Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Videos ruckeln besonders in Firefox

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 15.10.2014, 18:52   #1
Ahnungslos11
 
Videos ruckeln besonders in Firefox - Standard

Videos ruckeln besonders in Firefox



Hallo,

mein Problem dreht sich um den Browser Mozilla Firefox (Version 33.0). Das Problem tritt insbesondere bei HD-Videos (aber auch bei niedrigerer Qualität) auf, obwohl die Bandbreite dafür locker ausreichen sollte.
Die Aktualität der Flashplayer von Adobe und Shockwave habe ich bereits überprüft. Auch der Treiber meiner Grafikkarte ist aktuell.

Wenn ich Chrome benutze, ist es etwas besser, aber nicht perfekt flüssig.


Defogger:

Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:41 on 15/10/2014

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
Unable to read sptd.sys
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-
         

FRST

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-10-2014 01
Ran by Phillip (administrator) on 11RP11 on 15-10-2014 17:49:34
Running from C:\Users\Phillip\Downloads
Loaded Profiles: Phillip & postgres (Available profiles: Phillip & postgres)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
() C:\Program Files\ATK Hotkey\AsLdrSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Windows\System32\lpksetup.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\DatacardService\DCService.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.4\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.4\bin\postgres.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.4\bin\postgres.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.4\bin\postgres.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(ATK0100) C:\Program Files\ATK Hotkey\HControl.exe
() C:\Program Files\ATK Hotkey\MsgTranAgt.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\ATK Hotkey\HControlUser.exe
(LG Electronics) C:\Program Files\LG Software\LG OSD\HotKey.exe
() C:\Program Files\ATK Hotkey\LOSD.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
() C:\Program Files\ATK Hotkey\ATKOSD.exe
() C:\Program Files\ATK Hotkey\WDC.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\ipmgui.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-12-07] (Synaptics, Inc.)
HKLM\...\Run: [HControlUser] => C:\Program Files\ATK Hotkey\HcontrolUser.exe [98304 2008-07-03] ()
HKLM\...\Run: [KeybdUtility] => C:\Program Files\LG Software\LG OSD\HotKey.exe [3026944 2008-09-04] (LG Electronics)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [182808 2008-07-21] (Intel Corporation)
HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Conime] => C:\Windows\system32\conime.exe [69120 2009-04-11] (Microsoft Corporation)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-14] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe [2804224 2012-10-08] (Eastman Kodak Company)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2386538302-2959011679-2223950070-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2386538302-2959011679-2223950070-1000\...\MountPoints2: {3504ca00-f1a7-11e1-97bc-001e101f1f81} - G:\AutoRun.exe
HKU\S-1-5-21-2386538302-2959011679-2223950070-1000\...\MountPoints2: {7c390bdf-c705-11dd-b618-806e6f6e6963} - F:\Autorun.exe
HKU\S-1-5-21-2386538302-2959011679-2223950070-1000\...\MountPoints2: {ae1da385-f146-11e1-9079-00216b0c781a} - G:\AutoRun.exe
HKU\S-1-5-21-2386538302-2959011679-2223950070-1000\...\MountPoints2: {ae1da3b9-f146-11e1-9079-001e101f21c1} - G:\AutoRun.exe
HKU\S-1-5-21-2386538302-2959011679-2223950070-1000\...\MountPoints2: {cbba1285-f04b-11e1-96d5-abf4987c20bb} - E:\SETUP.EXE /AUTORUN
HKU\S-1-5-21-2386538302-2959011679-2223950070-1007\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2386538302-2959011679-2223950070-1007\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2386538302-2959011679-2223950070-1007\...\MountPoints2: {3504ca00-f1a7-11e1-97bc-001e101f1f81} - G:\AutoRun.exe
HKU\S-1-5-21-2386538302-2959011679-2223950070-1007\...\MountPoints2: {7c390bdf-c705-11dd-b618-806e6f6e6963} - F:\Autorun.exe
HKU\S-1-5-21-2386538302-2959011679-2223950070-1007\...\MountPoints2: {ae1da385-f146-11e1-9079-00216b0c781a} - G:\AutoRun.exe
HKU\S-1-5-21-2386538302-2959011679-2223950070-1007\...\MountPoints2: {ae1da3b9-f146-11e1-9079-001e101f21c1} - G:\AutoRun.exe
HKU\S-1-5-21-2386538302-2959011679-2223950070-1007\...\MountPoints2: {cbba1285-f04b-11e1-96d5-abf4987c20bb} - E:\SETUP.EXE /AUTORUN

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.lge.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.lge.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.lge.com
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {B07F54E6-0806-47DB-B5D8-398F240776F2} file:///F:/viewer/ORDcmViewCD.ocx
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 20 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [507984] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\q1t70ujh.default
FF NetworkProxy: "http", "195.142.122.62"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @www.flatcast.com/FlatViewer 5.2 -> C:\PROGRA~1\MOZILL~1\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Phillip\AppData\Roaming\mozilla\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF SearchPlugin: C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\q1t70ujh.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\q1t70ujh.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\q1t70ujh.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: DownloadHelper - C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\q1t70ujh.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: Proxy-Listen.de - Proxyswitcher - C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\q1t70ujh.default\Extensions\admin@proxy-listen.de.xpi [2013-10-04]
FF Extension: Hide My Ass Proxy Extension - C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\q1t70ujh.default\Extensions\extension@hidemyass.com.xpi [2013-07-29]
FF Extension: Updated Ad Blocker for Firefox 11+ - C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\q1t70ujh.default\Extensions\{4DC70064-89E2-4a55-8FC6-E8CDEAE3618C}.xpi [2013-06-11]
FF Extension: LeechBlock - C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\q1t70ujh.default\Extensions\{a95d8332-e4b4-6e7f-98ac-20b733364387}.xpi [2014-05-28]
FF Extension: Adblock Plus - C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\q1t70ujh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-08-21]
FF Extension: DownThemAll! - C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\q1t70ujh.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-11-06]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-08-22]
FF HKCU\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\q1t70ujh.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR Profile: C:\Users\Phillip\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-14]
CHR Extension: (Google Drive) - C:\Users\Phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-09]
CHR Extension: (YouTube) - C:\Users\Phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-14]
CHR Extension: (Google-Suche) - C:\Users\Phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-14]
CHR Extension: (Avira Browser Safety) - C:\Users\Phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-14]
CHR Extension: (AdBlock) - C:\Users\Phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-09]
CHR Extension: (Google Wallet) - C:\Users\Phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-25]
CHR Extension: (Google Mail) - C:\Users\Phillip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-14]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [994552 2014-10-14] (Avira Operations GmbH & Co. KG)
R2 ASLDRService; C:\Program Files\ATK Hotkey\ASLDRSrv.exe [94208 2007-10-03] () [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-05-08] () [File not signed]
R2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe [395200 2012-10-19] (Eastman Kodak Company)
R2 Kodak AiO Status Monitor Service; C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [779200 2012-10-15] (Eastman Kodak Company)
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [479224 2012-12-10] (Cisco Systems, Inc.)
R2 postgresql-8.4; C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "C:/Program Files/PostgreSQL/8.4/data" -w [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 acsint; C:\Windows\System32\DRIVERS\acsint.sys [39888 2012-12-10] (Cisco Systems, Inc.)
S3 acsmux; C:\Windows\System32\DRIVERS\acsmux.sys [58320 2012-12-10] (Cisco Systems, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98160 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [22688 2014-08-12] (REALiX(tm))
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [54784 2007-12-19] (ITE Tech. Inc. )
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 2006-12-15] (ATK0100)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18432 2012-03-26] (Apple Inc.) [File not signed]
S3 RTL8169; C:\Windows\System32\DRIVERS\Rtlh86.sys [124928 2008-08-07] (Realtek Corporation                                            ) [File not signed]
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1807744 2008-04-02] ()
R0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011-03-18] (Almico Software)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [646392 2012-08-27] (Duplex Secure Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-05] (Avira GmbH)
S3 WSVD; C:\Windows\system32\drivers\WSVD.sys [81192 2008-03-26] (CyberLink)
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RTHDMIAzAudService; system32\drivers\RtHDMIV.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-15 17:49 - 2014-10-15 17:53 - 00019529 _____ () C:\Users\Phillip\Downloads\FRST.txt
2014-10-15 17:49 - 2014-10-15 17:50 - 00000000 ____D () C:\FRST
2014-10-15 17:48 - 2014-10-15 17:48 - 01054912 _____ (Adobe) C:\Users\Phillip\Downloads\install_flashplayer15x32au_mssd_aaa_aih.exe
2014-10-15 17:42 - 2014-10-15 17:42 - 00380416 _____ () C:\Users\Phillip\Downloads\Gmer-19357.exe
2014-10-15 17:41 - 2014-10-15 17:42 - 01102336 _____ (Farbar) C:\Users\Phillip\Downloads\FRST.exe
2014-10-15 17:41 - 2014-10-15 17:42 - 00000636 _____ () C:\Users\Phillip\Downloads\defogger_disable.log
2014-10-15 17:41 - 2014-10-15 17:42 - 00000020 _____ () C:\Users\Phillip\defogger_reenable
2014-10-15 15:06 - 2014-10-15 15:12 - 00050477 _____ () C:\Users\Phillip\Downloads\Defogger.exe
2014-10-15 14:50 - 2014-10-15 14:50 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-10-13 16:48 - 2014-10-13 16:48 - 00001002 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-30 10:46 - 2014-09-30 10:46 - 00000000 ____D () C:\Users\Phillip\AppData\Local\PDF24
2014-09-30 10:45 - 2014-09-30 10:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2014-09-30 10:45 - 2014-09-30 10:45 - 00000000 ____D () C:\Program Files\PDF24
2014-09-30 10:42 - 2011-05-13 12:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\system32\dhRichClient3.dll
2014-09-30 10:42 - 2011-03-25 20:42 - 00338432 _____ () C:\Windows\system32\sqlite36_engine.dll
2014-09-30 10:41 - 2014-09-30 10:41 - 01101648 _____ () C:\Users\Phillip\Downloads\PDF24 Creator - CHIP-Installer.exe
2014-09-30 10:39 - 2014-09-30 10:39 - 00000000 ____D () C:\Users\Phillip\.pdfsam
2014-09-26 08:25 - 2014-09-09 08:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 18:07 - 2014-09-23 18:43 - 176351867 _____ () C:\Users\Phillip\Downloads\Rulez.NOF.21st.Sept.2014.HDTV Ptt (1).mp4
2014-09-23 18:00 - 2014-09-23 18:01 - 05007509 _____ () C:\Users\Phillip\Downloads\Rulez.NOF.21st.Sept.2014.HDTV.720p (1)-001.mkv.part
2014-09-20 12:59 - 2014-09-20 12:59 - 06958304 _____ (Microsoft Corporation) C:\Users\Phillip\Downloads\Silverlight.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-15 17:51 - 2008-12-10 23:49 - 01502136 _____ () C:\Windows\WindowsUpdate.log
2014-10-15 17:45 - 2014-02-25 11:05 - 00001096 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-15 17:44 - 2012-10-16 10:05 - 00000000 ____D () C:\ProgramData\Kodak
2014-10-15 17:44 - 2012-08-21 23:02 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-10-15 17:44 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-15 17:44 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-15 17:44 - 2006-11-02 14:47 - 00003216 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-15 17:43 - 2008-10-08 20:25 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-10-15 17:43 - 2006-11-02 15:01 - 00032514 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-15 17:41 - 2009-03-06 20:15 - 00000000 ____D () C:\Users\Phillip
2014-10-15 16:56 - 2014-02-25 11:05 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-15 16:44 - 2012-08-22 20:15 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-14 22:45 - 2012-08-23 11:33 - 00000000 ____D () C:\Users\Phillip\AppData\Roaming\HoldemManager
2014-10-14 20:49 - 2012-08-22 20:52 - 00000000 ____D () C:\Users\Phillip\AppData\Local\PokerStars.EU
2014-10-14 16:02 - 2013-08-05 23:39 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-14 16:01 - 2013-08-05 23:39 - 00098160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-13 18:25 - 2012-08-23 15:00 - 00001786 ____H () C:\Users\Phillip\Documents\Default.rdp
2014-10-13 16:48 - 2014-08-08 10:34 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-13 16:48 - 2013-08-05 23:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-13 16:48 - 2013-08-05 23:39 - 00000000 ____D () C:\Program Files\Avira
2014-10-01 21:06 - 2013-10-11 17:14 - 00000885 _____ () C:\Users\Public\Desktop\HoldemManager2.lnk
2014-10-01 21:06 - 2013-05-10 08:13 - 00000000 ____D () C:\Program Files\Holdem Manager 2
2014-09-26 08:45 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\rescache
2014-09-26 08:29 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-09-23 22:24 - 2012-10-15 19:34 - 00000000 ____D () C:\Users\Phillip\WWE
2014-09-23 21:44 - 2012-08-22 20:15 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-23 21:44 - 2012-08-22 20:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-19 10:49 - 2012-08-23 16:45 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-09-18 11:16 - 2013-02-20 21:02 - 00000000 ____D () C:\Users\Phillip\Documents\Nathi
2014-09-16 13:25 - 2012-11-25 20:30 - 00000000 ____D () C:\Users\Phillip\AppData\Roaming\Skype

Some content of TEMP:
====================
C:\Users\Phillip\AppData\Local\Temp\avgnt.exe
C:\Users\Phillip\AppData\Local\Temp\_unps.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-15 17:51

