Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7: Eset findet 6 Trojaner

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 27.12.2016, 11:25   #1
BigBen17
 
Windows 7: Eset findet 6 Trojaner - Standard

Windows 7: Eset findet 6 Trojaner



Hallo, zunächst vielen Dank für die Hilfe!

Der PC meines Vaters wurde sehr langsam und stürzte ab. malwarebite fand drei unerwünschte Anwendungen, die ich dann gelöscht habe. Als das Problem nicht gelöst war, habe ich Eset heruntergeladen, das 18 unerwünschte Anwendingen fand. Dann war ich wohl zu schnell und habe sie alle gelöscht - das Problem blieb.

Hier die gewünschten Dateien:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
durchgeführt von PC (Administrator) auf PC-PC (27-12-2016 11:50:54)
Gestartet von C:\Users\PC\Downloads\msvcp120
Geladene Profile: PC &  (Verfügbare Profile: PC)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(SPEEDbit) C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [917576 2016-12-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-11-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [26832 2016-12-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-11-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup Tray] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [159568 2016-12-13] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\...\Run: [Firefox] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [510920 2016-12-14] (Mozilla Corporation)
HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\...\Run: [Thunderbird] => C:\Windows.old.000\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [491464 2016-12-17] (Mozilla Corporation)
HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\...\Run: [SpeedBitVideoAccelerator] => C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe [1517224 2016-03-18] (SPEEDbit)
HKU\S-1-5-21-1501792886-3384884554-2704517135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Firefox] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [510920 2016-12-14] (Mozilla Corporation)
HKU\S-1-5-21-1501792886-3384884554-2704517135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Thunderbird] => C:\Windows.old.000\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe [491464 2016-12-17] (Mozilla Corporation)
HKU\S-1-5-21-1501792886-3384884554-2704517135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpeedBitVideoAccelerator] => C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe [1517224 2016-03-18] (SPEEDbit)
IFEO: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javacpl.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaw.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaws.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\videoaccelerator.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-12-26]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Balke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2015-10-01]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Balke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2016-12-26]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2016-12-01]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2016-12-26]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog9 01 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320 2016-03-18] (SPEEDbit)
Winsock: Catalog9 02 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320 2016-03-18] (SPEEDbit)
Winsock: Catalog9 03 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320 2016-03-18] (SPEEDbit)
Winsock: Catalog9 04 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320 2016-03-18] (SPEEDbit)
Winsock: Catalog9 05 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320 2016-03-18] (SPEEDbit)
Winsock: Catalog9 06 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320 2016-03-18] (SPEEDbit)
Winsock: Catalog9 07 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320 2016-03-18] (SPEEDbit)
Winsock: Catalog9 08 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320 2016-03-18] (SPEEDbit)
Winsock: Catalog9 09 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320 2016-03-18] (SPEEDbit)
Winsock: Catalog9 10 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320 2016-03-18] (SPEEDbit)
Winsock: Catalog9 21 C:\Program Files (x86)\SpeedBit Video Accelerator\sblsp.dll [177320 2016-03-18] (SPEEDbit)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{708ACFE3-B12D-4B7A-8537-6C3F9EB3BE6F}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1501792886-3384884554-2704517135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-1501792886-3384884554-2704517135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-1501792886-3384884554-2704517135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1501792886-3384884554-2704517135-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1501792886-3384884554-2704517135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-12-10] (Intel Security)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-21] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-21] (Oracle Corporation)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-12-10] (Intel Security)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843 [2016-12-27]
FF user.js: detected! => C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843\user.js [2015-12-23]
FF NewTab: Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843 -> hxxps://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p10_serp_ff_de_display?ie=UTF8&tagbase=bds-p10&tbrId=v1_abb-channel-10_09c29ee9_1201_1401_20160811_DE_ff_nt_
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843 -> Qwant
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843 -> hxxp://go.speedbit.com/search.aspx?s=G3Ib&q=
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843 -> Amazon
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843 -> Speedbit Search
FF Homepage: Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843 -> about:home
FF Keyword.URL: Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843 -> hxxp://go.speedbit.com/search.aspx?s=G3Ib&q=
FF Extension: (friGate - unlock sites) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843\Extensions\e67f8350-7edf-11e3-baa7-0800200c9a66@fri-gate.org.xpi [2016-05-07]
FF Extension: (Video DownloadHelper) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-09-20]
FF Extension: (Adblock Plus) - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843\searchplugins\qwant.xml [2016-01-11]
FF SearchPlugin: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843\searchplugins\startpage---deutsch.xml [2016-03-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-14] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-14] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - Chrome.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-11-09] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1089592 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [476736 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [476736 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1490296 2016-12-14] (Avira Operations GmbH & Co. KG)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350528 2016-11-24] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.474\McCHSvc.exe [329480 2016-12-14] (McAfee, Inc.)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [35416 2016-12-13] (Avira Operations GmbH & Co. KG)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [995800 2016-11-30] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2016-11-30] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-11-30] (McAfee, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4788496 2016-11-25] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [56080 2016-11-25] (AVG Technologies CZ, s.r.o.)
R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [48912 2016-11-25] (AVG Technologies CZ, s.r.o.)
R2 VideoAcceleratorService; C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe [298152 2016-03-18] (SPEEDbit)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [176464 2016-12-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148032 2016-12-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-10-05] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-11] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-12-27] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-06-01] (AVG Netherlands B.V.)
U2 SBUpd; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-27 11:50 - 2016-12-27 11:50 - 00000000 ____D C:\FRST
2016-12-26 14:32 - 2016-12-26 14:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-12-24 11:03 - 2016-12-24 11:03 - 00000000 ____D C:\Program Files (x86)\ESET
2016-12-19 08:14 - 2016-12-26 14:32 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-12-17 22:20 - 2016-12-18 00:42 - 00080884 _____ C:\Windows\SysWOW64\MyDefrag.dat
2016-12-17 22:14 - 2016-12-17 22:14 - 00000000 ____D C:\Users\PC\AppData\Local\AviraSpeedup
2016-12-15 11:53 - 2016-12-26 14:28 - 00000000 ____D C:\Users\Public\Speedup Sessions
2016-12-14 11:27 - 2016-11-21 19:16 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-12-14 11:27 - 2016-11-21 19:16 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-12-14 11:27 - 2016-11-21 19:12 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-12-14 11:27 - 2016-11-21 19:12 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-12-14 11:27 - 2016-11-21 19:12 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-12-14 11:27 - 2016-11-21 19:12 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-12-14 11:27 - 2016-11-21 19:12 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-12-14 11:27 - 2016-11-21 19:12 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-12-14 11:27 - 2016-11-21 19:12 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-12-14 11:27 - 2016-11-21 19:12 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-12-14 11:27 - 2016-11-21 19:12 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-12-14 11:27 - 2016-11-21 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-12-14 11:27 - 2016-11-21 19:12 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2016-12-14 11:27 - 2016-11-21 19:12 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-12-14 11:27 - 2016-11-21 19:12 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-12-14 11:27 - 2016-11-21 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-12-14 11:27 - 2016-11-21 19:12 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-12-14 11:27 - 2016-11-21 19:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-12-14 11:27 - 2016-11-21 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-12-14 11:27 - 2016-11-20 17:20 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-12-14 11:27 - 2016-11-20 17:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-12-14 11:27 - 2016-11-20 17:20 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-12-14 11:27 - 2016-11-20 17:20 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2016-12-14 11:27 - 2016-11-20 17:20 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-12-14 11:27 - 2016-11-20 17:19 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-12-14 11:27 - 2016-11-20 17:19 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-12-14 11:27 - 2016-11-20 17:19 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-12-14 11:27 - 2016-11-20 17:19 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-12-14 11:27 - 2016-11-20 17:19 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-12-14 11:27 - 2016-11-20 17:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-12-14 11:27 - 2016-11-20 17:19 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-12-14 11:27 - 2016-11-20 17:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-12-14 11:27 - 2016-11-20 17:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-12-14 11:27 - 2016-11-20 17:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-12-14 11:27 - 2016-11-20 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-12-14 11:27 - 2016-11-20 16:57 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-12-14 11:27 - 2016-11-20 16:57 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-12-14 11:27 - 2016-11-20 16:57 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-12-14 11:27 - 2016-11-20 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-12-14 11:27 - 2016-11-20 16:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-12-14 11:27 - 2016-11-20 15:07 - 00467392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-12-14 11:27 - 2016-11-17 17:41 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-12-14 11:27 - 2016-11-15 00:27 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-12-14 11:27 - 2016-11-14 23:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-12-14 11:27 - 2016-11-12 20:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-12-14 11:27 - 2016-11-12 20:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-12-14 11:27 - 2016-11-12 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-12-14 11:27 - 2016-11-12 20:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-12-14 11:27 - 2016-11-12 20:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-12-14 11:27 - 2016-11-12 20:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-12-14 11:27 - 2016-11-12 20:21 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-12-14 11:27 - 2016-11-12 20:15 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-12-14 11:27 - 2016-11-12 20:14 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-12-14 11:27 - 2016-11-12 20:09 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-12-14 11:27 - 2016-11-12 20:08 - 25759744 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-12-14 11:27 - 2016-11-12 20:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-12-14 11:27 - 2016-11-12 20:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-12-14 11:27 - 2016-11-12 20:07 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-12-14 11:27 - 2016-11-12 20:07 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-12-14 11:27 - 2016-11-12 19:56 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-12-14 11:27 - 2016-11-12 19:53 - 06049280 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-12-14 11:27 - 2016-11-12 19:52 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-12-14 11:27 - 2016-11-12 19:41 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-12-14 11:27 - 2016-11-12 19:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-12-14 11:27 - 2016-11-12 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-12-14 11:27 - 2016-11-12 19:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-12-14 11:27 - 2016-11-12 19:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-12-14 11:27 - 2016-11-12 19:30 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-12-14 11:27 - 2016-11-12 19:29 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-12-14 11:27 - 2016-11-12 19:29 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-12-14 11:27 - 2016-11-12 19:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-12-14 11:27 - 2016-11-12 19:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-12-14 11:27 - 2016-11-12 19:27 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-12-14 11:27 - 2016-11-12 19:20 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-12-14 11:27 - 2016-11-12 19:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-12-14 11:27 - 2016-11-12 19:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-12-14 11:27 - 2016-11-12 19:17 - 20302848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-12-14 11:27 - 2016-11-12 19:15 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-12-14 11:27 - 2016-11-12 19:14 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-12-14 11:27 - 2016-11-12 19:14 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-12-14 11:27 - 2016-11-12 19:14 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-12-14 11:27 - 2016-11-12 19:14 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-12-14 11:27 - 2016-11-12 19:11 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-12-14 11:27 - 2016-11-12 19:10 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-12-14 11:27 - 2016-11-12 19:08 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-12-14 11:27 - 2016-11-12 19:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-12-14 11:27 - 2016-11-12 19:03 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-12-14 11:27 - 2016-11-12 18:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-12-14 11:27 - 2016-11-12 18:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-12-14 11:27 - 2016-11-12 18:52 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-12-14 11:27 - 2016-11-12 18:51 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-12-14 11:27 - 2016-11-12 18:49 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-12-14 11:27 - 2016-11-12 18:47 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-12-14 11:27 - 2016-11-12 18:41 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-12-14 11:27 - 2016-11-12 18:40 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-12-14 11:27 - 2016-11-12 18:38 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-12-14 11:27 - 2016-11-12 18:37 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-12-14 11:27 - 2016-11-12 18:36 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-12-14 11:27 - 2016-11-12 18:36 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-12-14 11:27 - 2016-11-12 18:35 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-12-14 11:27 - 2016-11-12 18:21 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-12-14 11:27 - 2016-11-12 18:20 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-12-14 11:27 - 2016-11-12 18:11 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-12-14 11:27 - 2016-11-12 18:05 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-12-14 11:27 - 2016-11-12 18:02 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-12-14 11:27 - 2016-11-12 18:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-12-14 11:27 - 2016-11-10 17:32 - 01009152 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-12-14 11:27 - 2016-11-10 17:19 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-12-14 11:27 - 2016-11-09 17:41 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-12-14 11:27 - 2016-11-09 17:33 - 03244032 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-12-14 11:27 - 2016-11-09 17:33 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-12-14 11:27 - 2016-11-09 17:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-12-14 11:27 - 2016-11-09 17:33 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-12-14 11:27 - 2016-11-09 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-12-14 11:27 - 2016-11-09 17:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-12-14 11:27 - 2016-11-09 17:17 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-12-14 11:27 - 2016-11-09 17:17 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-12-14 11:27 - 2016-11-09 17:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-12-14 11:27 - 2016-11-09 17:02 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-12-14 11:27 - 2016-11-09 16:55 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-12-14 11:27 - 2016-11-06 17:33 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-12-14 11:27 - 2016-11-06 17:16 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-12-14 11:27 - 2016-11-06 17:01 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-12-14 11:27 - 2016-10-27 16:33 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2016-12-14 11:27 - 2016-10-27 16:20 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2016-12-14 11:27 - 2016-10-11 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-12-14 11:27 - 2016-10-11 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-12-14 11:27 - 2016-10-11 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-12-14 11:27 - 2016-10-11 16:34 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-12-14 11:27 - 2016-10-11 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-12-14 11:27 - 2016-10-11 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-12-14 11:27 - 2016-10-11 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-12-14 11:27 - 2016-10-11 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-12-14 11:27 - 2016-10-11 16:32 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-12-14 11:27 - 2016-10-11 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-12-14 11:27 - 2016-10-11 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-12-14 11:27 - 2016-10-11 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-12-14 11:27 - 2016-10-11 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:24 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-12-14 11:27 - 2016-10-11 16:24 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-12-14 11:27 - 2016-10-11 16:21 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:18 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 16:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-12-14 11:27 - 2016-10-11 16:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-12-14 11:27 - 2016-10-11 16:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-12-14 11:27 - 2016-10-11 15:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-12-14 11:27 - 2016-10-11 15:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-12-14 11:27 - 2016-10-11 15:55 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2016-12-14 11:27 - 2016-10-11 15:55 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-12-14 11:27 - 2016-10-11 15:51 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-12-14 11:27 - 2016-10-11 15:51 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-12-14 11:27 - 2016-10-11 15:51 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-12-14 11:27 - 2016-10-11 15:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-12-14 11:27 - 2016-10-11 15:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 15:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 15:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 15:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-12-14 11:27 - 2016-10-11 14:18 - 00419648 _____ C:\Windows\SysWOW64\locale.nls
2016-12-14 11:27 - 2016-10-11 14:17 - 00419648 _____ C:\Windows\system32\locale.nls
2016-12-14 11:27 - 2016-10-08 14:06 - 00633296 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-12-14 11:27 - 2016-10-04 16:31 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-12-14 11:27 - 2016-10-04 16:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-12-14 11:27 - 2016-10-04 16:31 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-12-14 11:27 - 2016-10-04 16:31 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-12-14 11:27 - 2016-10-04 16:13 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-12-14 11:27 - 2016-10-04 16:13 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-12-14 11:27 - 2016-10-04 16:13 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-12-14 11:27 - 2016-10-04 16:13 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-12-14 11:26 - 2016-11-21 19:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-12-14 11:26 - 2016-11-21 19:12 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-12-14 11:26 - 2016-11-21 19:12 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-12-14 11:26 - 2016-11-20 17:19 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-12-14 11:26 - 2016-11-20 17:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-12-14 11:26 - 2016-11-20 17:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-12-14 11:26 - 2016-11-12 20:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-12-14 11:26 - 2016-11-12 19:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-12-14 11:26 - 2016-11-09 17:33 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-12-14 11:26 - 2016-11-09 17:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-12-08 16:47 - 2016-12-08 16:47 - 00001136 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2016-11-30 16:58 - 2016-12-15 11:53 - 00001219 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2016-11-29 22:34 - 2016-11-29 22:34 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr110_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2016-11-29 22:34 - 2016-11-29 22:34 - 00019112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00030400 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr110_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2016-11-29 22:27 - 2016-11-29 22:27 - 00019112 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_clr0400.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-12-27 11:50 - 2016-08-11 21:56 - 00000000 ____D C:\Users\PC\Downloads\msvcp120
2016-12-27 11:49 - 2009-07-14 05:45 - 00021648 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-27 11:49 - 2009-07-14 05:45 - 00021648 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-27 08:47 - 2015-10-16 22:43 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-26 19:38 - 2016-06-10 16:30 - 00000462 _____ C:\Windows\Tasks\ParetoLogic Registration3.job
2016-12-26 14:43 - 2016-09-20 20:56 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task
2016-12-26 14:32 - 2016-02-10 08:13 - 00001964 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2016-12-26 14:28 - 2016-11-20 08:28 - 00000000 ____D C:\Users\PC\AppData\LocalLow\Mozilla
2016-12-26 14:28 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-24 21:25 - 2016-08-31 21:10 - 00000000 ____D C:\Users\PC\Documents\Bendix
2016-12-24 17:48 - 2013-03-20 16:28 - 00000000 ____D C:\Users\Balke\AppData\Local\iLivid
2016-12-23 20:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Resources
2016-12-22 08:37 - 2016-06-02 20:55 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-12-22 08:36 - 2016-04-27 14:53 - 00000000 ____D C:\Program Files\TrueKey
2016-12-21 16:39 - 2016-04-27 15:02 - 00001190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2016-12-19 18:41 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-18 00:42 - 2016-09-15 16:17 - 00140418 _____ C:\Windows\SysWOW64\Defrag.debuglog
2016-12-17 22:21 - 2015-10-21 09:15 - 00004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-12-17 22:21 - 2015-10-16 22:13 - 00003696 _____ C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager
2016-12-17 09:31 - 2016-07-29 06:25 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-12-17 09:31 - 2015-12-17 22:19 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-12-16 22:06 - 2012-02-04 11:51 - 00000000 ____D C:\Users\PC\Documents\PhotoEd
2016-12-15 12:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-12-15 11:53 - 2015-10-28 17:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-12-15 11:53 - 2015-10-28 17:51 - 00000000 ____D C:\Program Files (x86)\Avira
2016-12-14 22:54 - 2016-05-06 21:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-14 22:54 - 2015-10-15 07:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-14 22:06 - 2016-07-18 15:25 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-14 21:44 - 2016-10-06 07:22 - 00035864 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2016-12-14 21:44 - 2015-10-28 17:54 - 00176464 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-12-14 21:44 - 2015-10-28 17:54 - 00148032 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-12-14 17:33 - 2015-10-17 21:20 - 00000000 ____D C:\Users\PC\AppData\Local\Adobe
2016-12-14 17:31 - 2016-07-18 15:25 - 00003824 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-12-14 17:31 - 2015-10-19 15:22 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-12-14 17:31 - 2015-10-19 15:22 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-14 17:31 - 2015-10-19 15:22 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-12-14 17:31 - 2015-10-19 15:22 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-14 17:24 - 2010-11-21 07:50 - 00699462 _____ C:\Windows\system32\perfh007.dat
2016-12-14 17:24 - 2010-11-21 07:50 - 00149602 _____ C:\Windows\system32\perfc007.dat
2016-12-14 17:24 - 2009-07-14 06:13 - 01620812 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-14 17:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-14 17:16 - 2009-07-14 05:45 - 00340360 _____ C:\Windows\system32\FNTCACHE.DAT
2016-12-14 12:22 - 2015-10-14 18:15 - 00000000 ____D C:\Windows\system32\MRT
2016-12-14 12:19 - 2015-10-14 18:15 - 135632432 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-12-14 12:17 - 2015-12-18 09:50 - 01594156 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-12-10 17:20 - 2015-10-14 10:41 - 00000000 ____D C:\Windows.old.000
2016-12-08 16:47 - 2015-10-28 17:51 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-01 23:12 - 2016-09-21 20:54 - 00000000 ____D C:\Program Files (x86)\DLL-Files.com Client
2016-12-01 23:12 - 2016-09-21 14:20 - 00001129 _____ C:\Users\Public\Desktop\DLL-Files.com Client.lnk
2016-12-01 23:12 - 2016-09-21 14:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DLL-Files.com Client
2016-12-01 23:05 - 2012-03-04 16:19 - 00000000 ____D C:\Users\PC\Texte

