 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
15:09:21.0487 0x14dc  nusb3hub - ok
15:09:21.0531 0x14dc  [ D40A13B2C0891E218F9523B376955DB6, 9A2AAAF960868B860A65579EAD507B35C64CFD6C3581F8D731ADF975F778D10E ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
15:09:21.0572 0x14dc  nusb3xhc - ok
15:09:21.0617 0x14dc  [ 960E39A54E525DF58CB29193147DFFA1, E4620FD0E1E76FA9EBE9C641517D22B82458B62998711C74CA4FC60D55678582 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
15:09:21.0650 0x14dc  NVHDA - ok
15:09:21.0723 0x14dc  [ FB49C2A67096411EF5D20871946F0BE7, 50880570B7654A61D2AE7748B66E26F1E91F8AE8B3E814DEB5FFCC4D437D91CB ] nvkflt          C:\Windows\system32\DRIVERS\nvkflt.sys
15:09:21.0768 0x14dc  nvkflt - ok
15:09:22.0527 0x14dc  [ 993D73A8090C957230DE4E14AA9C5DFF, 3864CB466E0F76881131AC8043C53297B70C30D3F1B5C3C7A8CC031EA86D60FC ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:09:23.0331 0x14dc  nvlddmkm - ok
15:09:23.0388 0x14dc  [ 29C4634D4B9A36CAA14BA5C91E5F4E8B, 474894ED2E48375BBA9C2A9B45CA44E58CDE5816218ED03DE418955615CF6CD4 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
15:09:23.0415 0x14dc  nvpciflt - ok
15:09:23.0460 0x14dc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:09:23.0496 0x14dc  nvraid - ok
15:09:23.0523 0x14dc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:09:23.0561 0x14dc  nvstor - ok
15:09:23.0655 0x14dc  [ C367AD646714E03E14F24F39EC206736, 231EFD56E51497DC452D96F249E1C193CEF8139392253CDB32AA664107B76E62 ] NVSvc           C:\Windows\system32\nvvsvc.exe
15:09:23.0744 0x14dc  NVSvc - ok
15:09:23.0873 0x14dc  [ 44407283382D82C64C9195DE686D4205, 51BE011A0D4CB850B62B30324A9ED14EEC125F4B7AC46926014D9CCD2C10820D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:09:23.0986 0x14dc  nvUpdatusService - ok
15:09:24.0020 0x14dc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:09:24.0055 0x14dc  nv_agp - ok
15:09:24.0074 0x14dc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:09:24.0113 0x14dc  ohci1394 - ok
15:09:24.0234 0x14dc  [ E5399670D332DE22606F7D15FADF9138, BE2C5054544DC8A56B552FEA20212C293531A7898125BEFE3B82B8D48ED1556B ] OpcEnum         C:\Windows\SysWOW64\opcenum.exe
15:09:24.0267 0x14dc  OpcEnum - detected UnsignedFile.Multi.Generic ( 1 )
15:09:26.0706 0x14dc  OpcEnum ( UnsignedFile.Multi.Generic ) - warning
15:09:29.0208 0x14dc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:09:29.0271 0x14dc  p2pimsvc - ok
15:09:29.0315 0x14dc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:09:29.0383 0x14dc  p2psvc - ok
15:09:29.0411 0x14dc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
15:09:29.0451 0x14dc  Parport - ok
15:09:29.0475 0x14dc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:09:29.0507 0x14dc  partmgr - ok
15:09:29.0589 0x14dc  [ 5EACB8A19CAD7057806FBBF9550165E1, 63B9AE044F9205E395B9573BE32EC8A9695A16E4DF1BF3E7F7F5FFD336A7029E ] PcaSp60         C:\Windows\system32\DRIVERS\PcaSp60.sys
15:09:29.0618 0x14dc  PcaSp60 - ok
15:09:29.0652 0x14dc  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:09:29.0714 0x14dc  PcaSvc - ok
15:09:29.0751 0x14dc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:09:29.0790 0x14dc  pci - ok
15:09:29.0830 0x14dc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:09:29.0857 0x14dc  pciide - ok
15:09:29.0887 0x14dc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:09:29.0929 0x14dc  pcmcia - ok
15:09:29.0949 0x14dc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:09:29.0979 0x14dc  pcw - ok
15:09:30.0134 0x14dc  [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files (x86)\PDF Architect\HelperService.exe
15:09:30.0250 0x14dc  PDF Architect Helper Service - ok
15:09:30.0341 0x14dc  [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files (x86)\PDF Architect\ConversionService.exe
15:09:30.0417 0x14dc  PDF Architect Service - ok
15:09:30.0481 0x14dc  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:09:30.0630 0x14dc  PEAUTH - ok
15:09:30.0745 0x14dc  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:09:30.0890 0x14dc  PeerDistSvc - ok
15:09:30.0935 0x14dc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:09:30.0971 0x14dc  PerfHost - ok
15:09:31.0044 0x14dc  [ 52C9F4359AF4A25969B882AECC6F3BDA, 4776FD60E71FA96F67E79A8ECAE48A224790234308DC8DEBC7D389227C0728BE ] PHCORE          C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
15:09:31.0065 0x14dc  PHCORE - ok
15:09:31.0185 0x14dc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:09:31.0391 0x14dc  pla - ok
15:09:31.0462 0x14dc  [ 3EA0773AEDAD9B134A7C9C6883C7069F, E6D813D42D05A6BE05418235C8BC3EA2E0757AE3D997B775ABAB67A1491C7411 ] pln1394bus      C:\Windows\system32\DRIVERS\pln1394bus_x64.sys
15:09:31.0498 0x14dc  pln1394bus - ok
15:09:31.0584 0x14dc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:09:31.0651 0x14dc  PlugPlay - ok
15:09:31.0689 0x14dc  [ D1A4DBB8A29F7FFC78378F47F9EA6B91, 782C7C6AA7A4A772C5E7392EA6D849BBCD159C30DF30918941C0BE058226D765 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:09:31.0708 0x14dc  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
15:09:34.0144 0x14dc  Detect skipped due to KSN trusted
15:09:34.0144 0x14dc  Pml Driver HPZ12 - ok
15:09:34.0201 0x14dc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:09:34.0235 0x14dc  PNRPAutoReg - ok
15:09:34.0275 0x14dc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:09:34.0335 0x14dc  PNRPsvc - ok