==================== End Of Log ============================
         
--- --- ---


Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-10-2014 01
Ran by Phillip at 2014-10-15 17:54:57
Running from C:\Users\Phillip\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
888poker (HKLM\...\888poker) (Version:  - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.8.0.1430 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop Elements (HKLM\...\Adobe Photoshop Elements 1.0) (Version: 1.0 - Adobe Systems, Inc.)
Adobe Reader X (10.1.12) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Adobe SVG Viewer (HKLM\...\Adobe SVG Viewer) (Version: 1.0 - Adobe Systems, Inc.)
aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (Version: 5.7.5.30 - Your Company Name) Hidden
aioscnnr (Version: 7.6.11.10 - Your Company Name) Hidden
AMD Catalyst Install Manager (HKLM\...\{0BD03BF6-3A66-EC7F-5155-28A8D6C69409}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATK Hotkey (HKLM\...\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}) (Version: 1.00.0042 - ATK)
Avira (HKLM\...\{9bd9b85e-7792-483b-a318-cc51ff0877ed}) (Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Betfair.com Poker (HKCU\...\Betfair.com Poker) (Version:  - )
Betfred Poker (HKCU\...\Betfred Poker) (Version:  - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (Version: 2008.0724.2347.40767 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2008.0724.2347.40767 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2008.0724.2347.40767 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2008.0724.2347.40767 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2008.0724.2347.40767 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2008.0724.2347.40767 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2008.0724.2347.40767 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2008.1114.1449.26465 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization Chinese Standard (Version: 2008.0724.2347.40767 - ATI) Hidden
Catalyst Control Center Localization Chinese Traditional (Version: 2008.0724.2347.40767 - ATI) Hidden
Catalyst Control Center Localization Dutch (Version: 2008.0724.2347.40767 - ATI) Hidden
Catalyst Control Center Localization French (Version: 2008.0724.2347.40767 - ATI) Hidden
Catalyst Control Center Localization Hungarian (Version: 2008.0724.2347.40767 - ATI) Hidden
Catalyst Control Center Localization Italian (Version: 2008.0724.2347.40767 - ATI) Hidden
Catalyst Control Center Localization Japanese (Version: 2008.0724.2347.40767 - ATI) Hidden
Catalyst Control Center Localization Korean (Version: 2008.0724.2347.40767 - ATI) Hidden
Catalyst Control Center Localization Norwegian (Version: 2008.0724.2347.40767 - ATI) Hidden
Catalyst Control Center Localization Polish (Version: 2008.0724.2347.40767 - ATI) Hidden
Catalyst Control Center Localization Portuguese (Version: 2008.0724.2347.40767 - ATI) Hidden
Catalyst Control Center Localization Russian (Version: 2008.0724.2347.40767 - ATI) Hidden
Catalyst Control Center Localization Swedish (Version: 2008.0724.2347.40767 - ATI) Hidden
Catalyst Control Center Localization Thai (Version: 2008.0724.2347.40767 - ATI) Hidden
Catalyst Control Center Localization Turkish (Version: 2008.0724.2347.40767 - ATI) Hidden
CCC Help Turkish (Version: 2008.0724.2346.40767 - ATI) Hidden
ccc-utility (Version: 2008.0724.2347.40767 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
center (Version: 6.2.5.0 - Eastman Kodak Company) Hidden
Cisco AnyConnect Secure Mobility Client  (HKLM\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.0.11042 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (Version: 3.0.11042 - Cisco Systems, Inc.) Hidden
Cliqz (HKLM\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Compatibility Pack für 2007 Office System (HKLM\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
concept/design onlineTV 8 (HKLM\...\{D2AC7034-15AC-4F62-85BD-1E48021E45D6}_is1) (Version: 8.5.0.2 - concept/design GmbH)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1622 - CyberLink Corp.)
CyberLink YouCam (Version: 1.0.1622 - CyberLink Corp.) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
essentials (Version: 6.0.14.0 - Eastman Kodak Company) Hidden
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version:  - )
Flatcast Viewer Plugin 5.3.0.784 (HKLM\...\Flatcast Viewer 5.3_is1) (Version:  - 1 mal 1 Software GmbH)
Free YouTube to MP3 Converter version 3.12.34.430 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.34.430 - DVDVideoSoft Ltd.)
Full Tilt Poker (HKLM\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 4.46.0.WIN.FullTilt.COM - )
Full Tilt Poker.Eu (HKLM\...\{127BEFB3-24B2-4B44-8E99-AD22C2A5A8ED}) (Version: 4.55.4.WIN.FullTilt.EU - )
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Holdem Manager (HKLM\...\HoldemManager) (Version:  - )
Holdem Manager 2 (HKLM\...\HoldemManager2) (Version:  - )
HWiNFO32 Version 4.42 (HKLM\...\HWiNFO32_is1) (Version: 4.42 - Martin Malík - REALiX)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
ITECIR (HKLM\...\{40580068-9B10-40B5-9548-536CE88AB23C}) (Version: 1.00.0000 - ITE)
iTunes (HKLM\...\{0A37EE62-9A58-420D-90CC-4E52153112EE}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden
join.me (HKCU\...\JoinMe) (Version: 1.13.0.114 - LogMeIn, Inc.)
Kodak AIO Printer (Version: 7.0.3.0 - Eastman Kodak Company) Hidden
KODAK All-in-One Software (HKLM\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.6.12.20 - Eastman Kodak Company)
Leawo PowerPoint to Video Pro version 2.6.0.68 (HKLM\...\{5D5CB188-F9B1-4103-B2AD-07FB33068377}_is1) (Version: 2.6.0.68 - Leawo Software)
LG Fan Mode Tile for Windows Mobility Center (HKLM\...\LGFanModeTile) (Version:  - LG Electronics Inc.)
LG Intelligent Update (HKLM\...\{81717D01-32F6-449C-85E1-41AFD678E545}) (Version: 4.00.0923.01 - LG Electronics Inc.)
LG Magnifier (HKLM\...\{9672CAD2-F310-42D6-9147-E4A4B6ED8395}) (Version: 8.05.1901 - LG Electronics Inc.)
LG OSD (HKLM\...\{13831772-9872-4E79-B39B-5E38D7855512}) (Version: 8.06.2715 - LG Electronics Inc.)
LG Smart Indicator (HKLM\...\{DABD50F7-0001-0002-0003-ABCDEFABCDEF}) (Version: 1.28.0711 - LG Electronics Inc.)
LG Smart Recovery (HKLM\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.1824 - LG Electronics Inc)
LG Smart Recovery (Version: 5.5.1824 - LG Electronics Inc) Hidden
LG TouchPad Tile for Windows Mobility Center (HKLM\...\LGTouchPadTile) (Version:  - LG Electronics Inc.)
LG Webcam (HKLM\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.41000.3 - Sonix)
Media Player Codec Pack 4.2.2 (HKLM\...\Media Player - Codec Pack) (Version: 4.2.2 - Media Player Codec Pack)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ Run Time  Lib Setup (HKLM\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Mobile Partner (HKLM\...\Mobile Partner) (Version: 11.302.09.04.382 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 33.0 (x86 de) (HKLM\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NetSpeedMonitor 2.5.4.0 x86 (HKLM\...\{86501894-E722-4385-A792-B7C2F28FAE7B}) (Version: 2.5.4.0 - Florian Gilles)
ocr (Version: 6.2.3.50 - Eastman Kodak Company) Hidden
OpenOffice.org 3.4.1 (HKLM\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
partypoker (HKLM\...\PartyPoker) (Version:  - PartyGaming)
PDF24 Creator 6.7.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.1 - Frank Heindörfer, Philip Chinery)
Poker at bet365 (HKCU\...\bet365poker) (Version:  - )
PokerRanger  (HKLM\...\PokerRanger) (Version:  - Michael A. Voelkel)
PokerStars.eu (HKLM\...\PokerStars.eu) (Version:  - PokerStars.eu)
PokerStars.fr (HKLM\...\PokerStars.fr) (Version:  - PokerStars.fr)
PokerStrategy.com Equilab - Omaha (HKLM\...\{38B746B5-44EE-4FFA-B987-581B5CF4A097}) (Version: 1.1.4.0 - PokerStrategy.com)
PokerStrategy.com Equilab (HKLM\...\{86D09F48-CDAB-4B4C-8806-F6C16F17935A}) (Version: 1.2.8.0 - PokerStrategy.com)
PokerStrategy.com SideKick (HKCU\...\5e9f0bf649a2dbca) (Version: 2.0.1217.2 - PokerStrategy.com)
PostgreSQL 8.4 (HKLM\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
PowerXpressHybrid (Version: 1.00.0000 - ATI) Hidden
PreReq (Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
PX Profile Update (Version: 1.00.1. - AMD) Hidden
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.55.01 - )
Skins (Version: 2008.0724.2347.40767 - ATI) Hidden
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SopCast 3.5.0 (HKLM\...\SopCast) (Version: 3.5.0 - www.sopcast.com)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
Sun ODF Plugin for Microsoft Office 3.2 (HKLM\...\{BD136CE7-6666-4273-A056-8D92F8625AAB}) (Version: 3.2.9483 - Sun Microsystems)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.1.8.0 - Synaptics)
TableScan Turbo v1.0.11 (HKLM\...\{0B82D6C6-9ECC-4710-97AB-5CE482E72852}_is1) (Version:  - Zandry, LLC)
TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.22298 - TeamViewer)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Vista Codec Package (HKLM\...\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}) (Version: 6.4.3 - Shark007)
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
William Hill Poker (HKCU\...\William Hill Poker) (Version:  - )
Wondershare Dr.Fone für iOS(Build 4.6.0.29) (HKLM\...\{A26F8BBD-EC10-4bdc-8AD8-F146825A8A63}_is1) (Version: 4.6.0.29 - Wondershare Software Co.,Ltd.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2386538302-2959011679-2223950070-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Phillip\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2386538302-2959011679-2223950070-1000_Classes\CLSID\{0F130AC8-CDF1-4DAA-AA9B-7B4083F49EA4}\InprocServer32 -> C:\Poker\Betfair.com Poker\widgetbar\PtContainerUI.dll (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-2386538302-2959011679-2223950070-1000_Classes\CLSID\{492042A2-4432-44A1-9A39-85B2D3C0119E}\InprocServer32 -> C:\Poker\Betfair.com Poker\widgetbar\PtContainerUI.dll (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-2386538302-2959011679-2223950070-1000_Classes\CLSID\{876FA801-2B5E-4201-9E6B-2EF2C05A5C6B}\InprocServer32 -> C:\Poker\Betfair.com Poker\widgetbar\WidgetbarAPI.dll (Playtech)
CustomCLSID: HKU\S-1-5-21-2386538302-2959011679-2223950070-1000_Classes\CLSID\{89425F5E-A2BD-44CD-9E4F-F1498522F0E5}\InprocServer32 -> C:\Poker\Betfair.com Poker\widgetbar\WidgetbarManagerUI.dll (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-2386538302-2959011679-2223950070-1000_Classes\CLSID\{9642D229-6B2E-49FD-B6BB-43B37BD97B6B}\localserver32 -> C:\Poker\Betfair.com Poker\widgetbar\PTContainerOle.exe (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-2386538302-2959011679-2223950070-1000_Classes\CLSID\{F6F8856F-374D-4397-BB1C-80AB57E60529}\InprocServer32 -> C:\Poker\Betfair.com Poker\widgetbar\WidgetbarAPI.dll (Playtech)
CustomCLSID: HKU\S-1-5-21-2386538302-2959011679-2223950070-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Phillip\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2386538302-2959011679-2223950070-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Phillip\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2386538302-2959011679-2223950070-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Phillip\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2386538302-2959011679-2223950070-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Phillip\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2386538302-2959011679-2223950070-1007_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\postgres.11RP11\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-2386538302-2959011679-2223950070-1007_Classes\CLSID\{0F130AC8-CDF1-4DAA-AA9B-7B4083F49EA4}\InprocServer32 -> C:\Poker\Titan Poker\widgetbar\PtContainerUI.dll No File
CustomCLSID: HKU\S-1-5-21-2386538302-2959011679-2223950070-1007_Classes\CLSID\{492042A2-4432-44A1-9A39-85B2D3C0119E}\InprocServer32 -> C:\Poker\Titan Poker\widgetbar\PtContainerUI.dll No File
CustomCLSID: HKU\S-1-5-21-2386538302-2959011679-2223950070-1007_Classes\CLSID\{876FA801-2B5E-4201-9E6B-2EF2C05A5C6B}\InprocServer32 -> C:\Poker\Titan Poker\widgetbar\WidgetbarAPI.dll No File
CustomCLSID: HKU\S-1-5-21-2386538302-2959011679-2223950070-1007_Classes\CLSID\{89425F5E-A2BD-44CD-9E4F-F1498522F0E5}\InprocServer32 -> C:\Poker\Titan Poker\widgetbar\WidgetbarManagerUI.dll No File
CustomCLSID: HKU\S-1-5-21-2386538302-2959011679-2223950070-1007_Classes\CLSID\{9642D229-6B2E-49FD-B6BB-43B37BD97B6B}\localserver32 -> "C:\Poker\Titan Poker\widgetbar\PTContainerOle.exe" No File
CustomCLSID: HKU\S-1-5-21-2386538302-2959011679-2223950070-1007_Classes\CLSID\{F6F8856F-374D-4397-BB1C-80AB57E60529}\InprocServer32 -> C:\Poker\Titan Poker\widgetbar\WidgetbarAPI.dll No File
CustomCLSID: HKU\S-1-5-21-2386538302-2959011679-2223950070-1007_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\postgres.11RP11\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll No File
CustomCLSID: HKU\S-1-5-21-2386538302-2959011679-2223950070-1007_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\postgres.11RP11\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll No File
CustomCLSID: HKU\S-1-5-21-2386538302-2959011679-2223950070-1007_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\postgres.11RP11\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll No File
CustomCLSID: HKU\S-1-5-21-2386538302-2959011679-2223950070-1007_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\postgres.11RP11\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll No File

==================== Restore Points  =========================

04-10-2014 21:14:25 Windows Update
05-10-2014 20:45:07 Windows Update
07-10-2014 06:09:19 Windows Update
08-10-2014 17:09:40 Windows Update
09-10-2014 17:32:39 Windows Update
10-10-2014 09:43:13 Windows Update
12-10-2014 19:32:50 Windows Update
13-10-2014 08:46:39 Windows Update
14-10-2014 07:56:35 Windows Update
14-10-2014 16:51:05 Windows Update
15-10-2014 13:39:33 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1404ADD9-F9AB-4906-A809-EBB4452DEAA0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-25] (Google Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {259D57CF-929C-4A59-AB24-28BFBBC1DFA5} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {35913868-F007-4AF5-A3B4-F9E31E85FA0D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {70E48828-A9A6-466D-B106-2A026A4895C0} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {AB8176F3-D715-4B43-8F81-B499C340B52A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-25] (Google Inc.)
Task: {CAC3A15F-B4AB-48E8-AE36-AC54C21D27E1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2008-10-08 20:48 - 2007-10-03 06:53 - 00094208 ____R () C:\Program Files\ATK Hotkey\ASLDRSrv.exe
2012-10-31 20:43 - 2010-06-17 22:56 - 00116224 _____ () C:\Windows\System32\redmonnt.dll
2014-07-03 13:20 - 2014-07-03 13:20 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 13:19 - 2014-07-03 13:19 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-05-08 13:48 - 2010-05-08 13:48 - 00229376 _____ () C:\ProgramData\DatacardService\DCService.exe
2012-08-26 14:59 - 2012-08-16 12:25 - 00172032 _____ () C:\Program Files\PostgreSQL\8.4\bin\LIBPQ.dll
2012-08-26 15:03 - 2012-08-14 15:19 - 00999424 _____ () C:\Program Files\PostgreSQL\8.4\bin\libxml2.dll
2008-10-08 20:39 - 2008-07-25 09:09 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2013-09-02 11:16 - 2013-09-02 11:16 - 00043520 _____ () C:\Windows\system32\CmdLineExt03.dll
2008-10-08 20:48 - 2004-05-28 03:13 - 00057344 ____R () C:\Program Files\ATK Hotkey\CMSSC.dll
2008-10-08 20:48 - 2008-07-16 20:06 - 00086016 _____ () C:\Program Files\ATK Hotkey\PegaVol.dll
2008-10-08 20:48 - 2007-11-05 04:48 - 00106496 ____R () C:\Program Files\ATK Hotkey\MsgTranAgt.exe
2008-10-08 20:48 - 2008-07-03 11:29 - 00098304 ____R () C:\Program Files\ATK Hotkey\HControlUser.exe
2008-10-08 20:48 - 2007-11-13 00:41 - 00106496 ____R () C:\Program Files\ATK Hotkey\MsgTran.dll
2008-10-08 20:48 - 2008-06-06 00:40 - 00102400 ____R () C:\Program Files\ATK Hotkey\LOSD.exe
2008-10-08 20:48 - 2008-05-10 03:55 - 02555904 ____R () C:\Program Files\ATK Hotkey\ATKOSD.exe
2008-10-08 20:48 - 2008-01-23 19:51 - 00151552 ____R () C:\Program Files\ATK Hotkey\WDC.exe
2014-10-15 14:50 - 2014-10-15 14:50 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.exe.lnk => C:\Windows\pss\Adobe Gamma Loader.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Phillip^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Phillip^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: DAEMON Tools => "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
MSCONFIG\startupreg: EKIJ5000StatusMonitor => C:\Windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
MSCONFIG\startupreg: EKStatusMonitor => C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
MSCONFIG\startupreg: FileHippo.com => "C:\Program Files\FileHippo.com\UpdateChecker.exe" /background
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LG Intelligent Update => "C:\Program Files\lg_swupdate\giljabistart.exe" Gilautouc
MSCONFIG\startupreg: LG Magnifier => %ProgramFiles%\LG Software\LG Magnifier\MagnifyingGlass.exe
MSCONFIG\startupreg: LGSR => "%ProgramFiles%\LG Software\LG Smart Recovery\MUITransfer\MUIStartMenu.exe" "%ProgramFiles%\LG Software\LG Smart Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: UCam_Menu => "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" update "Software\CyberLink\YouCam\1.0"

========================= Accounts: ==========================

Administrator (S-1-5-21-2386538302-2959011679-2223950070-500 - Administrator - Disabled)
Gast (S-1-5-21-2386538302-2959011679-2223950070-501 - Limited - Disabled)
Phillip (S-1-5-21-2386538302-2959011679-2223950070-1000 - Administrator - Enabled) => C:\Users\Phillip
postgres (S-1-5-21-2386538302-2959011679-2223950070-1007 - Limited - Enabled) => C:\Users\postgres.11RP11

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/15/2014 05:45:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2014 05:42:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Fehlerhafte Anwendung SynTPEnh.exe, Version 10.1.8.0, Zeitstempel 0x47589ff7, fehlerhaftes Modul SynTPEnh.exe, Version 10.1.8.0, Zeitstempel 0x47589ff7, Ausnahmecode 0xc0000409, Fehleroffset 0x0002975c,
Prozess-ID 0xf0c, Anwendungsstartzeit SynTPEnh.exe0.

Error: (10/15/2014 02:35:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/14/2014 07:27:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/14/2014 03:57:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/14/2014 03:44:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/14/2014 09:53:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/13/2014 04:43:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/13/2014 00:35:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/13/2014 10:43:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (10/15/2014 05:58:33 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (10/15/2014 05:45:50 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000vpnagent

Error: (10/15/2014 02:51:17 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (10/15/2014 02:42:47 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Windows Update

Error: (10/15/2014 02:39:18 PM) (Source: PlugPlayManager) (EventID: 12) (User: )
Description: Das Gerät "HL-DT-ST DVDRAM GSA-T50N" (IDE\CdRomHL-DT-ST_DVDRAM_GSA-T50N________________RR07____\4&2d86b49&0&0.1.0) wurde ohne vorbereitende Maßnahmen vom System entfernt.

Error: (10/15/2014 02:35:35 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000vpnagent

Error: (10/14/2014 07:33:00 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (10/14/2014 06:52:43 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Der Transaktionsressourcen-Manager auf Volume "\Device\HarddiskVolumeShadowCopy14" konnte aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten.