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-02-16 07:37 - 2016-02-16 07:37 - 0431616 ____N () C:\Program Files\CEWE FOTOIMPORTER.exe
2016-02-16 07:37 - 2016-02-16 07:37 - 0229376 ____N () C:\Program Files\CEWE FOTOSCHAU.exe
2016-02-16 07:37 - 2016-02-16 07:37 - 0016384 ____N () C:\Program Files\gpuprobe.exe
2016-02-16 07:37 - 2016-02-16 07:37 - 5404672 ____N () C:\Program Files\Mein CEWE FOTOBUCH.exe
2016-08-11 21:56 - 2016-08-11 13:14 - 0660128 _____ (Microsoft Corporation) C:\Program Files\msvcp120.dll
2016-08-11 07:04 - 2016-08-11 07:04 - 0199671 _____ () C:\Program Files (x86)\msvcp120.zip
2016-08-12 20:29 - 2016-08-12 20:29 - 0001166 _____ () C:\Program Files (x86)\vcredist_x86 - Verknüpfung.lnk

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2016-12-24 20:02

==================== Ende von FRST.txt ===
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von PC (27-12-2016 11:51:45)
Gestartet von C:\Users\PC\Downloads\msvcp120
Windows 7 Home Premium Service Pack 1 (X64) (2015-10-14 09:19:14)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1501792886-3384884554-2704517135-500 - Administrator - Disabled)
Gast (S-1-5-21-1501792886-3384884554-2704517135-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1501792886-3384884554-2704517135-1003 - Limited - Enabled)
PC (S-1-5-21-1501792886-3384884554-2704517135-1000 - Administrator - Enabled) => C:\Users\PC

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

1-Click PC Tuneup (HKLM-x32\...\1-Click PC Tuneup) (Version: F:\1clickTuneup\build\oneclick.exe - Vitarsoft Corporation)
7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{CE42CFF5-F477-D440-6CFB-6CBAE0008B91}) (Version: 3.0.855.0 - Advanced Micro Devices, Inc.)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.63.2.50050 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.63.4 - AVG Technologies) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Connect (HKLM-x32\...\{707e8edf-9482-4417-ae39-c9b5fe605e87}) (Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 3.1.0.4242 - Avira Operations GmbH & Co. KG)
DLL-Files.com Client (HKLM-x32\...\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1) (Version: 2.1.1000.4462 - DLL-Files.com Client)
EPSON Attach To Email (HKLM-x32\...\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}) (Version: 1.01.0000 - SEIKO EPSON)
EPSON Attach To Email (x32 Version: 1.01.0000 - SEIKO EPSON) Hidden
EPSON Copy Utility 3 (HKLM-x32\...\{67EDD823-135A-4D59-87BD-950616D6E857}) (Version: 3.2.0.0 - )
EPSON Easy Photo Print (HKLM-x32\...\{BC69DDB8-4840-4D9B-BB31-0D4DB2BA1312}) (Version: 1.2.3.0 - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - )
FMW 1 (Version: 1.143.3 - AVG Technologies) Hidden
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.11.110.1 - Intel Security)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.474.2 - McAfee, Inc.)
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 6.1.3 - CEWE Stiftung u Co. KGaA)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 45.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
Mozilla Thunderbird 45.5.1 (x86 de) (HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\...\Mozilla Thunderbird 45.5.1 (x86 de)) (Version: 45.5.1 - Mozilla)
Mozilla Thunderbird 45.5.1 (x86 de) (HKU\S-1-5-21-1501792886-3384884554-2704517135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Mozilla Thunderbird 45.5.1 (x86 de)) (Version: 45.5.1 - Mozilla)
PIF DESIGNER (HKLM-x32\...\{B90450DF-E781-46FD-B1F1-0C86DA40E443}) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.27.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.27.0 - Renesas Electronics Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0776D7CE-5405-4D6E-AE88-385B45B9E3EA} - System32\Tasks\{305175E0-3461-405B-B56B-A49BD5DBB315} => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [2016-12-06] (AVG Technologies CZ, s.r.o.)
Task: {15AD885A-78A4-4F5C-BE03-7121A8FBEE3B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {17EE6412-0D5D-4A9B-9990-DA468BBC0F1D} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08] ()
Task: {1F2A6E02-F7D5-46AE-BEA5-031812053CD7} - System32\Tasks\{1ACAD4E6-2FB8-4C8A-A5FD-F92F7C1ADE01} => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [2016-12-06] (AVG Technologies CZ, s.r.o.)
Task: {20A5CE53-33A2-4F5F-A141-DEEF1C5414A3} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22] (Oracle Corporation)
Task: {228403F9-EFE7-4786-9771-D4B5218C02DF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-17] (Google Inc.)
Task: {33FDB15B-4E07-4A5A-9102-ED47ACD32196} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {40E23B5D-368B-4E59-B357-0230C6172D3C} - System32\Tasks\{A3B49289-E3D5-4049-A083-4E4890EC392E} => C:\Program Files\Vitarsoft\1-Click PC Tuneup\PCtuneup.exe [2013-03-09] (Vitarsoft)
Task: {5EBB9670-8D09-4FDF-9FF7-177BC4B4DA79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-17] (Google Inc.)
Task: {A2A5F4B3-E3EC-40C0-88D7-AF93F622B3C5} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {B1B61AD5-0D83-461D-8BFD-A3BCCB3A8634} - System32\Tasks\{5452F968-0C34-416A-A03E-0B5F8C7BAEC9} => C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe [2015-10-05] (Malwarebytes)
Task: {B324921B-3B63-4D5A-B33D-F421CF870339} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2016-11-25] (AVG Technologies CZ, s.r.o.)
Task: {B5B1575F-617E-4A10-864E-F1A678B906C6} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08] ()
Task: {C7517279-344F-42FE-959E-39C24692286A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-14] (Adobe Systems Incorporated)
Task: {D7E1C81E-DB44-43FC-8691-620E2FD91442} - System32\Tasks\{259FDB5E-6C93-4D19-804F-656F00579B0A} => C:\Program Files\Vitarsoft\1-Click PC Tuneup\PCtuneup.exe [2013-03-09] (Vitarsoft)
Task: {DDABBB45-B655-46A7-BBCD-5C99D475D27C} - System32\Tasks\{2BC080A6-B983-49C6-BD39-DF7F955A5A46} => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [2016-12-06] (AVG Technologies CZ, s.r.o.)
Task: {E0466576-A0C7-466E-826D-17E374DA0757} - System32\Tasks\{62EA9BC3-D3DE-43E7-B429-AB0FA61B6992} => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [2016-12-06] (AVG Technologies CZ, s.r.o.)
Task: {E2875857-E254-4FA8-8B14-704040A6FA37} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {F0F67EC2-CFBF-4AAE-AF37-A44199081729} - System32\Tasks\Vitarsoft_1_Click_PC_Tuneup_Update => C:\Program Files\Vitarsoft\1-Click PC Tuneup\update.exe [2013-03-09] (Vitarsoft)
Task: {F2DCE893-6039-47E7-9C48-5112716B7DA8} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => rundll32.exe  C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\Vitarsoft_1_Click_PC_Tuneup_Update.job => C:\Program Files\Vitarsoft\1-Click PC Tuneup\update.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-11-28 17:47 - 2016-11-28 17:46 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1501792886-3384884554-2704517135-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4                                                                                                                                                                                                                 
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s                                                                                                                                                                                                                       

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{A5A99030-04D3-406B-9B49-2FFA5BDF5E22}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E113D91F-F65F-4DCB-94C1-02BF873E7E53}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FE509530-6147-4C33-9836-E826174F5CCC}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E7E95471-F389-498C-990B-E61EE733F78C}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================

19-12-2016 22:46:44 Vitarsoft
26-12-2016 14:38:46 Windows-Sicherung

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/26/2016 02:53:29 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\users\pc\downloads\msvcp120\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/26/2016 02:29:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/24/2016 11:03:42 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\PC\Downloads\msvcp120\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/24/2016 11:03:34 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\PC\Downloads\msvcp120\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (12/23/2016 08:44:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/22/2016 08:38:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/21/2016 04:37:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/19/2016 10:52:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/19/2016 10:09:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (12/19/2016 06:47:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.


Systemfehler:
=============
Error: (12/26/2016 07:38:56 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR5 gefunden.

Error: (12/26/2016 07:38:41 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht.

Error: (12/24/2016 09:21:42 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (12/24/2016 07:36:20 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.

Error: (12/24/2016 07:35:58 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (12/24/2016 05:49:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (12/24/2016 05:49:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\PC\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (12/24/2016 05:49:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (12/24/2016 05:49:38 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\PC\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (12/24/2016 05:49:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.


CodeIntegrity:
===================================
  Date: 2016-12-23 20:02:34.884
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old.000\Windows\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10240.16384_none_ae8b861a138d2840\Utilman.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-23 20:02:34.734
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old.000\Windows\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10240.16384_none_ae8b861a138d2840\Utilman.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-23 20:02:34.564
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old.000\Windows\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10240.16384_none_ae8b861a138d2840\Utilman.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-23 20:00:28.010
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old.000\Windows\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.10240.16384_none_d7cab6266329c783\Windows.Devices.Perception.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-23 20:00:27.821
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old.000\Windows\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.10240.16384_none_d7cab6266329c783\Windows.Devices.Perception.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-23 20:00:27.626
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old.000\Windows\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.10240.16384_none_d7cab6266329c783\Windows.Devices.Perception.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-23 20:00:18.086
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old.000\Windows\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.10240.16431_none_510c5232f65d3fa4\GamePanel.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-23 20:00:17.926
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old.000\Windows\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.10240.16431_none_510c5232f65d3fa4\GamePanel.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-23 20:00:17.716
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old.000\Windows\WinSxS\wow64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.10240.16431_none_510c5232f65d3fa4\GamePanel.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2016-12-23 19:58:35.369
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows.old.000\Windows\WinSxS\wow64_microsoft-windows-edp-audit_31bf3856ad364e35_10.0.10240.16384_none_7777f253b03d948e\edpauditapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Prozessor: AMD A4-3400 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 61%
Installierter physikalischer RAM: 3581.22 MB
Verfügbarer physikalischer RAM: 1375.24 MB
Summe virtueller Speicher: 7160.63 MB
Verfügbarer virtueller Speicher: 4074.45 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:467.45 GB) (Free:383.33 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Sicherung) (Fixed) (Total:449.07 GB) (Free:219.36 GB) NTFS
Drive j: () (Fixed) (Total:465.76 GB) (Free:302.68 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: AA6F3D90)
Partition 1: (Not Active) - (Size=467.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449.1 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=15 GB) - (Type=27)

========================================================
Disk: 5 (Size: 465.8 GB) (Disk ID: D663720F)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
Und hier das Protokoll von Eset:

Code:
ATTFilter
C:\Windows.old.000\Documents and Settings\Balke\AppData\Roaming\Mozilla\Firefox\Profiles\49axp4k2.default-1366129795280\extensions\e5ffxtbr@www.productivityboss.com\bootstrap.js	JS/Mindspark.C evtl. unerwünschte Anwendung	
C:\Windows.old.000\ProgramData\InstallMate\{9C9673A6-147E-4B58-A9B3-5C5C47755150}\_Setupx.dll	Variante von Win32/InstalleRex.T evtl. unerwünschte Anwendung	
C:\Windows.old.000\Users\All Users\InstallMate\{9C9673A6-147E-4B58-A9B3-5C5C47755150}\_Setupx.dll	Variante von Win32/InstalleRex.T evtl. unerwünschte Anwendung	
C:\Windows.old.000\Users\Balke\Anwendungsdaten\Mozilla\Firefox\Profiles\49axp4k2.default-1366129795280\extensions\e5ffxtbr@www.productivityboss.com\bootstrap.js	JS/Mindspark.C evtl. unerwünschte Anwendung	
C:\Windows.old.000\Users\Balke\AppData\Roaming\Mozilla\Firefox\Profiles\49axp4k2.default-1366129795280\extensions\e5ffxtbr@www.productivityboss.com\bootstrap.js	JS/Mindspark.C evtl. unerwünschte Anwendung	
C:\Program Files\Common Files\SpeedBit\SBUpdate\sba.exe	Variante von Win64/SBWatchman.B evtl. unerwünschte Anwendung	Gesäubert durch Löschen
C:\Program Files\Common Files\SpeedBit\SBUpdate\sbei32.dll	Variante von Win32/SBWatchman.A evtl. unerwünschte Anwendung	Gesäubert durch Löschen
C:\Program Files\Common Files\SpeedBit\SBUpdate\sbei64.dll	Variante von Win64/SBWatchman.A evtl. unerwünschte Anwendung	Gesäubert durch Löschen
C:\Program Files\Common Files\SpeedBit\SBUpdate\sbfi32.dll	Variante von Win32/SBWatchman.A evtl. unerwünschte Anwendung	Gesäubert durch Löschen
C:\Program Files\Common Files\SpeedBit\SBUpdate\sbfi64.dll	Variante von Win64/SBWatchman.A evtl. unerwünschte Anwendung	Gesäubert durch Löschen
C:\Program Files\Common Files\SpeedBit\SBUpdate\sbi32.exe	Variante von Win32/SBWatchman.A evtl. unerwünschte Anwendung	Gesäubert durch Löschen
C:\Program Files\Common Files\SpeedBit\SBUpdate\sbi64.exe	Variante von MSIL/SBWatchman.A evtl. unerwünschte Anwendung	Gesäubert durch Löschen
C:\Program Files (x86)\Common Files\SpeedBit\SBUpdate\AAAA	Variante von Win32/SpeedBit.K evtl. unerwünschte Anwendung	Gesäubert durch Löschen
C:\Users\Balke\AppData\Local\iLivid\Helper.dll	Variante von Win32/Toolbar.SearchSuite.W evtl. unerwünschte Anwendung	Gesäubert durch Löschen
C:\Users\PC\Downloads\va33.exe	Variante von Win32/SpeedBit.K evtl. unerwünschte Anwendung	gelöscht
C:\Windows.old.000\Documents and Settings\All Users\InstallMate\{9C9673A6-147E-4B58-A9B3-5C5C47755150}\_Setupx.dll	Variante von Win32/InstalleRex.T evtl. unerwünschte Anwendung	Gesäubert durch Löschen
C:\Windows.old.000\Documents and Settings\Balke\Anwendungsdaten\Mozilla\Firefox\Profiles\49axp4k2.default-1366129795280\extensions\e5ffxtbr@www.productivityboss.com\bootstrap.js	JS/Mindspark.C evtl. unerwünschte Anwendung	Gesäubert durch Löschen
C:\Windows.old.000\Program Files (x86)\WxDownload\uninstall.exe	Variante von Win32/SProtector.B evtl. unerwünschte Anwendung	gelöscht
         
Mein Vater würde sich sehr freuen, wenn Sie helfen könnten, seinen Computer wieder freizubekommen. Die merkwürdige Aufteilung der Festplatten kommt daher, dass er mal auf Windows 10 aufgerüstet hat, damit nicht zurechtkam und von einer Fachfirma der PC zurück auf Windows 7 gesetzt wurde.

Mit freundlichen Grüßen, BigBen17

Geändert von cosinus (27.12.2016 um 11:33 Uhr) Grund: CODE-Tags

Alt 27.12.2016, 11:35   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7: Eset findet 6 Trojaner - Standard

Windows 7: Eset findet 6 Trojaner



Hi,

Zitat:
malwarebite fand drei unerwünschte Anwendungen
es heißt Malwarebytes - wo sind die Logs davon?

Und Logs werden grundsätzlich in CODE-Tags gepostet, nicht einfach so rein.



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 27.12.2016, 12:54   #3
BigBen17
 
Windows 7: Eset findet 6 Trojaner - Standard

Windows 7: Eset findet 6 Trojaner



Hallo Cosinus, es tut mir leid: Ich bin zum ersten Mal in einem solchen Computer-Forum und kenne mich damit bedauerlicherweise nicht aus.

Malwarebytes hat die Logs nur von heute, nicht von den letzten Tagen gespeichert. Ich hatte mir von Hand aufgeschrieben, dass es PCKeeper, Bandoo und MindSpot gefunden und gelöscht hat (PUP.Optional).
__________________

Alt 27.12.2016, 14:00   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7: Eset findet 6 Trojaner - Standard

Windows 7: Eset findet 6 Trojaner



Du sollst die Logs posten, nicht irgendwelche Nacherzählungen, mit denen keiner so richtig was anfangen kann

Wenn du keine Ahnung hast solltest du auch eigentlich nicht ohne Anleitungen irgendwelche Tools ausführen. Die Logs von MBAM findest du im Verlauf.
__________________
"Ich habe viel Geld für Alkohol, Weiber und schnelle Autos ausgegeben. Den Rest hab’ ich einfach nur verprasst." - George Best

Warum Linux besser als Windows ist!


Das Trojaner-Board unterstützen

Alt 27.12.2016, 14:46   #5
BigBen17
 
Windows 7: Eset findet 6 Trojaner - Standard

Windows 7: Eset findet 6 Trojaner



Hallo, anscheinend hat mein Vater die Logs gelöscht, so wie Malewarebytes es freundlich vorschlägt ("Löschen/ Alles Löschen"). Sie finden sich auch nicht im entsprechenden Verzeichnis oder im Papierkorb.

