Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Überwachungstool ?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.11.2014, 09:48   #1
klopsiman
 
Überwachungstool ? - Standard

Überwachungstool ?



Hallo liebe TB-Community

Gestern hab ich sofort Panik bekommen, als sich meine Maus plötzlich selbständig gemacht hat und das Vollbild zugemacht hatte, als ich auf twitch.tv unterwegs war.
Ich hab mir einen stream in Vollbild angeschaut und plötzlich schließt sich das Vollbild-Fenster und das Rechtsklick-Fenster öffnet sich.
Ich wurde sofort panisch und suchte in Google nach ähnlichem.
Hab sofort Beiträge über Fernüberwachungstools gefunden.
Kann mir vielleicht jemand, der mehr Ahnung auf diesem Gebiet hat, helfen.
Ich würde gern sicher sein, das auf meinem Computer sich nichts "eingenistet" hat.
Bin ganz besorgt.

Alt 01.11.2014, 09:55   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Überwachungstool ? - Standard

Überwachungstool ?





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.



Los geht's:

Schritt 1


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 01.11.2014, 11:32   #3
klopsiman
 
Überwachungstool ? - Standard

Überwachungstool ?



Hab ich gemacht:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-11-2014
Ran by klopsi (administrator) on KLOPSI-PC on 01-11-2014 12:29:46
Running from C:\Users\klopsi\Desktop
Loaded Profiles: klopsi &  (Available profiles: klopsi)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_189.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AVG_UI] => "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-09-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124720 2014-10-09] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2515552902-1029408911-2965342807-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2515552902-1029408911-2965342807-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-2515552902-1029408911-2965342807-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-2515552902-1029408911-2965342807-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [DisallowRun] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF ProfilePath: C:\Users\klopsi\AppData\Roaming\Mozilla\Firefox\Profiles\f5e6t17i.default
FF Homepage: hxxp://encrypted.google.com/
FF Keyword.URL: 
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\klopsi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\klopsi\AppData\Roaming\Mozilla\Firefox\Profiles\f5e6t17i.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\klopsi\AppData\Roaming\Mozilla\Firefox\Profiles\f5e6t17i.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\klopsi\AppData\Roaming\Mozilla\Firefox\Profiles\f5e6t17i.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\klopsi\AppData\Roaming\Mozilla\Firefox\Profiles\f5e6t17i.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\klopsi\AppData\Roaming\Mozilla\Firefox\Profiles\f5e6t17i.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: WOT - C:\Users\klopsi\AppData\Roaming\Mozilla\Firefox\Profiles\f5e6t17i.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-10-26]
FF Extension: FastestFox - C:\Users\klopsi\AppData\Roaming\Mozilla\Firefox\Profiles\f5e6t17i.default\Extensions\smarterwiki@wikiatic.com.xpi [2014-08-01]
FF Extension: Adblock Plus - C:\Users\klopsi\AppData\Roaming\Mozilla\Firefox\Profiles\f5e6t17i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-01]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\klopsi\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-08-03]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-09-24] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [162096 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe" [X]
S2 avgwd; "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe" [X]
S2 vToolbarUpdater3.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-09-24] (Avira Operations GmbH & Co. KG)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-31] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-09-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-09-24] (Avira Operations GmbH & Co. KG)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-01 12:29 - 2014-11-01 12:30 - 00009503 _____ () C:\Users\klopsi\Desktop\FRST.txt
2014-11-01 12:29 - 2014-11-01 12:29 - 00000000 ____D () C:\FRST
2014-11-01 12:27 - 2014-11-01 12:27 - 02114048 _____ (Farbar) C:\Users\klopsi\Desktop\FRST64.exe
2014-11-01 12:27 - 2014-11-01 12:27 - 00000000 ____D () C:\Users\klopsi\Desktop\Frst.2
2014-10-31 23:35 - 2014-10-31 23:37 - 131078000 _____ (AVAST Software) C:\Users\klopsi\Downloads\avast_free_antivirus_setup_10.exe
2014-10-31 23:16 - 2014-10-31 23:16 - 00000000 ____H () C:\Users\klopsi\Documents\Default.rdp
2014-10-31 11:20 - 2014-10-31 11:20 - 05424601 _____ () C:\Users\klopsi\Downloads\USB_Oszilloskop.zip
2014-10-29 22:50 - 2014-10-29 22:50 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-10-28 20:53 - 2014-10-28 20:53 - 00000000 ____D () C:\Users\klopsi\AppData\Roaming\Unity
2014-10-28 20:52 - 2014-10-28 20:52 - 01080416 _____ (Unity Technologies ApS) C:\Users\klopsi\Downloads\UnityWebPlayer.exe
2014-10-28 20:52 - 2014-10-28 20:52 - 00000000 ____D () C:\Users\klopsi\AppData\Local\Unity
2014-10-26 15:37 - 2014-10-31 12:11 - 00000000 ____D () C:\Users\klopsi\Desktop\EIB S1
2014-10-26 14:36 - 2014-10-31 23:14 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-26 14:34 - 2014-10-26 14:39 - 00000000 ____D () C:\ProgramData\TEMP
2014-10-26 14:34 - 2014-10-26 14:34 - 00001083 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk
2014-10-26 14:34 - 2014-10-26 14:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2014-10-26 14:34 - 2014-10-26 14:34 - 00000000 ____D () C:\ProgramData\Licenses
2014-10-26 14:34 - 2014-10-26 14:34 - 00000000 ____D () C:\Program Files (x86)\SpywareBlaster
2014-10-26 14:34 - 2011-11-04 05:13 - 01070352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2014-10-26 14:34 - 2009-03-24 12:52 - 00129872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2014-10-26 14:29 - 2014-10-26 14:29 - 01156136 _____ (Ruiware) C:\Users\klopsi\Downloads\wpsetup.exe
2014-10-26 14:27 - 2014-10-26 14:27 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-26 14:27 - 2014-10-26 14:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-26 14:27 - 2014-10-26 14:27 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-26 14:27 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-26 14:27 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-26 14:27 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-26 14:25 - 2014-10-26 14:25 - 00001073 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2014-10-26 14:25 - 2014-10-26 14:25 - 00000000 ____D () C:\Users\klopsi\AppData\Local\Secunia PSI
2014-10-26 14:25 - 2014-10-26 14:25 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-10-26 14:24 - 2014-10-26 14:24 - 05329480 _____ (Secunia) C:\Users\klopsi\Downloads\PSISetup_3.0.0.9016(1).exe
2014-10-26 14:23 - 2014-10-26 14:23 - 00448512 _____ (OldTimer Tools) C:\Users\klopsi\Downloads\TFC.exe
2014-10-26 14:21 - 2014-10-26 14:22 - 04095448 _____ (BrightFort LLC ) C:\Users\klopsi\Downloads\spywareblastersetup50.exe
2014-10-26 14:21 - 2014-10-26 14:21 - 00526323 _____ () C:\Users\klopsi\Downloads\web_of_trust_wot-20131118-fx.zip
2014-10-26 14:20 - 2014-10-26 14:20 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\klopsi\Downloads\mbam-setup-2.0.3.1025(1).exe
2014-10-26 14:20 - 2014-10-26 14:20 - 05329480 _____ (Secunia) C:\Users\klopsi\Downloads\PSISetup_3.0.0.9016.exe
2014-10-26 13:29 - 2014-10-26 13:29 - 00000000 ____D () C:\Users\klopsi\Documents\My eBooks
2014-10-26 13:29 - 2014-10-26 13:29 - 00000000 ____D () C:\Users\klopsi\AppData\Roaming\AdobeUM
2014-10-26 12:47 - 2014-10-26 12:47 - 00000866 _____ () C:\DelFix.txt
2014-10-22 23:47 - 2014-10-22 23:47 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-22 23:47 - 2014-10-22 23:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-22 23:43 - 2014-10-22 23:44 - 01055936 _____ (Adobe) C:\Users\klopsi\Downloads\install_flashplayer15x32_mssd_aaa_aih.exe
2014-10-22 23:42 - 2014-10-22 23:42 - 00854704 _____ (Adobe Systems Incorporated) C:\Users\klopsi\Downloads\uninstall_flash_player.exe
2014-10-22 23:40 - 2014-10-22 23:40 - 17960624 _____ (Adobe Systems Incorporated) C:\Users\klopsi\Downloads\install_flash_player_13_plugin.exe
2014-10-22 23:38 - 2014-10-22 23:38 - 17919664 _____ (Adobe Systems Incorporated) C:\Users\klopsi\Downloads\install_flash_player_15_plugin.exe
2014-10-22 21:10 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-22 21:10 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-22 21:10 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-22 21:10 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-22 21:10 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-22 21:10 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-22 21:10 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-22 21:10 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-22 21:10 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-22 21:10 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-22 21:10 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-22 21:10 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-22 21:10 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-22 21:10 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-22 21:10 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-22 21:10 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-22 21:10 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-22 21:10 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-22 21:10 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-22 21:10 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-22 21:10 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-22 21:10 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-22 21:10 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-22 21:09 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-22 21:09 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-22 21:09 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-22 21:09 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-22 21:09 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-22 21:09 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-22 21:09 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-22 21:09 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-22 21:09 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-22 21:09 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-22 21:09 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-22 21:09 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-22 21:09 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-22 21:09 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-22 21:09 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-22 21:09 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-22 21:09 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-22 21:09 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-22 21:09 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-22 21:09 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-22 21:09 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-22 21:09 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-22 21:09 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-22 21:09 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-22 21:09 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-22 21:09 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-22 21:09 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-22 21:09 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-22 21:09 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-22 21:09 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-22 21:09 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-22 21:09 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-22 21:09 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-22 21:09 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-22 21:09 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-22 21:09 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-22 21:09 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-22 21:09 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-22 21:09 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-22 21:09 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-22 21:09 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-22 21:09 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-22 21:09 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-22 21:09 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-22 21:09 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-22 21:09 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-22 21:09 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-22 21:09 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-22 21:09 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-22 21:09 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-22 21:09 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-22 21:09 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-22 21:09 - 2014-07-07 03:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-10-22 21:09 - 2014-07-07 03:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-10-22 21:09 - 2014-07-07 02:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-10-22 21:09 - 2014-07-07 02:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-10-22 21:09 - 2014-07-07 02:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-10-22 21:09 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-22 21:09 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-22 21:09 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-22 21:09 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-22 21:09 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-22 21:09 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-22 21:09 - 2014-05-30 09:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-10-22 21:09 - 2014-05-30 09:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-10-22 21:09 - 2014-05-30 09:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-10-22 21:09 - 2014-05-30 09:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-10-22 21:09 - 2014-05-30 08:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-10-22 21:09 - 2014-05-30 08:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-10-22 21:09 - 2014-05-30 08:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-10-22 21:09 - 2014-05-30 08:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-10-22 21:06 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-10-22 21:06 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-10-22 21:05 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-22 21:05 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-22 20:50 - 2014-10-22 20:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-22 20:04 - 2014-10-22 20:05 - 00000000 ____D () C:\Users\klopsi\Desktop\FRST
2014-10-19 19:26 - 2014-10-19 19:26 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2014-10-18 14:06 - 2014-10-18 14:06 - 01121208 _____ () C:\Users\klopsi\Downloads\ProcessMonitor.zip
2014-10-18 14:06 - 2014-10-18 14:06 - 00000000 ____D () C:\Users\klopsi\Downloads\ProcessMonitor
2014-10-18 13:21 - 2014-10-18 13:20 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-10-18 13:18 - 2014-09-24 11:44 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-10-18 13:18 - 2014-09-24 11:44 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-10-18 13:18 - 2014-09-24 11:44 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-10-18 13:16 - 2014-10-29 22:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-18 13:16 - 2014-10-18 13:16 - 00000000 ____D () C:\Windows\ERUNT
2014-10-18 13:15 - 2014-10-18 13:15 - 04714656 _____ (Avira Operations GmbH & Co. KG) C:\Users\klopsi\Downloads\avira_de_av___ws.exe
2014-10-18 11:51 - 2014-10-18 11:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-18 11:36 - 2014-10-18 11:37 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\klopsi\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-06 19:20 - 2014-10-13 08:13 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-10-06 19:20 - 2014-10-06 20:16 - 00000000 ____D () C:\Users\klopsi\AppData\Roaming\TS3Client
2014-10-06 14:05 - 2014-10-06 14:05 - 00000000 ____D () C:\Users\klopsi\AppData\Local\Blizzard
2014-10-06 13:59 - 2014-10-13 08:13 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-10-06 13:58 - 2014-10-06 13:58 - 00000000 ____D () C:\Users\klopsi\AppData\Local\Blizzard Entertainment
2014-10-06 13:57 - 2014-10-13 08:13 - 00000000 ____D () C:\Users\klopsi\AppData\Roaming\Battle.net
2014-10-06 13:57 - 2014-10-13 08:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-10-06 13:57 - 2014-10-13 08:13 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-06 13:57 - 2014-10-12 12:56 - 00000000 ____D () C:\Users\klopsi\AppData\Local\Battle.net
2014-10-06 13:57 - 2014-10-06 13:57 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-10-06 13:57 - 2014-10-06 13:57 - 00000000 ____D () C:\ProgramData\Battle.net