Error: (10/14/2014 03:59:34 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032

Error: (10/14/2014 03:44:32 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT-AUTORITÄT)
Description: 0x80070032


Microsoft Office Sessions:
=========================
Error: (10/15/2014 05:45:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/15/2014 05:42:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SynTPEnh.exe10.1.8.047589ff7SynTPEnh.exe10.1.8.047589ff7c00004090002975cf0c01cfe8745f6d0c8c

Error: (10/15/2014 02:35:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/14/2014 07:27:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/14/2014 03:57:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/14/2014 03:44:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/14/2014 09:53:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/13/2014 04:43:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/13/2014 00:35:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/13/2014 10:43:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz
Percentage of memory in use: 50%
Total physical RAM: 3070.22 MB
Available physical RAM: 1528.09 MB
Total Pagefile: 8974.47 MB
Available Pagefile: 6067.9 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.91 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:150 GB) (Free:10.7 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:139.59 GB) (Free:22.18 GB) NTFS
Drive f: (MANAGER12) (CDROM) (Total:6.87 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 0E790E78)
Partition 1: (Not Active) - (Size=1.5 GB) - (Type=12)
Partition 2: (Active) - (Size=150 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=139.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=7 GB) - (Type=12)

==================== End Of Log ============================
         

GMER:
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-10-15 18:43:20
Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 FUJITSU_ rev.0000 298,09GB
Running: bgxczuhg.exe; Driver: C:\Users\Phillip\AppData\Local\Temp\pwldqpoc.sys


---- System - GMER 2.1 ----

SSDT            8D681D5E                                                                                                             ZwCreateSection
SSDT            8D681D68                                                                                                             ZwRequestWaitReplyPort
SSDT            8D681D63                                                                                                             ZwSetContextThread
SSDT            8D681D6D                                                                                                             ZwSetSecurityObject
SSDT            8D681D72                                                                                                             ZwSystemDebugControl
SSDT            8D681CFF                                                                                                             ZwTerminateProcess

---- Kernel code sections - GMER 2.1 ----

.text           ntkrnlpa.exe!KeSetEvent + 215                                                                                        830FC860 4 Bytes  [5E, 1D, 68, 8D]
.text           ntkrnlpa.exe!KeSetEvent + 539                                                                                        830FCB84 4 Bytes  [68, 1D, 68, 8D]
.text           ntkrnlpa.exe!KeSetEvent + 56D                                                                                        830FCBB8 4 Bytes  [63, 1D, 68, 8D]
.text           ntkrnlpa.exe!KeSetEvent + 5D1                                                                                        830FCC1C 4 Bytes  [6D, 1D, 68, 8D]
.text           ntkrnlpa.exe!KeSetEvent + 619                                                                                        830FCC64 4 Bytes  [72, 1D, 68, 8D]
.text           ...                                                                                                                  
.text           C:\Windows\system32\DRIVERS\atikmdag.sys                                                                             section is writeable [0x8FC0D000, 0x20F676, 0xE8000020]

---- Devices - GMER 2.1 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                                              Wdf01000.sys
AttachedDevice  \Driver\kbdclass \Device\KeyboardClass1                                                                              Wdf01000.sys

---- Registry - GMER 2.1 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0015affd3028                                          
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4                                     
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                  C:\Program Files\DAEMON Tools\
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                  0
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                               0x96 0x6F 0x7A 0x9C ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001                            
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0                         0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh                      0xB2 0xE5 0xA1 0xA4 ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40                      
Reg             HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh                0x46 0x83 0x0C 0x7F ...
Reg             HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\0015affd3028 (not active ControlSet)                      
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)                 
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0                                      C:\Program Files\DAEMON Tools\
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0                                      0
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh                                   0x96 0x6F 0x7A 0x9C ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)        
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0                             0x20 0x01 0x00 0x00 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh                          0xB2 0xE5 0xA1 0xA4 ...
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)  
Reg             HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh                    0x46 0x83 0x0C 0x7F ...

---- Disk sectors - GMER 2.1 ----

Disk            \Device\Harddisk0\DR0                                                                                                unknown MBR code

---- EOF - GMER 2.1 ----
         


Ich hoffe, ich habe nichts vergessen und verbleibe mit den besten Grüßen.

Alt 15.10.2014, 18:59   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Videos ruckeln besonders in Firefox - Standard

Videos ruckeln besonders in Firefox



hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 15.10.2014, 20:35   #3
Ahnungslos11
 
Videos ruckeln besonders in Firefox - Standard

Videos ruckeln besonders in Firefox



Zitat:
Zitat von schrauber Beitrag anzeigen
hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
Danke für die überaus schnellen Antworten!

Hier das Logfile:

Code:
ATTFilter
20:29:30.0342 0x1ebc  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
20:29:44.0930 0x1ebc  ============================================================
20:29:44.0931 0x1ebc  Current date / time: 2014/10/15 20:29:44.0930
20:29:44.0931 0x1ebc  SystemInfo:
20:29:44.0931 0x1ebc  
20:29:44.0931 0x1ebc  OS Version: 6.0.6002 ServicePack: 2.0
20:29:44.0931 0x1ebc  Product type: Workstation
20:29:44.0931 0x1ebc  ComputerName: 11RP11
20:29:44.0932 0x1ebc  UserName: Phillip
20:29:44.0932 0x1ebc  Windows directory: C:\Windows
20:29:44.0932 0x1ebc  System windows directory: C:\Windows
20:29:44.0932 0x1ebc  Processor architecture: Intel x86
20:29:44.0932 0x1ebc  Number of processors: 2
20:29:44.0932 0x1ebc  Page size: 0x1000
20:29:44.0932 0x1ebc  Boot type: Normal boot
20:29:44.0932 0x1ebc  ============================================================
20:29:46.0099 0x1ebc  KLMD registered as C:\Windows\system32\drivers\07251310.sys
20:29:46.0756 0x1ebc  System UUID: {0DCCF934-174C-D172-A511-04E5A5B1A3B8}
20:29:49.0786 0x1ebc  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:29:49.0876 0x1ebc  ============================================================
20:29:49.0876 0x1ebc  \Device\Harddisk0\DR0:
20:29:49.0888 0x1ebc  MBR partitions:
20:29:49.0888 0x1ebc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2FCD03, BlocksNum 0x12BFFABF
20:29:49.0888 0x1ebc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12EFC800, BlocksNum 0x11730800
20:29:49.0888 0x1ebc  ============================================================
20:29:49.0994 0x1ebc  C: <-> \Device\Harddisk0\DR0\Partition1
20:29:50.0160 0x1ebc  D: <-> \Device\Harddisk0\DR0\Partition2
20:29:50.0280 0x1ebc  ============================================================
20:29:50.0280 0x1ebc  Initialize success
20:29:50.0281 0x1ebc  ============================================================
20:30:41.0447 0x18dc  ============================================================
20:30:41.0447 0x18dc  Scan started
20:30:41.0447 0x18dc  Mode: Manual; SigCheck; TDLFS; 
20:30:41.0447 0x18dc  ============================================================
20:30:41.0447 0x18dc  KSN ping started
20:30:41.0644 0x18dc  KSN ping finished: true
20:30:48.0561 0x18dc  ================ Scan system memory ========================
20:30:48.0561 0x18dc  System memory - ok
20:30:48.0569 0x18dc  ================ Scan services =============================
20:30:48.0937 0x18dc  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
20:30:50.0012 0x18dc  ACPI - ok
20:30:50.0148 0x18dc  [ D2523D28674B03976AFC1AB6EF712F27, 2E7619535A54B4CC296BD67A678A31A6E2AADEE6848957F1467AA3EE2D129F00 ] acsint          C:\Windows\system32\DRIVERS\acsint.sys
20:30:50.0336 0x18dc  acsint - ok
20:30:50.0383 0x18dc  [ 9A7D29DAE24A01DCD33D8F563559B3AB, 0EB90904B708F89D9641044B62D2A6635282EB1463C60143FA3E27AC180B2CB6 ] acsmux          C:\Windows\system32\DRIVERS\acsmux.sys
20:30:50.0453 0x18dc  acsmux - ok
20:30:50.0659 0x18dc  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:30:50.0761 0x18dc  AdobeARMservice - ok
20:30:50.0879 0x18dc  [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:30:51.0086 0x18dc  AdobeFlashPlayerUpdateSvc - ok
20:30:51.0224 0x18dc  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:30:51.0397 0x18dc  adp94xx - ok
20:30:51.0493 0x18dc  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:30:51.0634 0x18dc  adpahci - ok
20:30:51.0679 0x18dc  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
20:30:51.0773 0x18dc  adpu160m - ok
20:30:51.0834 0x18dc  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:30:51.0931 0x18dc  adpu320 - ok
20:30:52.0037 0x18dc  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:30:53.0294 0x18dc  AeLookupSvc - ok
20:30:53.0403 0x18dc  [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD             C:\Windows\system32\drivers\afd.sys
20:30:53.0699 0x18dc  AFD - ok
20:30:53.0831 0x18dc  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:30:53.0930 0x18dc  agp440 - ok
20:30:54.0163 0x18dc  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
20:30:54.0267 0x18dc  aic78xx - ok
20:30:54.0318 0x18dc  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
20:30:54.0717 0x18dc  ALG - ok
20:30:54.0769 0x18dc  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys
20:30:54.0825 0x18dc  aliide - ok
20:30:54.0890 0x18dc  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
20:30:54.0982 0x18dc  amdagp - ok
20:30:55.0033 0x18dc  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys
20:30:55.0099 0x18dc  amdide - ok
20:30:55.0133 0x18dc  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
20:30:55.0293 0x18dc  AmdK7 - ok
20:30:55.0331 0x18dc  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:30:55.0508 0x18dc  AmdK8 - ok
20:30:56.0093 0x18dc  [ 0FAE24959235BBD1F0E1549701D5548D, E5FA4239FE529FE603D30EF5300AA194C237E5BA7265868630A25E0DBFE2DC03 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
20:31:00.0543 0x18dc  amdkmdag - ok
20:31:00.0908 0x18dc  [ 2E6F9F805A11446628237AD203928E4B, F344506FFBED9E8BBA6902DF54818CEA24005E315E221F795D8FE7ACF4BE6C22 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
20:31:01.0022 0x18dc  amdkmdap - ok
20:31:01.0220 0x18dc  [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
20:31:01.0419 0x18dc  AntiVirSchedulerService - ok
20:31:01.0539 0x18dc  [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
20:31:01.0631 0x18dc  AntiVirService - ok
20:31:01.0779 0x18dc  [ D62CB48F2FA06D7A243928F2D09470D7, 650618F397C2C20C4C00B3BC2A3A1DABBFB20818B365CEDBA7D04353F97FE001 ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
20:31:02.0038 0x18dc  AntiVirWebService - ok
20:31:02.0180 0x18dc  [ 8F7D200717A58E9800D391F4C2101577, F07CF0F5636F46D8F3D5133284943E991E8739E5A644BCA5F18BB896B374620D ] Appinfo         C:\Windows\System32\appinfo.dll
20:31:02.0323 0x18dc  Appinfo - ok
20:31:02.0538 0x18dc  [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:31:02.0631 0x18dc  Apple Mobile Device - ok
20:31:02.0678 0x18dc  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
20:31:02.0762 0x18dc  arc - ok
20:31:02.0840 0x18dc  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:31:02.0918 0x18dc  arcsas - ok
20:31:02.0976 0x18dc  [ 5A055A4777CBBC8845DD598CB2EEBF69, AF58FF2D58DA807869531A645ED4AD078FC411554EE18366949D27FF0C28829D ] ASLDRService    C:\Program Files\ATK Hotkey\ASLDRSrv.exe
20:31:03.0047 0x18dc  ASLDRService - detected UnsignedFile.Multi.Generic ( 1 )
20:31:03.0145 0x18dc  Detect skipped due to KSN trusted
20:31:03.0145 0x18dc  ASLDRService - ok
20:31:03.0308 0x18dc  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:31:03.0790 0x18dc  aspnet_state - ok
20:31:03.0841 0x18dc  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:31:03.0987 0x18dc  AsyncMac - ok
20:31:04.0045 0x18dc  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
20:31:04.0117 0x18dc  atapi - ok
20:31:04.0576 0x18dc  [ 0FAE24959235BBD1F0E1549701D5548D, E5FA4239FE529FE603D30EF5300AA194C237E5BA7265868630A25E0DBFE2DC03 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
20:31:05.0142 0x18dc  atikmdag - ok
20:31:05.0268 0x18dc  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:31:05.0486 0x18dc  AudioEndpointBuilder - ok
20:31:05.0586 0x18dc  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:31:05.0681 0x18dc  Audiosrv - ok
20:31:05.0769 0x18dc  [ F581D2F3E30C1CA7206D660FB7689F98, 53647E017AE58788922F72285DD63E8CD2F9E922B31F7C6711E547BC6B360154 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
20:31:05.0851 0x18dc  avgntflt - ok
20:31:05.0966 0x18dc  [ A2EE407D6D3757A2FFD5095DD16AE1F2, BBFCC5DC116D6A3AF85591955541528DB0CB1FE81D353F717BE7CAD3F7F446F4 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
20:31:06.0074 0x18dc  avipbb - ok
20:31:06.0193 0x18dc  [ 485B85B3FF68FB7454984CB92A0532D9, 287F6C6ADF3D96C8AC1BD1FFAD82563DA72A26CF0DECDEA7E987A020EBE06552 ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
20:31:06.0259 0x18dc  Avira.OE.ServiceHost - ok
20:31:06.0352 0x18dc  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
20:31:06.0437 0x18dc  avkmgr - ok
20:31:06.0526 0x18dc  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:31:06.0641 0x18dc  Beep - ok
20:31:06.0756 0x18dc  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
20:31:07.0076 0x18dc  BFE - ok
20:31:07.0217 0x18dc  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
20:31:08.0535 0x18dc  BITS - ok
20:31:08.0629 0x18dc  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
20:31:08.0817 0x18dc  blbdrive - ok
20:31:08.0927 0x18dc  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:31:09.0052 0x18dc  Bonjour Service - ok
20:31:09.0125 0x18dc  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:31:09.0271 0x18dc  bowser - ok
20:31:09.0337 0x18dc  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
20:31:09.0436 0x18dc  BrFiltLo - ok
20:31:09.0474 0x18dc  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
20:31:09.0595 0x18dc  BrFiltUp - ok
20:31:09.0640 0x18dc  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
20:31:09.0802 0x18dc  Browser - ok
20:31:09.0852 0x18dc  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
20:31:10.0439 0x18dc  Brserid - ok
20:31:10.0504 0x18dc  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
20:31:10.0733 0x18dc  BrSerWdm - ok
20:31:10.0774 0x18dc  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
20:31:11.0302 0x18dc  BrUsbMdm - ok
20:31:11.0347 0x18dc  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
20:31:11.0543 0x18dc  BrUsbSer - ok
20:31:11.0608 0x18dc  [ CCE53AFC28347CC18EA139972E5B5E5A, 647086790A27DBD4D8D874F5DA46B3B634474A09C4D0271C29CABA0A236CB35E ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
20:31:11.0758 0x18dc  BthEnum - ok
20:31:11.0818 0x18dc  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:31:12.0011 0x18dc  BTHMODEM - ok
20:31:12.0048 0x18dc  [ 5904EFA25F829BF84EA6FB045134A1D8, 66E4160CC404744576BA6E9DD606B533F42B3D4A3E2FDD457DAA016CC72A81CC ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
20:31:12.0197 0x18dc  BthPan - ok
20:31:12.0290 0x18dc  [ AC8A1689D5EFC4D214201155A78D8F4B, B11ADCFD40D02DC764F71BC9EC62A548953A91E6D5BACF06982D43CB97C728C8 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
20:31:12.0514 0x18dc  BTHPORT - ok
20:31:12.0568 0x18dc  [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ         C:\Windows\System32\bthserv.dll
20:31:13.0024 0x18dc  BthServ - ok
20:31:13.0128 0x18dc  [ 288C1F74E3E2EED6C7B54EB3AAC70856, ADC723A0786878FAEDEF7946F9279755D90C679A60BB13396D3AFAC0E121EEBF ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
20:31:13.0242 0x18dc  BTHUSB - ok
20:31:13.0314 0x18dc  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:31:13.0480 0x18dc  cdfs - ok
20:31:13.0557 0x18dc  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:31:13.0702 0x18dc  cdrom - ok
20:31:13.0770 0x18dc  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
20:31:13.0915 0x18dc  CertPropSvc - ok
20:31:13.0955 0x18dc  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
20:31:14.0112 0x18dc  circlass - ok
20:31:14.0228 0x18dc  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
20:31:14.0746 0x18dc  CLFS - ok
20:31:14.0880 0x18dc  [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:31:15.0039 0x18dc  clr_optimization_v2.0.50727_32 - ok
20:31:15.0128 0x18dc  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:31:15.0346 0x18dc  clr_optimization_v4.0.30319_32 - ok
20:31:15.0447 0x18dc  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:31:15.0569 0x18dc  CmBatt - ok
20:31:15.0608 0x18dc  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:31:15.0692 0x18dc  cmdide - ok
20:31:15.0751 0x18dc  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:31:15.0824 0x18dc  Compbatt - ok
20:31:15.0842 0x18dc  COMSysApp - ok
20:31:15.0882 0x18dc  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:31:15.0943 0x18dc  crcdisk - ok
20:31:16.0004 0x18dc  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
20:31:16.0171 0x18dc  Crusoe - ok
20:31:16.0290 0x18dc  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:31:16.0515 0x18dc  CryptSvc - ok
20:31:16.0677 0x18dc  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:31:17.0416 0x18dc  DcomLaunch - ok
20:31:17.0586 0x18dc  [ CC8B5C964B777F4EC3E89F13B4B5FF0F, 75E161265CCFFCB61FCE855C9790E2E06531E6B1C3DCCB1E3018466D03AD3919 ] DCService.exe   C:\ProgramData\DatacardService\DCService.exe
20:31:17.0683 0x18dc  DCService.exe - detected UnsignedFile.Multi.Generic ( 1 )
20:31:18.0011 0x18dc  Detect skipped due to KSN trusted
20:31:18.0011 0x18dc  DCService.exe - ok
20:31:18.0077 0x18dc  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:31:18.0246 0x18dc  DfsC - ok
20:31:18.0715 0x18dc  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
20:31:20.0923 0x18dc  DFSR - ok
20:31:21.0045 0x18dc  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
20:31:21.0179 0x18dc  Dhcp - ok
20:31:21.0248 0x18dc  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
20:31:21.0329 0x18dc  disk - ok
20:31:21.0441 0x18dc  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:31:21.0728 0x18dc  Dnscache - ok
20:31:21.0883 0x18dc  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
20:31:22.0056 0x18dc  dot3svc - ok
20:31:22.0151 0x18dc  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
20:31:22.0518 0x18dc  DPS - ok
20:31:22.0611 0x18dc  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:31:22.0830 0x18dc  drmkaud - ok
20:31:22.0963 0x18dc  [ 5C2C209CDEFBC51D83D66E8A53B2BE89, 7AE68672A6BEEF601017BE28AA0BF3673318EFE97AA08E70F58A9391C54DF71F ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:31:23.0338 0x18dc  DXGKrnl - ok
20:31:23.0419 0x18dc  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
20:31:23.0611 0x18dc  E1G60 - ok
20:31:23.0675 0x18dc  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
20:31:23.0801 0x18dc  EapHost - ok
20:31:23.0891 0x18dc  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
20:31:23.0999 0x18dc  Ecache - ok
20:31:24.0096 0x18dc  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:31:24.0321 0x18dc  ehRecvr - ok
20:31:24.0364 0x18dc  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
20:31:24.0520 0x18dc  ehSched - ok
20:31:24.0562 0x18dc  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
20:31:24.0637 0x18dc  ehstart - ok
20:31:24.0721 0x18dc  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:31:24.0850 0x18dc  elxstor - ok
20:31:24.0987 0x18dc  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
20:31:25.0234 0x18dc  EMDMgmt - ok
20:31:25.0320 0x18dc  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:31:25.0436 0x18dc  ErrDev - ok
20:31:25.0569 0x18dc  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
20:31:25.0732 0x18dc  EventSystem - ok
20:31:25.0778 0x18dc  [ 921878114F48949CFAE9ABE6FC4C4CC3, 9A4C4A8BE692E250F46DFB34A0B08D22CE79AFDF3080CF2F356EDC089029AB04 ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
20:31:25.0936 0x18dc  ewusbnet - ok
20:31:26.0030 0x18dc  [ E98A64C7F106740A38FB2B78197816F8, 704C86807CA6EC641125A1C7566318B46DEEA63573F15A424A4151999DB1E0E8 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
20:31:26.0185 0x18dc  ew_hwusbdev - ok
20:31:26.0261 0x18dc  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:31:26.0518 0x18dc  exfat - ok
20:31:26.0589 0x18dc  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:31:26.0750 0x18dc  fastfat - ok
20:31:26.0838 0x18dc  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:31:27.0049 0x18dc  fdc - ok
20:31:27.0091 0x18dc  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
20:31:27.0275 0x18dc  fdPHost - ok
20:31:27.0288 0x18dc  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:31:27.0929 0x18dc  FDResPub - ok
20:31:28.0548 0x18dc  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:31:29.0150 0x18dc  FileInfo - ok
20:31:29.0199 0x18dc  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:31:29.0330 0x18dc  Filetrace - ok
20:31:29.0408 0x18dc  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:31:30.0102 0x18dc  flpydisk - ok
20:31:30.0205 0x18dc  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:31:30.0347 0x18dc  FltMgr - ok
20:31:30.0552 0x18dc  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
20:31:31.0398 0x18dc  FontCache - ok
20:31:31.0484 0x18dc  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:31:31.0633 0x18dc  FontCache3.0.0.0 - ok
20:31:31.0699 0x18dc  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:31:31.0857 0x18dc  Fs_Rec - ok
20:31:31.0950 0x18dc  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:31:32.0042 0x18dc  gagp30kx - ok
20:31:32.0199 0x18dc  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:31:32.0558 0x18dc  GEARAspiWDM - ok
20:31:32.0646 0x18dc  [ 77EBF3E9386DAA51551AF429052D88D0, 94C3294BB9E14B07448734AE65B37801D3FF15BEC987D182A929A017FEF7B276 ] giveio          C:\Windows\system32\giveio.sys
20:31:32.0770 0x18dc  giveio - detected UnsignedFile.Multi.Generic ( 1 )
20:31:33.0080 0x18dc  Detect skipped due to KSN trusted
20:31:33.0080 0x18dc  giveio - ok
20:31:33.0203 0x18dc  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
20:31:33.0662 0x18dc  gpsvc - ok
20:31:33.0796 0x18dc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:31:33.0844 0x18dc  gupdate - ok
20:31:33.0896 0x18dc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:31:33.0935 0x18dc  gupdatem - ok
20:31:34.0086 0x18dc  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:31:34.0237 0x18dc  HdAudAddService - ok
20:31:34.0353 0x18dc  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:31:34.0589 0x18dc  HDAudBus - ok
20:31:34.0655 0x18dc  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:31:35.0376 0x18dc  HidBth - ok
20:31:35.0452 0x18dc  [ D8DF3722D5E961BAA1292AA2F12827E2, 799E194B36BA08D59500A2C45ADD2FB69C7698F3F7F837CC7CFB266D57830BD6 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
20:31:35.0606 0x18dc  HidIr - ok
20:31:35.0653 0x18dc  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
20:31:35.0746 0x18dc  hidserv - ok
20:31:35.0805 0x18dc  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:31:35.0872 0x18dc  HidUsb - ok
20:31:35.0924 0x18dc  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:31:36.0171 0x18dc  hkmsvc - ok
20:31:36.0317 0x18dc  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
20:31:36.0425 0x18dc  HpCISSs - ok
20:31:36.0509 0x18dc  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:31:37.0371 0x18dc  HTTP - ok
20:31:37.0426 0x18dc  [ 22A4B14530194FC57C1C849FB5AFEE17, FCE7B5E3FF9DD3B465D77EC16E46F0AEF5C4CECE0A8F8CCC928183FC8ACB4B13 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
20:31:37.0584 0x18dc  huawei_enumerator - ok
20:31:37.0686 0x18dc  [ 0B3957226EC94B1ECB7B9348BB535A23, 5EAB9E01DE61D463FD1CD425C5A9ADD3DED53744291E72D5E70077000DF05374 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
20:31:37.0869 0x18dc  hwdatacard - ok
20:31:37.0932 0x18dc  [ 4745A8B2BE115B054F31A86B0E64BB01, 58A44A1F10FB40BC578BCA2A1C9186B9AA0F22667A2C027619EE678BB90054AA ] HWiNFO32        C:\Windows\system32\drivers\HWiNFO32.SYS
20:31:37.0994 0x18dc  HWiNFO32 - ok
20:31:38.0085 0x18dc  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
20:31:38.0204 0x18dc  i2omp - ok
20:31:38.0295 0x18dc  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:31:38.0437 0x18dc  i8042prt - ok
20:31:38.0655 0x18dc  [ 3E42C4691AAD4B1E8D0466F9CBF05CBE, 8F53A86B97A25CE92D6A3EB9720F86308252C5B7A4BC62218FF8788229B132B8 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
20:31:38.0802 0x18dc  IAANTMON - ok
20:31:38.0896 0x18dc  [ 707C1692214B1C290271067197F075F6, 7D0DB754604AABC4AA09AB8BA94326B1A1C2A76F3C2C2C7D6FA14F964BE68A51 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
20:31:38.0968 0x18dc  iaStor - ok
20:31:39.0060 0x18dc  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
20:31:39.0246 0x18dc  iaStorV - ok
20:31:39.0376 0x18dc  [ DD386C45D2B5863740166783448A2E7A, 10B912BA70306644BE73A53AF4DCDFF63880C4C5860FF6DBA92B0914EB566718 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:31:39.0749 0x18dc  idsvc - ok
20:31:39.0800 0x18dc  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:31:39.0870 0x18dc  iirsp - ok
20:31:39.0972 0x18dc  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
20:31:40.0250 0x18dc  IKEEXT - ok
20:31:40.0271 0x18dc  IntcAzAudAddService - ok
20:31:40.0360 0x18dc  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys
20:31:40.0439 0x18dc  intelide - ok
20:31:40.0753 0x18dc  [ 6FB1858D1F0923D122B0331865695041, 6DB129A3A7800CA64415B23C4E96453D89E4B06A6C3D51EBF6B6E13DCB64DDC5 ] intelkmd        C:\Windows\system32\DRIVERS\igdkmd32.sys
20:31:41.0671 0x18dc  intelkmd - ok
20:31:41.0788 0x18dc  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:31:41.0935 0x18dc  intelppm - ok
20:31:42.0018 0x18dc  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:31:42.0211 0x18dc  IPBusEnum - ok
20:31:42.0260 0x18dc  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:31:42.0423 0x18dc  IpFilterDriver - ok
20:31:42.0508 0x18dc  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:31:42.0722 0x18dc  iphlpsvc - ok
20:31:42.0743 0x18dc  IpInIp - ok
20:31:42.0773 0x18dc  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
20:31:42.0917 0x18dc  IPMIDRV - ok
20:31:42.0961 0x18dc  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
20:31:43.0233 0x18dc  IPNAT - ok
20:31:43.0350 0x18dc  [ 33813E4F82AEC696762EAD9EDADC9FE3, D0045D6782523B7B6FCFE4A6C864F081B522E409D9E5F031A7B8584910CEE3F5 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:31:43.0702 0x18dc  iPod Service - ok
20:31:43.0759 0x18dc  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:31:43.0905 0x18dc  IRENUM - ok
20:31:43.0975 0x18dc  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:31:44.0083 0x18dc  isapnp - ok
20:31:44.0170 0x18dc  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
20:31:44.0302 0x18dc  iScsiPrt - ok
20:31:44.0375 0x18dc  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
20:31:44.0450 0x18dc  iteatapi - ok
20:31:44.0543 0x18dc  [ 8BCD857C7932AD005D5F9C89329DA2E1, B2091CEA5D3D0D06E49D71E7D40E993D5653A0D8F5DC5CE5C9CEFB1242887E0D ] itecir          C:\Windows\system32\DRIVERS\itecir.sys
20:31:44.0734 0x18dc  itecir - ok
20:31:44.0789 0x18dc  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
20:31:44.0871 0x18dc  iteraid - ok
20:31:44.0949 0x18dc  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:31:45.0369 0x18dc  kbdclass - ok
20:31:45.0406 0x18dc  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:31:45.0558 0x18dc  kbdhid - ok
20:31:45.0650 0x18dc  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
20:31:45.0861 0x18dc  KeyIso - ok
20:31:46.0027 0x18dc  [ 775C6D5D60146D7DB08A01CB596D7EC6, 66D87041DD8E0CF8AFBC155AC709E9A647B765BBA56CDE07EA01468BDAD7C239 ] Kodak AiO Network Discovery Service C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
20:31:46.0499 0x18dc  Kodak AiO Network Discovery Service - ok
20:31:46.0649 0x18dc  [ 17AFF68AB32F8671BC46612D35351099, C782460B99EAAE84DDBEF5AEB628984984B4108A482F023CE62CE1D33A367FEB ] Kodak AiO Status Monitor Service C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
20:31:47.0438 0x18dc  Kodak AiO Status Monitor Service - ok
20:31:47.0579 0x18dc  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:31:47.0956 0x18dc  KSecDD - ok
20:31:48.0096 0x18dc  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:31:48.0369 0x18dc  KtmRm - ok
20:31:48.0449 0x18dc  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:31:48.0635 0x18dc  LanmanServer - ok
20:31:48.0713 0x18dc  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:31:48.0859 0x18dc  LanmanWorkstation - ok
20:31:48.0928 0x18dc  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:31:49.0087 0x18dc  lltdio - ok
20:31:49.0194 0x18dc  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:31:49.0358 0x18dc  lltdsvc - ok
20:31:49.0413 0x18dc  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:31:49.0585 0x18dc  lmhosts - ok
20:31:49.0668 0x18dc  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:31:50.0017 0x18dc  LSI_FC - ok
20:31:50.0057 0x18dc  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:31:50.0173 0x18dc  LSI_SAS - ok
20:31:50.0276 0x18dc  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:31:50.0407 0x18dc  LSI_SCSI - ok
20:31:50.0482 0x18dc  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
20:31:50.0650 0x18dc  luafv - ok
20:31:50.0764 0x18dc  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:31:50.0847 0x18dc  Mcx2Svc - ok
20:31:50.0892 0x18dc  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
20:31:50.0959 0x18dc  megasas - ok
20:31:51.0067 0x18dc  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
20:31:51.0232 0x18dc  MegaSR - ok
20:31:51.0278 0x18dc  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
20:31:51.0544 0x18dc  MMCSS - ok
20:31:51.0664 0x18dc  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
20:31:51.0859 0x18dc  Modem - ok
20:31:51.0900 0x18dc  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:31:52.0035 0x18dc  monitor - ok
20:31:52.0118 0x18dc  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:31:52.0197 0x18dc  mouclass - ok
20:31:52.0224 0x18dc  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:31:52.0355 0x18dc  mouhid - ok
20:31:52.0396 0x18dc  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
20:31:52.0484 0x18dc  MountMgr - ok
20:31:52.0549 0x18dc  [ 6ACCF2E8210880D7005C608AFDB5301C, D00122C928C5818A24E6C11183F79C253CFB6576AD54DC92AEEFC630ABBDE655 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:31:52.0709 0x18dc  MozillaMaintenance - ok
20:31:52.0845 0x18dc  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:31:52.0933 0x18dc  mpio - ok
20:31:52.0967 0x18dc  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:31:53.0099 0x18dc  mpsdrv - ok
20:31:53.0170 0x18dc  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:31:53.0372 0x18dc  MpsSvc - ok
20:31:53.0398 0x18dc  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
20:31:53.0479 0x18dc  Mraid35x - ok
20:31:53.0572 0x18dc  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:31:53.0702 0x18dc  MRxDAV - ok
20:31:53.0758 0x18dc  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:31:53.0890 0x18dc  mrxsmb - ok
20:31:53.0954 0x18dc  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:31:54.0068 0x18dc  mrxsmb10 - ok
20:31:54.0106 0x18dc  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:31:54.0222 0x18dc  mrxsmb20 - ok
20:31:54.0278 0x18dc  [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:31:54.0339 0x18dc  msahci - ok
20:31:54.0379 0x18dc  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:31:54.0466 0x18dc  msdsm - ok
20:31:54.0515 0x18dc  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
20:31:54.0665 0x18dc  MSDTC - ok
20:31:54.0718 0x18dc  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:31:54.0864 0x18dc  Msfs - ok
20:31:54.0925 0x18dc  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:31:55.0008 0x18dc  msisadrv - ok
20:31:55.0063 0x18dc  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:31:55.0259 0x18dc  MSiSCSI - ok
20:31:55.0282 0x18dc  msiserver - ok
20:31:55.0342 0x18dc  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:31:55.0515 0x18dc  MSKSSRV - ok
20:31:55.0632 0x18dc  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:31:55.0763 0x18dc  MSPCLOCK - ok
20:31:55.0779 0x18dc  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:31:55.0930 0x18dc  MSPQM - ok
20:31:55.0980 0x18dc  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:31:56.0132 0x18dc  MsRPC - ok
20:31:56.0213 0x18dc  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:31:56.0307 0x18dc  mssmbios - ok
20:31:56.0402 0x18dc  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:31:56.0553 0x18dc  MSTEE - ok
20:31:56.0576 0x18dc  [ 97AFFA9D95FFE20EEE6229BC6BE166CF, 6E13230AF96A3A5C518EFA21B9B1833E3DE9D6DA05A6E664E305EF18B162E1B9 ] MTsensor        C:\Windows\system32\DRIVERS\ATKACPI.sys
20:31:56.0671 0x18dc  MTsensor - ok
20:31:56.0711 0x18dc  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:31:56.0845 0x18dc  Mup - ok
20:31:56.0924 0x18dc  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
20:31:57.0055 0x18dc  napagent - ok
20:31:58.0170 0x18dc  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:31:58.0318 0x18dc  NativeWifiP - ok
20:31:58.0465 0x18dc  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:31:59.0534 0x18dc  NDIS - ok
20:31:59.0603 0x18dc  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:31:59.0719 0x18dc  NdisTapi - ok
20:31:59.0786 0x18dc  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:31:59.0894 0x18dc  Ndisuio - ok
20:31:59.0985 0x18dc  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:32:00.0120 0x18dc  NdisWan - ok
20:32:00.0147 0x18dc  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:32:00.0271 0x18dc  NDProxy - ok
20:32:00.0330 0x18dc  [ 1352E1648213551923A0A822E441553C, F9BCA299249D8E1ADF88F54554F72428E267E39911143F4C99DFF562F0EE4E70 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl.sys
20:32:00.0462 0x18dc  Netaapl - detected UnsignedFile.Multi.Generic ( 1 )
20:32:00.0817 0x18dc  Detect skipped due to KSN trusted
20:32:00.0817 0x18dc  Netaapl - ok
20:32:00.0871 0x18dc  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:32:00.0987 0x18dc  NetBIOS - ok
20:32:01.0062 0x18dc  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
20:32:01.0187 0x18dc  netbt - ok
20:32:01.0215 0x18dc  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
20:32:01.0544 0x18dc  Netlogon - ok
20:32:01.0783 0x18dc  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