Nur als Beweis, dass ich den Verlauf durchaus finden kann:

Malwarebytes Anti-Malware
www.malwarebytes.org

Update, 27.12.2016 13:27, SYSTEM, PC-PC, Scheduler, Failed, No Internet connection detected,
Update, 27.12.2016 13:30, SYSTEM, PC-PC, Scheduler, IP Database, 2016.12.25.1, 2016.12.27.1,
Update, 27.12.2016 13:30, SYSTEM, PC-PC, Scheduler, Domain Database, 2016.12.26.1, 2016.12.27.1,
Update, 27.12.2016 13:30, SYSTEM, PC-PC, Scheduler, Malware Database, 2016.12.27.2, 2016.12.27.3,
Protection, 27.12.2016 13:30, SYSTEM, PC-PC, Protection, Refresh, Starting,
Protection, 27.12.2016 13:30, SYSTEM, PC-PC, Protection, Malicious Website Protection, Stopping,
Protection, 27.12.2016 13:30, SYSTEM, PC-PC, Protection, Malicious Website Protection, Stopped,
Protection, 27.12.2016 13:31, SYSTEM, PC-PC, Protection, Refresh, Success,
Protection, 27.12.2016 13:31, SYSTEM, PC-PC, Protection, Malicious Website Protection, Starting,
Protection, 27.12.2016 13:31, SYSTEM, PC-PC, Protection, Malicious Website Protection, Started,
Update, 27.12.2016 15:21, SYSTEM, PC-PC, Scheduler, Domain Database, 2016.12.27.1, 2016.12.27.3,
Protection, 27.12.2016 15:21, SYSTEM, PC-PC, Protection, Refresh, Starting,
Protection, 27.12.2016 15:21, SYSTEM, PC-PC, Protection, Malicious Website Protection, Stopping,
Protection, 27.12.2016 15:22, SYSTEM, PC-PC, Protection, Malicious Website Protection, Stopped,
Protection, 27.12.2016 15:22, SYSTEM, PC-PC, Protection, Refresh, Success,
Protection, 27.12.2016 15:22, SYSTEM, PC-PC, Protection, Malicious Website Protection, Starting,
Protection, 27.12.2016 15:23, SYSTEM, PC-PC, Protection, Malicious Website Protection, Started,

(end)

Ich würde mich sehr freuen, wenn die "Goldene Regel 6" ("Wenn du etwas nicht verstehst, frage höflich nach. Wir erklären dir gerne, was du machen musst") für uns beide gelten könnte.


Alt 28.12.2016, 08:19   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7: Eset findet 6 Trojaner - Standard

Windows 7: Eset findet 6 Trojaner



Ja das ist dann schön blöd, denn so kann niemand sich mehr zu den Funden von MBAM äußern. Also da kannste du keine Info zu erwarten.


Zitat:
Ich würde mich sehr freuen, wenn die "Goldene Regel 6" ("Wenn du etwas nicht verstehst, frage höflich nach. Wir erklären dir gerne, was du machen musst") für uns beide gelten könnte.
Ja, ich freu mich immer, wenn klare, eindeutige Anleitungen auch mal befolgt würden.
Das mit den CODE-Tags zB


+++ WICHTIGER HINWEIS +++


Während der Analyse und Bereinigung nimmst du KEINERLEI Änderungen auf eigene Faust vor, d.h. du installierst oder deinstallierst keine Software ohne Absprache.
Auch veränderst du keine Systemeinstellungen, solange wir deinen Fall bearbeiten. Änderungen, Installationen oder Deinstallationen machst du AUSSCHLIESSLICH nur auf Anweisung!
Es wird erforderlich sein, deinen Virenscanner zu deaktivieren und in bestimmten Fällen auch zu deinstallieren, damit vernünftig bereinigt werden kann. Dein System ist daher erst wenn wir hier fertig sind wieder für den alltäglichen Gebrauch wie surfen oder mailen von mir freigegeben.

Gelesen und verstanden?




Bitte Avira deinstallieren. Das Teil empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________
--> Windows 7: Eset findet 6 Trojaner

Alt 28.12.2016, 17:12   #7
BigBen17
 
Windows 7: Eset findet 6 Trojaner - Standard

OK, versuchen wir´s



Hallo, der Verlauf von MBAM wurde gestern leider von Avira System Speedup Pro gelöscht, passiert nicht noch einmal.

Ich habe jetzt sichergestellt, dass
- Antivir deinstalliert wurde
- der infizierte PC nicht mehr online geht
- keine weitere Anwendung betätigt oder verändert werden.
Damit müssten alle Hinweise von Dir umgesetzt worden sein.

Alt 29.12.2016, 09:08   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7: Eset findet 6 Trojaner - Standard

Windows 7: Eset findet 6 Trojaner



Um den Rechner zu analysieren und zu bereinigen ist ein Gang ins Internet aber erforderlich.

1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers




2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
"Ich habe viel Geld für Alkohol, Weiber und schnelle Autos ausgegeben. Den Rest hab’ ich einfach nur verprasst." - George Best

Warum Linux besser als Windows ist!


Das Trojaner-Board unterstützen

Alt 29.12.2016, 11:03   #9
BigBen17
 
Windows 7: Eset findet 6 Trojaner - Standard

Windows 7: Eset findet 6 Trojaner



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 29.12.2016
Suchlaufzeit: 10:15
Protokolldatei: MBAR.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.12.29.03
Rootkit-Datenbank: v2016.11.20.01
Lizenz: Premium-Version
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: PC