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-01 12:25 - 2014-08-02 19:26 - 00000000 ____D () C:\Users\klopsi\AppData\Roaming\Skype
2014-11-01 12:25 - 2014-08-01 21:25 - 01799148 _____ () C:\Windows\WindowsUpdate.log
2014-11-01 00:11 - 2014-08-05 20:55 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-01 00:10 - 2014-08-02 07:22 - 00000000 ____D () C:\Windows\Panther
2014-10-31 23:32 - 2009-07-14 05:45 - 00026704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-31 23:32 - 2009-07-14 05:45 - 00026704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-31 22:17 - 2014-08-02 07:20 - 00698926 _____ () C:\Windows\system32\perfh007.dat
2014-10-31 22:17 - 2014-08-02 07:20 - 00149034 _____ () C:\Windows\system32\perfc007.dat
2014-10-31 22:17 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-31 07:30 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-29 22:51 - 2014-09-25 17:40 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-26 14:29 - 2014-09-21 16:38 - 00000000 ____D () C:\Users\klopsi\AppData\Local\Adobe
2014-10-26 13:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-26 13:31 - 2014-08-22 15:47 - 00000076 _____ () C:\Users\klopsi\Desktop\Neues Textdokument.txt
2014-10-22 21:26 - 2009-07-14 05:45 - 00265696 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-22 21:25 - 2014-08-01 21:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-22 21:12 - 2014-08-02 20:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-22 20:24 - 2014-08-03 19:34 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-22 20:03 - 2014-08-22 11:16 - 00000000 ____D () C:\ProgramData\MFAData
2014-10-18 13:16 - 2014-08-01 21:35 - 00057560 _____ () C:\Users\klopsi\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-13 08:24 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-13 08:15 - 2014-08-01 21:30 - 00000000 ____D () C:\Users\klopsi
2014-10-13 08:14 - 2014-08-31 16:38 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-10-13 08:14 - 2014-08-22 11:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-10-13 08:14 - 2014-08-22 11:22 - 00000000 ____D () C:\ProgramData\AVG2014
2014-10-13 08:14 - 2014-08-02 19:26 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-13 08:14 - 2014-08-02 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-13 08:14 - 2014-08-01 22:11 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-10-13 08:14 - 2014-08-01 22:11 - 00000000 ____D () C:\Windows\system32\Macromed
2014-10-13 08:13 - 2014-08-22 11:16 - 00000000 ____D () C:\Users\klopsi\AppData\Local\Avg2014
2014-10-13 08:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-10-03 09:02 - 2014-08-02 20:28 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\klopsi\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-26 13:49