15:09:34.0388 0x14dc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:09:34.0520 0x14dc  PolicyAgent - ok
15:09:34.0568 0x14dc  [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power           C:\Windows\system32\umpo.dll
15:09:34.0615 0x14dc  Power - ok
15:09:34.0667 0x14dc  [ 4CADD52E1669693937360C7ED680365B, 42AB4E08508743F26C7A90221E33F6346A1C2E4D0FAA703AF3B4C2674DD98D34 ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
15:09:34.0697 0x14dc  Power Manager DBC Service - ok
15:09:34.0733 0x14dc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:09:34.0832 0x14dc  PptpMiniport - ok
15:09:34.0854 0x14dc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
15:09:34.0892 0x14dc  Processor - ok
15:09:34.0929 0x14dc  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:09:34.0980 0x14dc  ProfSvc - ok
15:09:34.0994 0x14dc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:09:35.0028 0x14dc  ProtectedStorage - ok
15:09:35.0060 0x14dc  [ B8035AF9CC0CCBA9A09AC0A0D9801797, 6F09D25BAD66951B795326EBF01EFB3E03B000E51EB7A0D8D99C1ACC7478209B ] psadd           C:\Windows\system32\DRIVERS\psadd.sys
15:09:35.0083 0x14dc  psadd - ok
15:09:35.0113 0x14dc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:09:35.0214 0x14dc  Psched - ok
15:09:35.0258 0x14dc  [ F036CFB275D0C55F4E45FBBF5F98B3C8, D8D1CA9F65B34A93AB9F7FD9BB6C453B2BF4E8320E620F56055B743DF1D56DE8 ] PSI_SVC_2       C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
15:09:35.0292 0x14dc  PSI_SVC_2 - ok
15:09:35.0336 0x14dc  [ 71399B176DE1CAEFD5AD4287ABB9E8A3, 4FEFDBD66B8478FFBF759667C2A3FC7A5EB47D14AFBC05B8B2C870538C66FE72 ] PwmEWSvc        C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
15:09:35.0375 0x14dc  PwmEWSvc - ok
15:09:35.0431 0x14dc  [ B41AD9BC21A80598DAD208439E3A28B3, 06E38EE5804E3FC451354DBDB3D454BE8F75A433C561E76DBF922F3F17A79D3F ] PYNWAGNT        C:\Windows\System32\Drivers\pynwagnt.sys
15:09:35.0456 0x14dc  PYNWAGNT - ok
15:09:35.0480 0x14dc  [ B4979A1C131C614A1AFB04857C1FA362, 2F57DF7B7C671269996852E08CA8BDE166E7561EBBB600B29853ACC910D2F633 ] PyNwFlt         C:\Windows\system32\DRIVERS\pynwflt.sys
15:09:35.0506 0x14dc  PyNwFlt - ok
15:09:35.0643 0x14dc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:09:35.0778 0x14dc  ql2300 - ok
15:09:35.0802 0x14dc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:09:35.0838 0x14dc  ql40xx - ok
15:09:35.0884 0x14dc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:09:35.0951 0x14dc  QWAVE - ok
15:09:35.0978 0x14dc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:09:36.0027 0x14dc  QWAVEdrv - ok
15:09:36.0046 0x14dc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:09:36.0140 0x14dc  RasAcd - ok
15:09:36.0163 0x14dc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:09:36.0261 0x14dc  RasAgileVpn - ok
15:09:36.0297 0x14dc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:09:36.0401 0x14dc  RasAuto - ok
15:09:36.0435 0x14dc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:09:36.0536 0x14dc  Rasl2tp - ok
15:09:36.0574 0x14dc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:09:36.0694 0x14dc  RasMan - ok
15:09:36.0727 0x14dc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:09:36.0828 0x14dc  RasPppoe - ok
15:09:36.0850 0x14dc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:09:36.0950 0x14dc  RasSstp - ok
15:09:36.0989 0x14dc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:09:37.0105 0x14dc  rdbss - ok
15:09:37.0138 0x14dc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:09:37.0178 0x14dc  rdpbus - ok
15:09:37.0201 0x14dc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:09:37.0294 0x14dc  RDPCDD - ok
15:09:37.0323 0x14dc  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:09:37.0368 0x14dc  RDPDR - ok
15:09:37.0390 0x14dc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:09:37.0484 0x14dc  RDPENCDD - ok
15:09:37.0500 0x14dc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:09:37.0594 0x14dc  RDPREFMP - ok
15:09:37.0639 0x14dc  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:09:37.0672 0x14dc  RdpVideoMiniport - ok
15:09:37.0715 0x14dc  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:09:37.0762 0x14dc  RDPWD - ok
15:09:37.0796 0x14dc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:09:37.0837 0x14dc  rdyboost - ok
15:09:37.0933 0x14dc  [ FD11C1287D38A46FB72353E14D50089C, C787EE22583ADF1E19E5ADAC5B949750890D1FA5062B5DD2C6B35667D005FECF ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
15:09:38.0013 0x14dc  RegSrvc - ok
15:09:38.0046 0x14dc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:09:38.0148 0x14dc  RemoteAccess - ok
15:09:38.0195 0x14dc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:09:38.0304 0x14dc  RemoteRegistry - ok
15:09:38.0345 0x14dc  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:09:38.0397 0x14dc  RFCOMM - ok
15:09:38.0431 0x14dc  [ 5A227511ED22DDFEDF7EF7323C8F7D2F, 5056DED32432E192268BE8214B6152A488807357D1BBB769171843E589BF4320 ] risdxc          C:\Windows\system32\DRIVERS\risdxc64.sys
15:09:38.0467 0x14dc  risdxc - ok
15:09:38.0487 0x14dc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:09:38.0589 0x14dc  RpcEptMapper - ok
15:09:38.0601 0x14dc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:09:38.0637 0x14dc  RpcLocator - ok