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 325060
Abgelaufene Zeit: 9 Min., 20 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
11:42:59.0715 0x1334  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
11:43:07.0327 0x1334  ============================================================
11:43:07.0327 0x1334  Current date / time: 2016/12/29 11:43:07.0327
11:43:07.0327 0x1334  SystemInfo:
11:43:07.0327 0x1334  
11:43:07.0327 0x1334  OS Version: 6.1.7601 ServicePack: 1.0
11:43:07.0327 0x1334  Product type: Workstation
11:43:07.0327 0x1334  ComputerName: PC-PC
11:43:07.0327 0x1334  UserName: PC
11:43:07.0327 0x1334  Windows directory: C:\Windows
11:43:07.0327 0x1334  System windows directory: C:\Windows
11:43:07.0327 0x1334  Running under WOW64
11:43:07.0327 0x1334  Processor architecture: Intel x64
11:43:07.0327 0x1334  Number of processors: 2
11:43:07.0327 0x1334  Page size: 0x1000
11:43:07.0327 0x1334  Boot type: Normal boot
11:43:07.0327 0x1334  CodeIntegrityOptions = 0x00000001
11:43:07.0327 0x1334  ============================================================
11:43:15.0065 0x1334  KLMD registered as C:\Windows\system32\drivers\94819112.sys
11:43:15.0065 0x1334  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x1
11:43:16.0251 0x1334  System UUID: {77787518-603C-CF7E-04A7-C99401041361}
11:43:18.0669 0x1334  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:43:18.0684 0x1334  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:43:18.0731 0x1334  ============================================================
11:43:18.0731 0x1334  \Device\Harddisk0\DR0:
11:43:18.0731 0x1334  MBR partitions:
11:43:18.0731 0x1334  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A6E6000
11:43:18.0731 0x1334  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3A6E6800, BlocksNum 0x38224800
11:43:18.0731 0x1334  \Device\Harddisk1\DR1:
11:43:18.0731 0x1334  MBR partitions:
11:43:18.0731 0x1334  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
11:43:18.0731 0x1334  ============================================================
11:43:19.0371 0x1334  C: <-> \Device\Harddisk0\DR0\Partition1
11:43:19.0714 0x1334  D: <-> \Device\Harddisk0\DR0\Partition2
11:43:19.0745 0x1334  J: <-> \Device\Harddisk1\DR1\Partition1
11:43:19.0745 0x1334  ============================================================
11:43:19.0745 0x1334  Initialize success
11:43:19.0745 0x1334  ============================================================
11:56:26.0414 0x1698  ============================================================
11:56:26.0414 0x1698  Scan started
11:56:26.0414 0x1698  Mode: Manual; 
11:56:26.0414 0x1698  ============================================================
11:56:26.0414 0x1698  KSN ping started
11:56:26.0601 0x1698  KSN ping finished: false
11:56:28.0146 0x1698  ================ Scan system memory ========================
11:56:28.0146 0x1698  System memory - ok
11:56:28.0146 0x1698  ================ Scan services =============================
11:56:28.0333 0x1698  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
11:56:28.0333 0x1698  1394ohci - ok
11:56:28.0520 0x1698  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:56:28.0551 0x1698  ACPI - ok
11:56:28.0583 0x1698  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:56:28.0583 0x1698  AcpiPmi - ok
11:56:28.0692 0x1698  [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:56:28.0692 0x1698  AdobeARMservice - ok
11:56:28.0817 0x1698  [ B79750091FC0842182FE49D263791294, 32FC260A74C9C45CD1E8998523642C285866378FCD9478FEFD15A0CC42EC0E0B ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:56:28.0832 0x1698  AdobeFlashPlayerUpdateSvc - ok
11:56:28.0879 0x1698  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
11:56:28.0895 0x1698  adp94xx - ok
11:56:28.0910 0x1698  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
11:56:28.0926 0x1698  adpahci - ok
11:56:28.0926 0x1698  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
11:56:28.0926 0x1698  adpu320 - ok
11:56:28.0988 0x1698  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:56:28.0988 0x1698  AeLookupSvc - ok
11:56:29.0066 0x1698  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
11:56:29.0082 0x1698  AFD - ok
11:56:29.0097 0x1698  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
11:56:29.0097 0x1698  agp440 - ok
11:56:29.0129 0x1698  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
11:56:29.0129 0x1698  ALG - ok
11:56:29.0160 0x1698  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:56:29.0160 0x1698  aliide - ok
11:56:29.0222 0x1698  [ 5EC60409BD50953BD4F892B18840039E, E02B6646E4A6A965DF9FB0A226487733F16D68EB88AE7D263A40067279190A9D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:56:29.0238 0x1698  AMD External Events Utility - ok
11:56:29.0316 0x1698  AMD FUEL Service - ok
11:56:29.0363 0x1698  [ 30BFEEE0DFFD5BD79D29157CF080DEED, D3176AA5CFD43CAE7180E9E51A2C76DC2AC02897CA730391A54F647D263ED4E0 ] amdhub30        C:\Windows\system32\DRIVERS\amdhub30.sys
11:56:29.0363 0x1698  amdhub30 - ok
11:56:29.0394 0x1698  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:56:29.0394 0x1698  amdide - ok
11:56:29.0409 0x1698  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
11:56:29.0409 0x1698  amdiox64 - ok
11:56:29.0425 0x1698  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
11:56:29.0425 0x1698  AmdK8 - ok
11:56:29.0737 0x1698  [ 322E5C178990F116F00E3D923F4E6B1C, 1D39F9C371C7988299D7183C31641971E0398191287D72CE87ECC38398890B50 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
11:56:30.0049 0x1698  amdkmdag - ok
11:56:30.0096 0x1698  [ 961A81A84FDD700E361E8294528A37BA, B0F1F6479EE607C4BEEF624375BF01F766EBAD3403E503714848DD5546A2DF64 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
11:56:30.0111 0x1698  amdkmdap - ok
11:56:30.0127 0x1698  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:56:30.0143 0x1698  AmdPPM - ok
11:56:30.0189 0x1698  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:56:30.0189 0x1698  amdsata - ok
11:56:30.0189 0x1698  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
11:56:30.0205 0x1698  amdsbs - ok
11:56:30.0205 0x1698  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:56:30.0221 0x1698  amdxata - ok
11:56:30.0252 0x1698  [ 321533578132C811EC834A1B741C994C, 82B62C52018655B8A596E1E503CB31F0FA581780425A9FF44BE1248C0F3D4B3E ] amdxhc          C:\Windows\system32\DRIVERS\amdxhc.sys
11:56:30.0267 0x1698  amdxhc - ok
11:56:30.0314 0x1698  [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID           C:\Windows\system32\drivers\appid.sys
11:56:30.0314 0x1698  AppID - ok
11:56:30.0330 0x1698  [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:56:30.0330 0x1698  AppIDSvc - ok
11:56:30.0345 0x1698  [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo         C:\Windows\System32\appinfo.dll
11:56:30.0345 0x1698  Appinfo - ok
11:56:30.0361 0x1698  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
11:56:30.0361 0x1698  arc - ok
11:56:30.0377 0x1698  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
11:56:30.0377 0x1698  arcsas - ok
11:56:30.0533 0x1698  [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:56:30.0533 0x1698  aspnet_state - ok
11:56:30.0564 0x1698  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:56:30.0564 0x1698  AsyncMac - ok
11:56:30.0579 0x1698  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:56:30.0579 0x1698  atapi - ok
11:56:30.0704 0x1698  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:56:30.0720 0x1698  AudioEndpointBuilder - ok
11:56:30.0751 0x1698  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:56:30.0751 0x1698  AudioSrv - ok
11:56:30.0907 0x1698  [ 77886F050DE9D0296B4BA7D7AD13A0BA, 132DADE478A11207984AF96A7049C872AFB02E46A5B4149050D3BC1A96F995ED ] avgsvc          C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
11:56:30.0954 0x1698  avgsvc - ok
11:56:31.0110 0x1698  [ 14FCA1D1720A68C2D586940ABBE2DB3C, 274DB01CFD3024357602748FE36882ACE6BB3764A9FB62B2B40F9232B84A9B3E ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
11:56:31.0125 0x1698  Avira.ServiceHost - ok
11:56:31.0172 0x1698  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:56:31.0172 0x1698  AxInstSV - ok
11:56:31.0235 0x1698  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
11:56:31.0250 0x1698  b06bdrv - ok
11:56:31.0281 0x1698  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:56:31.0297 0x1698  b57nd60a - ok
11:56:31.0328 0x1698  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:56:31.0328 0x1698  BDESVC - ok
11:56:31.0344 0x1698  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:56:31.0344 0x1698  Beep - ok
11:56:31.0391 0x1698  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
11:56:31.0406 0x1698  BFE - ok
11:56:31.0469 0x1698  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
11:56:31.0484 0x1698  BITS - ok
11:56:31.0515 0x1698  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:56:31.0515 0x1698  blbdrive - ok
11:56:31.0547 0x1698  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:56:31.0547 0x1698  bowser - ok
11:56:31.0562 0x1698  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
11:56:31.0562 0x1698  BrFiltLo - ok
11:56:31.0578 0x1698  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
11:56:31.0578 0x1698  BrFiltUp - ok
11:56:31.0625 0x1698  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
11:56:31.0625 0x1698  Browser - ok
11:56:31.0640 0x1698  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:56:31.0640 0x1698  Brserid - ok
11:56:31.0656 0x1698  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:56:31.0656 0x1698  BrSerWdm - ok
11:56:31.0671 0x1698  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:56:31.0671 0x1698  BrUsbMdm - ok
11:56:31.0687 0x1698  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:56:31.0687 0x1698  BrUsbSer - ok
11:56:31.0703 0x1698  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
11:56:31.0703 0x1698  BTHMODEM - ok
11:56:31.0718 0x1698  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
11:56:31.0718 0x1698  bthserv - ok
11:56:31.0718 0x1698  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:56:31.0718 0x1698  cdfs - ok
11:56:31.0765 0x1698  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:56:31.0765 0x1698  cdrom - ok
11:56:31.0781 0x1698  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:56:31.0781 0x1698  CertPropSvc - ok
11:56:31.0796 0x1698  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
11:56:31.0796 0x1698  circlass - ok
11:56:31.0827 0x1698  [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS            C:\Windows\system32\CLFS.sys
11:56:31.0843 0x1698  CLFS - ok
11:56:31.0921 0x1698  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:56:31.0937 0x1698  clr_optimization_v2.0.50727_32 - ok
11:56:31.0999 0x1698  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:56:31.0999 0x1698  clr_optimization_v2.0.50727_64 - ok
11:56:32.0124 0x1698  [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:56:32.0124 0x1698  clr_optimization_v4.0.30319_32 - ok
11:56:32.0155 0x1698  [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:56:32.0155 0x1698  clr_optimization_v4.0.30319_64 - ok
11:56:32.0171 0x1698  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
11:56:32.0171 0x1698  CmBatt - ok
11:56:32.0202 0x1698  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:56:32.0202 0x1698  cmdide - ok
11:56:32.0264 0x1698  [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG             C:\Windows\system32\Drivers\cng.sys
11:56:32.0264 0x1698  CNG - ok
11:56:32.0280 0x1698  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
11:56:32.0280 0x1698  Compbatt - ok
11:56:32.0295 0x1698  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
11:56:32.0295 0x1698  CompositeBus - ok
11:56:32.0295 0x1698  COMSysApp - ok
11:56:32.0311 0x1698  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
11:56:32.0311 0x1698  crcdisk - ok
11:56:32.0358 0x1698  [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:56:32.0358 0x1698  CryptSvc - ok
11:56:32.0420 0x1698  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:56:32.0436 0x1698  DcomLaunch - ok
11:56:32.0467 0x1698  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:56:32.0483 0x1698  defragsvc - ok
11:56:32.0514 0x1698  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:56:32.0529 0x1698  DfsC - ok
11:56:32.0545 0x1698  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:56:32.0545 0x1698  Dhcp - ok
11:56:32.0670 0x1698  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
11:56:32.0732 0x1698  DiagTrack - ok
11:56:32.0748 0x1698  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
11:56:32.0763 0x1698  discache - ok
11:56:32.0795 0x1698  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
11:56:32.0810 0x1698  Disk - ok
11:56:32.0857 0x1698  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:56:32.0873 0x1698  Dnscache - ok
11:56:32.0888 0x1698  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:56:32.0904 0x1698  dot3svc - ok
11:56:32.0919 0x1698  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
11:56:32.0919 0x1698  DPS - ok
11:56:32.0966 0x1698  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:56:32.0966 0x1698  drmkaud - ok
11:56:33.0060 0x1698  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:56:33.0075 0x1698  DXGKrnl - ok
11:56:33.0122 0x1698  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
11:56:33.0122 0x1698  EapHost - ok
11:56:33.0247 0x1698  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
11:56:33.0387 0x1698  ebdrv - ok
11:56:33.0419 0x1698  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] EFS             C:\Windows\System32\lsass.exe
11:56:33.0419 0x1698  EFS - ok
11:56:33.0528 0x1698  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:56:33.0559 0x1698  ehRecvr - ok
11:56:33.0559 0x1698  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
11:56:33.0575 0x1698  ehSched - ok
11:56:33.0590 0x1698  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
11:56:33.0606 0x1698  elxstor - ok
11:56:33.0621 0x1698  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:56:33.0621 0x1698  ErrDev - ok
11:56:33.0684 0x1698  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
11:56:33.0684 0x1698  EventSystem - ok
11:56:33.0699 0x1698  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:56:33.0715 0x1698  exfat - ok
11:56:33.0731 0x1698  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:56:33.0731 0x1698  fastfat - ok
11:56:33.0777 0x1698  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
11:56:33.0793 0x1698  Fax - ok
11:56:33.0809 0x1698  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
11:56:33.0809 0x1698  fdc - ok
11:56:33.0840 0x1698  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
11:56:33.0840 0x1698  fdPHost - ok
11:56:33.0840 0x1698  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:56:33.0840 0x1698  FDResPub - ok
11:56:33.0871 0x1698  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:56:33.0871 0x1698  FileInfo - ok
11:56:33.0887 0x1698  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:56:33.0887 0x1698  Filetrace - ok
11:56:33.0887 0x1698  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
11:56:33.0887 0x1698  flpydisk - ok
11:56:33.0902 0x1698  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:56:33.0918 0x1698  FltMgr - ok
11:56:33.0980 0x1698  [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache       C:\Windows\system32\FntCache.dll
11:56:34.0027 0x1698  FontCache - ok
11:56:34.0074 0x1698  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:56:34.0074 0x1698  FontCache3.0.0.0 - ok
11:56:34.0089 0x1698  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:56:34.0105 0x1698  FsDepends - ok
11:56:34.0121 0x1698  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:56:34.0121 0x1698  Fs_Rec - ok
11:56:34.0152 0x1698  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:56:34.0167 0x1698  fvevol - ok
11:56:34.0183 0x1698  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
11:56:34.0183 0x1698  gagp30kx - ok
11:56:34.0245 0x1698  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
11:56:34.0277 0x1698  gpsvc - ok
11:56:34.0386 0x1698  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:56:34.0386 0x1698  gupdate - ok
11:56:34.0401 0x1698  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:56:34.0401 0x1698  gupdatem - ok
11:56:34.0417 0x1698  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:56:34.0433 0x1698  hcw85cir - ok
11:56:34.0495 0x1698  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:56:34.0511 0x1698  HdAudAddService - ok
11:56:34.0526 0x1698  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:56:34.0526 0x1698  HDAudBus - ok
11:56:34.0542 0x1698  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
11:56:34.0542 0x1698  HidBatt - ok
11:56:34.0557 0x1698  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
11:56:34.0557 0x1698  HidBth - ok
11:56:34.0589 0x1698  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
11:56:34.0589 0x1698  HidIr - ok
11:56:34.0620 0x1698  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
11:56:34.0620 0x1698  hidserv - ok
11:56:34.0667 0x1698  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:56:34.0667 0x1698  HidUsb - ok
11:56:34.0682 0x1698  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:56:34.0682 0x1698  hkmsvc - ok
11:56:34.0698 0x1698  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:56:34.0713 0x1698  HomeGroupListener - ok
11:56:34.0760 0x1698  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:56:34.0776 0x1698  HomeGroupProvider - ok
11:56:34.0791 0x1698  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:56:34.0791 0x1698  HpSAMD - ok
11:56:34.0838 0x1698  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:56:34.0854 0x1698  HTTP - ok
11:56:34.0869 0x1698  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:56:34.0869 0x1698  hwpolicy - ok
11:56:34.0885 0x1698  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:56:34.0885 0x1698  i8042prt - ok
11:56:34.0932 0x1698  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:56:34.0947 0x1698  iaStorV - ok
11:56:35.0057 0x1698  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:56:35.0088 0x1698  idsvc - ok
11:56:35.0103 0x1698  IEEtwCollectorService - ok
11:56:35.0135 0x1698  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
11:56:35.0135 0x1698  iirsp - ok
11:56:35.0228 0x1698  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
11:56:35.0275 0x1698  IKEEXT - ok
11:56:35.0431 0x1698  [ F2744FD54BE1580BE05916D1C755C92A, 27FAC146876B6C6EBE0C00CDEC3E01C69DACB2584BEC85DD0FE5B55AD2157452 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:56:35.0509 0x1698  IntcAzAudAddService - ok
11:56:35.0525 0x1698  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:56:35.0525 0x1698  intelide - ok
11:56:35.0525 0x1698  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
11:56:35.0525 0x1698  intelppm - ok
11:56:35.0556 0x1698  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:56:35.0556 0x1698  IPBusEnum - ok
11:56:35.0556 0x1698  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:56:35.0556 0x1698  IpFilterDriver - ok
11:56:35.0634 0x1698  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:56:35.0649 0x1698  iphlpsvc - ok
11:56:35.0665 0x1698  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:56:35.0681 0x1698  IPMIDRV - ok
11:56:35.0696 0x1698  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:56:35.0696 0x1698  IPNAT - ok
11:56:35.0712 0x1698  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:56:35.0712 0x1698  IRENUM - ok
11:56:35.0727 0x1698  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:56:35.0743 0x1698  isapnp - ok
11:56:35.0759 0x1698  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:56:35.0759 0x1698  iScsiPrt - ok
11:56:35.0774 0x1698  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:56:35.0774 0x1698  kbdclass - ok
11:56:35.0790 0x1698  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:56:35.0790 0x1698  kbdhid - ok
11:56:35.0805 0x1698  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] KeyIso          C:\Windows\system32\lsass.exe
11:56:35.0805 0x1698  KeyIso - ok
11:56:35.0852 0x1698  [ F54475BA70B5CDA4EF11DC44BFB07F40, 9A6FA4978746F2F75D6B5892C1FE2042FF86C588AFEEC80534E0FB2F4450F9C3 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:56:35.0852 0x1698  KSecDD - ok
11:56:35.0868 0x1698  [ ED1D1E1AAACF08438F9BCF731C8CA168, 8DFE5F7E1080B65A75BC840708AB7A42EA42510D5507EF86294649C72430B569 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:56:35.0883 0x1698  KSecPkg - ok
11:56:35.0899 0x1698  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:56:35.0899 0x1698  ksthunk - ok
11:56:35.0930 0x1698  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:56:35.0930 0x1698  KtmRm - ok
11:56:36.0008 0x1698  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
11:56:36.0039 0x1698  LanmanServer - ok
11:56:36.0055 0x1698  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:56:36.0055 0x1698  LanmanWorkstation - ok
11:56:36.0086 0x1698  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:56:36.0086 0x1698  lltdio - ok
11:56:36.0117 0x1698  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:56:36.0117 0x1698  lltdsvc - ok
11:56:36.0149 0x1698  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:56:36.0149 0x1698  lmhosts - ok
11:56:36.0164 0x1698  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
11:56:36.0180 0x1698  LSI_FC - ok
11:56:36.0195 0x1698  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
11:56:36.0195 0x1698  LSI_SAS - ok
11:56:36.0211 0x1698  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
11:56:36.0211 0x1698  LSI_SAS2 - ok
11:56:36.0227 0x1698  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
11:56:36.0227 0x1698  LSI_SCSI - ok
11:56:36.0242 0x1698  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:56:36.0242 0x1698  luafv - ok
11:56:36.0289 0x1698  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
11:56:36.0289 0x1698  MBAMProtector - ok
11:56:36.0398 0x1698  [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
11:56:36.0445 0x1698  MBAMScheduler - ok
11:56:36.0492 0x1698  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
11:56:36.0523 0x1698  MBAMService - ok
11:56:36.0585 0x1698  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
11:56:36.0601 0x1698  MBAMSwissArmy - ok
11:56:36.0617 0x1698  [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
11:56:36.0617 0x1698  MBAMWebAccessControl - ok
11:56:36.0757 0x1698  [ 429E9838454921D860277C4F164ED2B4, B45F9A9035DEB22AB3FC958278539647561B364FF8F9F2F12C590866927B6EB8 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.474\McCHSvc.exe
11:56:36.0773 0x1698  McComponentHostService - ok
11:56:36.0804 0x1698  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:56:36.0819 0x1698  Mcx2Svc - ok
11:56:36.0851 0x1698  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
11:56:36.0851 0x1698  megasas - ok
11:56:36.0897 0x1698  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
11:56:36.0897 0x1698  MegaSR - ok
11:56:36.0929 0x1698  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
11:56:36.0944 0x1698  MMCSS - ok
11:56:36.0960 0x1698  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
11:56:36.0975 0x1698  Modem - ok
11:56:36.0975 0x1698  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:56:36.0975 0x1698  monitor - ok
11:56:36.0991 0x1698  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:56:37.0007 0x1698  mouclass - ok
11:56:37.0022 0x1698  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:56:37.0022 0x1698  mouhid - ok
11:56:37.0053 0x1698  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:56:37.0069 0x1698  mountmgr - ok
11:56:37.0116 0x1698  [ E464A0A92E2E354D07DDA713D3E10DE4, D5CF213F03DF54EF9933027A7A7D4413371C1ECBFF61E4DE818D50FA72C8C5FC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:56:37.0131 0x1698  MozillaMaintenance - ok
11:56:37.0147 0x1698  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:56:37.0147 0x1698  mpio - ok
11:56:37.0163 0x1698  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:56:37.0163 0x1698  mpsdrv - ok
11:56:37.0194 0x1698  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:56:37.0209 0x1698  MpsSvc - ok
11:56:37.0272 0x1698  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:56:37.0272 0x1698  MRxDAV - ok
11:56:37.0319 0x1698  [ 8A6DD6FDCCC010F7C6480EE7D0C3B92E, F061B59E5569D334C293420A4E98A2E2842037419E13001FF4FDCB9DE4A90BC5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:56:37.0334 0x1698  mrxsmb - ok
11:56:37.0397 0x1698  [ 68C12354AEA8FB5B559F5F69EF1C0DF0, E73BEFA5615231B86962FDB5201BA05B8A15D51F09BB6232315F44B39C46560D ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:56:37.0412 0x1698  mrxsmb10 - ok
11:56:37.0459 0x1698  [ 307E956C0DE630EE0ACE657233C0E83F, 45918BAFA9A1C4F4552A2A259CDFB89146FEE6622BDBC7B6B92D5BB2528586A4 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:56:37.0475 0x1698  mrxsmb20 - ok
11:56:37.0506 0x1698  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:56:37.0506 0x1698  msahci - ok
11:56:37.0537 0x1698  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:56:37.0537 0x1698  msdsm - ok
11:56:37.0568 0x1698  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
11:56:37.0568 0x1698  MSDTC - ok
11:56:37.0584 0x1698  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:56:37.0584 0x1698  Msfs - ok
11:56:37.0599 0x1698  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:56:37.0599 0x1698  mshidkmdf - ok
11:56:37.0615 0x1698  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:56:37.0615 0x1698  msisadrv - ok
11:56:37.0631 0x1698  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:56:37.0646 0x1698  MSiSCSI - ok
11:56:37.0646 0x1698  msiserver - ok
11:56:37.0662 0x1698  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:56:37.0662 0x1698  MSKSSRV - ok
11:56:37.0677 0x1698  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:56:37.0677 0x1698  MSPCLOCK - ok
11:56:37.0709 0x1698  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:56:37.0709 0x1698  MSPQM - ok
11:56:37.0724 0x1698  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:56:37.0740 0x1698  MsRPC - ok
11:56:37.0755 0x1698  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
11:56:37.0771 0x1698  mssmbios - ok
11:56:37.0771 0x1698  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:56:37.0771 0x1698  MSTEE - ok
11:56:37.0787 0x1698  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
11:56:37.0787 0x1698  MTConfig - ok
11:56:37.0802 0x1698  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