20:32:02.0145 0x18dc  Netman - ok
20:32:02.0266 0x18dc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:32:02.0416 0x18dc  NetMsmqActivator - ok
20:32:02.0482 0x18dc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:32:02.0611 0x18dc  NetPipeActivator - ok
20:32:02.0722 0x18dc  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
20:32:03.0151 0x18dc  netprofm - ok
20:32:03.0183 0x18dc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:32:03.0409 0x18dc  NetTcpActivator - ok
20:32:03.0428 0x18dc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:32:03.0484 0x18dc  NetTcpPortSharing - ok
20:32:03.0863 0x18dc  [ 8DE67BD902095A13329FD82C85A1FA09, 7F0B058D0C306A845F7BF14B24B0BDBCE6F152A054331072549F46284E75A367 ] NETw5v32        C:\Windows\system32\DRIVERS\NETw5v32.sys
20:32:07.0741 0x18dc  NETw5v32 - ok
20:32:07.0842 0x18dc  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:32:07.0940 0x18dc  nfrd960 - ok
20:32:07.0997 0x18dc  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:32:08.0132 0x18dc  NlaSvc - ok
20:32:08.0166 0x18dc  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:32:08.0299 0x18dc  Npfs - ok
20:32:08.0350 0x18dc  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
20:32:08.0534 0x18dc  nsi - ok
20:32:08.0583 0x18dc  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:32:08.0710 0x18dc  nsiproxy - ok
20:32:08.0935 0x18dc  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:32:09.0463 0x18dc  Ntfs - ok
20:32:09.0533 0x18dc  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
20:32:09.0741 0x18dc  ntrigdigi - ok
20:32:09.0780 0x18dc  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
20:32:10.0264 0x18dc  Null - ok
20:32:10.0303 0x18dc  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:32:10.0409 0x18dc  nvraid - ok
20:32:10.0494 0x18dc  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:32:10.0719 0x18dc  nvstor - ok
20:32:10.0758 0x18dc  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:32:10.0883 0x18dc  nv_agp - ok
20:32:10.0900 0x18dc  NwlnkFlt - ok
20:32:10.0910 0x18dc  NwlnkFwd - ok
20:32:10.0984 0x18dc  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
20:32:11.0120 0x18dc  ohci1394 - ok
20:32:11.0255 0x18dc  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:32:11.0312 0x18dc  ose - ok
20:32:11.0425 0x18dc  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
20:32:11.0776 0x18dc  p2pimsvc - ok
20:32:11.0824 0x18dc  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:32:11.0941 0x18dc  p2psvc - ok
20:32:12.0058 0x18dc  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
20:32:12.0691 0x18dc  Parport - ok
20:32:12.0766 0x18dc  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:32:12.0855 0x18dc  partmgr - ok
20:32:12.0908 0x18dc  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
20:32:13.0437 0x18dc  Parvdm - ok
20:32:13.0522 0x18dc  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:32:13.0698 0x18dc  PcaSvc - ok
20:32:13.0741 0x18dc  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
20:32:13.0869 0x18dc  pci - ok
20:32:13.0965 0x18dc  [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:32:14.0029 0x18dc  pciide - ok
20:32:14.0074 0x18dc  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:32:14.0205 0x18dc  pcmcia - ok
20:32:14.0398 0x18dc  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:32:15.0472 0x18dc  PEAUTH - ok
20:32:15.0818 0x18dc  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
20:32:16.0685 0x18dc  pla - ok
20:32:16.0747 0x18dc  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:32:17.0894 0x18dc  PlugPlay - ok
20:32:17.0995 0x18dc  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
20:32:18.0546 0x18dc  PNRPAutoReg - ok
20:32:18.0637 0x18dc  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
20:32:19.0373 0x18dc  PNRPsvc - ok
20:32:19.0501 0x18dc  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:32:19.0943 0x18dc  PolicyAgent - ok
20:32:20.0081 0x18dc  postgresql-8.4 - ok
20:32:20.0115 0x18dc  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:32:20.0319 0x18dc  PptpMiniport - ok
20:32:20.0388 0x18dc  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
20:32:20.0539 0x18dc  Processor - ok
20:32:20.0617 0x18dc  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
20:32:20.0724 0x18dc  ProfSvc - ok
20:32:20.0764 0x18dc  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
20:32:20.0858 0x18dc  ProtectedStorage - ok
20:32:20.0918 0x18dc  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
20:32:21.0060 0x18dc  PSched - ok
20:32:21.0190 0x18dc  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:32:21.0823 0x18dc  ql2300 - ok
20:32:21.0876 0x18dc  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:32:21.0957 0x18dc  ql40xx - ok
20:32:22.0055 0x18dc  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
20:32:22.0244 0x18dc  QWAVE - ok
20:32:22.0317 0x18dc  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:32:22.0812 0x18dc  QWAVEdrv - ok
20:32:22.0889 0x18dc  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:32:23.0031 0x18dc  RasAcd - ok
20:32:23.0136 0x18dc  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
20:32:23.0294 0x18dc  RasAuto - ok
20:32:23.0393 0x18dc  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:32:23.0554 0x18dc  Rasl2tp - ok
20:32:23.0630 0x18dc  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
20:32:23.0770 0x18dc  RasMan - ok
20:32:23.0816 0x18dc  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:32:23.0940 0x18dc  RasPppoe - ok
20:32:24.0021 0x18dc  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:32:24.0091 0x18dc  RasSstp - ok
20:32:24.0164 0x18dc  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:32:24.0301 0x18dc  rdbss - ok
20:32:24.0418 0x18dc  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:32:24.0562 0x18dc  RDPCDD - ok
20:32:24.0611 0x18dc  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
20:32:24.0809 0x18dc  rdpdr - ok
20:32:24.0827 0x18dc  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:32:24.0972 0x18dc  RDPENCDD - ok
20:32:25.0054 0x18dc  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:32:25.0271 0x18dc  RDPWD - ok
20:32:25.0335 0x18dc  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:32:25.0641 0x18dc  RemoteAccess - ok
20:32:25.0710 0x18dc  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:32:25.0972 0x18dc  RemoteRegistry - ok
20:32:26.0024 0x18dc  [ 23F486726DA7A9B2F3EC7326421A9C36, D81035B3832FC670F018DA14B3986CB091F158229EE496A7B4BDAC2DB24385C5 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
20:32:26.0171 0x18dc  RFCOMM - ok
20:32:26.0215 0x18dc  [ A5B12A4B3B774432DB9B9FA221190E59, 1DAAB43A2429035BAB8403E5D24F50F82BD41B5B478B344C3C58D49F1E15C2AE ] rimmptsk        C:\Windows\system32\DRIVERS\rimmptsk.sys
20:32:26.0357 0x18dc  rimmptsk - ok
20:32:26.0385 0x18dc  [ C398BCA91216755B098679A8DA8A2300, 1FDDC3D927509AB10C3B0B7900DCE78DEC6B1C3CAE80F78EFCFBB628673B2143 ] rimsptsk        C:\Windows\system32\DRIVERS\rimsptsk.sys
20:32:26.0499 0x18dc  rimsptsk - ok
20:32:26.0544 0x18dc  [ 2A2554CB24506E0A0508FC395C4A1B42, B989AE65727C971D508E7284707258FCCC9213B510F4C2A257D3069A3DABE20B ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
20:32:26.0800 0x18dc  rismxdp - ok
20:32:26.0854 0x18dc  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
20:32:26.0950 0x18dc  RpcLocator - ok
20:32:27.0076 0x18dc  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
20:32:27.0472 0x18dc  RpcSs - ok
20:32:27.0552 0x18dc  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:32:27.0708 0x18dc  rspndr - ok
20:32:27.0777 0x18dc  RTHDMIAzAudService - ok
20:32:27.0854 0x18dc  [ 174B9514CD1A0C33CE4BBC02A3C81A62, 443AA7D9FFFFC207C62E2596246661C951977CB9B6A6E2F6552536A17C5504CD ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
20:32:27.0920 0x18dc  RTL8169 - detected UnsignedFile.Multi.Generic ( 1 )
20:32:28.0450 0x18dc  Detect skipped due to KSN trusted
20:32:28.0450 0x18dc  RTL8169 - ok
20:32:28.0512 0x18dc  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
20:32:28.0612 0x18dc  SamSs - ok
20:32:28.0663 0x18dc  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:32:28.0740 0x18dc  sbp2port - ok
20:32:28.0821 0x18dc  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:32:29.0395 0x18dc  SCardSvr - ok
20:32:29.0504 0x18dc  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
20:32:29.0788 0x18dc  Schedule - ok
20:32:29.0837 0x18dc  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:32:29.0896 0x18dc  SCPolicySvc - ok
20:32:30.0002 0x18dc  [ 8F36B54688C31EED4580129040C6A3D3, DC150689CBAEEC94B9DE0CA6A633FAD16CDDDC452521232E0C2A44BAE61E08D9 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
20:32:30.0177 0x18dc  sdbus - ok
20:32:30.0235 0x18dc  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:32:30.0448 0x18dc  SDRSVC - ok
20:32:30.0494 0x18dc  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:32:31.0286 0x18dc  secdrv - ok
20:32:31.0325 0x18dc  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
20:32:31.0496 0x18dc  seclogon - ok
20:32:31.0540 0x18dc  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
20:32:31.0955 0x18dc  SENS - ok
20:32:32.0013 0x18dc  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
20:32:32.0234 0x18dc  Serenum - ok
20:32:32.0310 0x18dc  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
20:32:32.0489 0x18dc  Serial - ok
20:32:32.0551 0x18dc  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:32:32.0734 0x18dc  sermouse - ok
20:32:32.0824 0x18dc  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:32:32.0969 0x18dc  SessionEnv - ok
20:32:33.0001 0x18dc  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
20:32:33.0128 0x18dc  sffdisk - ok
20:32:33.0166 0x18dc  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:32:33.0291 0x18dc  sffp_mmc - ok
20:32:33.0352 0x18dc  [ 9F66A46C55D6F1CCABC79BB7AFCCC545, 029115C69315D2298F7FC944A53EF7F120FF74919208EB5ABC190022176D9B16 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
20:32:33.0752 0x18dc  sffp_sd - ok
20:32:33.0778 0x18dc  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:32:34.0099 0x18dc  sfloppy - ok
20:32:34.0195 0x18dc  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:32:34.0390 0x18dc  SharedAccess - ok
20:32:34.0466 0x18dc  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:32:34.0683 0x18dc  ShellHWDetection - ok
20:32:34.0761 0x18dc  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
20:32:34.0849 0x18dc  sisagp - ok
20:32:34.0884 0x18dc  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
20:32:34.0972 0x18dc  SiSRaid2 - ok
20:32:35.0032 0x18dc  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:32:35.0147 0x18dc  SiSRaid4 - ok
20:32:35.0256 0x18dc  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
20:32:36.0069 0x18dc  SkypeUpdate - ok
20:32:36.0930 0x18dc  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
20:32:38.0556 0x18dc  slsvc - ok
20:32:38.0685 0x18dc  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
20:32:38.0797 0x18dc  SLUINotify - ok
20:32:38.0849 0x18dc  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:32:38.0993 0x18dc  Smb - ok
20:32:39.0087 0x18dc  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:32:39.0171 0x18dc  SNMPTRAP - ok
20:32:39.0414 0x18dc  [ 85DA7B2A2F248C8C69D7D0A526342683, AA18534D6902C7CF79193FD76AF0E12FB531E052D0C47F40F9D5EF04F8A4CC52 ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
20:32:40.0334 0x18dc  SNP2UVC - ok
20:32:40.0411 0x18dc  [ 3FA2E254BFBCE52B3C6F1BF23AAB6911, 1E94D4E6D903E98F60C240DC841DCACE5F9E8BBB0802E6648A49AB80C23318CB ] speedfan        C:\Windows\system32\speedfan.sys
20:32:40.0477 0x18dc  speedfan - ok
20:32:40.0529 0x18dc  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:32:40.0614 0x18dc  spldr - ok
20:32:40.0744 0x18dc  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
20:32:40.0942 0x18dc  Spooler - ok
20:32:41.0400 0x18dc  [ E8B705F9ABE446AAF7A315EF8B4AEA5A, E65C42B0704135D2024B8E9509C96C4CB8450D5C342B5192C65C218756B63AF2 ] sptd            C:\Windows\System32\Drivers\sptd.sys
20:32:43.0812 0x18dc  sptd - ok
20:32:43.0885 0x18dc  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:32:44.0150 0x18dc  srv - ok
20:32:44.0240 0x18dc  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:32:44.0582 0x18dc  srv2 - ok
20:32:44.0653 0x18dc  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:32:44.0794 0x18dc  srvnet - ok
20:32:44.0868 0x18dc  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:32:45.0266 0x18dc  SSDPSRV - ok
20:32:45.0335 0x18dc  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
20:32:45.0386 0x18dc  ssmdrv - ok
20:32:45.0510 0x18dc  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:32:45.0568 0x18dc  SstpSvc - ok
20:32:45.0670 0x18dc  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
20:32:46.0507 0x18dc  stisvc - ok
20:32:46.0570 0x18dc  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:32:46.0660 0x18dc  swenum - ok
20:32:46.0816 0x18dc  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
20:32:46.0981 0x18dc  swprv - ok
20:32:47.0035 0x18dc  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
20:32:47.0110 0x18dc  Symc8xx - ok
20:32:47.0134 0x18dc  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
20:32:47.0198 0x18dc  Sym_hi - ok
20:32:47.0218 0x18dc  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
20:32:47.0277 0x18dc  Sym_u3 - ok
20:32:47.0355 0x18dc  [ 55F6E55CC2430CA8713387106FA79817, 721C86B806AEFBD4D7B368AE6E7A689A0F4B3B378B701D29D3DFE459066188F3 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
20:32:47.0461 0x18dc  SynTP - ok
20:32:47.0623 0x18dc  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
20:32:48.0550 0x18dc  SysMain - ok
20:32:48.0635 0x18dc  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:32:48.0826 0x18dc  TabletInputService - ok
20:32:48.0891 0x18dc  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:32:49.0101 0x18dc  TapiSrv - ok
20:32:49.0144 0x18dc  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
20:32:49.0572 0x18dc  TBS - ok
20:32:49.0723 0x18dc  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:32:50.0344 0x18dc  Tcpip - ok
20:32:50.0459 0x18dc  [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
20:32:50.0723 0x18dc  Tcpip6 - ok
20:32:50.0809 0x18dc  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:32:51.0027 0x18dc  tcpipreg - ok
20:32:51.0078 0x18dc  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:32:51.0190 0x18dc  TDPIPE - ok
20:32:51.0219 0x18dc  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:32:51.0343 0x18dc  TDTCP - ok
20:32:51.0389 0x18dc  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:32:51.0507 0x18dc  tdx - ok
20:32:52.0201 0x18dc  [ F67C21CC4195F6AFC447418FE163E156, 01D245952C1AF2B365DBA6C36AFE0FFB2332480B6A1D7D4B43A0DE4FB7535B0B ] TeamViewer8     C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
20:32:55.0418 0x18dc  TeamViewer8 - ok
20:32:55.0626 0x18dc  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:32:55.0712 0x18dc  TermDD - ok
20:32:55.0759 0x18dc  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
20:32:56.0052 0x18dc  TermService - ok
20:32:56.0119 0x18dc  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
20:32:56.0426 0x18dc  Themes - ok
20:32:56.0481 0x18dc  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
20:32:56.0606 0x18dc  THREADORDER - ok
20:32:56.0653 0x18dc  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
20:32:56.0798 0x18dc  TrkWks - ok
20:32:56.0869 0x18dc  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:32:56.0975 0x18dc  TrustedInstaller - ok
20:32:57.0020 0x18dc  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:32:57.0173 0x18dc  tssecsrv - ok
20:32:57.0225 0x18dc  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
20:32:57.0309 0x18dc  tunmp - ok
20:32:57.0377 0x18dc  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:32:57.0536 0x18dc  tunnel - ok
20:32:57.0562 0x18dc  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:32:57.0711 0x18dc  uagp35 - ok
20:32:57.0832 0x18dc  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:32:57.0961 0x18dc  udfs - ok
20:32:58.0007 0x18dc  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:32:58.0147 0x18dc  UI0Detect - ok
20:32:58.0242 0x18dc  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:32:58.0327 0x18dc  uliagpkx - ok
20:32:58.0370 0x18dc  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
20:32:58.0569 0x18dc  uliahci - ok
20:32:58.0614 0x18dc  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
20:32:58.0700 0x18dc  UlSata - ok
20:32:58.0731 0x18dc  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
20:32:58.0789 0x18dc  ulsata2 - ok
20:32:58.0822 0x18dc  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:32:58.0944 0x18dc  umbus - ok
20:32:58.0989 0x18dc  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
20:32:59.0105 0x18dc  upnphost - ok
20:32:59.0180 0x18dc  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
20:32:59.0281 0x18dc  USBAAPL - ok
20:32:59.0422 0x18dc  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:32:59.0521 0x18dc  usbccgp - ok
20:32:59.0579 0x18dc  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:32:59.0892 0x18dc  usbcir - ok
20:32:59.0986 0x18dc  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:33:00.0059 0x18dc  usbehci - ok
20:33:00.0121 0x18dc  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:33:00.0655 0x18dc  usbhub - ok
20:33:00.0683 0x18dc  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:33:00.0893 0x18dc  usbohci - ok
20:33:00.0936 0x18dc  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:33:01.0035 0x18dc  usbprint - ok
20:33:01.0638 0x18dc  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
20:33:01.0817 0x18dc  usbscan - ok
20:33:01.0891 0x18dc  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:33:02.0040 0x18dc  USBSTOR - ok
20:33:02.0206 0x18dc  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
20:33:02.0279 0x18dc  usbuhci - ok
20:33:02.0331 0x18dc  [ E67998E8F14CB0627A769F6530BCB352, 60982F168E9BF13954328C728F55F4D3ADDC572CACB65289B0E895A63DAA08C1 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
20:33:02.0452 0x18dc  usbvideo - ok
20:33:02.0522 0x18dc  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
20:33:02.0662 0x18dc  UxSms - ok
20:33:02.0910 0x18dc  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
20:33:03.0060 0x18dc  vds - ok
20:33:03.0127 0x18dc  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:33:03.0269 0x18dc  vga - ok
20:33:03.0317 0x18dc  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:33:03.0665 0x18dc  VgaSave - ok
20:33:03.0697 0x18dc  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
20:33:03.0760 0x18dc  viaagp - ok
20:33:03.0798 0x18dc  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
20:33:03.0916 0x18dc  ViaC7 - ok
20:33:03.0949 0x18dc  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys
20:33:03.0999 0x18dc  viaide - ok
20:33:04.0059 0x18dc  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:33:04.0138 0x18dc  volmgr - ok
20:33:04.0212 0x18dc  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:33:04.0365 0x18dc  volmgrx - ok
20:33:04.0493 0x18dc  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:33:04.0608 0x18dc  volsnap - ok
20:33:04.0687 0x18dc  [ 710E2A70FBE41DB2379EB7AA6E6FF7CC, 0E3DB40357E16F80A477719AEB37C43B2B3F389F29616F22E8C01E52D5582A0C ] vpnagent        C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
20:33:04.0836 0x18dc  vpnagent - ok
20:33:04.0998 0x18dc  [ FDDAFA1C89B0B07494AF5879F7ECE857, C23415200419F5C50A0F75848F22256E1D6AFD837CE9FB7487A8E7CC14534301 ] vpnva           C:\Windows\system32\DRIVERS\vpnva.sys
20:33:05.0069 0x18dc  vpnva - ok
20:33:05.0134 0x18dc  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:33:05.0283 0x18dc  vsmraid - ok
20:33:05.0432 0x18dc  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
20:33:05.0901 0x18dc  VSS - ok
20:33:06.0105 0x18dc  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
20:33:06.0375 0x18dc  W32Time - ok
20:33:06.0453 0x18dc  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:33:06.0631 0x18dc  WacomPen - ok
20:33:06.0682 0x18dc  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:33:06.0818 0x18dc  Wanarp - ok
20:33:06.0829 0x18dc  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:33:06.0904 0x18dc  Wanarpv6 - ok
20:33:07.0097 0x18dc  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:33:07.0707 0x18dc  wcncsvc - ok
20:33:07.0780 0x18dc  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:33:07.0924 0x18dc  WcsPlugInService - ok
20:33:07.0969 0x18dc  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
20:33:08.0098 0x18dc  Wd - ok
20:33:08.0167 0x18dc  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:33:08.0386 0x18dc  Wdf01000 - ok
20:33:08.0427 0x18dc  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:33:08.0550 0x18dc  WdiServiceHost - ok
20:33:08.0568 0x18dc  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:33:08.0652 0x18dc  WdiSystemHost - ok
20:33:08.0751 0x18dc  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
20:33:08.0858 0x18dc  WebClient - ok
20:33:08.0903 0x18dc  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:33:09.0364 0x18dc  Wecsvc - ok
20:33:09.0401 0x18dc  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:33:09.0519 0x18dc  wercplsupport - ok
20:33:09.0561 0x18dc  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:33:09.0887 0x18dc  WerSvc - ok
20:33:10.0200 0x18dc  [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4, A6020D41FEA0CC76D0C3CA3A88F3E9493022CD5A549E18B02D69A482B579F339 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
20:33:10.0382 0x18dc  WimFltr - ok
20:33:10.0498 0x18dc  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
20:33:10.0627 0x18dc  WinDefend - ok
20:33:10.0652 0x18dc  WinHttpAutoProxySvc - ok
20:33:10.0930 0x18dc  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:33:11.0062 0x18dc  Winmgmt - ok
20:33:11.0726 0x18dc  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:33:12.0707 0x18dc  WinRM - ok
20:33:12.0943 0x18dc  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:33:13.0103 0x18dc  Wlansvc - ok
20:33:13.0166 0x18dc  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
20:33:13.0379 0x18dc  WmiAcpi - ok
20:33:13.0468 0x18dc  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:33:13.0596 0x18dc  wmiApSrv - ok
20:33:13.0762 0x18dc  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
20:33:14.0038 0x18dc  WMPNetworkSvc - ok
20:33:14.0263 0x18dc  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:33:14.0422 0x18dc  WPCSvc - ok
20:33:14.0493 0x18dc  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:33:14.0643 0x18dc  WPDBusEnum - ok
20:33:14.0755 0x18dc  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
20:33:14.0832 0x18dc  WpdUsb - ok
20:33:15.0210 0x18dc  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:33:15.0526 0x18dc  WPFFontCache_v0400 - ok
20:33:15.0584 0x18dc  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:33:15.0685 0x18dc  ws2ifsl - ok
20:33:15.0734 0x18dc  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
20:33:15.0977 0x18dc  wscsvc - ok
20:33:16.0091 0x18dc  WSearch - ok
20:33:16.0214 0x18dc  [ B7F30C50A2E6E46822CD388608E06BB4, AE591F79643EC39EC39E4BA7B49B134FACA59784AEA285919713BC4FCCEEB825 ] WSVD            C:\Windows\system32\drivers\WSVD.sys
20:33:16.0274 0x18dc  WSVD - ok
20:33:16.0482 0x18dc  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:33:16.0863 0x18dc  wuauserv - ok
20:33:16.0988 0x18dc  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:33:17.0354 0x18dc  WudfPf - ok
20:33:17.0420 0x18dc  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:33:17.0521 0x18dc  WUDFRd - ok
20:33:17.0571 0x18dc  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:33:17.0651 0x18dc  wudfsvc - ok
20:33:18.0036 0x18dc  ================ Scan global ===============================
20:33:18.0099 0x18dc  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
20:33:18.0224 0x18dc  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
20:33:18.0358 0x18dc  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
20:33:18.0435 0x18dc  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
20:33:18.0474 0x18dc  [ Global ] - ok
20:33:18.0487 0x18dc  ================ Scan MBR ==================================
20:33:18.0507 0x18dc  [ C8C6DC722D4EF7CA320585D4BD90474E ] \Device\Harddisk0\DR0
20:33:30.0092 0x18dc  \Device\Harddisk0\DR0 - ok
20:33:30.0092 0x18dc  ================ Scan VBR ==================================
20:33:30.0106 0x18dc  [ D4F6B010054C7A9EE12F75E2AA8A3F8C ] \Device\Harddisk0\DR0\Partition1
20:33:30.0173 0x18dc  \Device\Harddisk0\DR0\Partition1 - ok
20:33:30.0209 0x18dc  [ FBEFB69C60698B790031E21703C6B7F4 ] \Device\Harddisk0\DR0\Partition2
20:33:30.0219 0x18dc  \Device\Harddisk0\DR0\Partition2 - ok
20:33:30.0220 0x18dc  ================ Scan generic autorun ======================
20:33:30.0331 0x18dc  [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
20:33:31.0282 0x18dc  Windows Defender - ok
20:33:31.0884 0x18dc  [ 98888488D0E6DB0256E5E661BCD35EB6, A1FE5D097A131998A617E5C4DD9F55DCDAAD75A1D7CEA584CA4FE64E543A28CE ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
20:33:32.0261 0x18dc  SynTPEnh - ok
20:33:32.0476 0x18dc  [ C19FC4951E15BE086F44CA7F7DAF7BC1, BC1E6AF18A853D53163C42DAFD28D4BD2DBCE6081BA815D3462F73A8B6CEEB98 ] C:\Program Files\ATK Hotkey\HcontrolUser.exe
20:33:32.0505 0x18dc  HControlUser - detected UnsignedFile.Multi.Generic ( 1 )
20:33:32.0912 0x18dc  Detect skipped due to KSN trusted
20:33:32.0912 0x18dc  HControlUser - ok
20:33:33.0533 0x18dc  [ FF0D8D7048E10AF808F047D6E03B6EBB, E3349712C515D1167FDAFD853D277BE9939273A19B2F7312CD679E03CE01475F ] C:\Program Files\LG Software\LG OSD\HotKey.exe
20:33:33.0986 0x18dc  KeybdUtility - detected UnsignedFile.Multi.Generic ( 1 )
20:33:34.0281 0x18dc  Detect skipped due to KSN trusted
20:33:34.0281 0x18dc  KeybdUtility - ok
20:33:34.0358 0x18dc  [ D3804513FC9C11A4637392B4F0F43BC5, E23781CB1AA86EC8D761A456B1D249EB8076331B11013077A194BB567567204B ] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
20:33:34.0415 0x18dc  IAAnotif - ok
20:33:34.0417 0x18dc  snp2uvc - ok
20:33:34.0643 0x18dc  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
20:33:34.0861 0x18dc  Adobe ARM - ok
20:33:34.0906 0x18dc  [ 6080A176D09435FC8E6E800996656E18, 2E661732F83521AB1E33749DE7E1478A05BC182B14F101531E908B1B555ACA18 ] C:\Windows\system32\conime.exe
20:33:35.0009 0x18dc  Conime - ok
20:33:35.0071 0x18dc  [ F682001291679FA07B1B25A66B049B07, 6146A5208A625C796BEFB1FED8396D7F8ADA6AD657A4900C91C314B5F45A9947 ] C:\Windows\system32\igfxtray.exe
20:33:35.0150 0x18dc  IgfxTray - ok
20:33:35.0184 0x18dc  [ B3BAA381D64ACCFE196228F7D14D6769, 7E996564E483649CA5B9C95F041F24287B555C9962E285D0543073C4669425FF ] C:\Windows\system32\hkcmd.exe
20:33:35.0255 0x18dc  HotKeysCmds - ok
20:33:35.0334 0x18dc  [ 95CDBB7307100BCB5ACACCB8918C7977, C98FD3A9C628E73773DBC392108967A12A77CC9D304B8A79964D1C021A4260A6 ] C:\Windows\system32\igfxpers.exe
20:33:35.0513 0x18dc  Persistence - ok
20:33:35.0893 0x18dc  [ DAA21DC0AA2E688370D356757892816D, 97EBF3B8A4B8544B6C1379A391AA4079F38EB4D507931249BC1427D961F58F8C ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
20:33:36.0121 0x18dc  avgnt - ok
20:33:36.0280 0x18dc  [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
20:33:36.0326 0x18dc  SunJavaUpdateSched - ok
20:33:36.0853 0x18dc  [ BB3B08157FA22769B7ED9D2C44081D5A, 0653EA6D992A9FA09BB1756F6671C8FD9D518C60471B0F6420A7FC1DA2D3B6FA ] C:\Windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
20:33:37.0626 0x18dc  EKIJ5000StatusMonitor - ok
20:33:37.0750 0x18dc  [ 16D4D2AB28EDD90AEE06826B3ADF50AB, EE8E54702B22E7F1DB8DE7296132C3473DD9D18B9E9C47414F315173E0A26E16 ] C:\Program Files\PDF24\pdf24.exe
20:33:37.0815 0x18dc  PDFPrint - ok
20:33:38.0046 0x18dc  [ 7632A6EA63FEEBC2798D3852CE754972, 291409858E75B7E84397EED3270E737958255E7F733A3B2FE7BD282A2604B247 ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
20:33:38.0091 0x18dc  Avira Systray - ok
20:33:38.0340 0x18dc  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
20:33:38.0737 0x18dc  Sidebar - ok
20:33:38.0763 0x18dc  WindowsWelcomeCenter - ok
20:33:38.0945 0x18dc  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
20:33:39.0164 0x18dc  Sidebar - ok
20:33:39.0179 0x18dc  WindowsWelcomeCenter - ok
20:33:39.0223 0x18dc  [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\WMPNSCFG.exe
20:33:39.0279 0x18dc  WMPNSCFG - ok
20:33:39.0442 0x18dc  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
20:33:39.0619 0x18dc  Sidebar - ok
20:33:39.0633 0x18dc  WindowsWelcomeCenter - ok
20:33:39.0796 0x18dc  [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\Sidebar.exe
20:33:40.0011 0x18dc  Sidebar - ok
20:33:40.0029 0x18dc  WindowsWelcomeCenter - ok
20:33:40.0092 0x18dc  [ 35937EAD711207544E219C2A19A78A7D, EE6E5EAE00F577D7C3FFB8C0D8EE484552A337CEAA27FCB107174A9879FE7362 ] C:\Program Files\Windows Media Player\WMPNSCFG.exe
20:33:40.0143 0x18dc  WMPNSCFG - ok
20:33:40.0145 0x18dc  Waiting for KSN requests completion. In queue: 19
20:33:41.0284 0x18dc  AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.266 ), 0x41000 ( enabled : updated )
20:33:41.0413 0x18dc  Win FW state via NFP2: enabled
20:33:41.0580 0x18dc  ============================================================
20:33:41.0580 0x18dc  Scan finished
20:33:41.0581 0x18dc  ============================================================
20:33:41.0620 0x13b8  Detected object count: 0
20:33:41.0620 0x13b8  Actual detected object count: 0
         