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-11-2014
Ran by klopsi at 2014-11-01 12:30:43
Running from C:\Users\klopsi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
AVG 2014 (Version: 14.0.4015 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
Avira (HKLM-x32\...\{dc9a688a-12cb-4a22-b449-23d849d01dc7}) (Version: 1.1.24.28609 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.24.28609 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.2 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Sauerbraten (HKLM-x32\...\Sauerbraten) (Version:  - )
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

09-10-2014 09:48:28 Windows Update
13-10-2014 07:09:40 Wiederherstellungsvorgang
22-10-2014 20:10:13 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {DA4A0661-015A-4A9B-877E-FC6C5925347B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)

==================== Loaded Modules (whitelisted) =============

2014-10-22 20:50 - 2014-10-22 20:51 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-10-18 11:27 - 2014-10-22 23:47 - 16832176 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2515552902-1029408911-2965342807-500 - Administrator - Disabled)
Gast (S-1-5-21-2515552902-1029408911-2965342807-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2515552902-1029408911-2965342807-1002 - Limited - Enabled)
klopsi (S-1-5-21-2515552902-1029408911-2965342807-1000 - Administrator - Enabled) => C:\Users\klopsi

==================== Faulty Device Manager Devices =============

Name: WebCam
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/31/2014 07:31:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2014 02:28:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm psi.exe, Version 3.0.0.9016 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 11a0

Startzeit: 01cff120a12708ad

Endzeit: 10

Anwendungspfad: C:\Program Files (x86)\Secunia\PSI\psi.exe

Berichts-ID: ecdb9168-5d13-11e4-9b79-dc0ea1a3207a

Error: (10/26/2014 02:26:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm psi.exe, Version 3.0.0.9016 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 248

Startzeit: 01cff1204d67e463

Endzeit: 10

Anwendungspfad: C:\Program Files (x86)\Secunia\PSI\psi.exe

Berichts-ID: bd5cb9a7-5d13-11e4-9b79-dc0ea1a3207a

Error: (10/26/2014 00:50:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2014 04:48:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2014 09:56:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2014 09:27:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/22/2014 09:27:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/22/2014 08:00:31 PM) (Source: MsiInstaller) (EventID: 1024) (User: klopsi-PC)
Description: Produkt: Adobe Reader XI (11.0.08) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011009}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (10/22/2014 07:58:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (10/31/2014 07:30:30 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
Avgldx64

Error: (10/31/2014 07:30:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater3.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/31/2014 07:30:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVG WatchDog" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/31/2014 07:30:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVGIDSAgent" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/29/2014 11:33:28 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (10/26/2014 00:50:12 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
Avgldx64

Error: (10/26/2014 00:49:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater3.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/26/2014 00:49:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVG WatchDog" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/26/2014 00:49:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AVGIDSAgent" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (10/23/2014 04:47:19 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
Avgldx64


Microsoft Office Sessions:
=========================
Error: (10/31/2014 07:31:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/26/2014 02:28:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: psi.exe3.0.0.901611a001cff120a12708ad10C:\Program Files (x86)\Secunia\PSI\psi.exeecdb9168-5d13-11e4-9b79-dc0ea1a3207a

Error: (10/26/2014 02:26:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: psi.exe3.0.0.901624801cff1204d67e46310C:\Program Files (x86)\Secunia\PSI\psi.exebd5cb9a7-5d13-11e4-9b79-dc0ea1a3207a

Error: (10/26/2014 00:50:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2014 04:48:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2014 09:56:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/23/2014 09:27:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/22/2014 09:27:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/22/2014 08:00:31 PM) (Source: MsiInstaller) (EventID: 1024) (User: klopsi-PC)
Description: Adobe Reader XI (11.0.08) - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011009}1625(NULL)(NULL)(NULL)

Error: (10/22/2014 07:58:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU P6200 @ 2.13GHz
Percentage of memory in use: 32%
Total physical RAM: 7862.7 MB
Available physical RAM: 5326.72 MB
Total Pagefile: 19860.88 MB
Available Pagefile: 17184.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.54 GB) (Free:647.65 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 35C812CA)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
__________________

Alt 01.11.2014, 11:40   #4
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Überwachungstool ? - Standard

Überwachungstool ?



Hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 01.11.2014, 15:31   #5
klopsiman
 
Überwachungstool ? - Standard

Überwachungstool ?