11:56:37.0802 0x1698  Mup - ok
11:56:37.0865 0x1698  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
11:56:37.0896 0x1698  napagent - ok
11:56:37.0927 0x1698  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:56:37.0927 0x1698  NativeWifiP - ok
11:56:38.0036 0x1698  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:56:38.0067 0x1698  NDIS - ok
11:56:38.0083 0x1698  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:56:38.0083 0x1698  NdisCap - ok
11:56:38.0099 0x1698  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:56:38.0099 0x1698  NdisTapi - ok
11:56:38.0114 0x1698  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:56:38.0130 0x1698  Ndisuio - ok
11:56:38.0130 0x1698  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:56:38.0145 0x1698  NdisWan - ok
11:56:38.0161 0x1698  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:56:38.0161 0x1698  NDProxy - ok
11:56:38.0177 0x1698  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:56:38.0177 0x1698  NetBIOS - ok
11:56:38.0208 0x1698  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:56:38.0223 0x1698  NetBT - ok
11:56:38.0223 0x1698  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] Netlogon        C:\Windows\system32\lsass.exe
11:56:38.0239 0x1698  Netlogon - ok
11:56:38.0255 0x1698  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
11:56:38.0255 0x1698  Netman - ok
11:56:38.0317 0x1698  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:56:38.0333 0x1698  NetMsmqActivator - ok
11:56:38.0348 0x1698  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:56:38.0364 0x1698  NetPipeActivator - ok
11:56:38.0379 0x1698  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
11:56:38.0395 0x1698  netprofm - ok
11:56:38.0411 0x1698  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:56:38.0411 0x1698  NetTcpActivator - ok
11:56:38.0411 0x1698  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:56:38.0426 0x1698  NetTcpPortSharing - ok
11:56:38.0426 0x1698  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
11:56:38.0442 0x1698  nfrd960 - ok
11:56:38.0489 0x1698  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:56:38.0504 0x1698  NlaSvc - ok
11:56:38.0520 0x1698  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:56:38.0520 0x1698  Npfs - ok
11:56:38.0520 0x1698  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
11:56:38.0520 0x1698  nsi - ok
11:56:38.0535 0x1698  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:56:38.0551 0x1698  nsiproxy - ok
11:56:38.0660 0x1698  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:56:38.0754 0x1698  Ntfs - ok
11:56:38.0769 0x1698  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
11:56:38.0769 0x1698  Null - ok
11:56:38.0801 0x1698  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:56:38.0816 0x1698  nvraid - ok
11:56:38.0847 0x1698  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:56:38.0847 0x1698  nvstor - ok
11:56:38.0879 0x1698  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:56:38.0879 0x1698  nv_agp - ok
11:56:38.0910 0x1698  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:56:38.0910 0x1698  ohci1394 - ok
11:56:38.0988 0x1698  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:56:38.0988 0x1698  ose - ok
11:56:39.0222 0x1698  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:56:39.0315 0x1698  osppsvc - ok
11:56:39.0362 0x1698  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:56:39.0378 0x1698  p2pimsvc - ok
11:56:39.0425 0x1698  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
11:56:39.0425 0x1698  p2psvc - ok
11:56:39.0440 0x1698  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
11:56:39.0440 0x1698  Parport - ok
11:56:39.0487 0x1698  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:56:39.0487 0x1698  partmgr - ok
11:56:39.0534 0x1698  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:56:39.0549 0x1698  PcaSvc - ok
11:56:39.0581 0x1698  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
11:56:39.0581 0x1698  pci - ok
11:56:39.0596 0x1698  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:56:39.0596 0x1698  pciide - ok
11:56:39.0612 0x1698  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
11:56:39.0612 0x1698  pcmcia - ok
11:56:39.0627 0x1698  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:56:39.0627 0x1698  pcw - ok
11:56:39.0659 0x1698  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:56:39.0674 0x1698  PEAUTH - ok
11:56:39.0752 0x1698  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:56:39.0768 0x1698  PerfHost - ok
11:56:39.0846 0x1698  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
11:56:39.0893 0x1698  pla - ok
11:56:39.0971 0x1698  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:56:39.0986 0x1698  PlugPlay - ok
11:56:40.0002 0x1698  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:56:40.0002 0x1698  PNRPAutoReg - ok
11:56:40.0017 0x1698  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:56:40.0033 0x1698  PNRPsvc - ok
11:56:40.0080 0x1698  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:56:40.0095 0x1698  PolicyAgent - ok
11:56:40.0111 0x1698  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
11:56:40.0111 0x1698  Power - ok
11:56:40.0142 0x1698  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:56:40.0142 0x1698  PptpMiniport - ok
11:56:40.0158 0x1698  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
11:56:40.0158 0x1698  Processor - ok
11:56:40.0205 0x1698  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:56:40.0205 0x1698  ProfSvc - ok
11:56:40.0236 0x1698  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:56:40.0236 0x1698  ProtectedStorage - ok
11:56:40.0251 0x1698  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:56:40.0251 0x1698  Psched - ok
11:56:40.0298 0x1698  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
11:56:40.0345 0x1698  ql2300 - ok
11:56:40.0345 0x1698  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
11:56:40.0361 0x1698  ql40xx - ok
11:56:40.0376 0x1698  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
11:56:40.0376 0x1698  QWAVE - ok
11:56:40.0392 0x1698  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:56:40.0392 0x1698  QWAVEdrv - ok
11:56:40.0501 0x1698  [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
11:56:40.0517 0x1698  RapiMgr - ok
11:56:40.0548 0x1698  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:56:40.0548 0x1698  RasAcd - ok
11:56:40.0595 0x1698  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:56:40.0610 0x1698  RasAgileVpn - ok
11:56:40.0626 0x1698  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
11:56:40.0641 0x1698  RasAuto - ok
11:56:40.0673 0x1698  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:56:40.0688 0x1698  Rasl2tp - ok
11:56:40.0719 0x1698  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
11:56:40.0719 0x1698  RasMan - ok
11:56:40.0751 0x1698  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:56:40.0751 0x1698  RasPppoe - ok
11:56:40.0766 0x1698  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:56:40.0766 0x1698  RasSstp - ok
11:56:40.0782 0x1698  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:56:40.0797 0x1698  rdbss - ok
11:56:40.0797 0x1698  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
11:56:40.0813 0x1698  rdpbus - ok
11:56:40.0829 0x1698  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:56:40.0829 0x1698  RDPCDD - ok
11:56:40.0844 0x1698  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:56:40.0860 0x1698  RDPENCDD - ok
11:56:40.0891 0x1698  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:56:40.0891 0x1698  RDPREFMP - ok
11:56:40.0985 0x1698  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:56:41.0000 0x1698  RdpVideoMiniport - ok
11:56:41.0063 0x1698  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:56:41.0078 0x1698  RDPWD - ok
11:56:41.0094 0x1698  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:56:41.0109 0x1698  rdyboost - ok
11:56:41.0141 0x1698  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:56:41.0141 0x1698  RemoteAccess - ok
11:56:41.0172 0x1698  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:56:41.0172 0x1698  RemoteRegistry - ok
11:56:41.0187 0x1698  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:56:41.0187 0x1698  RpcEptMapper - ok
11:56:41.0203 0x1698  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
11:56:41.0203 0x1698  RpcLocator - ok
11:56:41.0265 0x1698  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
11:56:41.0281 0x1698  RpcSs - ok
11:56:41.0297 0x1698  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:56:41.0297 0x1698  rspndr - ok
11:56:41.0343 0x1698  [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
11:56:41.0359 0x1698  RTL8167 - ok
11:56:41.0375 0x1698  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] SamSs           C:\Windows\system32\lsass.exe
11:56:41.0375 0x1698  SamSs - ok
11:56:41.0390 0x1698  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:56:41.0390 0x1698  sbp2port - ok
11:56:41.0421 0x1698  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:56:41.0437 0x1698  SCardSvr - ok
11:56:41.0453 0x1698  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:56:41.0453 0x1698  scfilter - ok
11:56:41.0499 0x1698  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
11:56:41.0546 0x1698  Schedule - ok
11:56:41.0577 0x1698  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:56:41.0577 0x1698  SCPolicySvc - ok
11:56:41.0593 0x1698  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:56:41.0609 0x1698  SDRSVC - ok
11:56:41.0624 0x1698  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:56:41.0624 0x1698  secdrv - ok
11:56:41.0655 0x1698  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
11:56:41.0655 0x1698  seclogon - ok
11:56:41.0671 0x1698  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
11:56:41.0671 0x1698  SENS - ok
11:56:41.0687 0x1698  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:56:41.0687 0x1698  SensrSvc - ok
11:56:41.0702 0x1698  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
11:56:41.0702 0x1698  Serenum - ok
11:56:41.0702 0x1698  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
11:56:41.0718 0x1698  Serial - ok
11:56:41.0718 0x1698  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
11:56:41.0718 0x1698  sermouse - ok
11:56:41.0749 0x1698  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
11:56:41.0749 0x1698  SessionEnv - ok
11:56:41.0749 0x1698  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:56:41.0749 0x1698  sffdisk - ok
11:56:41.0765 0x1698  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:56:41.0765 0x1698  sffp_mmc - ok
11:56:41.0780 0x1698  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:56:41.0780 0x1698  sffp_sd - ok
11:56:41.0780 0x1698  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
11:56:41.0780 0x1698  sfloppy - ok
11:56:41.0811 0x1698  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:56:41.0811 0x1698  SharedAccess - ok
11:56:41.0843 0x1698  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:56:41.0843 0x1698  ShellHWDetection - ok
11:56:41.0858 0x1698  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
11:56:41.0858 0x1698  SiSRaid2 - ok
11:56:41.0858 0x1698  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
11:56:41.0858 0x1698  SiSRaid4 - ok
11:56:41.0874 0x1698  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:56:41.0874 0x1698  Smb - ok
11:56:41.0905 0x1698  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:56:41.0905 0x1698  SNMPTRAP - ok
11:56:42.0014 0x1698  [ 97F08F8E5CB913E3DF467A35767866B6, F75C1D157D7AF5C2B691D8495D38C5A65944C93F5D4A3EA9813B07E4AF3E3E68 ] SpeedupService  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
11:56:42.0014 0x1698  SpeedupService - ok
11:56:42.0030 0x1698  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:56:42.0045 0x1698  spldr - ok
11:56:42.0123 0x1698  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
11:56:42.0155 0x1698  Spooler - ok
11:56:42.0295 0x1698  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
11:56:42.0404 0x1698  sppsvc - ok
11:56:42.0435 0x1698  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:56:42.0435 0x1698  sppuinotify - ok
11:56:42.0498 0x1698  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:56:42.0498 0x1698  srv - ok
11:56:42.0529 0x1698  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:56:42.0529 0x1698  srv2 - ok
11:56:42.0545 0x1698  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:56:42.0560 0x1698  srvnet - ok
11:56:42.0576 0x1698  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:56:42.0576 0x1698  SSDPSRV - ok
11:56:42.0591 0x1698  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:56:42.0591 0x1698  SstpSvc - ok
11:56:42.0623 0x1698  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
11:56:42.0623 0x1698  stexstor - ok
11:56:42.0669 0x1698  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
11:56:42.0685 0x1698  stisvc - ok
11:56:42.0716 0x1698  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
11:56:42.0716 0x1698  swenum - ok
11:56:42.0747 0x1698  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
11:56:42.0747 0x1698  swprv - ok
11:56:42.0841 0x1698  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
11:56:42.0888 0x1698  SysMain - ok
11:56:42.0903 0x1698  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:56:42.0919 0x1698  TabletInputService - ok
11:56:42.0935 0x1698  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:56:42.0935 0x1698  TapiSrv - ok
11:56:43.0044 0x1698  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:56:43.0091 0x1698  Tcpip - ok
11:56:43.0169 0x1698  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:56:43.0200 0x1698  TCPIP6 - ok
11:56:43.0215 0x1698  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:56:43.0231 0x1698  tcpipreg - ok
11:56:43.0231 0x1698  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:56:43.0231 0x1698  TDPIPE - ok
11:56:43.0278 0x1698  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:56:43.0278 0x1698  TDTCP - ok
11:56:43.0325 0x1698  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:56:43.0340 0x1698  tdx - ok
11:56:43.0356 0x1698  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
11:56:43.0356 0x1698  TermDD - ok
11:56:43.0418 0x1698  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
11:56:43.0434 0x1698  TermService - ok
11:56:43.0449 0x1698  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
11:56:43.0449 0x1698  Themes - ok
11:56:43.0481 0x1698  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
11:56:43.0496 0x1698  THREADORDER - ok
11:56:43.0527 0x1698  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
11:56:43.0543 0x1698  TrkWks - ok
11:56:43.0637 0x1698  [ 6D8B6AFF929CFEBD77EE8CC1D03857A7, D40B630A31BBAE97EFA09E6DC59C1C20B0563CF1E38BE207BB577705B5A09159 ] TrueKey         C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
11:56:43.0683 0x1698  TrueKey - ok
11:56:43.0730 0x1698  [ 050BDF54D8D89C14971FA7A928A8C781, B05FA95082FE1AD0DA8613C01E9AACD18005104353E1584519754DB1D2F2323D ] TrueKeyScheduler C:\Program Files\TrueKey\McTkSchedulerService.exe
11:56:43.0730 0x1698  TrueKeyScheduler - ok
11:56:43.0746 0x1698  [ A954D5B1BC55BCA1308CA001C08DCB8F, F5BC1FD813B9D276DD61C3AEAFD76D07405F70AA6691A340B70D53E1D2F9753A ] TrueKeyServiceHelper C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
11:56:43.0761 0x1698  TrueKeyServiceHelper - ok
11:56:43.0808 0x1698  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:56:43.0824 0x1698  TrustedInstaller - ok
11:56:43.0871 0x1698  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:56:43.0871 0x1698  tssecsrv - ok
11:56:43.0933 0x1698  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:56:43.0933 0x1698  TsUsbFlt - ok
11:56:43.0964 0x1698  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
11:56:43.0980 0x1698  TsUsbGD - ok
11:56:44.0214 0x1698  [ 2F09E7B063C0DB79A8CA4EDB66429F6B, D3525F064D796544F7EAF9D5C37EDF33E08A19A7C13E2ABD4FD7119CF0C8E5E4 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
11:56:44.0385 0x1698  TuneUp.UtilitiesSvc - ok
11:56:44.0432 0x1698  [ 9B5C98C9F9EF5E62806DCD58B0D8EACE, B4B8A3F943C2C401CA1ED05BDA0C6D631106B258FB40C433AC856DCA7E8D7F7A ] TuneUpUtilitiesDrv C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys
11:56:44.0432 0x1698  TuneUpUtilitiesDrv - ok
11:56:44.0463 0x1698  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:56:44.0463 0x1698  tunnel - ok
11:56:44.0495 0x1698  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
11:56:44.0495 0x1698  uagp35 - ok
11:56:44.0495 0x1698  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:56:44.0510 0x1698  udfs - ok
11:56:44.0541 0x1698  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:56:44.0557 0x1698  UI0Detect - ok
11:56:44.0557 0x1698  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:56:44.0573 0x1698  uliagpkx - ok
11:56:44.0588 0x1698  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:56:44.0588 0x1698  umbus - ok
11:56:44.0604 0x1698  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
11:56:44.0604 0x1698  UmPass - ok
11:56:44.0619 0x1698  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
11:56:44.0619 0x1698  upnphost - ok
11:56:44.0666 0x1698  [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
11:56:44.0666 0x1698  usbccgp - ok
11:56:44.0697 0x1698  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:56:44.0713 0x1698  usbcir - ok
11:56:44.0744 0x1698  [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
11:56:44.0744 0x1698  usbehci - ok
11:56:44.0807 0x1698  [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
11:56:44.0822 0x1698  usbhub - ok
11:56:44.0869 0x1698  [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:56:44.0869 0x1698  usbohci - ok
11:56:44.0885 0x1698  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:56:44.0900 0x1698  usbprint - ok
11:56:44.0931 0x1698  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:56:44.0931 0x1698  usbscan - ok
11:56:44.0994 0x1698  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:56:44.0994 0x1698  USBSTOR - ok
11:56:45.0041 0x1698  [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:56:45.0041 0x1698  usbuhci - ok
11:56:45.0061 0x1698  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
11:56:45.0064 0x1698  UxSms - ok
11:56:45.0126 0x1698  [ D4070827C8EE4039FD65532CED62C0B0, 03270B9F74F48C92F1DFA15BD9F451CD19AE78D390717E2C2B8B0A2810454916 ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
11:56:45.0126 0x1698  UxTuneUp - ok
11:56:45.0146 0x1698  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] VaultSvc        C:\Windows\system32\lsass.exe
11:56:45.0146 0x1698  VaultSvc - ok
11:56:45.0166 0x1698  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:56:45.0166 0x1698  vdrvroot - ok
11:56:45.0186 0x1698  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
11:56:45.0206 0x1698  vds - ok
11:56:45.0216 0x1698  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:56:45.0216 0x1698  vga - ok
11:56:45.0236 0x1698  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:56:45.0236 0x1698  VgaSave - ok
11:56:45.0276 0x1698  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:56:45.0276 0x1698  vhdmp - ok
11:56:45.0286 0x1698  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:56:45.0286 0x1698  viaide - ok
11:56:45.0316 0x1698  VideoAcceleratorService - ok
11:56:45.0326 0x1698  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:56:45.0336 0x1698  volmgr - ok
11:56:45.0376 0x1698  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:56:45.0386 0x1698  volmgrx - ok
11:56:45.0436 0x1698  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:56:45.0436 0x1698  volsnap - ok
11:56:45.0456 0x1698  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
11:56:45.0466 0x1698  vsmraid - ok
11:56:45.0586 0x1698  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
11:56:45.0636 0x1698  VSS - ok
11:56:45.0656 0x1698  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
11:56:45.0666 0x1698  vwifibus - ok
11:56:45.0676 0x1698  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
11:56:45.0692 0x1698  W32Time - ok
11:56:45.0739 0x1698  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
11:56:45.0739 0x1698  WacomPen - ok
11:56:45.0754 0x1698  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:56:45.0770 0x1698  WANARP - ok
11:56:45.0770 0x1698  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:56:45.0770 0x1698  Wanarpv6 - ok
11:56:45.0832 0x1698  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
11:56:45.0879 0x1698  wbengine - ok
11:56:45.0895 0x1698  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:56:45.0895 0x1698  WbioSrvc - ok
11:56:45.0973 0x1698  [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
11:56:45.0988 0x1698  WcesComm - ok
11:56:46.0004 0x1698  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:56:46.0019 0x1698  wcncsvc - ok
11:56:46.0019 0x1698  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:56:46.0019 0x1698  WcsPlugInService - ok
11:56:46.0035 0x1698  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
11:56:46.0035 0x1698  Wd - ok
11:56:46.0129 0x1698  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:56:46.0160 0x1698  Wdf01000 - ok
11:56:46.0207 0x1698  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:56:46.0207 0x1698  WdiServiceHost - ok
11:56:46.0207 0x1698  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:56:46.0222 0x1698  WdiSystemHost - ok
11:56:46.0269 0x1698  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
11:56:46.0300 0x1698  WebClient - ok
11:56:46.0409 0x1698  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:56:46.0425 0x1698  Wecsvc - ok
11:56:46.0456 0x1698  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:56:46.0456 0x1698  wercplsupport - ok
11:56:46.0472 0x1698  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:56:46.0472 0x1698  WerSvc - ok
11:56:46.0487 0x1698  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:56:46.0487 0x1698  WfpLwf - ok
11:56:46.0503 0x1698  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:56:46.0503 0x1698  WIMMount - ok
11:56:46.0534 0x1698  WinDefend - ok
11:56:46.0550 0x1698  WinHttpAutoProxySvc - ok
11:56:46.0643 0x1698  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:56:46.0659 0x1698  Winmgmt - ok
11:56:46.0799 0x1698  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
11:56:46.0893 0x1698  WinRM - ok
11:56:46.0971 0x1698  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WINUSB          C:\Windows\system32\DRIVERS\WinUSB.SYS
11:56:46.0971 0x1698  WINUSB - ok
11:56:47.0049 0x1698  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:56:47.0080 0x1698  Wlansvc - ok
11:56:47.0096 0x1698  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:56:47.0096 0x1698  WmiAcpi - ok
11:56:47.0111 0x1698  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:56:47.0111 0x1698  wmiApSrv - ok
11:56:47.0127 0x1698  WMPNetworkSvc - ok
11:56:47.0127 0x1698  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:56:47.0143 0x1698  WPCSvc - ok
11:56:47.0158 0x1698  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:56:47.0158 0x1698  WPDBusEnum - ok
11:56:47.0174 0x1698  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:56:47.0174 0x1698  ws2ifsl - ok
11:56:47.0189 0x1698  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
11:56:47.0189 0x1698  wscsvc - ok
11:56:47.0189 0x1698  WSearch - ok
11:56:47.0330 0x1698  [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:56:47.0408 0x1698  wuauserv - ok
11:56:47.0439 0x1698  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:56:47.0439 0x1698  WudfPf - ok
11:56:47.0455 0x1698  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:56:47.0470 0x1698  WUDFRd - ok
11:56:47.0470 0x1698  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:56:47.0486 0x1698  wudfsvc - ok
11:56:47.0517 0x1698  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:56:47.0533 0x1698  WwanSvc - ok
11:56:47.0548 0x1698  ================ Scan global ===============================
11:56:47.0579 0x1698  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
11:56:47.0611 0x1698  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
11:56:47.0642 0x1698  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
11:56:47.0689 0x1698  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:56:47.0735 0x1698  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
11:56:47.0767 0x1698  [ Global ] - ok
11:56:47.0767 0x1698  ================ Scan MBR ==================================
11:56:47.0782 0x1698  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:56:48.0079 0x1698  \Device\Harddisk0\DR0 - ok
11:56:48.0110 0x1698  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
11:56:48.0110 0x1698  \Device\Harddisk1\DR1 - ok
11:56:48.0110 0x1698  ================ Scan VBR ==================================
11:56:48.0125 0x1698  [ F6E7A47FFCD6127538C5F49E09D7824B ] \Device\Harddisk0\DR0\Partition1
11:56:48.0125 0x1698  \Device\Harddisk0\DR0\Partition1 - ok
11:56:48.0125 0x1698  [ 463D0D2A22BFCBA0CF91A5E133E380C5 ] \Device\Harddisk0\DR0\Partition2
11:56:48.0125 0x1698  \Device\Harddisk0\DR0\Partition2 - ok
11:56:48.0125 0x1698  [ 92850CECA0DEE3995D3D02D544E918DA ] \Device\Harddisk1\DR1\Partition1
11:56:48.0141 0x1698  \Device\Harddisk1\DR1\Partition1 - ok
11:56:48.0141 0x1698  ================ Scan generic autorun ======================
11:56:48.0203 0x1698  [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdc.exe
11:56:48.0219 0x1698  Windows Mobile Device Center - ok
11:56:48.0375 0x1698  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:56:48.0422 0x1698  Sidebar - ok
11:56:48.0469 0x1698  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:56:48.0484 0x1698  mctadmin - ok
11:56:48.0547 0x1698  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
11:56:48.0578 0x1698  Sidebar - ok
11:56:48.0687 0x1698  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:56:48.0703 0x1698  mctadmin - ok
11:56:48.0796 0x1698  [ 23345F9256FFB4C68A75F2127DD6C21D, 97B029E75C2C4774C0893FB4D274A6F6CE28719842E4842FE3ABA445B5769916 ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe
11:56:48.0812 0x1698  Firefox - ok
11:56:48.0983 0x1698  Win FW state via NFP2: enabled ( trusted )
11:56:48.0983 0x1698  ============================================================
11:56:48.0983 0x1698  Scan finished
11:56:48.0983 0x1698  ============================================================
11:56:48.0999 0x109c  Detected object count: 0
11:56:48.0999 0x109c  Actual detected object count: 0
         