__________________

Alt 16.10.2014, 17:09   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Videos ruckeln besonders in Firefox - Standard

Videos ruckeln besonders in Firefox



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 17.10.2014, 09:55   #5
Ahnungslos11
 
Videos ruckeln besonders in Firefox - Standard

Videos ruckeln besonders in Firefox



Hallo schrauber,

hier die geforderten Dinge.

mbam:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 16.10.2014
Suchlauf-Zeit: 20:44:34
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.3.1025
Malware Datenbank: v2014.10.16.05
Rootkit Datenbank: v2014.10.15.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows Vista Service Pack 2
CPU: x86
Dateisystem: NTFS
Benutzer: Phillip

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 366319
Verstrichene Zeit: 35 Min, 52 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.Softonic.A, HKU\S-1-5-21-2386538302-2959011679-2223950070-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Löschen bei Neustart, [fd688a8bd2aa8da9643e42fd27dc5fa1], 

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         
AdwCleaner:
Code:
ATTFilter
# AdwCleaner v4.000 - Bericht erstellt am 17/10/2014 um 09:07:17
# DB v2014-10-16.8
# Aktualisiert 12/10/2014 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzername : Phillip - 11RP11
# Gestartet von : C:\Users\Phillip\Downloads\AdwCleaner_4.000.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Phillip\AppData\Roaming\pdfforge

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16575


-\\ Mozilla Firefox v33.0 (x86 de)


-\\ Google Chrome v37.0.2062.124


*************************

AdwCleaner[R0].txt - [1513 octets] - [17/10/2014 08:52:18]
AdwCleaner[S0].txt - [1426 octets] - [17/10/2014 09:07:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1486 octets] ##########
         
JRT:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.14.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Phillip on 17.10.2014 at  9:29:57,69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Phillip\AppData\Roaming\mozilla\firefox\profiles\q1t70ujh.default\minidumps [870 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.10.2014 at  9:41:38,09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) 

Version: 16-10-2014
Ran by Phillip (administrator) on 11RP11 on 17-10-2014 

09:42:45
Running from C:\Users\Phillip\Downloads
Loaded Profiles: Phillip & postgres (Available profiles: 

Phillip & postgres)
Platform: Microsoft® Windows Vista™ Home Premium  Service 

Pack 2 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: 

hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial

-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) 

=================

(If an entry is included in the fixlist, the process will 

be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco\Cisco 

AnyConnect Secure Mobility Client\vpnagent.exe
() C:\Program Files\ATK Hotkey\AsLdrSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program 

Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program 

Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile 

Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\ProgramData\DatacardService\DCService.exe
(PostgreSQL Global Development Group) C:\Program 

Files\PostgreSQL\8.4\bin\pg_ctl.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8

\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\Program 

Files\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program 

Files\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program 

Files\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program 

Files\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program 

Files\PostgreSQL\8.4\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program 

Files\PostgreSQL\8.4\bin\postgres.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My 

Avira\Avira.OE.ServiceHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix 

Storage Manager\IAANTmon.exe
(Avira Operations GmbH & Co. KG) C:\Program 

Files\Avira\AntiVir Desktop\avshadow.exe
(Huawei Technologies Co., Ltd.) 