15:09:38.0687 0x14dc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
15:09:38.0822 0x14dc  RpcSs - ok
15:09:38.0857 0x14dc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:09:38.0956 0x14dc  rspndr - ok
15:09:38.0977 0x14dc  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
15:09:39.0008 0x14dc  s3cap - ok
15:09:39.0161 0x14dc  [ C041DE0EB4C3DA55C5BD2E370A5BB999, 6B65B6FEFC31B4BACF57D4307CD1A0946CD3713ED7FF4C0B739EA767537BF7F3 ] s7hspsvx        C:\Program Files (x86)\Siemens\Step7\s7bin\s7hspsvx.exe
15:09:39.0179 0x14dc  s7hspsvx - detected UnsignedFile.Multi.Generic ( 1 )
15:09:41.0618 0x14dc  s7hspsvx ( UnsignedFile.Multi.Generic ) - warning
15:09:44.0105 0x14dc  [ 67B07DB7190C4A120112B9915AB1B7C8, E2D939D911B2363FB68C8F9F79DB1DDCA617A0F5E7DCB339EC438C513497C08B ] s7odpx2x64      C:\Windows\system32\DRIVERS\s7odpx2x64.sys
15:09:44.0139 0x14dc  s7odpx2x64 - ok
15:09:44.0219 0x14dc  [ 2BC3AB45505095E3D02616983D625683, 1FFF2D353EF720D2F2FAC372218BF252D37D888DE57A123BCFA3C09DFF49E2AE ] s7oiehsx64      C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe
15:09:44.0308 0x14dc  s7oiehsx64 - ok
15:09:44.0353 0x14dc  [ 56C7E819BEEF3EBEB701C5304DD5753F, F2735ED246BE77C8D8AA14BB2A9FEB69A02DE2D8B287B3CC8708DCF22C1C8638 ] s7oppinx64      C:\Windows\system32\DRIVERS\s7oppinx64.sys
15:09:44.0389 0x14dc  s7oppinx64 - ok
15:09:44.0413 0x14dc  [ F113DD69F3A483B3D3C1E4EC692D1B49, 643445914A17D0C9D9922D5F375805C96B7A3E4DB8F2BC2248DE15C088F9A020 ] s7oserix64      C:\Windows\system32\Drivers\s7oserix64.sys
15:09:44.0450 0x14dc  s7oserix64 - ok
15:09:44.0487 0x14dc  [ B35AE80AA27A93A08D6DB4F968B68226, 3D42359870CA763EBA46DE02F23D8AF4AD4F5C6846481B72E9BF5315B376296E ] s7osmcax64      C:\Windows\system32\DRIVERS\s7osmcax64.sys
15:09:44.0530 0x14dc  s7osmcax64 - ok
15:09:44.0551 0x14dc  [ 87C0D4FC0C7FE5AEFD2371DFEFC2203B, 6E24D45B1D09F9581FA3DF1407EE16FF3452DD09F439A5448B086B1AE5B919DE ] s7osobux64      C:\Windows\system32\DRIVERS\s7osobux64.sys
15:09:44.0591 0x14dc  s7osobux64 - ok
15:09:44.0620 0x14dc  [ 1FFCE3E378C40B7925ED318D6494689F, 16AE8533EEFE5CBA72BCAF7E1FA4E8159F0CBD3B26D1E8FBFB50CBA20023E295 ] s7otmcd64x      C:\Windows\system32\Drivers\s7otmcd64x.sys
15:09:44.0663 0x14dc  s7otmcd64x - ok
15:09:44.0720 0x14dc  [ 0C4C99C91C7C46B859C084DD6FDEEBC5, A9E9E7114FFC9D287E79F78713E9C6117D4F7EFF7C5FA1DF7EF1E455E958599E ] s7otranx64      C:\Windows\system32\DRIVERS\s7otranx64.sys
15:09:44.0773 0x14dc  s7otranx64 - ok
15:09:44.0794 0x14dc  [ CF4BF284DA8DF45CF96DB0DB975F2C9E, 623E1F5A3AC35A8A8AC1ACFFD4870A1B35D45E4CDED1601B0FDAC311871F77BB ] s7otsadx64      C:\Windows\system32\DRIVERS\s7otsadx64.sys
15:09:44.0837 0x14dc  s7otsadx64 - ok
15:09:44.0867 0x14dc  [ 446DE23B25DA8E2A15F395EB5D29B496, A968E5C897F0C52AC378AEDFB5BD314231229C0F5C73A3405BABF9C75A1F4821 ] s7ousbu64x      C:\Windows\system32\DRIVERS\s7ousbu64x.sys
15:09:44.0910 0x14dc  s7ousbu64x - ok
15:09:44.0957 0x14dc  [ BC374502CCE3572D2EF015728CC99232, CD9986BD487BA6C1626E1B3EA83D4B43FD8D620EED51808B836C80D3A1FAD534 ] s7sn2srtx       C:\Windows\system32\DRIVERS\s7sn2srtx.sys
15:09:44.0984 0x14dc  s7sn2srtx - ok
15:09:45.0016 0x14dc  [ 41DEBFBAA26CBC481E95B0135F747F6F, C6BC1B78E7D5DC2ADFEF6DC591D703F6D11761D85F46887D8F7D1E3B61650847 ] S7TraceServiceX C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe
15:09:45.0052 0x14dc  S7TraceServiceX - ok
15:09:45.0069 0x14dc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
15:09:45.0103 0x14dc  SamSs - ok
15:09:45.0111 0x14dc  SAService - ok
15:09:45.0193 0x14dc  [ 495588414F5C62C333F1A69E17E5FB9F, F16FA9EE19BA1B519EBC371282F913FE0E42AEED226D149C6F37976466D61CA8 ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys
15:09:45.0233 0x14dc  SbieDrv - ok
15:09:45.0251 0x14dc  [ 099007B7A80E1917FFA110CE7785A3C9, 04B877099A151F226C378FB000185FA4B3CB96FF858ED2801A9440D7625F0E52 ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe
15:09:45.0280 0x14dc  SbieSvc - ok
15:09:45.0306 0x14dc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:09:45.0340 0x14dc  sbp2port - ok
15:09:45.0380 0x14dc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:09:45.0492 0x14dc  SCardSvr - ok
15:09:45.0517 0x14dc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:09:45.0610 0x14dc  scfilter - ok
15:09:45.0699 0x14dc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
15:09:45.0882 0x14dc  Schedule - ok
15:09:45.0910 0x14dc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:09:46.0008 0x14dc  SCPolicySvc - ok
15:09:46.0069 0x14dc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:09:46.0117 0x14dc  SDRSVC - ok
15:09:46.0134 0x14dc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:09:46.0230 0x14dc  secdrv - ok
15:09:46.0250 0x14dc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
15:09:46.0345 0x14dc  seclogon - ok
15:09:46.0378 0x14dc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
15:09:46.0479 0x14dc  SENS - ok
15:09:46.0490 0x14dc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:09:46.0526 0x14dc  SensrSvc - ok
15:09:46.0579 0x14dc  [ 255476B54C82A89416EFDF09FD62F107, 000A6F7F15177A08ED4E22DB1C06F9FF0F8D324541A3E7AF7F35123D9CA4122D ] Sentinel64      C:\Windows\System32\Drivers\Sentinel64.sys
15:09:46.0611 0x14dc  Sentinel64 - ok
15:09:46.0648 0x14dc  [ 172600C07C64B6C989AEE451994AC18D, A21BE5D125F575627197A8729FDC1D582BF7E468A914297D04BB14616C16F41A ] Ser2pl          C:\Windows\system32\DRIVERS\ser2pl64.sys