Code:
ATTFilter
16:22:14.0121 0x18d4  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
16:22:18.0138 0x18d4  ============================================================
16:22:18.0138 0x18d4  Current date / time: 2014/11/01 16:22:18.0138
16:22:18.0138 0x18d4  SystemInfo:
16:22:18.0138 0x18d4  
16:22:18.0138 0x18d4  OS Version: 6.1.7601 ServicePack: 1.0
16:22:18.0138 0x18d4  Product type: Workstation
16:22:18.0138 0x18d4  ComputerName: KLOPSI-PC
16:22:18.0138 0x18d4  UserName: klopsi
16:22:18.0138 0x18d4  Windows directory: C:\Windows
16:22:18.0138 0x18d4  System windows directory: C:\Windows
16:22:18.0138 0x18d4  Running under WOW64
16:22:18.0138 0x18d4  Processor architecture: Intel x64
16:22:18.0138 0x18d4  Number of processors: 2
16:22:18.0138 0x18d4  Page size: 0x1000
16:22:18.0138 0x18d4  Boot type: Normal boot
16:22:18.0138 0x18d4  ============================================================
16:22:20.0821 0x18d4  KLMD registered as C:\Windows\system32\drivers\85304370.sys
16:22:21.0131 0x18d4  System UUID: {A7ED6027-D90F-4AEC-4950-786047F43A44}
16:22:21.0979 0x18d4  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:22:21.0989 0x18d4  ============================================================
16:22:21.0989 0x18d4  \Device\Harddisk0\DR0:
16:22:21.0990 0x18d4  MBR partitions:
16:22:21.0990 0x18d4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:22:21.0990 0x18d4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x575136F0
16:22:21.0990 0x18d4  ============================================================
16:22:22.0009 0x18d4  C: <-> \Device\Harddisk0\DR0\Partition2
16:22:22.0009 0x18d4  ============================================================
16:22:22.0009 0x18d4  Initialize success
16:22:22.0009 0x18d4  ============================================================
16:22:37.0710 0x06d8  ============================================================
16:22:37.0710 0x06d8  Scan started
16:22:37.0710 0x06d8  Mode: Manual; 
16:22:37.0710 0x06d8  ============================================================
16:22:37.0710 0x06d8  KSN ping started
16:22:40.0451 0x06d8  KSN ping finished: true
16:22:41.0691 0x06d8  ================ Scan system memory ========================
16:22:41.0691 0x06d8  System memory - ok
16:22:41.0691 0x06d8  ================ Scan services =============================
16:22:41.0889 0x06d8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:22:41.0907 0x06d8  1394ohci - ok
16:22:41.0976 0x06d8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:22:41.0994 0x06d8  ACPI - ok
16:22:42.0003 0x06d8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:22:42.0008 0x06d8  AcpiPmi - ok
16:22:42.0154 0x06d8  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:22:42.0169 0x06d8  AdobeARMservice - ok
16:22:42.0229 0x06d8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:22:42.0251 0x06d8  adp94xx - ok
16:22:42.0274 0x06d8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:22:42.0288 0x06d8  adpahci - ok
16:22:42.0298 0x06d8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:22:42.0309 0x06d8  adpu320 - ok
16:22:42.0336 0x06d8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:22:42.0346 0x06d8  AeLookupSvc - ok
16:22:42.0399 0x06d8  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
16:22:42.0423 0x06d8  AFD - ok
16:22:42.0454 0x06d8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:22:42.0463 0x06d8  agp440 - ok
16:22:42.0478 0x06d8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:22:42.0486 0x06d8  ALG - ok
16:22:42.0496 0x06d8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:22:42.0501 0x06d8  aliide - ok
16:22:42.0516 0x06d8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:22:42.0521 0x06d8  amdide - ok
16:22:42.0551 0x06d8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:22:42.0560 0x06d8  AmdK8 - ok
16:22:42.0581 0x06d8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
16:22:42.0589 0x06d8  AmdPPM - ok
16:22:42.0616 0x06d8  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:22:42.0625 0x06d8  amdsata - ok
16:22:42.0654 0x06d8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:22:42.0665 0x06d8  amdsbs - ok
16:22:42.0676 0x06d8  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:22:42.0681 0x06d8  amdxata - ok
16:22:42.0801 0x06d8  [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:22:42.0820 0x06d8  AntiVirSchedulerService - ok
16:22:42.0860 0x06d8  [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:22:42.0880 0x06d8  AntiVirService - ok
16:22:42.0920 0x06d8  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
16:22:42.0928 0x06d8  AppID - ok
16:22:42.0950 0x06d8  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:22:42.0961 0x06d8  AppIDSvc - ok
16:22:42.0997 0x06d8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
16:22:43.0010 0x06d8  Appinfo - ok
16:22:43.0062 0x06d8  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
16:22:43.0074 0x06d8  AppMgmt - ok
16:22:43.0093 0x06d8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
16:22:43.0102 0x06d8  arc - ok
16:22:43.0139 0x06d8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:22:43.0149 0x06d8  arcsas - ok
16:22:43.0251 0x06d8  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:22:43.0261 0x06d8  aspnet_state - ok
16:22:43.0276 0x06d8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:22:43.0281 0x06d8  AsyncMac - ok
16:22:43.0293 0x06d8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:22:43.0294 0x06d8  atapi - ok
16:22:43.0424 0x06d8  [ CC406DA84E7DD3FA3AD20340DBC66CF2, 295F02AA66A3E7879329DC18A741021923C7B389AD8AC6C25A07CAAD6D9CAD33 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
16:22:43.0494 0x06d8  athr - ok
16:22:43.0556 0x06d8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:22:43.0582 0x06d8  AudioEndpointBuilder - ok
16:22:43.0622 0x06d8  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:22:43.0638 0x06d8  AudioSrv - ok
16:22:43.0675 0x06d8  [ CDE60914D4ED81291F0CCFDB2CA311B9, 414D9BFF4E7DA17194695CB99B9E7F82C1616F4C228E6E9087208D290B9ED64D ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
16:22:43.0687 0x06d8  Avgdiska - ok
16:22:43.0697 0x06d8  AVGIDSAgent - ok
16:22:43.0716 0x06d8  [ E7E1A0AB30587BF3734A2EC66BBCE743, F2D662A2CC29B9B8C1D7AA3424CAAB18A78C60E9557D992EF14BC15DB1438B54 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
16:22:43.0730 0x06d8  AVGIDSDriver - ok
16:22:43.0755 0x06d8  [ B0E4A1F342A3F8B75C4A4ADB044761C9, 208D033EE04206FEDFC99102025A53D53EF2D3FB373882776DE43D663BE9A01B ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
16:22:43.0767 0x06d8  AVGIDSHA - ok
16:22:43.0794 0x06d8  [ 5D115BF49AE159D4D7D1EBC640CB138F, F529FB749AB8098B657DEB4637B9B87FA2DE4806F37AC9257542B7E522BA487E ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
16:22:43.0807 0x06d8  Avgldx64 - ok
16:22:43.0885 0x06d8  [ 197F28711B4B71E6575E5298CCEDC737, 16B7A9E59CA5EF8241029E16408CC1DD77004B195C9FE0677DE35A723FCA3DB4 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
16:22:43.0902 0x06d8  Avgloga - ok
16:22:43.0921 0x06d8  [ 22B257B0A8A83924CB96D1BA2A076C2F, BA1E33DC2D76F9347160E159BFB857E673222745409686E32E707EB2847A2520 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
16:22:43.0931 0x06d8  Avgmfx64 - ok
16:22:43.0962 0x06d8  [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
16:22:43.0976 0x06d8  avgntflt - ok
16:22:44.0006 0x06d8  [ C4F9056928B26BCAF15872E46B29184F, 0A1574937D120B8872947C4C68F1706BB9713B0D00AD62BE8082499C944114BA ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
16:22:44.0013 0x06d8  Avgrkx64 - ok
16:22:44.0035 0x06d8  [ 0971913995F5FAFD711B0B2426A175E9, 1009E628997B56697BA976E376A9E9D39082E7057D6EFF37D57FDCA2057B9498 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
16:22:44.0048 0x06d8  Avgtdia - ok
16:22:44.0081 0x06d8  [ 68430AD3FB0FADBFA5D1677617D1E1F5, CF732DD21B472653AB0A4063455F2E7608F3075C255B9882D18CB52026B6C972 ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
16:22:44.0088 0x06d8  avgtp - ok
16:22:44.0091 0x06d8  avgwd - ok
16:22:44.0109 0x06d8  [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
16:22:44.0122 0x06d8  avipbb - ok
16:22:44.0185 0x06d8  [ 67955F48704C0551254E55025077DD55, 7276CDC98B5A7819733A1394AA0028C803F487CDE7710B3B716DB83EA15F6AE3 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
16:22:44.0202 0x06d8  Avira.OE.ServiceHost - ok
16:22:44.0242 0x06d8  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
16:22:44.0253 0x06d8  avkmgr - ok
16:22:44.0287 0x06d8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:22:44.0300 0x06d8  AxInstSV - ok
16:22:44.0345 0x06d8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:22:44.0364 0x06d8  b06bdrv - ok