C:\ProgramData\DatacardService\DCSHelper.exe
(ATK0100) C:\Program Files\ATK Hotkey\HControl.exe
() C:\Program Files\ATK Hotkey\MsgTranAgt.exe
(Synaptics, Inc.) C:\Program 

Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\ATK Hotkey\HControlUser.exe
(LG Electronics) C:\Program Files\LG Software\LG 

OSD\HotKey.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix 

Storage Manager\IAAnotif.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\ATK Hotkey\LOSD.exe
(Avira Operations GmbH & Co. KG) C:\Program 

Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common 

Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My 

Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Program Files\Windows Media 

Player\wmpnscfg.exe
(Microsoft Corporation) 

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
() C:\Program Files\ATK Hotkey\ATKOSD.exe
() C:\Program Files\ATK Hotkey\WDC.exe
(Synaptics, Inc.) C:\Program 

Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) 

C:\Windows\Microsoft.NET\Framework\v4.0.30319

\WPF\WPFFontCache_v0400.exe
(Thisisu) C:\Users\Phillip\Downloads\JRT.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Mozilla Corporation) C:\Program Files\Mozilla 

Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla 

Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32

\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\System32

\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe


==================== Registry (Whitelisted) 

==================

(If an entry is included in the fixlist, the registry item 

will be restored to default or removed. The file will not 

be moved.)

HKLM\...\Run: [Windows Defender] => C:\Program 

Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] 

(Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program 

Files\Synaptics\SynTP\SynTPEnh.exe [1029416 2007-12-07] 

(Synaptics, Inc.)
HKLM\...\Run: [HControlUser] => C:\Program Files\ATK 

Hotkey\HcontrolUser.exe [98304 2008-07-03] ()
HKLM\...\Run: [KeybdUtility] => C:\Program Files\LG 

Software\LG OSD\HotKey.exe [3026944 2008-09-04] (LG 

Electronics)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel 

Matrix Storage Manager\iaanotif.exe [182808 2008-07-21] 

(Intel Corporation)
HKLM\...\Run: [snp2uvc] => C:\Windows\vsnp2uvc.exe
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common 

Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] 

(Adobe Systems Incorporated)
HKLM\...\Run: [Conime] => C:\Windows\system32\conime.exe 

[69120 2009-04-11] (Microsoft Corporation)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir 

Desktop\avgnt.exe [703736 2014-10-14] (Avira Operations 

GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program 

Files\Common Files\Java\Java Update\jusched.exe [256896 

2014-07-25] (Oracle Corporation)
HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My 

Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira 

Operations GmbH & Co. KG)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => 

rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => 

rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2386538302-2959011679-2223950070-1000

\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media 

Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft 

Corporation)
HKU\S-1-5-21-2386538302-2959011679-2223950070-1000

\...\MountPoints2: {3504ca00-f1a7-11e1-97bc-001e101f1f81} 

- G:\AutoRun.exe
HKU\S-1-5-21-2386538302-2959011679-2223950070-1000

\...\MountPoints2: {7c390bdf-c705-11dd-b618-806e6f6e6963} 

- F:\Autorun.exe
HKU\S-1-5-21-2386538302-2959011679-2223950070-1000

\...\MountPoints2: {ae1da385-f146-11e1-9079-00216b0c781a} 

- G:\AutoRun.exe
HKU\S-1-5-21-2386538302-2959011679-2223950070-1000

\...\MountPoints2: {ae1da3b9-f146-11e1-9079-001e101f21c1} 

- G:\AutoRun.exe
HKU\S-1-5-21-2386538302-2959011679-2223950070-1000

\...\MountPoints2: {cbba1285-f04b-11e1-96d5-abf4987c20bb} 

- E:\SETUP.EXE /AUTORUN
HKU\S-1-5-21-2386538302-2959011679-2223950070-1007

\...\Run: [WindowsWelcomeCenter] => rundll32.exe 

oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2386538302-2959011679-2223950070-1007

\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media 

Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft 

Corporation)
HKU\S-1-5-21-2386538302-2959011679-2223950070-1007

\...\MountPoints2: {3504ca00-f1a7-11e1-97bc-001e101f1f81} 

- G:\AutoRun.exe
HKU\S-1-5-21-2386538302-2959011679-2223950070-1007

\...\MountPoints2: {7c390bdf-c705-11dd-b618-806e6f6e6963} 

- F:\Autorun.exe
HKU\S-1-5-21-2386538302-2959011679-2223950070-1007

\...\MountPoints2: {ae1da385-f146-11e1-9079-00216b0c781a} 

- G:\AutoRun.exe
HKU\S-1-5-21-2386538302-2959011679-2223950070-1007

\...\MountPoints2: {ae1da3b9-f146-11e1-9079-001e101f21c1} 

- G:\AutoRun.exe
HKU\S-1-5-21-2386538302-2959011679-2223950070-1007

\...\MountPoints2: {cbba1285-f04b-11e1-96d5-abf4987c20bb} 

- E:\SETUP.EXE /AUTORUN

==================== Internet (Whitelisted) 

====================

(If an item is included in the fixlist, if it is a 

registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page 

= hxxp://www.lge.com
HKCU\Software\Microsoft\Internet 

Explorer\Main,Default_Page_URL = hxxp://www.lge.com
HKLM\Software\Microsoft\Internet 

Explorer\Main,Default_Page_URL = hxxp://www.lge.com
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-

B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7

\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b

-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7

\bin\jp2ssv.dll (Oracle Corporation)
DPF: {B07F54E6-0806-47DB-B5D8-398F240776F2} 

file:///F:/viewer/ORDcmViewCD.ocx
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-

1830C7DD7F5D} - C:\Program Files\Common 

Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll 

[121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: 

C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\

q1t70ujh.default
FF NetworkProxy: "http", "195.142.122.62"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32

\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> 

C:\Windows\system32\Adobe\Director\np32dsw_1209149.dll 

(Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program 

Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> 

C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll 

(Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> 

C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle 

Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program 

Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( 

Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> 

C:\Program Files\Microsoft\Office Live\npOLW.dll 

(Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> 

C:\Windows\Microsoft.NET\Framework\v3.5\Windows 

Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> 

C:\Program Files\Google\Update\1.3.24.15

\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> 

C:\Program Files\Google\Update\1.3.24.15

\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program 

Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 

10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @www.flatcast.com/FlatViewer 5.2 -> 

C:\PROGRA~1\MOZILL~1\plugins\NpFv530.dll (1 mal 1 Software 

GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla 

firefox\plugins\NpFv530.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla 

firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla 

firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: 

C:\Users\Phillip\AppData\Roaming\mozilla\plugins\NpFv530.d

ll (1 mal 1 Software GmbH)
FF SearchPlugin: 

C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\

q1t70ujh.default\searchplugins\google-images.xml
FF SearchPlugin: 

C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\

q1t70ujh.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Program Files\mozilla 

firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla 

firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla 

firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla 

firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - 

C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\

q1t70ujh.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: DownloadHelper - 

C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\

q1t70ujh.default\Extensions\{b9db16a4-6edc-47ec-a1f4-

b86292ed211d} [2014-09-06]
FF Extension: Proxy-Listen.de - Proxyswitcher - 

C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\

q1t70ujh.default\Extensions\admin@proxy-listen.de.xpi 

[2013-10-04]
FF Extension: Hide My Ass Proxy Extension - 

C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\

q1t70ujh.default\Extensions\extension@hidemyass.com.xpi 

[2013-07-29]
FF Extension: Updated Ad Blocker for Firefox 11+ - 

C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\

q1t70ujh.default\Extensions\{4DC70064-89E2-4a55-8FC6-

E8CDEAE3618C}.xpi [2013-06-11]
FF Extension: LeechBlock - 

C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\

q1t70ujh.default\Extensions\{a95d8332-e4b4-6e7f-98ac-

20b733364387}.xpi [2014-05-28]
FF Extension: Adblock Plus - 

C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\

q1t70ujh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-

2b9879e08c5d}.xpi [2012-08-21]
FF Extension: DownThemAll! - 

C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\

q1t70ujh.default\Extensions\{DDC359D1-844A-42a7-9AA1-

88A850A938A8}.xpi [2013-11-06]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3

-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5

\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - 

c:\Windows\Microsoft.NET\Framework\v3.5\Windows 

Presentation Foundation\DotNetAssistantExtension [2012-08

-22]
FF HKCU\...\Firefox\Extensions: [cliqz@cliqz.com] - 

C:\Users\Phillip\AppData\Roaming\Mozilla\Firefox\Profiles\

q1t70ujh.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR Profile: 

C:\Users\Phillip\AppData\Local\Google\Chrome\User 

Data\Default
CHR Extension: (Google Docs) - 

C:\Users\Phillip\AppData\Local\Google\Chrome\User 

Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake 

[2014-08-14]
CHR Extension: (Google Drive) - 

C:\Users\Phillip\AppData\Local\Google\Chrome\User 

Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf 

[2014-08-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - 

C:\Users\Phillip\AppData\Local\Google\Chrome\User 

Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn 

[2014-09-09]
CHR Extension: (YouTube) - 

C:\Users\Phillip\AppData\Local\Google\Chrome\User 

Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo 

[2014-08-14]
CHR Extension: (Google-Suche) - 

C:\Users\Phillip\AppData\Local\Google\Chrome\User 

Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf 

[2014-08-14]
CHR Extension: (Avira Browser Safety) - 

C:\Users\Phillip\AppData\Local\Google\Chrome\User 

Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk 

[2014-08-14]
CHR Extension: (AdBlock) - 

C:\Users\Phillip\AppData\Local\Google\Chrome\User 

Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom 

[2014-09-09]
CHR Extension: (Google Wallet) - 

C:\Users\Phillip\AppData\Local\Google\Chrome\User 

Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda 

[2014-02-25]
CHR Extension: (Google Mail) - 

C:\Users\Phillip\AppData\Local\Google\Chrome\User 

Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia 

[2014-08-14]

========================== Services (Whitelisted) 

=================

(If an entry is included in the fixlist, the service will 

be removed from the registry. The file will not be moved 

unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir 

Desktop\sched.exe [431920 2014-10-14] (Avira Operations 

GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir 

Desktop\avguard.exe [431920 2014-10-14] (Avira Operations 

GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files\Avira\AntiVir 

Desktop\AVWEBGRD.EXE [994552 2014-10-14] (Avira Operations 

GmbH & Co. KG)
R2 ASLDRService; C:\Program Files\ATK Hotkey\ASLDRSrv.exe 

[94208 2007-10-03] () [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My 

Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira 

Operations GmbH & Co. KG)
R2 DCService.exe; 

C:\ProgramData\DatacardService\DCService.exe [229376 2010

-05-08] () [File not signed]
R2 vpnagent; C:\Program Files\Cisco\Cisco AnyConnect 

Secure Mobility Client\vpnagent.exe [479224 2012-12-10] 

(Cisco Systems, Inc.)
R2 postgresql-8.4; C:/Program 

Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N 

"postgresql-8.4" -D "C:/Program Files/PostgreSQL/8.4/data" 

-w [X]

==================== Drivers (Whitelisted) 

====================

(If an entry is included in the fixlist, the service will 

be removed from the registry. The file will not be moved 

unless listed separately.)

S3 acsint; C:\Windows\System32\DRIVERS\acsint.sys [39888 

2012-12-10] (Cisco Systems, Inc.)
S3 acsmux; C:\Windows\System32\DRIVERS\acsmux.sys [58320 

2012-12-10] (Cisco Systems, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys 

[98160 2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 

2014-10-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 

2013-11-26] (Avira Operations GmbH & Co. KG)
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-

03] () [File not signed]
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS 

[22688 2014-08-12] (REALiX(tm))
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [54784 

2007-12-19] (ITE Tech. Inc. )
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [7680 

2006-12-15] (ATK0100)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18432 

2012-03-26] (Apple Inc.) [File not signed]
S3 RTL8169; C:\Windows\System32\DRIVERS\Rtlh86.sys [124928 

2008-08-07] (Realtek Corporation                           

                 ) [File not signed]
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys 

[1807744 2008-04-02] ()
R0 speedfan; C:\Windows\System32\speedfan.sys [25240 2011

-03-18] (Almico Software)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [646392 

2012-08-27] (Duplex Secure Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 

2013-08-05] (Avira GmbH)
S3 WSVD; C:\Windows\system32\drivers\WSVD.sys [81192 2008

-03-26] (CyberLink)
S3 IntcAzAudAddService; system32\drivers\RTKVHDA.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 RTHDMIAzAudService; system32\drivers\RtHDMIV.sys [X]

==================== NetSvcs (Whitelisted) 

===================


(If an item is included in the fixlist, it will be removed 

from the registry. Any associated file could be listed 

separately to be moved.)


==================== One Month Created Files and Folders 

========

(If an entry is included in the fixlist, the file\folder 

will be moved.)

2014-10-17 09:42 - 2014-10-17 09:42 - 00000000 ____D () 

C:\Users\Phillip\Downloads\FRST-OlderVersion
2014-10-17 09:41 - 2014-10-17 09:42 - 00000771 _____ () 

C:\Users\Phillip\Desktop\JRT.txt
2014-10-17 09:29 - 2014-10-17 09:29 - 00000000 ____D () 

C:\Windows\ERUNT
2014-10-17 09:28 - 2014-10-17 09:28 - 01705698 _____ 

(Thisisu) C:\Users\Phillip\Downloads\JRT.exe
2014-10-17 09:27 - 2014-10-17 09:27 - 00001566 _____ () 

C:\Users\Phillip\Desktop\AdwCleaner[S0].txt
2014-10-17 09:01 - 2014-09-05 01:27 - 00143360 _____ 

(Microsoft Corporation) C:\Windows\system32

\Drivers\fastfat.sys
2014-10-17 08:54 - 2014-09-16 18:56 - 00066560 _____ 

(Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-17 08:52 - 2014-10-17 09:07 - 00000000 ____D () 

C:\AdwCleaner
2014-10-16 21:33 - 2014-10-16 21:50 - 00001389 _____ () 

C:\Users\Phillip\Desktop\mbam.txt
2014-10-16 20:39 - 2014-10-17 09:23 - 00001032 _____ () 

C:\Windows\PFRO.log
2014-10-16 20:31 - 2014-10-16 21:49 - 00114904 _____ 

(Malwarebytes Corporation) C:\Windows\system32

\Drivers\MBAMSwissArmy.sys
2014-10-16 20:30 - 2014-10-16 20:30 - 00000899 _____ () 

C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-16 20:30 - 2014-10-16 20:30 - 00000000 ____D () 

C:\ProgramData\Microsoft\Windows\Start 

Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-16 20:30 - 2014-10-16 20:30 - 00000000 ____D () 

C:\ProgramData\Malwarebytes
2014-10-16 20:30 - 2014-10-16 20:30 - 00000000 ____D () 

C:\Program Files\ Malwarebytes Anti-Malware 
2014-10-16 20:30 - 2014-10-01 11:11 - 00075480 _____ 

(Malwarebytes Corporation) C:\Windows\system32

\Drivers\mbamchameleon.sys
2014-10-16 20:30 - 2014-10-01 11:11 - 00051928 _____ 

(Malwarebytes Corporation) C:\Windows\system32

\Drivers\mwac.sys
2014-10-16 20:30 - 2014-10-01 11:11 - 00023256 _____ 

(Malwarebytes Corporation) C:\Windows\system32

\Drivers\mbam.sys
2014-10-16 20:28 - 2014-10-16 20:29 - 01976320 _____ () 