15:09:46.0683 0x14dc  Ser2pl - ok
15:09:46.0709 0x14dc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:09:46.0743 0x14dc  Serenum - ok
15:09:46.0781 0x14dc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:09:46.0821 0x14dc  Serial - ok
15:09:46.0844 0x14dc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:09:46.0879 0x14dc  sermouse - ok
15:09:46.0929 0x14dc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:09:47.0031 0x14dc  SessionEnv - ok
15:09:47.0050 0x14dc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:09:47.0091 0x14dc  sffdisk - ok
15:09:47.0100 0x14dc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:09:47.0140 0x14dc  sffp_mmc - ok
15:09:47.0149 0x14dc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:09:47.0189 0x14dc  sffp_sd - ok
15:09:47.0198 0x14dc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:09:47.0232 0x14dc  sfloppy - ok
15:09:47.0299 0x14dc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:09:47.0423 0x14dc  SharedAccess - ok
15:09:47.0464 0x14dc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:09:47.0587 0x14dc  ShellHWDetection - ok
15:09:47.0620 0x14dc  [ E2FC046D4EDABFE3B5EF7DA06406277D, DB2B2A3BE6DC85F414D969E16E8E770BB7ADFA6E44B5FA6725B76D17978DF22A ] Shockprf        C:\Windows\system32\DRIVERS\Apsx64.sys
15:09:47.0651 0x14dc  Shockprf - ok
15:09:47.0681 0x14dc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:09:47.0711 0x14dc  SiSRaid2 - ok
15:09:47.0734 0x14dc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:09:47.0766 0x14dc  SiSRaid4 - ok
15:09:47.0886 0x14dc  [ EDB28D1C30B647C6F7AA3414670FE82B, E9ADC49E25D28491FAD32782EDBF16DF068A4AFD5E2C3517E4253599CD6F1A55 ] smartserver     C:\Program Files (x86)\Siemens\SIMATIC WinCC flexible\WinCC flexible 2008 Runtime\SmartServer.exe
15:09:47.0946 0x14dc  smartserver - ok
15:09:47.0987 0x14dc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:09:48.0086 0x14dc  Smb - ok
15:09:48.0123 0x14dc  [ C5B1A19B14F19B08AE72FCB20A3075B6, FD920DC51638A2C52C51827CC14264FA7B945417A486DE439E516FA2BD6D51DA ] smihlp          C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys
15:09:48.0145 0x14dc  smihlp - ok
15:09:48.0188 0x14dc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:09:48.0226 0x14dc  SNMPTRAP - ok
15:09:48.0276 0x14dc  [ 01E0EDAEA718BD5B831DB29E2D16E73B, C8A3A6300AF4F06276A562223B4F0D0A54E926F9197FAB8F8E6C2320302A60CA ] SNTIE           C:\Windows\system32\DRIVERS\sntie.sys
15:09:48.0309 0x14dc  SNTIE - ok
15:09:48.0353 0x14dc  [ BAECAF8945218EC7390BFE2277406354, 46A0F71A260F00EAF9C9888527C32492614711C8BA59BE22A7A11D1C1F8AEE12 ] SNTUSB64        C:\Windows\system32\DRIVERS\SNTUSB64.SYS
15:09:48.0380 0x14dc  SNTUSB64 - ok
15:09:48.0537 0x14dc  [ 3B8B64EF1D7CE03727DEFFFEF473F5AE, D9D031C054759D0E9117021992FD08BBE3A05128B2EEA7FE97BB25DCEF8538FD ] Solid Edge      C:\SEFlex\Program\lmgrd.exe
15:09:48.0654 0x14dc  Solid Edge - ok
15:09:48.0681 0x14dc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:09:48.0708 0x14dc  spldr - ok
15:09:48.0781 0x14dc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
15:09:48.0861 0x14dc  Spooler - ok
15:09:49.0119 0x14dc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:09:49.0503 0x14dc  sppsvc - ok
15:09:49.0556 0x14dc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:09:49.0657 0x14dc  sppuinotify - ok
15:09:49.0725 0x14dc  [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:09:49.0762 0x14dc  SQLBrowser - ok
15:09:49.0826 0x14dc  [ 3C432A96363097870995E2A3C8B66ABD, AA0AE0935FC5317FE93D7D3C3B9A6B2E026915D07704AF3E36F14FEA8595F4A6 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:09:49.0858 0x14dc  SQLWriter - ok
15:09:49.0912 0x14dc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:09:49.0983 0x14dc  srv - ok
15:09:50.0030 0x14dc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:09:50.0095 0x14dc  srv2 - ok
15:09:50.0123 0x14dc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:09:50.0168 0x14dc  srvnet - ok
15:09:50.0213 0x14dc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:09:50.0324 0x14dc  SSDPSRV - ok
15:09:50.0345 0x14dc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:09:50.0446 0x14dc  SstpSvc - ok
15:09:50.0522 0x14dc  [ 17FC2EAD763F0237457817A753A5A676, CDA2EFE4AC5A7BE034FF1A5A6469CF7C4B295BF5E1D995C9A289AD9E8FBD3740 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:09:50.0573 0x14dc  Stereo Service - ok
15:09:50.0600 0x14dc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:09:50.0628 0x14dc  stexstor - ok
15:09:50.0706 0x14dc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:09:50.0801 0x14dc  stisvc - ok
15:09:50.0835 0x14dc  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
15:09:50.0865 0x14dc  storflt - ok
15:09:50.0884 0x14dc  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
15:09:50.0919 0x14dc  StorSvc - ok
15:09:50.0951 0x14dc  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:09:50.0980 0x14dc  storvsc - ok
15:09:51.0047 0x14dc  [ 6EA2F517373771CAC5188E82617C9C0B, 8ADCCF88C0BA60994060AEDA97873EBDEACBCC728FD379F117DCB6A095E59CB9 ] SUService       C:\Program Files (x86)\Lenovo\System Update\SUService.exe
15:09:51.0061 0x14dc  SUService - detected UnsignedFile.Multi.Generic ( 1 )
15:09:53.0507 0x14dc  Detect skipped due to KSN trusted
15:09:53.0507 0x14dc  SUService - ok
         