16:22:44.0397 0x06d8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:22:44.0410 0x06d8  b57nd60a - ok
16:22:44.0443 0x06d8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:22:44.0456 0x06d8  BDESVC - ok
16:22:44.0466 0x06d8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:22:44.0470 0x06d8  Beep - ok
16:22:44.0530 0x06d8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:22:44.0557 0x06d8  BFE - ok
16:22:44.0611 0x06d8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:22:44.0644 0x06d8  BITS - ok
16:22:44.0670 0x06d8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:22:44.0676 0x06d8  blbdrive - ok
16:22:44.0714 0x06d8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:22:44.0726 0x06d8  bowser - ok
16:22:44.0752 0x06d8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:22:44.0756 0x06d8  BrFiltLo - ok
16:22:44.0771 0x06d8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:22:44.0775 0x06d8  BrFiltUp - ok
16:22:44.0805 0x06d8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:22:44.0818 0x06d8  Browser - ok
16:22:44.0837 0x06d8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:22:44.0852 0x06d8  Brserid - ok
16:22:44.0862 0x06d8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:22:44.0869 0x06d8  BrSerWdm - ok
16:22:44.0874 0x06d8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:22:44.0878 0x06d8  BrUsbMdm - ok
16:22:44.0895 0x06d8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:22:44.0899 0x06d8  BrUsbSer - ok
16:22:44.0913 0x06d8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:22:44.0920 0x06d8  BTHMODEM - ok
16:22:44.0953 0x06d8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:22:44.0964 0x06d8  bthserv - ok
16:22:44.0990 0x06d8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:22:44.0998 0x06d8  cdfs - ok
16:22:45.0036 0x06d8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:22:45.0049 0x06d8  cdrom - ok
16:22:45.0076 0x06d8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:22:45.0088 0x06d8  CertPropSvc - ok
16:22:45.0113 0x06d8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
16:22:45.0120 0x06d8  circlass - ok
16:22:45.0147 0x06d8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
16:22:45.0164 0x06d8  CLFS - ok
16:22:45.0231 0x06d8  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:22:45.0247 0x06d8  clr_optimization_v2.0.50727_32 - ok
16:22:45.0280 0x06d8  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:22:45.0290 0x06d8  clr_optimization_v2.0.50727_64 - ok
16:22:45.0360 0x06d8  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:22:45.0373 0x06d8  clr_optimization_v4.0.30319_32 - ok
16:22:45.0391 0x06d8  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:22:45.0403 0x06d8  clr_optimization_v4.0.30319_64 - ok
16:22:45.0437 0x06d8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:22:45.0442 0x06d8  CmBatt - ok
16:22:45.0458 0x06d8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:22:45.0463 0x06d8  cmdide - ok
16:22:45.0502 0x06d8  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
16:22:45.0522 0x06d8  CNG - ok
16:22:45.0547 0x06d8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:22:45.0553 0x06d8  Compbatt - ok
16:22:45.0575 0x06d8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
16:22:45.0582 0x06d8  CompositeBus - ok
16:22:45.0594 0x06d8  COMSysApp - ok
16:22:45.0611 0x06d8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:22:45.0617 0x06d8  crcdisk - ok
16:22:45.0660 0x06d8  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:22:45.0674 0x06d8  CryptSvc - ok
16:22:45.0711 0x06d8  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
16:22:45.0732 0x06d8  CSC - ok
16:22:45.0757 0x06d8  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
16:22:45.0787 0x06d8  CscService - ok
16:22:45.0849 0x06d8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:22:45.0863 0x06d8  DcomLaunch - ok
16:22:45.0905 0x06d8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:22:45.0920 0x06d8  defragsvc - ok
16:22:45.0955 0x06d8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:22:45.0966 0x06d8  DfsC - ok
16:22:46.0017 0x06d8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:22:46.0042 0x06d8  Dhcp - ok
16:22:46.0071 0x06d8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:22:46.0077 0x06d8  discache - ok
16:22:46.0098 0x06d8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
16:22:46.0106 0x06d8  Disk - ok
16:22:46.0142 0x06d8  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
16:22:46.0151 0x06d8  dmvsc - ok
16:22:46.0196 0x06d8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:22:46.0211 0x06d8  Dnscache - ok
16:22:46.0260 0x06d8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:22:46.0277 0x06d8  dot3svc - ok
16:22:46.0296 0x06d8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:22:46.0309 0x06d8  DPS - ok
16:22:46.0351 0x06d8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:22:46.0355 0x06d8  drmkaud - ok
16:22:46.0414 0x06d8  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:22:46.0445 0x06d8  DXGKrnl - ok
16:22:46.0470 0x06d8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:22:46.0483 0x06d8  EapHost - ok
16:22:46.0630 0x06d8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:22:46.0716 0x06d8  ebdrv - ok
16:22:46.0747 0x06d8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
16:22:46.0754 0x06d8  EFS - ok
16:22:46.0838 0x06d8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:22:46.0864 0x06d8  ehRecvr - ok
16:22:46.0878 0x06d8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:22:46.0890 0x06d8  ehSched - ok
16:22:46.0922 0x06d8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:22:46.0943 0x06d8  elxstor - ok
16:22:46.0956 0x06d8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:22:46.0960 0x06d8  ErrDev - ok
16:22:47.0031 0x06d8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:22:47.0057 0x06d8  EventSystem - ok
16:22:47.0077 0x06d8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:22:47.0089 0x06d8  exfat - ok
16:22:47.0109 0x06d8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:22:47.0120 0x06d8  fastfat - ok
16:22:47.0164 0x06d8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:22:47.0188 0x06d8  Fax - ok
16:22:47.0207 0x06d8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
16:22:47.0211 0x06d8  fdc - ok
16:22:47.0221 0x06d8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:22:47.0231 0x06d8  fdPHost - ok
16:22:47.0251 0x06d8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:22:47.0261 0x06d8  FDResPub - ok
16:22:47.0271 0x06d8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:22:47.0281 0x06d8  FileInfo - ok
16:22:47.0291 0x06d8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:22:47.0301 0x06d8  Filetrace - ok
16:22:47.0311 0x06d8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:22:47.0311 0x06d8  flpydisk - ok
16:22:47.0341 0x06d8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:22:47.0361 0x06d8  FltMgr - ok
16:22:47.0441 0x06d8  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
16:22:47.0471 0x06d8  FontCache - ok
16:22:47.0551 0x06d8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:22:47.0551 0x06d8  FontCache3.0.0.0 - ok
16:22:47.0581 0x06d8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:22:47.0591 0x06d8  FsDepends - ok
16:22:47.0611 0x06d8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:22:47.0621 0x06d8  Fs_Rec - ok
16:22:47.0641 0x06d8  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:22:47.0661 0x06d8  fvevol - ok
16:22:47.0671 0x06d8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:22:47.0681 0x06d8  gagp30kx - ok
16:22:47.0731 0x06d8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:22:47.0761 0x06d8  gpsvc - ok
16:22:47.0771 0x06d8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:22:47.0781 0x06d8  hcw85cir - ok
16:22:47.0831 0x06d8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:22:47.0851 0x06d8  HdAudAddService - ok
16:22:47.0901 0x06d8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:22:47.0921 0x06d8  HDAudBus - ok
16:22:47.0941 0x06d8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:22:47.0951 0x06d8  HidBatt - ok
16:22:47.0971 0x06d8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:22:47.0981 0x06d8  HidBth - ok
16:22:47.0991 0x06d8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:22:47.0991 0x06d8  HidIr - ok
16:22:48.0021 0x06d8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:22:48.0031 0x06d8  hidserv - ok
16:22:48.0061 0x06d8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:22:48.0071 0x06d8  HidUsb - ok