C:\Users\Phillip\Downloads\AdwCleaner_4.000.exe
2014-10-16 20:27 - 2014-10-16 20:27 - 19828376 _____ 

(Malwarebytes Corporation ) 

C:\Users\Phillip\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-15 22:17 - 2014-10-15 22:17 - 99921584 _____ () 

C:\Users\Phillip\Downloads\8223_Hm2AutoUpdate.exe
2014-10-15 20:26 - 2014-10-15 20:27 - 04181856 _____ 

(Kaspersky Lab ZAO) 

C:\Users\Phillip\Desktop\tdsskiller.exe
2014-10-15 20:19 - 2014-10-15 20:19 - 00000000 ____D () 

C:\Users\Phillip\AppData\Local\AuxClient
2014-10-15 18:43 - 2014-10-15 18:43 - 00005970 _____ () 

C:\Users\Phillip\Desktop\GMER.log
2014-10-15 18:06 - 2014-10-15 18:06 - 00380416 _____ () 

C:\Users\Phillip\Downloads\bgxczuhg.exe
2014-10-15 17:54 - 2014-10-15 17:59 - 00036753 _____ () 

C:\Users\Phillip\Downloads\Addition.txt
2014-10-15 17:49 - 2014-10-17 09:43 - 00000000 ____D () 

C:\FRST
2014-10-15 17:49 - 2014-10-17 09:42 - 00018062 _____ () 

C:\Users\Phillip\Downloads\FRST.txt
2014-10-15 17:48 - 2014-10-15 17:48 - 01054912 _____ 

(Adobe) 

C:\Users\Phillip\Downloads\install_flashplayer15x32au_mssd

_aaa_aih.exe
2014-10-15 17:42 - 2014-10-15 17:42 - 00380416 _____ () 

C:\Users\Phillip\Downloads\Gmer-19357.exe
2014-10-15 17:41 - 2014-10-17 09:42 - 01102848 _____ 

(Farbar) C:\Users\Phillip\Downloads\FRST.exe
2014-10-15 17:41 - 2014-10-15 17:42 - 00000636 _____ () 

C:\Users\Phillip\Downloads\defogger_disable.log
2014-10-15 17:41 - 2014-10-15 17:42 - 00000020 _____ () 

C:\Users\Phillip\defogger_reenable
2014-10-15 15:06 - 2014-10-15 15:12 - 00050477 _____ () 

C:\Users\Phillip\Downloads\Defogger.exe
2014-10-15 14:50 - 2014-10-15 14:50 - 00000000 ____D () 

C:\Program Files\Mozilla Firefox
2014-10-13 16:48 - 2014-10-13 16:48 - 00001002 _____ () 

C:\Users\Public\Desktop\Avira.lnk
2014-09-30 10:46 - 2014-09-30 10:46 - 00000000 ____D () 

C:\Users\Phillip\AppData\Local\PDF24
2014-09-30 10:45 - 2014-09-30 10:45 - 00000000 ____D () 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2014-09-30 10:45 - 2014-09-30 10:45 - 00000000 ____D () 

C:\Program Files\PDF24
2014-09-30 10:42 - 2011-05-13 12:16 - 00493056 _____ ( 

datenhaus GmbH) C:\Windows\system32\dhRichClient3.dll
2014-09-30 10:42 - 2011-03-25 20:42 - 00338432 _____ () 

C:\Windows\system32\sqlite36_engine.dll
2014-09-30 10:41 - 2014-09-30 10:41 - 01101648 _____ () 

C:\Users\Phillip\Downloads\PDF24 Creator - CHIP-

Installer.exe
2014-09-30 10:39 - 2014-09-30 10:39 - 00000000 ____D () 

C:\Users\Phillip\.pdfsam
2014-09-26 08:25 - 2014-09-09 08:24 - 00002048 _____ 

(Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-23 18:07 - 2014-09-23 18:43 - 176351867 _____ () 

C:\Users\Phillip\Downloads\Rulez.NOF.21st.Sept.2014.HDTV 

Ptt (1).mp4
2014-09-20 12:59 - 2014-09-20 12:59 - 06958304 _____ 

(Microsoft Corporation) 

C:\Users\Phillip\Downloads\Silverlight.exe

==================== One Month Modified Files and Folders 

=======

(If an entry is included in the fixlist, the file\folder 

will be moved.)

2014-10-17 09:44 - 2012-08-22 20:15 - 00000884 _____ () 

C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-17 09:33 - 2008-12-10 23:49 - 01751569 _____ () 

C:\Windows\WindowsUpdate.log
2014-10-17 09:26 - 2014-02-25 11:05 - 00001096 _____ () 

C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-17 09:24 - 2006-11-02 14:47 - 00003216 ____H () 

C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-

2P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-17 09:24 - 2006-11-02 14:47 - 00003216 ____H () 

C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-

2P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-17 09:23 - 2014-02-25 11:05 - 00001100 _____ () 

C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-17 09:23 - 2006-11-02 15:01 - 00000006 ____H () 

C:\Windows\Tasks\SA.DAT
2014-10-17 09:19 - 2008-10-08 20:25 - 00000012 _____ () 

C:\Windows\bthservsdp.dat
2014-10-17 09:19 - 2006-11-02 15:01 - 00032514 _____ () 

C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-17 09:18 - 2013-08-15 10:06 - 00000000 ____D () 

C:\Windows\system32\MRT
2014-10-17 09:18 - 2006-11-02 13:18 - 00000000 ____D () 

C:\Windows\Microsoft.NET
2014-10-17 09:01 - 2006-11-02 12:24 - 100290944 _____ 

(Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-10-15 23:29 - 2012-08-23 11:33 - 00000000 ____D () 

C:\Users\Phillip\AppData\Roaming\HoldemManager
2014-10-15 22:37 - 2012-08-22 20:52 - 00000000 ____D () 

C:\Users\Phillip\AppData\Local\PokerStars.EU
2014-10-15 22:27 - 2012-11-06 10:57 - 00000000 ____D () 

C:\Program Files\Kodak
2014-10-15 22:27 - 2012-10-16 10:05 - 00000000 ____D () 

C:\ProgramData\Kodak
2014-10-15 22:27 - 2012-10-16 10:01 - 00000000 ____D () 

C:\Windows\system32\kodak
2014-10-15 22:27 - 2006-11-02 14:37 - 00000000 ____D () 

C:\Windows\twain_32
2014-10-15 22:26 - 2012-11-06 11:04 - 00000000 ____D () 

C:\Users\Phillip\AppData\Local\Eastman_Kodak_Company
2014-10-15 22:19 - 2013-10-11 17:14 - 00000885 _____ () 

C:\Users\Public\Desktop\HoldemManager2.lnk
2014-10-15 22:19 - 2013-05-10 08:13 - 00000000 ____D () 

C:\Program Files\Holdem Manager 2
2014-10-15 20:33 - 2013-02-18 16:16 - 00000000 ____D () 

C:\Program Files\Full Tilt Poker.Eu
2014-10-15 17:44 - 2012-08-21 23:02 - 00000000 ____D () 

C:\Program Files\Mozilla Maintenance Service
2014-10-15 17:41 - 2009-03-06 20:15 - 00000000 ____D () 

C:\Users\Phillip
2014-10-14 16:02 - 2013-08-05 23:39 - 00136216 _____ 

(Avira Operations GmbH & Co. KG) C:\Windows\system32

\Drivers\avipbb.sys
2014-10-14 16:01 - 2013-08-05 23:39 - 00098160 _____ 

(Avira Operations GmbH & Co. KG) C:\Windows\system32

\Drivers\avgntflt.sys
2014-10-13 18:25 - 2012-08-23 15:00 - 00001786 ____H () 

C:\Users\Phillip\Documents\Default.rdp
2014-10-13 16:48 - 2014-08-08 10:34 - 00000000 ____D () 

C:\ProgramData\Package Cache
2014-10-13 16:48 - 2013-08-05 23:39 - 00000000 ____D () 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-13 16:48 - 2013-08-05 23:39 - 00000000 ____D () 

C:\Program Files\Avira
2014-09-26 08:45 - 2006-11-02 13:18 - 00000000 ____D () 

C:\Windows\rescache
2014-09-26 08:29 - 2006-11-02 13:18 - 00000000 ____D () 

C:\Windows\system32\de-DE
2014-09-23 22:24 - 2012-10-15 19:34 - 00000000 ____D () 

C:\Users\Phillip\WWE
2014-09-23 21:44 - 2012-08-22 20:15 - 00701104 _____ 

(Adobe Systems Incorporated) C:\Windows\system32

\FlashPlayerApp.exe
2014-09-23 21:44 - 2012-08-22 20:15 - 00071344 _____ 

(Adobe Systems Incorporated) C:\Windows\system32

\FlashPlayerCPLApp.cpl
2014-09-19 10:49 - 2012-08-23 16:45 - 00002425 _____ () 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe 

Reader X.lnk
2014-09-18 11:16 - 2013-02-20 21:02 - 00000000 ____D () 

C:\Users\Phillip\Documents\Nathi

Some content of TEMP:
====================
C:\Users\Phillip\AppData\Local\Temp\avgnt.exe
C:\Users\Phillip\AppData\Local\Temp\Quarantine.exe
C:\Users\Phillip\AppData\Local\Temp\sqlite3.dll
C:\Users\Phillip\AppData\Local\Temp\_unps.exe


==================== Bamital & volsnap Check 

=================

(There is no automatic fix for files that do not pass 

verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally 

signed
C:\Windows\system32\wininit.exe => File is digitally 

signed
C:\Windows\system32\svchost.exe => File is digitally 

signed
C:\Windows\system32\services.exe => File is digitally 

signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally 

signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is 

digitally signed


LastRegBack: 2014-10-17 09:30

==================== End Of Log 

============================
         
Danke!


Alt 17.10.2014, 22:47   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Videos ruckeln besonders in Firefox - Standard

Videos ruckeln besonders in Firefox




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Videos ruckeln besonders in Firefox

Alt 22.10.2014, 20:13   #7
Ahnungslos11
 
Videos ruckeln besonders in Firefox - Standard

Videos ruckeln besonders in Firefox



Zitat:
Zitat von schrauber Beitrag anzeigen
ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
Hallo schrauber,

eine kurze Rückmeldung: Ich habe jetzt vier- bis fünfmal versucht, ESET über den Laptop laufen zu lassen. Allerdings bin ich dabei nie bis zum Ende gekommen, da der PC sich nach etwa acht Stunden festfährt. Dabei lässt sich die Maus nicht mehr bewegen, die Zeitangabe in ESET läuft hingegen weiter.

Alt 23.10.2014, 12:18   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Videos ruckeln besonders in Firefox - Standard

Videos ruckeln besonders in Firefox



ESET weglassen, mach dafür nen Vollscan mit deinem AV Programm.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.12.2014, 15:07   #9
Ahnungslos11
 
Videos ruckeln besonders in Firefox - Standard

Videos ruckeln besonders in Firefox



Hallo schrauber,

leider wurde auch das nach unzähligen Versuchen nichts. Der PC hängt sich nach ein paar Stunden auf.
Mittlerweile ist das Problem aber schon so, dass der Laptop bereits nach wenigen Minuten (unterschiedlich, etwa 20 min) nichts mehr tut. Das äußert sich wie folgt: Der Mauszeiger verwandelt sich kurzzeitig in das Wartesymbol (dieser Kreis von Vista) und lässt sich noch bewegen. Wenig später ist er verschwunden und man muss den Standby-Knopf drücken, da nichts mehr geht.

Gruß

Alt 09.12.2014, 19:07   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Videos ruckeln besonders in Firefox - Standard

Videos ruckeln besonders in Firefox



ProcessExplorer als Ersatz für den Windows Taskmanager installieren

Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden.

Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt.

Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen).


Und Process Explorer vorher öffnen und offen lassen, damit Du siehst was abgeht wenn der Rechner hängt.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.12.2014, 19:50   #11
Ahnungslos11
 
Videos ruckeln besonders in Firefox - Standard

Videos ruckeln besonders in Firefox



Danke für Deine schnelle Antwort.

Der Prozess, der den höchsten Wert bei CPU einnimmt, ist System ilde process.
Im Anhang die gesamte Übersicht sowie die Eigenschaften von System ilde process.
Miniaturansicht angehängter Grafiken
Videos ruckeln besonders in Firefox-processexplorer1.jpg   Videos ruckeln besonders in Firefox-processexplorer2.jpg   Videos ruckeln besonders in Firefox-system-ilde.jpg  

Alt 10.12.2014, 15:23   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Videos ruckeln besonders in Firefox - Standard

Videos ruckeln besonders in Firefox



System Idle ist der Leerlauf, der muss so hoch wie möglich sein. Das ist normal.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.12.2014, 08:54   #13
Ahnungslos11
 
Videos ruckeln besonders in Firefox - Standard

Videos ruckeln besonders in Firefox



Ok, danke, das wusste ich nicht. Fällt Dir sonst irgendetwas auf? Firefox ist ansonsten der größte Prozess.

Alt 11.12.2014, 22:49   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Videos ruckeln besonders in Firefox - Standard

Videos ruckeln besonders in Firefox



Schalte mal die Hardwarebeschleunigung ab in Firefox. Wie verhält sich der Rechner jetzt?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.12.2014, 16:10   #15
Ahnungslos11
 
Videos ruckeln besonders in Firefox - Standard

Videos ruckeln besonders in Firefox



Zitat:
Zitat von schrauber Beitrag anzeigen
Schalte mal die Hardwarebeschleunigung ab in Firefox. Wie verhält sich der Rechner jetzt?
Festgelaufen hat er sich jetzt nicht mehr, allerdings hatte ich auch schon länger keinen zehnstündigen Dauerbetrieb, wie es bei dem Scan immer der Fall ist.

Durch das Deaktivieren der Hardwarebeschleunigung im Firefox ist das Ruckeln leider nicht behoben.

Antwort

Themen zu Videos ruckeln besonders in Firefox
4d36e972-e325-11ce-bfc1-08002be10318, adware, antivir, antivirus, avira, bonjour, branding, browser, converter, cpu, desktop, device driver, dvdvideosoft ltd., firefox, flash player, home, mozilla, mp3, problem, realtek, registry, required, rundll, scan, security, shark, software, svchost.exe, system, windows



Ähnliche Themen: Videos ruckeln besonders in Firefox


  1. Windows 7 hakt ständig. Besonders Firefox.
    Alles rund um Windows - 28.08.2015 (40)
  2. Windows 7 Home Pro: System langsam, Videos ruckeln
    Log-Analyse und Auswertung - 13.05.2015 (19)
  3. Windows 8.1 Browser langsam und Videos ruckeln nach "optimierung" durch einen Freund
    Log-Analyse und Auswertung - 17.03.2015 (9)
  4. Windows 7 - Internet stürzt nach einigen Minuten ab, besonders beim Abspielen von Videos
    Log-Analyse und Auswertung - 07.01.2015 (19)
  5. Videos und Zwischensequenzen ruckeln bei 3 unterschiedlichen Rechnern
    Plagegeister aller Art und deren Bekämpfung - 24.12.2014 (14)
  6. Videos ruckeln besonders in Firefox
    Alles rund um Windows - 02.09.2014 (7)
  7. pc langsam, videos ruckeln, verdacht auf virus
    Log-Analyse und Auswertung - 30.01.2014 (7)
  8. Videos im Internet ruckeln ohne Ausnahme!
    Alles rund um Windows - 30.11.2013 (4)
  9. Nach WIN und Firefox Update ruckeln im Firefox und verschwundene Emails
    Log-Analyse und Auswertung - 08.01.2013 (28)
  10. videos ruckeln bei allen browsern - prozessorauslastung geht auf 100%
    Alles rund um Windows - 12.08.2012 (5)
  11. Firefox lädt langsam, Flashplayer ruckeln, Laptop wird heiß...
    Alles rund um Windows - 31.10.2011 (2)
  12. Videos und Filme im Internet ruckeln.
    Alles rund um Windows - 11.08.2011 (34)
  13. Videos laufen bei Firefox nicht
    Plagegeister aller Art und deren Bekämpfung - 17.09.2010 (1)
  14. Videos downloaden per Firefox-addon
    Diskussionsforum - 30.11.2009 (0)
  15. Bink Videos ruckeln/laggen
    Alles rund um Windows - 01.10.2009 (12)
  16. Videos ruckeln plötzlich, bitte um Logfile-Auswertung
    Log-Analyse und Auswertung - 10.03.2009 (0)
  17. cpu ausgelastet 100% besonders bei abspielen von videos im wmp- VIRUS???
    Log-Analyse und Auswertung - 24.01.2008 (1)

Zum Thema Videos ruckeln besonders in Firefox - Hallo, mein Problem dreht sich um den Browser Mozilla Firefox (Version 33.0). Das Problem tritt insbesondere bei HD-Videos (aber auch bei niedrigerer Qualität) auf, obwohl die Bandbreite dafür locker ausreichen - Videos ruckeln besonders in Firefox...
Archiv
Du betrachtest: Videos ruckeln besonders in Firefox auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.