Alt 25.08.2015, 15:34   #11
halifax09
 
Spammail durch meinen Account - Standard

Spammail durch meinen Account



Teil 2



Code:
ATTFilter
15:09:53.0544 0x14dc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:09:53.0572 0x14dc  swenum - ok
15:09:53.0624 0x14dc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:09:53.0763 0x14dc  swprv - ok
15:09:53.0900 0x14dc  [ FFDD13B42D4B106AC9FAFBB0E1F7FAA5, 0A0AD18033446F464459F7492F7CB580893DEAC54FAC05A5E342F66D10E2B8F3 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
15:09:54.0025 0x14dc  SynTP - ok
15:09:54.0169 0x14dc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
15:09:54.0362 0x14dc  SysMain - ok
15:09:54.0389 0x14dc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:09:54.0444 0x14dc  TabletInputService - ok
15:09:54.0483 0x14dc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:09:54.0604 0x14dc  TapiSrv - ok
15:09:54.0635 0x14dc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
15:09:54.0736 0x14dc  TBS - ok
15:09:54.0897 0x14dc  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:09:55.0058 0x14dc  Tcpip - ok
15:09:55.0196 0x14dc  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:09:55.0357 0x14dc  TCPIP6 - ok
15:09:55.0405 0x14dc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:09:55.0439 0x14dc  tcpipreg - ok
15:09:55.0466 0x14dc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:09:55.0498 0x14dc  TDPIPE - ok
15:09:55.0518 0x14dc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:09:55.0550 0x14dc  TDTCP - ok
15:09:55.0576 0x14dc  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:09:55.0675 0x14dc  tdx - ok
15:09:55.0706 0x14dc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:09:55.0737 0x14dc  TermDD - ok
15:09:55.0808 0x14dc  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
15:09:55.0956 0x14dc  TermService - ok
15:09:55.0974 0x14dc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
15:09:56.0025 0x14dc  Themes - ok
15:09:56.0055 0x14dc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:09:56.0155 0x14dc  THREADORDER - ok
15:09:56.0170 0x14dc  [ 55B7FE3E1D3B616BDC4E9EA48D92D6E6, 6FB582C4BC0093A585942FB510B40C2222AF477A1D8DC22C3B3ACB3B83A9B31E ] TPDIGIMN        C:\Windows\system32\DRIVERS\ApsHM64.sys
15:09:56.0192 0x14dc  TPDIGIMN - ok
15:09:56.0220 0x14dc  [ F0684C62ED8FD3061CD488ECFC851022, 0F22F355C468512B25ED7BC3826146DCAA51BBC58EA59175EF911EFF91F3E363 ] TPHDEXLGSVC     C:\Windows\system32\TPHDEXLG64.exe
15:09:56.0246 0x14dc  TPHDEXLGSVC - ok
15:09:56.0314 0x14dc  [ 83415782D47F8064FCAFEA308ABB2246, 24D407FFF78EB48A440E4929918C92AEF6F5CF8170A14019C22D36B30BB01A23 ] TPHKLOAD        C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
15:09:56.0343 0x14dc  TPHKLOAD - ok
15:09:56.0366 0x14dc  [ C04BB65441913AB621C58A8BD3169B23, 2EC3DD6A154CA9751F560960F5CD9659C8EFF7DF57505A165AFBB0EF45137082 ] TPHKSVC         C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
15:09:56.0395 0x14dc  TPHKSVC - ok
15:09:56.0429 0x14dc  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
15:09:56.0465 0x14dc  TPM - ok
15:09:56.0495 0x14dc  [ 7165B5A9B4867F64A6D6935F57D4196B, 716BF044005E11A84D2B114E4DBCDA390C7842EBD4B6E8FA710D2D002BAE09DC ] TPPWRIF         C:\Windows\system32\drivers\Tppwr64v.sys
15:09:56.0517 0x14dc  TPPWRIF - ok
15:09:56.0553 0x14dc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:09:56.0658 0x14dc  TrkWks - ok
15:09:56.0714 0x14dc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:09:56.0819 0x14dc  TrustedInstaller - ok
15:09:56.0860 0x14dc  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:09:56.0894 0x14dc  tssecsrv - ok
15:09:56.0930 0x14dc  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:09:56.0966 0x14dc  TsUsbFlt - ok
15:09:56.0991 0x14dc  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
15:09:57.0024 0x14dc  TsUsbGD - ok
15:09:57.0057 0x14dc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:09:57.0156 0x14dc  tunnel - ok
15:09:57.0186 0x14dc  [ 4DAAE0413CD4E816258838E2FAFB3147, 7D45621A0148C2EEA4302A5852D9407DCEF1947936E9E840788F01625E869CDD ] TVTI2C          C:\Windows\system32\DRIVERS\Tvti2c.sys
15:09:57.0211 0x14dc  TVTI2C - ok
15:09:57.0230 0x14dc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:09:57.0261 0x14dc  uagp35 - ok
15:09:57.0304 0x14dc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:09:57.0421 0x14dc  udfs - ok
15:09:57.0459 0x14dc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:09:57.0499 0x14dc  UI0Detect - ok
15:09:57.0568 0x14dc  [ BE788A747457E6916586C410EC0111E7, 525F9065270AF40FED854C5B3C7E690783F5169C2F9286EE225F6C817ED1E237 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
15:09:57.0585 0x14dc  UleadBurningHelper - detected UnsignedFile.Multi.Generic ( 1 )
15:10:00.0037 0x14dc  Detect skipped due to KSN trusted
15:10:00.0038 0x14dc  UleadBurningHelper - ok
15:10:00.0096 0x14dc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:10:00.0127 0x14dc  uliagpkx - ok
15:10:00.0158 0x14dc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:10:00.0195 0x14dc  umbus - ok
15:10:00.0216 0x14dc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:10:00.0251 0x14dc  UmPass - ok
15:10:00.0292 0x14dc  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
15:10:00.0344 0x14dc  UmRdpService - ok
15:10:00.0576 0x14dc  [ A69CD6BDB82872999D2E46F9324ADA83, 1F06D5B716D48E693A082C1FC49D80405F50D60C78FDF5829FF51F1CC11CF011 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:10:00.0784 0x14dc  UNS - ok
15:10:00.0829 0x14dc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:10:00.0954 0x14dc  upnphost - ok
15:10:01.0011 0x14dc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:10:01.0050 0x14dc  usbccgp - ok
15:10:01.0083 0x14dc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:10:01.0123 0x14dc  usbcir - ok
15:10:01.0143 0x14dc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:10:01.0178 0x14dc  usbehci - ok
15:10:01.0224 0x14dc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:10:01.0283 0x14dc  usbhub - ok
15:10:01.0320 0x14dc  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:10:01.0352 0x14dc  usbohci - ok
15:10:01.0376 0x14dc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
15:10:01.0417 0x14dc  usbprint - ok
15:10:01.0448 0x14dc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:10:01.0486 0x14dc  USBSTOR - ok
15:10:01.0518 0x14dc  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:10:01.0550 0x14dc  usbuhci - ok
15:10:01.0607 0x14dc  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:10:01.0653 0x14dc  usbvideo - ok
15:10:01.0682 0x14dc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:10:01.0780 0x14dc  UxSms - ok
15:10:01.0795 0x14dc  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
15:10:01.0830 0x14dc  VaultSvc - ok
15:10:01.0852 0x14dc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:10:01.0881 0x14dc  vdrvroot - ok
15:10:01.0931 0x14dc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:10:02.0067 0x14dc  vds - ok
15:10:02.0091 0x14dc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:10:02.0133 0x14dc  vga - ok
15:10:02.0152 0x14dc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:10:02.0247 0x14dc  VgaSave - ok