16:22:48.0101 0x06d8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:22:48.0111 0x06d8  hkmsvc - ok
16:22:48.0131 0x06d8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:22:48.0151 0x06d8  HomeGroupListener - ok
16:22:48.0181 0x06d8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:22:48.0191 0x06d8  HomeGroupProvider - ok
16:22:48.0221 0x06d8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:22:48.0231 0x06d8  HpSAMD - ok
16:22:48.0281 0x06d8  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:22:48.0321 0x06d8  HTTP - ok
16:22:48.0341 0x06d8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:22:48.0341 0x06d8  hwpolicy - ok
16:22:48.0371 0x06d8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:22:48.0381 0x06d8  i8042prt - ok
16:22:48.0441 0x06d8  [ 1384872112E8E7FD5786ECEB8BDDF4C9, DC7844691740805A94F2901F8CB56F1591AF4F0F9C6D92D6B8595F89E6FA5F02 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
16:22:48.0461 0x06d8  iaStor - ok
16:22:48.0501 0x06d8  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:22:48.0521 0x06d8  iaStorV - ok
16:22:48.0593 0x06d8  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:22:48.0623 0x06d8  idsvc - ok
16:22:48.0633 0x06d8  IEEtwCollectorService - ok
16:22:49.0045 0x06d8  [ 31569A2E836C12014148BF7342716946, 07DAEF864AF41E8669A6F2546967014C58898BD42C4C2FA1961F32311D083565 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
16:22:49.0307 0x06d8  igfx - ok
16:22:49.0367 0x06d8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:22:49.0377 0x06d8  iirsp - ok
16:22:49.0437 0x06d8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
16:22:49.0467 0x06d8  IKEEXT - ok
16:22:49.0507 0x06d8  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
16:22:49.0517 0x06d8  Impcd - ok
16:22:49.0557 0x06d8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:22:49.0567 0x06d8  intelide - ok
16:22:49.0587 0x06d8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:22:49.0597 0x06d8  intelppm - ok
16:22:49.0656 0x06d8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:22:49.0766 0x06d8  IPBusEnum - ok
16:22:49.0789 0x06d8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:22:49.0789 0x06d8  IpFilterDriver - ok
16:22:49.0829 0x06d8  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:22:49.0865 0x06d8  iphlpsvc - ok
16:22:49.0901 0x06d8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:22:49.0911 0x06d8  IPMIDRV - ok
16:22:49.0941 0x06d8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:22:49.0961 0x06d8  IPNAT - ok
16:22:49.0991 0x06d8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:22:50.0001 0x06d8  IRENUM - ok
16:22:50.0011 0x06d8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:22:50.0011 0x06d8  isapnp - ok
16:22:50.0041 0x06d8  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:22:50.0061 0x06d8  iScsiPrt - ok
16:22:50.0111 0x06d8  [ 0469BFF65BBDEE9E46D0C45EE32A08BD, 8E11F03FC463CBC9FBBF5D2A29FBF1076C9317D2B8B7224E24C22553F160E065 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
16:22:50.0131 0x06d8  k57nd60a - ok
16:22:50.0261 0x06d8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:22:50.0261 0x06d8  kbdclass - ok
16:22:50.0381 0x06d8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
16:22:50.0381 0x06d8  kbdhid - ok
16:22:50.0513 0x06d8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
16:22:50.0513 0x06d8  KeyIso - ok
16:22:50.0565 0x06d8  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:22:50.0575 0x06d8  KSecDD - ok
16:22:50.0595 0x06d8  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:22:50.0605 0x06d8  KSecPkg - ok
16:22:50.0625 0x06d8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:22:50.0635 0x06d8  ksthunk - ok
16:22:50.0655 0x06d8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:22:50.0675 0x06d8  KtmRm - ok
16:22:50.0725 0x06d8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:22:50.0745 0x06d8  LanmanServer - ok
16:22:50.0755 0x06d8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:22:50.0765 0x06d8  LanmanWorkstation - ok
16:22:50.0805 0x06d8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:22:50.0815 0x06d8  lltdio - ok
16:22:50.0835 0x06d8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:22:50.0855 0x06d8  lltdsvc - ok
16:22:50.0885 0x06d8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:22:50.0895 0x06d8  lmhosts - ok
16:22:50.0925 0x06d8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:22:50.0925 0x06d8  LSI_FC - ok
16:22:50.0945 0x06d8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:22:50.0955 0x06d8  LSI_SAS - ok
16:22:50.0985 0x06d8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:22:50.0985 0x06d8  LSI_SAS2 - ok
16:22:51.0005 0x06d8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:22:51.0015 0x06d8  LSI_SCSI - ok
16:22:51.0045 0x06d8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:22:51.0065 0x06d8  luafv - ok
16:22:51.0117 0x06d8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:22:51.0127 0x06d8  Mcx2Svc - ok
16:22:51.0137 0x06d8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:22:51.0147 0x06d8  megasas - ok
16:22:51.0167 0x06d8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:22:51.0177 0x06d8  MegaSR - ok
16:22:51.0217 0x06d8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:22:51.0227 0x06d8  MMCSS - ok
16:22:51.0237 0x06d8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:22:51.0247 0x06d8  Modem - ok
16:22:51.0277 0x06d8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:22:51.0277 0x06d8  monitor - ok
16:22:51.0337 0x06d8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:22:51.0347 0x06d8  mouclass - ok
16:22:51.0367 0x06d8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:22:51.0367 0x06d8  mouhid - ok
16:22:51.0387 0x06d8  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:22:51.0407 0x06d8  mountmgr - ok
16:22:51.0467 0x06d8  [ 6ACCF2E8210880D7005C608AFDB5301C, D00122C928C5818A24E6C11183F79C253CFB6576AD54DC92AEEFC630ABBDE655 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:22:51.0477 0x06d8  MozillaMaintenance - ok
16:22:51.0497 0x06d8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:22:51.0527 0x06d8  mpio - ok
16:22:51.0557 0x06d8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:22:51.0567 0x06d8  mpsdrv - ok
16:22:51.0617 0x06d8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:22:51.0647 0x06d8  MpsSvc - ok
16:22:51.0667 0x06d8  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:22:51.0677 0x06d8  MRxDAV - ok
16:22:51.0717 0x06d8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:22:51.0727 0x06d8  mrxsmb - ok
16:22:51.0747 0x06d8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:22:51.0757 0x06d8  mrxsmb10 - ok
16:22:51.0787 0x06d8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:22:51.0797 0x06d8  mrxsmb20 - ok
16:22:51.0837 0x06d8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:22:51.0847 0x06d8  msahci - ok
16:22:51.0867 0x06d8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:22:51.0877 0x06d8  msdsm - ok
16:22:51.0887 0x06d8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:22:51.0907 0x06d8  MSDTC - ok
16:22:52.0079 0x06d8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:22:52.0089 0x06d8  Msfs - ok
16:22:52.0151 0x06d8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:22:52.0161 0x06d8  mshidkmdf - ok
16:22:52.0171 0x06d8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:22:52.0181 0x06d8  msisadrv - ok
16:22:52.0211 0x06d8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:22:52.0221 0x06d8  MSiSCSI - ok
16:22:52.0231 0x06d8  msiserver - ok
16:22:52.0271 0x06d8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:22:52.0271 0x06d8  MSKSSRV - ok
16:22:52.0281 0x06d8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:22:52.0291 0x06d8  MSPCLOCK - ok
16:22:52.0301 0x06d8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:22:52.0311 0x06d8  MSPQM - ok
16:22:52.0349 0x06d8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:22:52.0363 0x06d8  MsRPC - ok
16:22:52.0383 0x06d8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:22:52.0383 0x06d8  mssmbios - ok
16:22:52.0403 0x06d8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:22:52.0413 0x06d8  MSTEE - ok
16:22:52.0423 0x06d8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:22:52.0423 0x06d8  MTConfig - ok
16:22:52.0443 0x06d8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:22:52.0453 0x06d8  Mup - ok
16:22:52.0493 0x06d8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:22:52.0513 0x06d8  napagent - ok
16:22:52.0563 0x06d8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:22:52.0583 0x06d8  NativeWifiP - ok
16:22:52.0635 0x06d8  [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:22:52.0675 0x06d8  NDIS - ok