Alt 29.12.2016, 11:06   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7: Eset findet 6 Trojaner - Standard

Windows 7: Eset findet 6 Trojaner



Zitat:
11:56:26.0414 0x1698 Scan started
11:56:26.0414 0x1698 Mode: Manual;
Anleitung bitte richtig lesen, der tdsskiller wurde falsch eingestellt.
__________________
"Ich habe viel Geld für Alkohol, Weiber und schnelle Autos ausgegeben. Den Rest hab’ ich einfach nur verprasst." - George Best

Warum Linux besser als Windows ist!


Das Trojaner-Board unterstützen

Alt 29.12.2016, 11:23   #11
BigBen17
 
Windows 7: Eset findet 6 Trojaner - Standard

Windows 7: Eset findet 6 Trojaner



Code:
ATTFilter
12:08:57.0068 0x126c  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
12:09:25.0195 0x126c  ============================================================
12:09:25.0195 0x126c  Current date / time: 2016/12/29 12:09:25.0195
12:09:25.0195 0x126c  SystemInfo:
12:09:25.0195 0x126c  
12:09:25.0210 0x126c  OS Version: 6.1.7601 ServicePack: 1.0
12:09:25.0210 0x126c  Product type: Workstation
12:09:25.0210 0x126c  ComputerName: PC-PC
12:09:25.0210 0x126c  UserName: PC
12:09:25.0210 0x126c  Windows directory: C:\Windows
12:09:25.0210 0x126c  System windows directory: C:\Windows
12:09:25.0210 0x126c  Running under WOW64
12:09:25.0210 0x126c  Processor architecture: Intel x64
12:09:25.0210 0x126c  Number of processors: 2
12:09:25.0210 0x126c  Page size: 0x1000
12:09:25.0210 0x126c  Boot type: Normal boot
12:09:25.0210 0x126c  CodeIntegrityOptions = 0x00000001
12:09:25.0210 0x126c  ============================================================
12:09:27.0223 0x126c  KLMD registered as C:\Windows\system32\drivers\14141630.sys
12:09:27.0223 0x126c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x1
12:09:27.0457 0x126c  System UUID: {77787518-603C-CF7E-04A7-C99401041361}
12:09:27.0971 0x126c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:09:27.0987 0x126c  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:09:28.0018 0x126c  ============================================================
12:09:28.0018 0x126c  \Device\Harddisk0\DR0:
12:09:28.0018 0x126c  MBR partitions:
12:09:28.0018 0x126c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A6E6000
12:09:28.0018 0x126c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3A6E6800, BlocksNum 0x38224800
12:09:28.0018 0x126c  \Device\Harddisk1\DR1:
12:09:28.0018 0x126c  MBR partitions:
12:09:28.0018 0x126c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
12:09:28.0018 0x126c  ============================================================
12:09:28.0034 0x126c  C: <-> \Device\Harddisk0\DR0\Partition1
12:09:28.0065 0x126c  D: <-> \Device\Harddisk0\DR0\Partition2
12:09:28.0081 0x126c  J: <-> \Device\Harddisk1\DR1\Partition1
12:09:28.0081 0x126c  ============================================================
12:09:28.0081 0x126c  Initialize success
12:09:28.0081 0x126c  ============================================================
12:18:15.0689 0x13c4  ============================================================
12:18:15.0689 0x13c4  Scan started
12:18:15.0705 0x13c4  Mode: Manual; SigCheck; TDLFS; 
12:18:15.0705 0x13c4  ============================================================
12:18:15.0705 0x13c4  KSN ping started
12:18:15.0720 0x13c4  KSN ping finished: false
12:18:16.0391 0x13c4  ================ Scan system memory ========================
12:18:16.0391 0x13c4  System memory - ok
12:18:16.0391 0x13c4  ================ Scan services =============================
12:18:16.0563 0x13c4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
12:18:16.0750 0x13c4  1394ohci - ok
12:18:16.0781 0x13c4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:18:16.0797 0x13c4  ACPI - ok
12:18:16.0812 0x13c4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:18:16.0875 0x13c4  AcpiPmi - ok
12:18:16.0984 0x13c4  [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:18:17.0015 0x13c4  AdobeARMservice - ok
12:18:17.0140 0x13c4  [ B79750091FC0842182FE49D263791294, 32FC260A74C9C45CD1E8998523642C285866378FCD9478FEFD15A0CC42EC0E0B ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:18:17.0171 0x13c4  AdobeFlashPlayerUpdateSvc - ok
12:18:17.0187 0x13c4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:18:17.0218 0x13c4  adp94xx - ok
12:18:17.0233 0x13c4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:18:17.0249 0x13c4  adpahci - ok
12:18:17.0249 0x13c4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:18:17.0265 0x13c4  adpu320 - ok
12:18:17.0311 0x13c4  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:18:17.0327 0x13c4  AeLookupSvc - ok
12:18:17.0374 0x13c4  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
12:18:17.0436 0x13c4  AFD - ok
12:18:17.0452 0x13c4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:18:17.0467 0x13c4  agp440 - ok
12:18:17.0514 0x13c4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:18:17.0608 0x13c4  ALG - ok
12:18:17.0639 0x13c4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:18:17.0670 0x13c4  aliide - ok
12:18:17.0733 0x13c4  [ 5EC60409BD50953BD4F892B18840039E, E02B6646E4A6A965DF9FB0A226487733F16D68EB88AE7D263A40067279190A9D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:18:17.0779 0x13c4  AMD External Events Utility - ok
12:18:17.0873 0x13c4  AMD FUEL Service - ok
12:18:17.0920 0x13c4  [ 30BFEEE0DFFD5BD79D29157CF080DEED, D3176AA5CFD43CAE7180E9E51A2C76DC2AC02897CA730391A54F647D263ED4E0 ] amdhub30        C:\Windows\system32\DRIVERS\amdhub30.sys
12:18:17.0998 0x13c4  amdhub30 - ok
12:18:18.0029 0x13c4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:18:18.0045 0x13c4  amdide - ok
12:18:18.0060 0x13c4  [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64        C:\Windows\system32\DRIVERS\amdiox64.sys
12:18:18.0076 0x13c4  amdiox64 - ok
12:18:18.0091 0x13c4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
12:18:18.0107 0x13c4  AmdK8 - ok
12:18:18.0450 0x13c4  [ 322E5C178990F116F00E3D923F4E6B1C, 1D39F9C371C7988299D7183C31641971E0398191287D72CE87ECC38398890B50 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
12:18:18.0715 0x13c4  amdkmdag - ok
12:18:18.0762 0x13c4  [ 961A81A84FDD700E361E8294528A37BA, B0F1F6479EE607C4BEEF624375BF01F766EBAD3403E503714848DD5546A2DF64 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
12:18:18.0778 0x13c4  amdkmdap - ok
12:18:18.0809 0x13c4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:18:18.0825 0x13c4  AmdPPM - ok
12:18:18.0903 0x13c4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:18:18.0918 0x13c4  amdsata - ok
12:18:18.0934 0x13c4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
12:18:18.0949 0x13c4  amdsbs - ok
12:18:18.0965 0x13c4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:18:18.0981 0x13c4  amdxata - ok
12:18:19.0027 0x13c4  [ 321533578132C811EC834A1B741C994C, 82B62C52018655B8A596E1E503CB31F0FA581780425A9FF44BE1248C0F3D4B3E ] amdxhc          C:\Windows\system32\DRIVERS\amdxhc.sys
12:18:19.0043 0x13c4  amdxhc - ok
12:18:19.0074 0x13c4  [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID           C:\Windows\system32\drivers\appid.sys
12:18:19.0152 0x13c4  AppID - ok
12:18:19.0168 0x13c4  [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:18:19.0199 0x13c4  AppIDSvc - ok
12:18:19.0215 0x13c4  [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo         C:\Windows\System32\appinfo.dll
12:18:19.0261 0x13c4  Appinfo - ok
12:18:19.0261 0x13c4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
12:18:19.0277 0x13c4  arc - ok
12:18:19.0293 0x13c4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:18:19.0293 0x13c4  arcsas - ok
12:18:19.0449 0x13c4  [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:18:19.0480 0x13c4  aspnet_state - ok
12:18:19.0511 0x13c4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:18:19.0636 0x13c4  AsyncMac - ok
12:18:19.0667 0x13c4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:18:19.0667 0x13c4  atapi - ok
12:18:19.0761 0x13c4  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:18:19.0807 0x13c4  AudioEndpointBuilder - ok
12:18:19.0839 0x13c4  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:18:19.0854 0x13c4  AudioSrv - ok
12:18:19.0995 0x13c4  [ 77886F050DE9D0296B4BA7D7AD13A0BA, 132DADE478A11207984AF96A7049C872AFB02E46A5B4149050D3BC1A96F995ED ] avgsvc          C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
12:18:20.0041 0x13c4  avgsvc - ok
12:18:20.0166 0x13c4  [ 14FCA1D1720A68C2D586940ABBE2DB3C, 274DB01CFD3024357602748FE36882ACE6BB3764A9FB62B2B40F9232B84A9B3E ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
12:18:20.0213 0x13c4  Avira.ServiceHost - ok
12:18:20.0275 0x13c4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:18:20.0369 0x13c4  AxInstSV - ok
12:18:20.0447 0x13c4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
12:18:20.0541 0x13c4  b06bdrv - ok
12:18:20.0603 0x13c4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:18:20.0650 0x13c4  b57nd60a - ok
12:18:20.0681 0x13c4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:18:20.0728 0x13c4  BDESVC - ok
12:18:20.0743 0x13c4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:18:20.0806 0x13c4  Beep - ok
12:18:20.0884 0x13c4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:18:20.0931 0x13c4  BFE - ok
12:18:20.0993 0x13c4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:18:21.0102 0x13c4  BITS - ok
12:18:21.0133 0x13c4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:18:21.0180 0x13c4  blbdrive - ok
12:18:21.0211 0x13c4  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:18:21.0274 0x13c4  bowser - ok
12:18:21.0289 0x13c4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
12:18:21.0305 0x13c4  BrFiltLo - ok
12:18:21.0321 0x13c4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
12:18:21.0352 0x13c4  BrFiltUp - ok
12:18:21.0383 0x13c4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
12:18:21.0414 0x13c4  Browser - ok
12:18:21.0430 0x13c4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:18:21.0461 0x13c4  Brserid - ok
12:18:21.0477 0x13c4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:18:21.0492 0x13c4  BrSerWdm - ok
12:18:21.0508 0x13c4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:18:21.0539 0x13c4  BrUsbMdm - ok
12:18:21.0555 0x13c4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:18:21.0570 0x13c4  BrUsbSer - ok
12:18:21.0570 0x13c4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:18:21.0601 0x13c4  BTHMODEM - ok
12:18:21.0648 0x13c4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:18:21.0679 0x13c4  bthserv - ok
12:18:21.0695 0x13c4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:18:21.0726 0x13c4  cdfs - ok
12:18:21.0757 0x13c4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:18:21.0773 0x13c4  cdrom - ok
12:18:21.0804 0x13c4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:18:21.0835 0x13c4  CertPropSvc - ok
12:18:21.0835 0x13c4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
12:18:21.0851 0x13c4  circlass - ok
12:18:21.0913 0x13c4  [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS            C:\Windows\system32\CLFS.sys
12:18:21.0945 0x13c4  CLFS - ok
12:18:22.0038 0x13c4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:18:22.0069 0x13c4  clr_optimization_v2.0.50727_32 - ok
12:18:22.0116 0x13c4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:18:22.0132 0x13c4  clr_optimization_v2.0.50727_64 - ok
12:18:22.0257 0x13c4  [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:18:22.0288 0x13c4  clr_optimization_v4.0.30319_32 - ok
12:18:22.0303 0x13c4  [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:18:22.0319 0x13c4  clr_optimization_v4.0.30319_64 - ok
12:18:22.0335 0x13c4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
12:18:22.0366 0x13c4  CmBatt - ok
12:18:22.0381 0x13c4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:18:22.0381 0x13c4  cmdide - ok
12:18:22.0428 0x13c4  [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG             C:\Windows\system32\Drivers\cng.sys
12:18:22.0444 0x13c4  CNG - ok
12:18:22.0444 0x13c4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
12:18:22.0459 0x13c4  Compbatt - ok
12:18:22.0475 0x13c4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
12:18:22.0491 0x13c4  CompositeBus - ok
12:18:22.0506 0x13c4  COMSysApp - ok
12:18:22.0537 0x13c4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:18:22.0537 0x13c4  crcdisk - ok
12:18:22.0600 0x13c4  [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:18:22.0647 0x13c4  CryptSvc - ok
12:18:22.0693 0x13c4  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:18:22.0740 0x13c4  DcomLaunch - ok
12:18:22.0803 0x13c4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:18:22.0865 0x13c4  defragsvc - ok
12:18:22.0896 0x13c4  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:18:22.0959 0x13c4  DfsC - ok
12:18:22.0990 0x13c4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:18:23.0052 0x13c4  Dhcp - ok
12:18:23.0161 0x13c4  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
12:18:23.0224 0x13c4  DiagTrack - ok
12:18:23.0239 0x13c4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:18:23.0317 0x13c4  discache - ok
12:18:23.0364 0x13c4  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
12:18:23.0380 0x13c4  Disk - ok
12:18:23.0427 0x13c4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:18:23.0473 0x13c4  Dnscache - ok
12:18:23.0505 0x13c4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:18:23.0551 0x13c4  dot3svc - ok
12:18:23.0583 0x13c4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:18:23.0614 0x13c4  DPS - ok
12:18:23.0676 0x13c4  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:18:23.0707 0x13c4  drmkaud - ok
12:18:23.0801 0x13c4  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:18:23.0848 0x13c4  DXGKrnl - ok
12:18:23.0863 0x13c4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:18:23.0895 0x13c4  EapHost - ok
12:18:24.0004 0x13c4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
12:18:24.0082 0x13c4  ebdrv - ok
12:18:24.0129 0x13c4  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] EFS             C:\Windows\System32\lsass.exe
12:18:24.0160 0x13c4  EFS - ok
12:18:24.0285 0x13c4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:18:24.0363 0x13c4  ehRecvr - ok
12:18:24.0378 0x13c4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:18:24.0425 0x13c4  ehSched - ok
12:18:24.0472 0x13c4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:18:24.0503 0x13c4  elxstor - ok
12:18:24.0519 0x13c4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:18:24.0534 0x13c4  ErrDev - ok
12:18:24.0581 0x13c4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:18:24.0628 0x13c4  EventSystem - ok
12:18:24.0659 0x13c4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:18:24.0690 0x13c4  exfat - ok
12:18:24.0706 0x13c4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:18:24.0753 0x13c4  fastfat - ok
12:18:24.0799 0x13c4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:18:24.0831 0x13c4  Fax - ok
12:18:24.0846 0x13c4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
12:18:24.0862 0x13c4  fdc - ok
12:18:24.0877 0x13c4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:18:24.0909 0x13c4  fdPHost - ok
12:18:24.0924 0x13c4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:18:24.0955 0x13c4  FDResPub - ok
12:18:24.0987 0x13c4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:18:24.0987 0x13c4  FileInfo - ok
12:18:25.0002 0x13c4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:18:25.0096 0x13c4  Filetrace - ok
12:18:25.0111 0x13c4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
12:18:25.0127 0x13c4  flpydisk - ok
12:18:25.0143 0x13c4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:18:25.0158 0x13c4  FltMgr - ok
12:18:25.0252 0x13c4  [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache       C:\Windows\system32\FntCache.dll
12:18:25.0361 0x13c4  FontCache - ok
12:18:25.0486 0x13c4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:18:25.0517 0x13c4  FontCache3.0.0.0 - ok
12:18:25.0517 0x13c4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:18:25.0548 0x13c4  FsDepends - ok
12:18:25.0720 0x13c4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:18:25.0751 0x13c4  Fs_Rec - ok
12:18:25.0813 0x13c4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:18:25.0845 0x13c4  fvevol - ok
12:18:25.0845 0x13c4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:18:25.0860 0x13c4  gagp30kx - ok
12:18:25.0938 0x13c4  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
12:18:26.0001 0x13c4  gpsvc - ok
12:18:26.0094 0x13c4  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:18:26.0125 0x13c4  gupdate - ok
12:18:26.0157 0x13c4  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:18:26.0157 0x13c4  gupdatem - ok
12:18:26.0172 0x13c4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:18:26.0250 0x13c4  hcw85cir - ok
12:18:26.0313 0x13c4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:18:26.0359 0x13c4  HdAudAddService - ok
12:18:26.0391 0x13c4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:18:26.0406 0x13c4  HDAudBus - ok
12:18:26.0406 0x13c4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
12:18:26.0422 0x13c4  HidBatt - ok
12:18:26.0437 0x13c4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:18:26.0453 0x13c4  HidBth - ok
12:18:26.0484 0x13c4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
12:18:26.0500 0x13c4  HidIr - ok
12:18:26.0547 0x13c4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
12:18:26.0593 0x13c4  hidserv - ok
12:18:26.0625 0x13c4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:18:26.0656 0x13c4  HidUsb - ok
12:18:26.0671 0x13c4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:18:26.0703 0x13c4  hkmsvc - ok
12:18:26.0718 0x13c4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:18:26.0765 0x13c4  HomeGroupListener - ok
12:18:26.0796 0x13c4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:18:26.0827 0x13c4  HomeGroupProvider - ok
12:18:26.0827 0x13c4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:18:26.0843 0x13c4  HpSAMD - ok
12:18:26.0937 0x13c4  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:18:27.0030 0x13c4  HTTP - ok
12:18:27.0046 0x13c4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:18:27.0061 0x13c4  hwpolicy - ok
12:18:27.0077 0x13c4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:18:27.0093 0x13c4  i8042prt - ok
12:18:27.0155 0x13c4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:18:27.0186 0x13c4  iaStorV - ok
12:18:27.0264 0x13c4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:18:27.0311 0x13c4  idsvc - ok
12:18:27.0327 0x13c4  IEEtwCollectorService - ok
12:18:27.0327 0x13c4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:18:27.0342 0x13c4  iirsp - ok
12:18:27.0436 0x13c4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:18:27.0483 0x13c4  IKEEXT - ok
12:18:27.0607 0x13c4  [ F2744FD54BE1580BE05916D1C755C92A, 27FAC146876B6C6EBE0C00CDEC3E01C69DACB2584BEC85DD0FE5B55AD2157452 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:18:27.0701 0x13c4  IntcAzAudAddService - ok
12:18:27.0717 0x13c4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:18:27.0717 0x13c4  intelide - ok
12:18:27.0732 0x13c4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
12:18:27.0748 0x13c4  intelppm - ok
12:18:27.0779 0x13c4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:18:27.0810 0x13c4  IPBusEnum - ok
12:18:27.0810 0x13c4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:18:27.0857 0x13c4  IpFilterDriver - ok
12:18:27.0919 0x13c4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:18:27.0951 0x13c4  iphlpsvc - ok
12:18:27.0951 0x13c4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:18:27.0966 0x13c4  IPMIDRV - ok
12:18:27.0982 0x13c4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:18:28.0029 0x13c4  IPNAT - ok
12:18:28.0044 0x13c4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:18:28.0060 0x13c4  IRENUM - ok
12:18:28.0075 0x13c4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:18:28.0091 0x13c4  isapnp - ok
12:18:28.0122 0x13c4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:18:28.0138 0x13c4  iScsiPrt - ok
12:18:28.0153 0x13c4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:18:28.0169 0x13c4  kbdclass - ok
12:18:28.0185 0x13c4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:18:28.0185 0x13c4  kbdhid - ok
12:18:28.0200 0x13c4  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] KeyIso          C:\Windows\system32\lsass.exe
12:18:28.0216 0x13c4  KeyIso - ok
12:18:28.0263 0x13c4  [ F54475BA70B5CDA4EF11DC44BFB07F40, 9A6FA4978746F2F75D6B5892C1FE2042FF86C588AFEEC80534E0FB2F4450F9C3 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:18:28.0278 0x13c4  KSecDD - ok
12:18:28.0294 0x13c4  [ ED1D1E1AAACF08438F9BCF731C8CA168, 8DFE5F7E1080B65A75BC840708AB7A42EA42510D5507EF86294649C72430B569 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:18:28.0294 0x13c4  KSecPkg - ok
12:18:28.0309 0x13c4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:18:28.0341 0x13c4  ksthunk - ok
12:18:28.0387 0x13c4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:18:28.0434 0x13c4  KtmRm - ok
12:18:28.0512 0x13c4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:18:28.0575 0x13c4  LanmanServer - ok
12:18:28.0590 0x13c4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:18:28.0637 0x13c4  LanmanWorkstation - ok
12:18:28.0668 0x13c4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:18:28.0699 0x13c4  lltdio - ok
12:18:28.0731 0x13c4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:18:28.0777 0x13c4  lltdsvc - ok
12:18:28.0793 0x13c4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:18:28.0840 0x13c4  lmhosts - ok
12:18:28.0855 0x13c4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:18:28.0871 0x13c4  LSI_FC - ok
12:18:28.0887 0x13c4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:18:28.0902 0x13c4  LSI_SAS - ok
12:18:28.0918 0x13c4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
12:18:28.0918 0x13c4  LSI_SAS2 - ok
12:18:28.0933 0x13c4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:18:28.0949 0x13c4  LSI_SCSI - ok
12:18:28.0965 0x13c4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:18:28.0996 0x13c4  luafv - ok
12:18:29.0027 0x13c4  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
12:18:29.0043 0x13c4  MBAMProtector - ok
12:18:29.0199 0x13c4  [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
12:18:29.0245 0x13c4  MBAMScheduler - ok
12:18:29.0308 0x13c4  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
12:18:29.0355 0x13c4  MBAMService - ok
12:18:29.0417 0x13c4  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
12:18:29.0448 0x13c4  MBAMSwissArmy - ok
12:18:29.0464 0x13c4  [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
12:18:29.0479 0x13c4  MBAMWebAccessControl - ok
12:18:29.0604 0x13c4  [ 429E9838454921D860277C4F164ED2B4, B45F9A9035DEB22AB3FC958278539647561B364FF8F9F2F12C590866927B6EB8 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.474\McCHSvc.exe
12:18:29.0651 0x13c4  McComponentHostService - ok
12:18:29.0698 0x13c4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:18:29.0713 0x13c4  Mcx2Svc - ok
12:18:29.0729 0x13c4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
12:18:29.0729 0x13c4  megasas - ok
12:18:29.0760 0x13c4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
12:18:29.0776 0x13c4  MegaSR - ok
12:18:29.0823 0x13c4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:18:29.0901 0x13c4  MMCSS - ok
12:18:29.0916 0x13c4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:18:29.0947 0x13c4  Modem - ok
12:18:29.0979 0x13c4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:18:29.0979 0x13c4  monitor - ok
12:18:29.0994 0x13c4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:18:30.0010 0x13c4  mouclass - ok
12:18:30.0025 0x13c4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:18:30.0057 0x13c4  mouhid - ok
12:18:30.0088 0x13c4  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:18:30.0103 0x13c4  mountmgr - ok
12:18:30.0150 0x13c4  [ E464A0A92E2E354D07DDA713D3E10DE4, D5CF213F03DF54EF9933027A7A7D4413371C1ECBFF61E4DE818D50FA72C8C5FC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:18:30.0166 0x13c4  MozillaMaintenance - ok
12:18:30.0181 0x13c4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:18:30.0197 0x13c4  mpio - ok
12:18:30.0213 0x13c4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:18:30.0259 0x13c4  mpsdrv - ok
12:18:30.0306 0x13c4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:18:30.0353 0x13c4  MpsSvc - ok
12:18:30.0384 0x13c4  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:18:30.0415 0x13c4  MRxDAV - ok
12:18:30.0462 0x13c4  [ 8A6DD6FDCCC010F7C6480EE7D0C3B92E, F061B59E5569D334C293420A4E98A2E2842037419E13001FF4FDCB9DE4A90BC5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:18:30.0478 0x13c4  mrxsmb - ok
12:18:30.0509 0x13c4  [ 68C12354AEA8FB5B559F5F69EF1C0DF0, E73BEFA5615231B86962FDB5201BA05B8A15D51F09BB6232315F44B39C46560D ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:18:30.0540 0x13c4  mrxsmb10 - ok
12:18:30.0587 0x13c4  [ 307E956C0DE630EE0ACE657233C0E83F, 45918BAFA9A1C4F4552A2A259CDFB89146FEE6622BDBC7B6B92D5BB2528586A4 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:18:30.0618 0x13c4  mrxsmb20 - ok
12:18:30.0665 0x13c4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:18:30.0681 0x13c4  msahci - ok
12:18:30.0681 0x13c4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:18:30.0696 0x13c4  msdsm - ok
12:18:30.0727 0x13c4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:18:30.0743 0x13c4  MSDTC - ok
12:18:30.0774 0x13c4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:18:30.0805 0x13c4  Msfs - ok
12:18:30.0821 0x13c4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:18:30.0868 0x13c4  mshidkmdf - ok
12:18:30.0868 0x13c4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:18:30.0883 0x13c4  msisadrv - ok
12:18:30.0915 0x13c4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:18:30.0961 0x13c4  MSiSCSI - ok
12:18:30.0961 0x13c4  msiserver - ok
12:18:30.0993 0x13c4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:18:31.0024 0x13c4  MSKSSRV - ok
12:18:31.0039 0x13c4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:18:31.0117 0x13c4  MSPCLOCK - ok
12:18:31.0133 0x13c4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:18:31.0227 0x13c4  MSPQM - ok
12:18:31.0273 0x13c4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:18:31.0289 0x13c4  MsRPC - ok
12:18:31.0305 0x13c4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:18:31.0320 0x13c4  mssmbios - ok