15:10:02.0277 0x14dc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:10:02.0318 0x14dc  vhdmp - ok
15:10:02.0372 0x14dc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:10:02.0399 0x14dc  viaide - ok
15:10:02.0443 0x14dc  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:10:02.0483 0x14dc  vmbus - ok
15:10:02.0505 0x14dc  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
15:10:02.0538 0x14dc  VMBusHID - ok
15:10:02.0563 0x14dc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:10:02.0594 0x14dc  volmgr - ok
15:10:02.0631 0x14dc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:10:02.0683 0x14dc  volmgrx - ok
15:10:02.0714 0x14dc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:10:02.0761 0x14dc  volsnap - ok
15:10:02.0789 0x14dc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:10:02.0826 0x14dc  vsmraid - ok
15:10:02.0875 0x14dc  [ D45FED2CAF2C336058A516132B486888, 2B642E4B88F8BB7B20E614904565428DD95DB369232CDD596D9652951A050370 ] vsnl2ada        C:\Windows\system32\DRIVERS\vsnl2ada.sys
15:10:02.0912 0x14dc  vsnl2ada - ok
15:10:03.0046 0x14dc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:10:03.0271 0x14dc  VSS - ok
15:10:03.0293 0x14dc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:10:03.0335 0x14dc  vwifibus - ok
15:10:03.0363 0x14dc  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:10:03.0414 0x14dc  vwififlt - ok
15:10:03.0439 0x14dc  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
15:10:03.0486 0x14dc  vwifimp - ok
15:10:03.0542 0x14dc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:10:03.0670 0x14dc  W32Time - ok
15:10:03.0694 0x14dc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:10:03.0729 0x14dc  WacomPen - ok
15:10:03.0776 0x14dc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:10:03.0872 0x14dc  WANARP - ok
15:10:03.0884 0x14dc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:10:03.0983 0x14dc  Wanarpv6 - ok
15:10:04.0096 0x14dc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:10:04.0253 0x14dc  wbengine - ok
15:10:04.0301 0x14dc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:10:04.0366 0x14dc  WbioSrvc - ok
15:10:04.0405 0x14dc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:10:04.0483 0x14dc  wcncsvc - ok
15:10:04.0503 0x14dc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:10:04.0540 0x14dc  WcsPlugInService - ok
15:10:04.0568 0x14dc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
15:10:04.0596 0x14dc  Wd - ok
15:10:04.0678 0x14dc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:10:04.0764 0x14dc  Wdf01000 - ok
15:10:04.0795 0x14dc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:10:04.0851 0x14dc  WdiServiceHost - ok
15:10:04.0863 0x14dc  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:10:04.0918 0x14dc  WdiSystemHost - ok
15:10:04.0966 0x14dc  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
15:10:05.0020 0x14dc  WebClient - ok
15:10:05.0051 0x14dc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:10:05.0166 0x14dc  Wecsvc - ok
15:10:05.0185 0x14dc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:10:05.0287 0x14dc  wercplsupport - ok
15:10:05.0330 0x14dc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:10:05.0433 0x14dc  WerSvc - ok
15:10:05.0463 0x14dc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:10:05.0557 0x14dc  WfpLwf - ok
15:10:05.0579 0x14dc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:10:05.0607 0x14dc  WIMMount - ok
15:10:05.0627 0x14dc  WinDefend - ok
15:10:05.0643 0x14dc  WinHttpAutoProxySvc - ok
15:10:05.0716 0x14dc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:10:05.0829 0x14dc  Winmgmt - ok
15:10:05.0995 0x14dc  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:10:06.0256 0x14dc  WinRM - ok
15:10:06.0342 0x14dc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys
15:10:06.0385 0x14dc  WinUsb - ok
15:10:06.0470 0x14dc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:10:06.0591 0x14dc  Wlansvc - ok
15:10:06.0632 0x14dc  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:10:06.0658 0x14dc  wlcrasvc - ok
15:10:06.0856 0x14dc  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:10:07.0039 0x14dc  wlidsvc - ok
15:10:07.0081 0x14dc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:10:07.0115 0x14dc  WmiAcpi - ok
15:10:07.0165 0x14dc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:10:07.0216 0x14dc  wmiApSrv - ok
15:10:07.0253 0x14dc  WMPNetworkSvc - ok
15:10:07.0287 0x14dc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:10:07.0322 0x14dc  WPCSvc - ok
15:10:07.0348 0x14dc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:10:07.0397 0x14dc  WPDBusEnum - ok
15:10:07.0422 0x14dc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:10:07.0516 0x14dc  ws2ifsl - ok
15:10:07.0538 0x14dc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
15:10:07.0595 0x14dc  wscsvc - ok
15:10:07.0603 0x14dc  WSearch - ok
15:10:07.0804 0x14dc  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:10:08.0005 0x14dc  wuauserv - ok
15:10:08.0055 0x14dc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:10:08.0093 0x14dc  WudfPf - ok
15:10:08.0136 0x14dc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:10:08.0183 0x14dc  WUDFRd - ok
15:10:08.0226 0x14dc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:10:08.0267 0x14dc  wudfsvc - ok
15:10:08.0318 0x14dc  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:10:08.0372 0x14dc  WwanSvc - ok
15:10:08.0411 0x14dc  ================ Scan global ===============================
15:10:08.0434 0x14dc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:10:08.0487 0x14dc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:10:08.0522 0x14dc  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:10:08.0567 0x14dc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:10:08.0606 0x14dc  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
15:10:08.0629 0x14dc  [ Global ] - ok
15:10:08.0630 0x14dc  ================ Scan MBR ==================================
15:10:08.0639 0x14dc  [ C30A9FBB9194C2C5688458822C902A78 ] \Device\Harddisk0\DR0
15:10:09.0048 0x14dc  \Device\Harddisk0\DR0 - ok
15:10:09.0049 0x14dc  ================ Scan VBR ==================================
15:10:09.0054 0x14dc  [ 330DD205C29FB1538B22193230586A54 ] \Device\Harddisk0\DR0\Partition1
15:10:09.0058 0x14dc  \Device\Harddisk0\DR0\Partition1 - ok
15:10:09.0073 0x14dc  [ 8642F04239E3949C275305737FBFD766 ] \Device\Harddisk0\DR0\Partition2
15:10:09.0076 0x14dc  \Device\Harddisk0\DR0\Partition2 - ok
15:10:09.0106 0x14dc  [ AF800E455B95ABD38B4B1B4CFEA40A0B ] \Device\Harddisk0\DR0\Partition3
15:10:09.0110 0x14dc  \Device\Harddisk0\DR0\Partition3 - ok
15:10:09.0111 0x14dc  ================ Scan generic autorun ======================
15:10:09.0112 0x14dc  SynTPEnh - ok
15:10:09.0173 0x14dc  [ 3B46C768A26D33F867B1A3D06C281A8A, 5E04D008892BA2EEB1009E9CEA9EC62E1783BD1C12B4C84F94371600821363D8 ] C:\Windows\system32\TpShocks.exe
15:10:09.0221 0x14dc  TpShocks - ok
15:10:09.0260 0x14dc  [ 42361B4BD80768E82B80285851037665, A555A6BF8016645B838FEA993AD273D1F472586F3600619DC243B1C33438FA07 ] C:\Program Files\Conexant\ForteConfig\fmapp.exe