16:22:52.0695 0x06d8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:22:52.0705 0x06d8  NdisCap - ok
16:22:52.0725 0x06d8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:22:52.0735 0x06d8  NdisTapi - ok
16:22:52.0745 0x06d8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:22:52.0755 0x06d8  Ndisuio - ok
16:22:52.0775 0x06d8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:22:52.0785 0x06d8  NdisWan - ok
16:22:52.0805 0x06d8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:22:52.0815 0x06d8  NDProxy - ok
16:22:52.0835 0x06d8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:22:52.0845 0x06d8  NetBIOS - ok
16:22:52.0855 0x06d8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:22:52.0875 0x06d8  NetBT - ok
16:22:52.0885 0x06d8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
16:22:52.0885 0x06d8  Netlogon - ok
16:22:52.0925 0x06d8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:22:52.0945 0x06d8  Netman - ok
16:22:52.0985 0x06d8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:22:52.0995 0x06d8  NetMsmqActivator - ok
16:22:53.0015 0x06d8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:22:53.0025 0x06d8  NetPipeActivator - ok
16:22:53.0045 0x06d8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:22:53.0078 0x06d8  netprofm - ok
16:22:53.0085 0x06d8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:22:53.0087 0x06d8  NetTcpActivator - ok
16:22:53.0087 0x06d8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:22:53.0097 0x06d8  NetTcpPortSharing - ok
16:22:53.0107 0x06d8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:22:53.0117 0x06d8  nfrd960 - ok
16:22:53.0137 0x06d8  [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:22:53.0157 0x06d8  NlaSvc - ok
16:22:53.0187 0x06d8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:22:53.0198 0x06d8  Npfs - ok
16:22:53.0209 0x06d8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:22:53.0218 0x06d8  nsi - ok
16:22:53.0229 0x06d8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:22:53.0239 0x06d8  nsiproxy - ok
16:22:53.0329 0x06d8  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:22:53.0381 0x06d8  Ntfs - ok
16:22:53.0391 0x06d8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:22:53.0401 0x06d8  Null - ok
16:22:53.0431 0x06d8  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\Windows\system32\drivers\nusb3hub.sys
16:22:53.0441 0x06d8  nusb3hub - ok
16:22:53.0471 0x06d8  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\Windows\system32\drivers\nusb3xhc.sys
16:22:53.0481 0x06d8  nusb3xhc - ok
16:22:53.0521 0x06d8  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:22:53.0531 0x06d8  nvraid - ok
16:22:53.0541 0x06d8  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:22:53.0551 0x06d8  nvstor - ok
16:22:53.0581 0x06d8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:22:53.0601 0x06d8  nv_agp - ok
16:22:53.0638 0x06d8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:22:53.0646 0x06d8  ohci1394 - ok
16:22:53.0683 0x06d8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:22:53.0703 0x06d8  p2pimsvc - ok
16:22:53.0733 0x06d8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:22:53.0753 0x06d8  p2psvc - ok
16:22:53.0773 0x06d8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
16:22:53.0773 0x06d8  Parport - ok
16:22:53.0813 0x06d8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:22:53.0823 0x06d8  partmgr - ok
16:22:53.0833 0x06d8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:22:53.0843 0x06d8  PcaSvc - ok
16:22:53.0863 0x06d8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:22:53.0873 0x06d8  pci - ok
16:22:53.0883 0x06d8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:22:53.0893 0x06d8  pciide - ok
16:22:53.0913 0x06d8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:22:53.0923 0x06d8  pcmcia - ok
16:22:53.0943 0x06d8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:22:53.0953 0x06d8  pcw - ok
16:22:53.0983 0x06d8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:22:54.0023 0x06d8  PEAUTH - ok
16:22:54.0095 0x06d8  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
16:22:54.0145 0x06d8  PeerDistSvc - ok
16:22:54.0238 0x06d8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:22:54.0247 0x06d8  PerfHost - ok
16:22:54.0349 0x06d8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:22:54.0422 0x06d8  pla - ok
16:22:54.0501 0x06d8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:22:54.0534 0x06d8  PlugPlay - ok
16:22:54.0554 0x06d8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:22:54.0557 0x06d8  PNRPAutoReg - ok
16:22:54.0587 0x06d8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:22:54.0597 0x06d8  PNRPsvc - ok
16:22:54.0637 0x06d8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:22:54.0657 0x06d8  PolicyAgent - ok
16:22:54.0687 0x06d8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:22:54.0697 0x06d8  Power - ok
16:22:54.0753 0x06d8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:22:54.0759 0x06d8  PptpMiniport - ok
16:22:54.0779 0x06d8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
16:22:54.0789 0x06d8  Processor - ok
16:22:54.0849 0x06d8  [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] ProfSvc         C:\Windows\system32\profsvc.dll
16:22:54.0869 0x06d8  ProfSvc - ok
16:22:54.0889 0x06d8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:22:54.0889 0x06d8  ProtectedStorage - ok
16:22:54.0920 0x06d8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:22:54.0932 0x06d8  Psched - ok
16:22:54.0981 0x06d8  [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI             C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
16:22:54.0991 0x06d8  PSI - ok
16:22:55.0061 0x06d8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:22:55.0111 0x06d8  ql2300 - ok
16:22:55.0152 0x06d8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:22:55.0163 0x06d8  ql40xx - ok
16:22:55.0203 0x06d8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:22:55.0233 0x06d8  QWAVE - ok
16:22:55.0254 0x06d8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:22:55.0263 0x06d8  QWAVEdrv - ok
16:22:55.0274 0x06d8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:22:55.0291 0x06d8  RasAcd - ok
16:22:55.0315 0x06d8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:22:55.0335 0x06d8  RasAgileVpn - ok
16:22:55.0365 0x06d8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:22:55.0380 0x06d8  RasAuto - ok
16:22:55.0396 0x06d8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:22:55.0407 0x06d8  Rasl2tp - ok
16:22:55.0456 0x06d8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:22:55.0469 0x06d8  RasMan - ok
16:22:55.0504 0x06d8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:22:55.0519 0x06d8  RasPppoe - ok
16:22:55.0591 0x06d8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:22:55.0601 0x06d8  RasSstp - ok
16:22:55.0691 0x06d8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:22:55.0711 0x06d8  rdbss - ok
16:22:55.0749 0x06d8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:22:55.0755 0x06d8  rdpbus - ok
16:22:55.0770 0x06d8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:22:55.0774 0x06d8  RDPCDD - ok
16:22:55.0813 0x06d8  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
16:22:55.0843 0x06d8  RDPDR - ok
16:22:55.0875 0x06d8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:22:55.0885 0x06d8  RDPENCDD - ok
16:22:55.0885 0x06d8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:22:55.0895 0x06d8  RDPREFMP - ok
16:22:55.0934 0x06d8  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:22:55.0947 0x06d8  RDPWD - ok
16:22:56.0002 0x06d8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:22:56.0039 0x06d8  rdyboost - ok
16:22:56.0084 0x06d8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:22:56.0113 0x06d8  RemoteAccess - ok
16:22:56.0199 0x06d8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:22:56.0251 0x06d8  RemoteRegistry - ok
16:22:56.0289 0x06d8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:22:56.0309 0x06d8  RpcEptMapper - ok
16:22:56.0364 0x06d8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:22:56.0369 0x06d8  RpcLocator - ok
16:22:56.0395 0x06d8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
16:22:56.0413 0x06d8  RpcSs - ok
16:22:56.0471 0x06d8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:22:56.0471 0x06d8  rspndr - ok
16:22:56.0501 0x06d8  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
16:22:56.0501 0x06d8  s3cap - ok
16:22:56.0521 0x06d8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
16:22:56.0521 0x06d8  SamSs - ok