12:18:31.0320 0x13c4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:18:31.0351 0x13c4  MSTEE - ok
12:18:31.0367 0x13c4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
12:18:31.0398 0x13c4  MTConfig - ok
12:18:31.0414 0x13c4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:18:31.0429 0x13c4  Mup - ok
12:18:31.0476 0x13c4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:18:31.0523 0x13c4  napagent - ok
12:18:31.0554 0x13c4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:18:31.0570 0x13c4  NativeWifiP - ok
12:18:31.0663 0x13c4  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:18:31.0695 0x13c4  NDIS - ok
12:18:31.0710 0x13c4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:18:31.0741 0x13c4  NdisCap - ok
12:18:31.0773 0x13c4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:18:31.0804 0x13c4  NdisTapi - ok
12:18:31.0819 0x13c4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:18:31.0866 0x13c4  Ndisuio - ok
12:18:31.0897 0x13c4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:18:31.0929 0x13c4  NdisWan - ok
12:18:31.0944 0x13c4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:18:31.0975 0x13c4  NDProxy - ok
12:18:31.0991 0x13c4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:18:32.0022 0x13c4  NetBIOS - ok
12:18:32.0069 0x13c4  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:18:32.0131 0x13c4  NetBT - ok
12:18:32.0147 0x13c4  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] Netlogon        C:\Windows\system32\lsass.exe
12:18:32.0147 0x13c4  Netlogon - ok
12:18:32.0178 0x13c4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:18:32.0225 0x13c4  Netman - ok
12:18:32.0287 0x13c4  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:18:32.0334 0x13c4  NetMsmqActivator - ok
12:18:32.0350 0x13c4  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:18:32.0381 0x13c4  NetPipeActivator - ok
12:18:32.0397 0x13c4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:18:32.0443 0x13c4  netprofm - ok
12:18:32.0459 0x13c4  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:18:32.0459 0x13c4  NetTcpActivator - ok
12:18:32.0475 0x13c4  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:18:32.0490 0x13c4  NetTcpPortSharing - ok
12:18:32.0506 0x13c4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:18:32.0537 0x13c4  nfrd960 - ok
12:18:32.0568 0x13c4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:18:32.0615 0x13c4  NlaSvc - ok
12:18:32.0646 0x13c4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:18:32.0662 0x13c4  Npfs - ok
12:18:32.0693 0x13c4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:18:32.0724 0x13c4  nsi - ok
12:18:32.0740 0x13c4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:18:32.0771 0x13c4  nsiproxy - ok
12:18:32.0880 0x13c4  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:18:32.0958 0x13c4  Ntfs - ok
12:18:32.0974 0x13c4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:18:33.0005 0x13c4  Null - ok
12:18:33.0067 0x13c4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:18:33.0067 0x13c4  nvraid - ok
12:18:33.0114 0x13c4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:18:33.0145 0x13c4  nvstor - ok
12:18:33.0161 0x13c4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:18:33.0177 0x13c4  nv_agp - ok
12:18:33.0192 0x13c4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:18:33.0208 0x13c4  ohci1394 - ok
12:18:33.0286 0x13c4  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:18:33.0317 0x13c4  ose - ok
12:18:33.0551 0x13c4  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:18:33.0676 0x13c4  osppsvc - ok
12:18:33.0723 0x13c4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:18:33.0754 0x13c4  p2pimsvc - ok
12:18:33.0785 0x13c4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:18:33.0801 0x13c4  p2psvc - ok
12:18:33.0816 0x13c4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
12:18:33.0832 0x13c4  Parport - ok
12:18:33.0879 0x13c4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:18:33.0879 0x13c4  partmgr - ok
12:18:33.0941 0x13c4  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:18:33.0988 0x13c4  PcaSvc - ok
12:18:34.0003 0x13c4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:18:34.0019 0x13c4  pci - ok
12:18:34.0066 0x13c4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:18:34.0097 0x13c4  pciide - ok
12:18:34.0097 0x13c4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:18:34.0128 0x13c4  pcmcia - ok
12:18:34.0144 0x13c4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:18:34.0144 0x13c4  pcw - ok
12:18:34.0175 0x13c4  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:18:34.0206 0x13c4  PEAUTH - ok
12:18:34.0300 0x13c4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:18:34.0331 0x13c4  PerfHost - ok
12:18:34.0409 0x13c4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:18:34.0456 0x13c4  pla - ok
12:18:34.0518 0x13c4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:18:34.0596 0x13c4  PlugPlay - ok
12:18:34.0612 0x13c4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:18:34.0627 0x13c4  PNRPAutoReg - ok
12:18:34.0674 0x13c4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:18:34.0705 0x13c4  PNRPsvc - ok
12:18:34.0768 0x13c4  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:18:34.0799 0x13c4  PolicyAgent - ok
12:18:34.0815 0x13c4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:18:34.0861 0x13c4  Power - ok
12:18:34.0939 0x13c4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:18:34.0986 0x13c4  PptpMiniport - ok
12:18:35.0002 0x13c4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
12:18:35.0002 0x13c4  Processor - ok
12:18:35.0049 0x13c4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:18:35.0080 0x13c4  ProfSvc - ok
12:18:35.0095 0x13c4  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:18:35.0111 0x13c4  ProtectedStorage - ok
12:18:35.0127 0x13c4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:18:35.0158 0x13c4  Psched - ok
12:18:35.0220 0x13c4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:18:35.0267 0x13c4  ql2300 - ok
12:18:35.0283 0x13c4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:18:35.0298 0x13c4  ql40xx - ok
12:18:35.0345 0x13c4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:18:35.0376 0x13c4  QWAVE - ok
12:18:35.0392 0x13c4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:18:35.0423 0x13c4  QWAVEdrv - ok
12:18:35.0548 0x13c4  [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
12:18:35.0579 0x13c4  RapiMgr - ok
12:18:35.0579 0x13c4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:18:35.0626 0x13c4  RasAcd - ok
12:18:35.0673 0x13c4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:18:35.0704 0x13c4  RasAgileVpn - ok
12:18:35.0704 0x13c4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:18:35.0766 0x13c4  RasAuto - ok
12:18:35.0782 0x13c4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:18:35.0829 0x13c4  Rasl2tp - ok
12:18:35.0860 0x13c4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:18:35.0907 0x13c4  RasMan - ok
12:18:35.0922 0x13c4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:18:35.0985 0x13c4  RasPppoe - ok
12:18:36.0031 0x13c4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:18:36.0078 0x13c4  RasSstp - ok
12:18:36.0109 0x13c4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:18:36.0141 0x13c4  rdbss - ok
12:18:36.0141 0x13c4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
12:18:36.0156 0x13c4  rdpbus - ok
12:18:36.0187 0x13c4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:18:36.0250 0x13c4  RDPCDD - ok
12:18:36.0265 0x13c4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:18:36.0297 0x13c4  RDPENCDD - ok
12:18:36.0312 0x13c4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:18:36.0406 0x13c4  RDPREFMP - ok
12:18:36.0499 0x13c4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:18:36.0577 0x13c4  RdpVideoMiniport - ok
12:18:36.0624 0x13c4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:18:36.0655 0x13c4  RDPWD - ok
12:18:36.0671 0x13c4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:18:36.0687 0x13c4  rdyboost - ok
12:18:36.0718 0x13c4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:18:36.0765 0x13c4  RemoteAccess - ok
12:18:36.0796 0x13c4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:18:36.0827 0x13c4  RemoteRegistry - ok
12:18:36.0843 0x13c4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:18:36.0889 0x13c4  RpcEptMapper - ok
12:18:36.0905 0x13c4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:18:36.0921 0x13c4  RpcLocator - ok
12:18:36.0983 0x13c4  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
12:18:36.0999 0x13c4  RpcSs - ok
12:18:37.0030 0x13c4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:18:37.0092 0x13c4  rspndr - ok
12:18:37.0170 0x13c4  [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:18:37.0217 0x13c4  RTL8167 - ok
12:18:37.0217 0x13c4  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] SamSs           C:\Windows\system32\lsass.exe
12:18:37.0233 0x13c4  SamSs - ok
12:18:37.0233 0x13c4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:18:37.0248 0x13c4  sbp2port - ok
12:18:37.0279 0x13c4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:18:37.0326 0x13c4  SCardSvr - ok
12:18:37.0326 0x13c4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:18:37.0357 0x13c4  scfilter - ok
12:18:37.0451 0x13c4  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
12:18:37.0498 0x13c4  Schedule - ok
12:18:37.0545 0x13c4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:18:37.0591 0x13c4  SCPolicySvc - ok
12:18:37.0607 0x13c4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:18:37.0654 0x13c4  SDRSVC - ok
12:18:37.0685 0x13c4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:18:37.0732 0x13c4  secdrv - ok
12:18:37.0779 0x13c4  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
12:18:37.0794 0x13c4  seclogon - ok
12:18:37.0810 0x13c4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:18:37.0857 0x13c4  SENS - ok
12:18:37.0888 0x13c4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:18:37.0950 0x13c4  SensrSvc - ok
12:18:37.0966 0x13c4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
12:18:37.0981 0x13c4  Serenum - ok
12:18:37.0997 0x13c4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
12:18:38.0013 0x13c4  Serial - ok
12:18:38.0028 0x13c4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:18:38.0059 0x13c4  sermouse - ok
12:18:38.0091 0x13c4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:18:38.0137 0x13c4  SessionEnv - ok
12:18:38.0153 0x13c4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:18:38.0169 0x13c4  sffdisk - ok
12:18:38.0169 0x13c4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:18:38.0200 0x13c4  sffp_mmc - ok
12:18:38.0231 0x13c4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:18:38.0231 0x13c4  sffp_sd - ok
12:18:38.0247 0x13c4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:18:38.0247 0x13c4  sfloppy - ok
12:18:38.0309 0x13c4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:18:38.0371 0x13c4  SharedAccess - ok
12:18:38.0418 0x13c4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:18:38.0449 0x13c4  ShellHWDetection - ok
12:18:38.0465 0x13c4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
12:18:38.0481 0x13c4  SiSRaid2 - ok
12:18:38.0481 0x13c4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:18:38.0496 0x13c4  SiSRaid4 - ok
12:18:38.0496 0x13c4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:18:38.0527 0x13c4  Smb - ok
12:18:38.0559 0x13c4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:18:38.0574 0x13c4  SNMPTRAP - ok
12:18:38.0699 0x13c4  [ 97F08F8E5CB913E3DF467A35767866B6, F75C1D157D7AF5C2B691D8495D38C5A65944C93F5D4A3EA9813B07E4AF3E3E68 ] SpeedupService  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
12:18:38.0730 0x13c4  SpeedupService - ok
12:18:38.0746 0x13c4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:18:38.0761 0x13c4  spldr - ok
12:18:38.0839 0x13c4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
12:18:38.0886 0x13c4  Spooler - ok
12:18:39.0027 0x13c4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:18:39.0120 0x13c4  sppsvc - ok
12:18:39.0151 0x13c4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:18:39.0198 0x13c4  sppuinotify - ok
12:18:39.0245 0x13c4  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:18:39.0292 0x13c4  srv - ok
12:18:39.0339 0x13c4  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:18:39.0370 0x13c4  srv2 - ok
12:18:39.0401 0x13c4  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:18:39.0417 0x13c4  srvnet - ok
12:18:39.0432 0x13c4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:18:39.0463 0x13c4  SSDPSRV - ok
12:18:39.0495 0x13c4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:18:39.0541 0x13c4  SstpSvc - ok
12:18:39.0573 0x13c4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
12:18:39.0573 0x13c4  stexstor - ok
12:18:39.0619 0x13c4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:18:39.0651 0x13c4  stisvc - ok
12:18:39.0666 0x13c4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:18:39.0682 0x13c4  swenum - ok
12:18:39.0729 0x13c4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:18:39.0775 0x13c4  swprv - ok
12:18:39.0853 0x13c4  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
12:18:39.0947 0x13c4  SysMain - ok
12:18:39.0978 0x13c4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:18:39.0994 0x13c4  TabletInputService - ok
12:18:40.0009 0x13c4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:18:40.0072 0x13c4  TapiSrv - ok
12:18:40.0212 0x13c4  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:18:40.0259 0x13c4  Tcpip - ok
12:18:40.0368 0x13c4  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:18:40.0415 0x13c4  TCPIP6 - ok
12:18:40.0462 0x13c4  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:18:40.0524 0x13c4  tcpipreg - ok
12:18:40.0555 0x13c4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:18:40.0602 0x13c4  TDPIPE - ok
12:18:40.0665 0x13c4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:18:40.0711 0x13c4  TDTCP - ok
12:18:40.0743 0x13c4  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:18:40.0758 0x13c4  tdx - ok
12:18:40.0945 0x13c4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:18:40.0977 0x13c4  TermDD - ok
12:18:41.0023 0x13c4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
12:18:41.0101 0x13c4  TermService - ok
12:18:41.0117 0x13c4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:18:41.0164 0x13c4  Themes - ok
12:18:41.0211 0x13c4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:18:41.0242 0x13c4  THREADORDER - ok
12:18:41.0273 0x13c4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:18:41.0304 0x13c4  TrkWks - ok
12:18:41.0413 0x13c4  [ 6D8B6AFF929CFEBD77EE8CC1D03857A7, D40B630A31BBAE97EFA09E6DC59C1C20B0563CF1E38BE207BB577705B5A09159 ] TrueKey         C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
12:18:41.0460 0x13c4  TrueKey - ok
12:18:41.0507 0x13c4  [ 050BDF54D8D89C14971FA7A928A8C781, B05FA95082FE1AD0DA8613C01E9AACD18005104353E1584519754DB1D2F2323D ] TrueKeyScheduler C:\Program Files\TrueKey\McTkSchedulerService.exe
12:18:41.0538 0x13c4  TrueKeyScheduler - ok
12:18:41.0554 0x13c4  [ A954D5B1BC55BCA1308CA001C08DCB8F, F5BC1FD813B9D276DD61C3AEAFD76D07405F70AA6691A340B70D53E1D2F9753A ] TrueKeyServiceHelper C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
12:18:41.0585 0x13c4  TrueKeyServiceHelper - ok
12:18:41.0647 0x13c4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:18:41.0757 0x13c4  TrustedInstaller - ok
12:18:41.0803 0x13c4  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:18:41.0850 0x13c4  tssecsrv - ok
12:18:41.0897 0x13c4  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:18:41.0928 0x13c4  TsUsbFlt - ok
12:18:41.0959 0x13c4  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
12:18:42.0006 0x13c4  TsUsbGD - ok
12:18:42.0240 0x13c4  [ 2F09E7B063C0DB79A8CA4EDB66429F6B, D3525F064D796544F7EAF9D5C37EDF33E08A19A7C13E2ABD4FD7119CF0C8E5E4 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
12:18:42.0381 0x13c4  TuneUp.UtilitiesSvc - ok
12:18:42.0443 0x13c4  [ 9B5C98C9F9EF5E62806DCD58B0D8EACE, B4B8A3F943C2C401CA1ED05BDA0C6D631106B258FB40C433AC856DCA7E8D7F7A ] TuneUpUtilitiesDrv C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys
12:18:42.0505 0x13c4  TuneUpUtilitiesDrv - ok
12:18:42.0537 0x13c4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:18:42.0583 0x13c4  tunnel - ok
12:18:42.0583 0x13c4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:18:42.0599 0x13c4  uagp35 - ok
12:18:42.0615 0x13c4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:18:42.0646 0x13c4  udfs - ok
12:18:42.0693 0x13c4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:18:42.0693 0x13c4  UI0Detect - ok
12:18:42.0708 0x13c4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:18:42.0708 0x13c4  uliagpkx - ok
12:18:42.0724 0x13c4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:18:42.0739 0x13c4  umbus - ok
12:18:42.0739 0x13c4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
12:18:42.0755 0x13c4  UmPass - ok
12:18:42.0786 0x13c4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:18:42.0817 0x13c4  upnphost - ok
12:18:42.0849 0x13c4  [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
12:18:42.0927 0x13c4  usbccgp - ok
12:18:42.0973 0x13c4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:18:43.0005 0x13c4  usbcir - ok
12:18:43.0036 0x13c4  [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
12:18:43.0067 0x13c4  usbehci - ok
12:18:43.0114 0x13c4  [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
12:18:43.0129 0x13c4  usbhub - ok
12:18:43.0176 0x13c4  [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:18:43.0207 0x13c4  usbohci - ok
12:18:43.0223 0x13c4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:18:43.0285 0x13c4  usbprint - ok
12:18:43.0317 0x13c4  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
12:18:43.0332 0x13c4  usbscan - ok
12:18:43.0379 0x13c4  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:18:43.0410 0x13c4  USBSTOR - ok
12:18:43.0457 0x13c4  [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:18:43.0504 0x13c4  usbuhci - ok
12:18:43.0535 0x13c4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:18:43.0566 0x13c4  UxSms - ok
12:18:43.0644 0x13c4  [ D4070827C8EE4039FD65532CED62C0B0, 03270B9F74F48C92F1DFA15BD9F451CD19AE78D390717E2C2B8B0A2810454916 ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
12:18:43.0660 0x13c4  UxTuneUp - ok
12:18:43.0675 0x13c4  [ 6918ACBA1558AF363F6AA8D217AFCA8D, D8CA4E9F3FA0F5CE674D647DDBFD3C3676A07FB0268BBB51782468E144575F49 ] VaultSvc        C:\Windows\system32\lsass.exe
12:18:43.0691 0x13c4  VaultSvc - ok
12:18:43.0691 0x13c4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:18:43.0707 0x13c4  vdrvroot - ok
12:18:43.0738 0x13c4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:18:43.0785 0x13c4  vds - ok
12:18:43.0800 0x13c4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:18:43.0816 0x13c4  vga - ok
12:18:43.0831 0x13c4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:18:43.0878 0x13c4  VgaSave - ok
12:18:43.0894 0x13c4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:18:43.0909 0x13c4  vhdmp - ok
12:18:43.0941 0x13c4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:18:43.0941 0x13c4  viaide - ok
12:18:43.0987 0x13c4  VideoAcceleratorService - ok
12:18:44.0003 0x13c4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:18:44.0034 0x13c4  volmgr - ok
12:18:44.0050 0x13c4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:18:44.0065 0x13c4  volmgrx - ok
12:18:44.0081 0x13c4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:18:44.0097 0x13c4  volsnap - ok
12:18:44.0128 0x13c4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:18:44.0128 0x13c4  vsmraid - ok
12:18:44.0190 0x13c4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:18:44.0253 0x13c4  VSS - ok
12:18:44.0268 0x13c4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
12:18:44.0284 0x13c4  vwifibus - ok
12:18:44.0299 0x13c4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:18:44.0346 0x13c4  W32Time - ok
12:18:44.0393 0x13c4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:18:44.0440 0x13c4  WacomPen - ok
12:18:44.0471 0x13c4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:18:44.0502 0x13c4  WANARP - ok
12:18:44.0502 0x13c4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:18:44.0533 0x13c4  Wanarpv6 - ok
12:18:44.0596 0x13c4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:18:44.0658 0x13c4  wbengine - ok
12:18:44.0674 0x13c4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:18:44.0689 0x13c4  WbioSrvc - ok
12:18:44.0783 0x13c4  [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
12:18:44.0814 0x13c4  WcesComm - ok
12:18:44.0846 0x13c4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:18:44.0877 0x13c4  wcncsvc - ok
12:18:44.0908 0x13c4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:18:44.0955 0x13c4  WcsPlugInService - ok
12:18:44.0970 0x13c4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
12:18:44.0986 0x13c4  Wd - ok
12:18:45.0033 0x13c4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:18:45.0064 0x13c4  Wdf01000 - ok
12:18:45.0095 0x13c4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:18:45.0126 0x13c4  WdiServiceHost - ok
12:18:45.0126 0x13c4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:18:45.0142 0x13c4  WdiSystemHost - ok
12:18:45.0189 0x13c4  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
12:18:45.0204 0x13c4  WebClient - ok
12:18:45.0220 0x13c4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:18:45.0251 0x13c4  Wecsvc - ok
12:18:45.0267 0x13c4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:18:45.0314 0x13c4  wercplsupport - ok
12:18:45.0345 0x13c4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:18:45.0376 0x13c4  WerSvc - ok
12:18:45.0392 0x13c4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:18:45.0423 0x13c4  WfpLwf - ok
12:18:45.0438 0x13c4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:18:45.0438 0x13c4  WIMMount - ok
12:18:45.0485 0x13c4  WinDefend - ok
12:18:45.0485 0x13c4  WinHttpAutoProxySvc - ok
12:18:45.0579 0x13c4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:18:45.0626 0x13c4  Winmgmt - ok
12:18:45.0735 0x13c4  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:18:45.0782 0x13c4  WinRM - ok
12:18:45.0875 0x13c4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WINUSB          C:\Windows\system32\DRIVERS\WinUSB.SYS
12:18:45.0891 0x13c4  WINUSB - ok
12:18:45.0984 0x13c4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:18:46.0031 0x13c4  Wlansvc - ok
12:18:46.0031 0x13c4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:18:46.0047 0x13c4  WmiAcpi - ok
12:18:46.0062 0x13c4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:18:46.0094 0x13c4  wmiApSrv - ok
12:18:46.0094 0x13c4  WMPNetworkSvc - ok
12:18:46.0125 0x13c4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:18:46.0172 0x13c4  WPCSvc - ok
12:18:46.0187 0x13c4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:18:46.0218 0x13c4  WPDBusEnum - ok
12:18:46.0234 0x13c4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:18:46.0265 0x13c4  ws2ifsl - ok
12:18:46.0296 0x13c4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
12:18:46.0328 0x13c4  wscsvc - ok
12:18:46.0328 0x13c4  WSearch - ok
12:18:46.0484 0x13c4  [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:18:46.0577 0x13c4  wuauserv - ok
12:18:46.0608 0x13c4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:18:46.0640 0x13c4  WudfPf - ok
12:18:46.0655 0x13c4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:18:46.0671 0x13c4  WUDFRd - ok
12:18:46.0702 0x13c4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:18:46.0733 0x13c4  wudfsvc - ok
12:18:46.0780 0x13c4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:18:46.0796 0x13c4  WwanSvc - ok
12:18:46.0811 0x13c4  ================ Scan global ===============================
12:18:46.0858 0x13c4  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
12:18:46.0905 0x13c4  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
12:18:46.0936 0x13c4  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
12:18:46.0983 0x13c4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:18:47.0045 0x13c4  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
12:18:47.0061 0x13c4  [ Global ] - ok
12:18:47.0061 0x13c4  ================ Scan MBR ==================================
12:18:47.0076 0x13c4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:18:47.0420 0x13c4  \Device\Harddisk0\DR0 - ok
12:18:47.0435 0x13c4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
12:18:47.0544 0x13c4  \Device\Harddisk1\DR1 - ok
12:18:47.0544 0x13c4  ================ Scan VBR ==================================
12:18:47.0544 0x13c4  [ F6E7A47FFCD6127538C5F49E09D7824B ] \Device\Harddisk0\DR0\Partition1
12:18:47.0544 0x13c4  \Device\Harddisk0\DR0\Partition1 - ok
12:18:47.0560 0x13c4  [ 463D0D2A22BFCBA0CF91A5E133E380C5 ] \Device\Harddisk0\DR0\Partition2
12:18:47.0560 0x13c4  \Device\Harddisk0\DR0\Partition2 - ok
12:18:47.0560 0x13c4  [ 92850CECA0DEE3995D3D02D544E918DA ] \Device\Harddisk1\DR1\Partition1
12:18:47.0576 0x13c4  \Device\Harddisk1\DR1\Partition1 - ok
12:18:47.0576 0x13c4  ================ Scan generic autorun ======================
12:18:47.0669 0x13c4  [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdc.exe
12:18:47.0700 0x13c4  Windows Mobile Device Center - ok
12:18:47.0841 0x13c4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:18:47.0966 0x13c4  Sidebar - ok
12:18:48.0012 0x13c4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:18:48.0059 0x13c4  mctadmin - ok
12:18:48.0122 0x13c4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:18:48.0153 0x13c4  Sidebar - ok
12:18:48.0168 0x13c4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:18:48.0184 0x13c4  mctadmin - ok
12:18:48.0278 0x13c4  [ 23345F9256FFB4C68A75F2127DD6C21D, 97B029E75C2C4774C0893FB4D274A6F6CE28719842E4842FE3ABA445B5769916 ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe
12:18:48.0324 0x13c4  Firefox - ok
12:18:48.0356 0x13c4  Win FW state via NFP2: enabled ( trusted )
12:18:48.0356 0x13c4  ============================================================
12:18:48.0356 0x13c4  Scan finished
12:18:48.0356 0x13c4  ============================================================
12:18:48.0371 0x10a8  Detected object count: 0
12:18:48.0371 0x10a8  Actual detected object count: 0
         