15:10:09.0284 0x14dc  ForteConfig - ok
15:10:09.0328 0x14dc  [ 59684F3A784301D09ADF69E70DF979E8, 69B437914B91947FA2EF817FB83495EE86C065B886EA155A0CF354C7ED100DE1 ] C:\Program Files\CONEXANT\SAII\SAIICpl.exe
15:10:09.0370 0x14dc  SmartAudio - ok
15:10:09.0400 0x14dc  [ 7EE88AA7B7F93CDA445921B6F8D9B89E, E8C40233E4EAE4660D481587E313A3542354FD4008B5165DB2393B0A87FC310D ] C:\Windows\system32\igfxtray.exe
15:10:09.0434 0x14dc  IgfxTray - ok
15:10:09.0473 0x14dc  [ 5D4069AEF369F011205CD71EACB5BBF7, 41769086CE903D4AA6572FB5DF6BCAE9647412E309537365AC31A89083B72FED ] C:\Windows\system32\hkcmd.exe
15:10:09.0523 0x14dc  HotKeysCmds - ok
15:10:09.0565 0x14dc  [ F0F898B89FD490AB77CC9D072B62004B, D0EAF4C0C993AA9ABB194AEADBBC09CF97FE3818ED22429CDBC60DF72423069A ] C:\Windows\system32\igfxpers.exe
15:10:09.0616 0x14dc  Persistence - ok
15:10:09.0651 0x14dc  [ EC80D4878D3824C289868E007B9C43EF, 8076D0F6C3D3EC60D3C638C60625F8063D2FA93FEAD00A3E6551812996087FFB ] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
15:10:09.0672 0x14dc  LENOVO.TPKNRRES - ok
15:10:09.0709 0x14dc  [ F5005A238995EAF113D62DD2540C5A38, 5CE534EF4125683A98BA491252830F3496AE71A25E85773B72F6AC4E732E4047 ] C:\Program Files\Lenovo\AutoLock\ALCKRESI.EXE
15:10:09.0747 0x14dc  ALCKRESI.EXE - ok
15:10:09.0782 0x14dc  [ 74354790ECAE60C11631BD7856C0AFD0, 4932908C79842CFDB4882A767BCAECB97F663892C9715D4FA1F4AE902335DCB5 ] C:\Windows\KHALMNPR.EXE
15:10:09.0812 0x14dc  Kernel and Hardware Abstraction Layer - ok
15:10:09.0856 0x14dc  [ 0307536FD43CC7BFB92F9DAC8DB913F1, 6C8BEDA4ADFBEF28E647B39B3EEA37A20BFE5C93C7EDA79471EFB46156197843 ] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
15:10:09.0872 0x14dc  RotateImage - detected UnsignedFile.Multi.Generic ( 1 )
15:10:12.0315 0x14dc  Detect skipped due to KSN trusted
15:10:12.0315 0x14dc  RotateImage - ok
15:10:12.0375 0x14dc  [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
15:10:12.0404 0x14dc  NUSB3MON - ok
15:10:12.0443 0x14dc  [ 49FBD026C73B6EFBFD3F58E641E39411, A2B80515D5107AD9817036B118D141F7A7306C372D54211A0B9687DB12D715FA ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
15:10:12.0471 0x14dc  IMSS - ok
15:10:12.0477 0x14dc  PWMTRV - ok
15:10:12.0788 0x14dc  [ B3E053ED10DD568A3B292241F1A74D32, 62606F78FF968D7DF3EF04CD146749B525AEC9C438E9A897DA48F05577659DB2 ] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe
15:10:13.0112 0x14dc  Lenovo Registration - ok
15:10:13.0253 0x14dc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:10:13.0382 0x14dc  Sidebar - ok
15:10:13.0409 0x14dc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:10:13.0463 0x14dc  mctadmin - ok
15:10:13.0545 0x14dc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:10:13.0674 0x14dc  Sidebar - ok
15:10:13.0688 0x14dc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:10:13.0742 0x14dc  mctadmin - ok
15:10:13.0823 0x14dc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:10:13.0952 0x14dc  Sidebar - ok
15:10:14.0045 0x14dc  [ 1D375BC94804633AAA93E63301355D9E, 9884CC1260505AC2B9DD1190321BF4AD64CA06C2E7AA0AA0C402F31A1846E6D1 ] C:\Program Files\Sandboxie\SbieCtrl.exe
15:10:14.0116 0x14dc  SandboxieControl - ok
15:10:14.0185 0x14dc  [ 23C2FCAA50C4F80F7D1B8A0771D45328, AE5BC1B2FC15AFFB5F38037AE4C87BB85F9C85D4AC0DCDD51F48A0F77E8EC094 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
15:10:14.0211 0x14dc  iCloudServices - ok
15:10:14.0241 0x14dc  [ 5883D86F8C22B1E5F78627E4AF19B234, 7DEE0ED168CBE012CAB1552586FDA945DF5151773E5523F0C7E4091F1DF1578F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
15:10:14.0266 0x14dc  ApplePhotoStreams - ok
15:10:14.0293 0x14dc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:10:14.0347 0x14dc  mctadmin - ok
15:10:14.0403 0x14dc  [ 1D375BC94804633AAA93E63301355D9E, 9884CC1260505AC2B9DD1190321BF4AD64CA06C2E7AA0AA0C402F31A1846E6D1 ] C:\Program Files\Sandboxie\SbieCtrl.exe
15:10:14.0474 0x14dc  SandboxieControl - ok
15:10:14.0493 0x14dc  [ 23C2FCAA50C4F80F7D1B8A0771D45328, AE5BC1B2FC15AFFB5F38037AE4C87BB85F9C85D4AC0DCDD51F48A0F77E8EC094 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
15:10:14.0519 0x14dc  iCloudServices - ok
15:10:14.0533 0x14dc  [ 5883D86F8C22B1E5F78627E4AF19B234, 7DEE0ED168CBE012CAB1552586FDA945DF5151773E5523F0C7E4091F1DF1578F ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
15:10:14.0558 0x14dc  ApplePhotoStreams - ok
15:10:14.0560 0x14dc  Waiting for KSN requests completion. In queue: 185
15:10:15.0560 0x14dc  Waiting for KSN requests completion. In queue: 15
15:10:16.0560 0x14dc  Waiting for KSN requests completion. In queue: 15
15:10:17.0560 0x14dc  Waiting for KSN requests completion. In queue: 15
15:10:18.0560 0x14dc  Waiting for KSN requests completion. In queue: 15
15:10:19.0560 0x14dc  Waiting for KSN requests completion. In queue: 15
15:10:20.0560 0x14dc  Waiting for KSN requests completion. In queue: 15
15:10:21.0560 0x14dc  Waiting for KSN requests completion. In queue: 15
15:10:22.0560 0x14dc  Waiting for KSN requests completion. In queue: 15
15:10:23.0560 0x14dc  Waiting for KSN requests completion. In queue: 15
15:10:24.0560 0x14dc  Waiting for KSN requests completion. In queue: 15
15:10:25.0560 0x14dc  Waiting for KSN requests completion. In queue: 15
15:10:26.0560 0x14dc  Waiting for KSN requests completion. In queue: 15
15:10:27.0561 0x14dc  Waiting for KSN requests completion. In queue: 15
15:10:28.0621 0x14dc  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.11.550 ), 0x41000 ( enabled : updated )
15:10:28.0636 0x14dc  Win FW state via NFP2: enabled ( trusted )
15:10:31.0064 0x14dc  ============================================================
15:10:31.0064 0x14dc  Scan finished
15:10:31.0064 0x14dc  ============================================================
15:10:31.0082 0x23cc  Detected object count: 7
15:10:31.0082 0x23cc  Actual detected object count: 7
15:12:22.0815 0x23cc  AceServer ( UnsignedFile.Multi.Generic ) - skipped by user
15:12:22.0816 0x23cc  AceServer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:12:22.0817 0x23cc  ENI Server ( UnsignedFile.Multi.Generic ) - skipped by user
15:12:22.0817 0x23cc  ENI Server ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:12:22.0820 0x23cc  IndraLogic V13 Gateway ( UnsignedFile.Multi.Generic ) - skipped by user
15:12:22.0820 0x23cc  IndraLogic V13 Gateway ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:12:22.0823 0x23cc  IndraWorksService ( UnsignedFile.Multi.Generic ) - skipped by user
15:12:22.0823 0x23cc  IndraWorksService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:12:22.0825 0x23cc  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:12:22.0825 0x23cc  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:12:22.0828 0x23cc  OpcEnum ( UnsignedFile.Multi.Generic ) - skipped by user
15:12:22.0828 0x23cc  OpcEnum ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:12:22.0831 0x23cc  s7hspsvx ( UnsignedFile.Multi.Generic ) - skipped by user
15:12:22.0831 0x23cc  s7hspsvx ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:14:14.0993 0x0538  Deinitialize success
         
Die gefundenen 7 Objekte erkläre ich mir wie folgt:

ACEServer - Software von Adept ist installiert
ENIServer - Software von CoDeSys ist installiert
Indralogic, Indraworks - Software Bosch Rexroth ist installiert
Net Driver HPZ12 - Treiber von HP ?
OPCEnum - hängt irgendwie mit einem OPC-Server zusammen. Bosch Rexroth oder Siemens?
s7hspsvx - STEP7 von Siemens ist installiert

Also alles sauber?

Geändert von halifax09 (25.08.2015 um 15:51 Uhr)

Alt 26.08.2015, 09:54   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Spammail durch meinen Account - Standard

Spammail durch meinen Account



Ja alles sauber.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Spammail durch meinen Account
account, bekannte, festgestellt, gestellt, mailadresse, mailadressen, schütze, schützen, spammail, spammails, verteilt



Ähnliche Themen: Spammail durch meinen Account


  1. Virus/Malware folgt Accounts auf Twitter über meinen Account
    Log-Analyse und Auswertung - 15.06.2015 (12)
  2. WIN 7: Keylogger? (verschickt Spam-Emails über meinen Account)
    Log-Analyse und Auswertung - 02.05.2015 (27)
  3. Spammail Versandt durch meinen Yahoo Account
    Überwachung, Datenschutz und Spam - 04.08.2014 (2)
  4. Massenemails über meinen Account, Trojaner oder Virus auf dem Rechner?
    Plagegeister aller Art und deren Bekämpfung - 21.08.2013 (13)
  5. Mein Computer verschickt eMails über meinen Account an fremde eMail-Adressen
    Log-Analyse und Auswertung - 03.07.2013 (6)
  6. Spams über meinen Account verschickt - wo muss ich suchen
    Plagegeister aller Art und deren Bekämpfung - 29.06.2013 (11)
  7. spammail von gmx account
    Log-Analyse und Auswertung - 09.08.2012 (0)
  8. Über meinen GMX Account werden Spam E-Mails verschickt
    Plagegeister aller Art und deren Bekämpfung - 08.05.2012 (1)
  9. Spam-Versand über meinen Yahoo-Account
    Log-Analyse und Auswertung - 07.05.2012 (27)
  10. Spam wird über meinen yahoo Account verschickt
    Log-Analyse und Auswertung - 25.01.2012 (10)
  11. Facebookvirus verschickt über meinen Account Links
    Log-Analyse und Auswertung - 12.12.2011 (29)
  12. Windows Mail verschickt Spam-Mails über meinen Account
    Plagegeister aller Art und deren Bekämpfung - 19.10.2011 (26)
  13. Spammail von meinem eigenen E-Mail-Account an aben denselben geschickt
    Überwachung, Datenschutz und Spam - 13.10.2010 (3)
  14. Bitte meinen Account löschen!
    Lob, Kritik und Wünsche - 19.12.2007 (3)
  15. Bitte meinen Account löschen, danke!
    Lob, Kritik und Wünsche - 07.09.2007 (4)
  16. Wie editiere ich meinen Account?
    Mülltonne - 20.02.2007 (1)

Zum Thema Spammail durch meinen Account - Hallo, habe festgestellt, dass mit meiner Mailadresse Spammails verteilt wurden. Auch an meine eigene Adresse wurden Mails gesendet. In der Verteilerliste der Spammail habe ich dann alles mir bekannte Mailadressen - Spammail durch meinen Account...
Archiv
Du betrachtest: Spammail durch meinen Account auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.