Alt 31.12.2016, 09:08   #12
BigBen17
 
Windows 7: Eset findet 6 Trojaner - Standard

Windows 7: Eset findet 6 Trojaner



Hallo Cosinus, ich verstehe, dass Ihr nicht alle Anfragen sofort bearbeiten könnt und es nicht mögt, wenn jemand drängelt.
Am Montagmorgen muss ich allerdings meinen Vater verlassen und werde ihn einige Wochen nicht sehen. Ich muss seinen PC so hinbekommen, dass er wieder online gehen kann. Vielleicht kannst Du noch Empfehlungen für Virenscanner geben?

Alt 31.12.2016, 11:58   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7: Eset findet 6 Trojaner - Standard

Windows 7: Eset findet 6 Trojaner



Trotzdem machst du dir hier mit der Drängelei keine Freunde!

Wenn du zeitkritische Sachen hast geht das nicht über ein Forum, da musst du in einen PC-Service-Laden rennen und da hast du auch das Recht dich zu beschweren wenn es länger dauert als vereinbart. Aber nicht hier.


Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

__________________
"Ich habe viel Geld für Alkohol, Weiber und schnelle Autos ausgegeben. Den Rest hab’ ich einfach nur verprasst." - George Best

Warum Linux besser als Windows ist!


Das Trojaner-Board unterstützen

Alt 31.12.2016, 14:22   #14
BigBen17
 
Windows 7: Eset findet 6 Trojaner - Standard

Windows 7: Eset findet 6 Trojaner



Danke fürs Verständnis!
Code:
ATTFilter
# AdwCleaner v6.041 - Bericht erstellt am 31/12/2016 um 15:13:51
# Aktualisiert am 16/12/2016 von Malwarebytes
# Datenbank : 2016-12-15.1 [Lokal]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : PC - PC-PC
# Gestartet von : C:\Users\PC\Downloads\msvcp120\AdwCleaner_6.041.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\PC\AppData\LocalLow\Speedbit
[-] Ordner gelöscht: C:\Users\PC\AppData\Roaming\DriverCure
[-] Ordner gelöscht: C:\Users\PC\AppData\Roaming\ParetoLogic
[-] Ordner gelöscht: C:\Program Files\Common Files\Speedbit
[-] Ordner gelöscht: C:\ProgramData\ParetoLogic
[-] Ordner gelöscht: C:\ProgramData\Speedbit
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\ParetoLogic
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\Speedbit
[-] Ordner gelöscht: C:\Users\Public\Documents\Speedbit
[-] Ordner gelöscht: C:\Program Files (x86)\Common Files\ParetoLogic
[-] Ordner gelöscht: C:\Program Files (x86)\Common Files\Speedbit


***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****

[-] Aufgabe gelöscht: paretologic registration3
[-] Aufgabe gelöscht: paretologic update version3
[-] Aufgabe gelöscht: ParetoLogic Update Version3 Startup Task
[-] Aufgabe gelöscht: ParetoLogic Registration3
[-] Aufgabe gelöscht: ParetoLogic Update Version3


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AniGIFCtrl.AniGIF
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\uus3url-pl
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\AniGIFCtrl.AniGIF
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\uus3url-pl
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\SpeedBit
[-] Schlüssel gelöscht: HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\Software\distromatic
[-] Schlüssel gelöscht: HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\Software\ParetoLogic
[-] Schlüssel gelöscht: HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\Software\SpeedBit
[#] Schlüssel mit Neustart gelöscht: HKU\S-1-5-18\Software\SpeedBit
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\distromatic
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\ParetoLogic
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\SpeedBit
[-] Schlüssel gelöscht: HKLM\SOFTWARE\ParetoLogic
[-] Schlüssel gelöscht: HKLM\SOFTWARE\SpeedBit
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\distromatic
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\ParetoLogic
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\SpeedBit
[-] Daten  wiederhergestellt: HKU\S-1-5-21-1501792886-3384884554-2704517135-1000\Software\Microsoft\Internet Explorer\Main [Search Page] 
[-] Daten  wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] 
[-] Daten  wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] 
[-] Daten  wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] 
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ Browser ] *****

[-] Firefox Einstellungen bereinigt: "browser.search.defaulturl" -  "hxxp://go.speedbit.com/search.aspx?s=G3Ib&q="
[-] Firefox Einstellungen bereinigt: "browser.search.selectedEngine" -  "Speedbit Search"
[-] Firefox Einstellungen bereinigt: "browser.startup.homepage_override_url" -  "hxxp://go.speedbit.com/?s=G3Ib"
[-] Firefox Einstellungen bereinigt: "keyword.URL" -  "hxxp://go.speedbit.com/search.aspx?s=G3Ib&q="


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4716 Bytes] - [31/12/2016 15:13:51]
C:\AdwCleaner\AdwCleaner[S0].txt - [5017 Bytes] - [31/12/2016 15:13:11]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4862 Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Home Premium x64 
Ran by PC (Administrator) on 31.12.2016 at 15:17:27,11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 26 

Successfully deleted: C:\Users\PC\AppData\Roaming\dll-files.com (Folder) 
Successfully deleted: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843\user.js (File) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0AY5X4ON (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5MTWO6S1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5R0E1YKT (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99F1URJ9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I916TUYB (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UXSJI1TN (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WZ6SCMIE (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZE1J2U76 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0AY5X4ON (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5MTWO6S1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5R0E1YKT (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\99F1URJ9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I916TUYB (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UXSJI1TN (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WZ6SCMIE (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZE1J2U76 (Temporary Internet Files Folder) 

Deleted the following from C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\a2t3gcta.default-1449644546843\prefs.js
user_pref(browser.urlbar.suggest.searches, true);



Registry: 2 

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.12.2016 at 15:19:33,10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 31.12.2016, 22:23   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows 7: Eset findet 6 Trojaner - Standard

Windows 7: Eset findet 6 Trojaner



Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

__________________
"Ich habe viel Geld für Alkohol, Weiber und schnelle Autos ausgegeben. Den Rest hab’ ich einfach nur verprasst." - George Best

Warum Linux besser als Windows ist!


Das Trojaner-Board unterstützen

Antwort

Themen zu Windows 7: Eset findet 6 Trojaner
antivirus, avira, computer, desktop, email, festplatte, firefox, flash player, google, helper, home, homepage, langsam, mozilla, popup, problem, registry, scan, security, software, svchost.exe, system, trojaner, usb, windows



Ähnliche Themen: Windows 7: Eset findet 6 Trojaner


  1. Eset Scan findet: Variante von Win32/FusionCore.J
    Plagegeister aller Art und deren Bekämpfung - 18.12.2016 (16)
  2. Win10: Eset findet Variante von Win32/systweak.L - Logs
    Log-Analyse und Auswertung - 14.10.2016 (19)
  3. ESET Online Scanner findet Bedrohungen - hängt sich jedoch vor dem Abschluss auf
    Log-Analyse und Auswertung - 13.10.2016 (15)
  4. Windows 8.1..: Eset Online Scanner findet 2 Bedrohungen
    Plagegeister aller Art und deren Bekämpfung - 07.09.2016 (9)
  5. ESET Online Scanner findet 19 Bedrohungen
    Log-Analyse und Auswertung - 29.11.2015 (9)
  6. Windows Vista:ESET Findet Treffer trotz vorheriger Bereinigung mit Adw Cleaner und JRT
    Log-Analyse und Auswertung - 23.10.2015 (11)
  7. Eset findet Adware.Synatix.A, OptimizerEliteMax.C, Packed.Themida. Im Taskmanager ist 8df1bcd0
    Plagegeister aller Art und deren Bekämpfung - 18.02.2015 (17)
  8. ESET Online virenscanner findet 9 infizierte Datei
    Plagegeister aller Art und deren Bekämpfung - 22.01.2015 (1)
  9. Eset Online Scanner findet Win32/Bundled. Toolbar Google
    Plagegeister aller Art und deren Bekämpfung - 28.08.2014 (3)
  10. ESET Online Scanner findet 18 Infizierte Dateien
    Plagegeister aller Art und deren Bekämpfung - 20.06.2014 (3)
  11. Windows 7: ESET findet 10 Bedrohungen - System langsam
    Log-Analyse und Auswertung - 05.05.2014 (11)
  12. Eset findet injected F Trojaner
    Log-Analyse und Auswertung - 29.04.2014 (2)
  13. Eset Online Scanner findet ava/Exploit.Agent.OEX Trojaner
    Plagegeister aller Art und deren Bekämpfung - 12.05.2013 (5)
  14. ESET findet: Kryptik.ACOM und Gataka.A
    Plagegeister aller Art und deren Bekämpfung - 17.05.2012 (25)
  15. Eset findet Win32/Adware Toolbar Dealio+35 funde von mbam
    Log-Analyse und Auswertung - 01.03.2012 (11)
  16. ESET findet Win32/Olmarik Trojaner
    Plagegeister aller Art und deren Bekämpfung - 24.03.2011 (3)
  17. ESET NOD 32 findet Win 32 Mebroot Trojaner
    Plagegeister aller Art und deren Bekämpfung - 20.08.2010 (19)

Zum Thema Windows 7: Eset findet 6 Trojaner - Hallo, zunächst vielen Dank für die Hilfe! Der PC meines Vaters wurde sehr langsam und stürzte ab. malwarebite fand drei unerwünschte Anwendungen, die ich dann gelöscht habe. Als das Problem - Windows 7: Eset findet 6 Trojaner...
Archiv
Du betrachtest: Windows 7: Eset findet 6 Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.