16:22:56.0541 0x06d8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:22:56.0551 0x06d8  sbp2port - ok
16:22:56.0561 0x06d8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:22:56.0581 0x06d8  SCardSvr - ok
16:22:56.0591 0x06d8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:22:56.0601 0x06d8  scfilter - ok
16:22:56.0641 0x06d8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:22:56.0681 0x06d8  Schedule - ok
16:22:56.0711 0x06d8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:22:56.0721 0x06d8  SCPolicySvc - ok
16:22:56.0741 0x06d8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:22:56.0761 0x06d8  SDRSVC - ok
16:22:56.0781 0x06d8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:22:56.0791 0x06d8  secdrv - ok
16:22:56.0811 0x06d8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:22:56.0811 0x06d8  seclogon - ok
16:22:57.0001 0x06d8  [ 398A81D590424441B2F5C5C08073CADB, 1E064DFCC49EB0D8A4150276BF796B9DFA030C451570A170EC940F8CBAAD80F3 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
16:22:57.0051 0x06d8  Secunia PSI Agent - ok
16:22:57.0143 0x06d8  [ 8C2D3A80FC90A860F0F24DEB67471481, CE4D17B63149C44B4CD5CB7776FD4705DC675F6D2D077D53BE15578294EBC9D4 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
16:22:57.0173 0x06d8  Secunia Update Agent - ok
16:22:57.0193 0x06d8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:22:57.0203 0x06d8  SENS - ok
16:22:57.0213 0x06d8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:22:57.0223 0x06d8  SensrSvc - ok
16:22:57.0233 0x06d8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
16:22:57.0243 0x06d8  Serenum - ok
16:22:57.0283 0x06d8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
16:22:57.0293 0x06d8  Serial - ok
16:22:57.0303 0x06d8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:22:57.0303 0x06d8  sermouse - ok
16:22:57.0333 0x06d8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:22:57.0343 0x06d8  SessionEnv - ok
16:22:57.0363 0x06d8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:22:57.0363 0x06d8  sffdisk - ok
16:22:57.0373 0x06d8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:22:57.0383 0x06d8  sffp_mmc - ok
16:22:57.0393 0x06d8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:22:57.0393 0x06d8  sffp_sd - ok
16:22:57.0423 0x06d8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:22:57.0423 0x06d8  sfloppy - ok
16:22:57.0453 0x06d8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:22:57.0473 0x06d8  SharedAccess - ok
16:22:57.0493 0x06d8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:22:57.0533 0x06d8  ShellHWDetection - ok
16:22:57.0543 0x06d8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:22:57.0553 0x06d8  SiSRaid2 - ok
16:22:57.0573 0x06d8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:22:57.0573 0x06d8  SiSRaid4 - ok
16:22:57.0643 0x06d8  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:22:57.0663 0x06d8  SkypeUpdate - ok
16:22:57.0703 0x06d8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:22:57.0713 0x06d8  Smb - ok
16:22:57.0763 0x06d8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:22:57.0773 0x06d8  SNMPTRAP - ok
16:22:57.0793 0x06d8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:22:57.0803 0x06d8  spldr - ok
16:22:57.0833 0x06d8  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
16:22:57.0853 0x06d8  Spooler - ok
16:22:58.0005 0x06d8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:22:58.0132 0x06d8  sppsvc - ok
16:22:58.0157 0x06d8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:22:58.0177 0x06d8  sppuinotify - ok
16:22:58.0217 0x06d8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:22:58.0237 0x06d8  srv - ok
16:22:58.0267 0x06d8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:22:58.0287 0x06d8  srv2 - ok
16:22:58.0307 0x06d8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:22:58.0327 0x06d8  srvnet - ok
16:22:58.0347 0x06d8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:22:58.0367 0x06d8  SSDPSRV - ok
16:22:58.0367 0x06d8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:22:58.0387 0x06d8  SstpSvc - ok
16:22:58.0499 0x06d8  [ A993E6FD9549499099461A0B192EEC3F, EC17EBE9A0EF481E704E64D07D257C3380046CBB5D9CAFABA90D21A2B84191FF ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:22:58.0542 0x06d8  Steam Client Service - ok
16:22:58.0571 0x06d8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:22:58.0571 0x06d8  stexstor - ok
16:22:58.0631 0x06d8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:22:58.0651 0x06d8  stisvc - ok
16:22:58.0691 0x06d8  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
16:22:58.0701 0x06d8  storflt - ok
16:22:58.0731 0x06d8  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
16:22:58.0741 0x06d8  StorSvc - ok
16:22:58.0761 0x06d8  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
16:22:58.0771 0x06d8  storvsc - ok
16:22:58.0771 0x06d8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:22:58.0781 0x06d8  swenum - ok
16:22:58.0821 0x06d8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:22:58.0851 0x06d8  swprv - ok
16:22:58.0931 0x06d8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
16:22:58.0991 0x06d8  SysMain - ok
16:22:59.0001 0x06d8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:22:59.0011 0x06d8  TabletInputService - ok
16:22:59.0031 0x06d8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:22:59.0041 0x06d8  TapiSrv - ok
16:22:59.0061 0x06d8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:22:59.0081 0x06d8  TBS - ok
16:22:59.0171 0x06d8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:22:59.0243 0x06d8  Tcpip - ok
16:22:59.0343 0x06d8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:22:59.0393 0x06d8  TCPIP6 - ok
16:22:59.0423 0x06d8  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:22:59.0433 0x06d8  tcpipreg - ok
16:22:59.0443 0x06d8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:22:59.0443 0x06d8  TDPIPE - ok
16:22:59.0463 0x06d8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:22:59.0473 0x06d8  TDTCP - ok
16:22:59.0503 0x06d8  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:22:59.0513 0x06d8  tdx - ok
16:22:59.0533 0x06d8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:22:59.0543 0x06d8  TermDD - ok
16:22:59.0583 0x06d8  [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService     C:\Windows\System32\termsrv.dll
16:22:59.0613 0x06d8  TermService - ok
16:22:59.0643 0x06d8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:22:59.0653 0x06d8  Themes - ok
16:22:59.0663 0x06d8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:22:59.0663 0x06d8  THREADORDER - ok
16:22:59.0683 0x06d8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:22:59.0693 0x06d8  TrkWks - ok
16:22:59.0753 0x06d8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:22:59.0763 0x06d8  TrustedInstaller - ok
16:22:59.0793 0x06d8  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:22:59.0813 0x06d8  tssecsrv - ok
16:22:59.0843 0x06d8  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:22:59.0853 0x06d8  TsUsbFlt - ok
16:22:59.0873 0x06d8  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:22:59.0883 0x06d8  TsUsbGD - ok
16:22:59.0923 0x06d8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:22:59.0943 0x06d8  tunnel - ok
16:22:59.0993 0x06d8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:23:00.0003 0x06d8  uagp35 - ok
16:23:00.0023 0x06d8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:23:00.0043 0x06d8  udfs - ok
16:23:00.0063 0x06d8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:23:00.0073 0x06d8  UI0Detect - ok
16:23:00.0113 0x06d8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:23:00.0113 0x06d8  uliagpkx - ok
16:23:00.0143 0x06d8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:23:00.0143 0x06d8  umbus - ok
16:23:00.0153 0x06d8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:23:00.0163 0x06d8  UmPass - ok
16:23:00.0183 0x06d8  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
16:23:00.0203 0x06d8  UmRdpService - ok
16:23:00.0233 0x06d8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:23:00.0253 0x06d8  upnphost - ok
16:23:00.0295 0x06d8  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:23:00.0305 0x06d8  usbaudio - ok
16:23:00.0345 0x06d8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:23:00.0355 0x06d8  usbccgp - ok
16:23:00.0375 0x06d8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:23:00.0385 0x06d8  usbcir - ok
16:23:00.0405 0x06d8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:23:00.0415 0x06d8  usbehci - ok
16:23:00.0445 0x06d8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:23:00.0465 0x06d8  usbhub - ok
16:23:00.0495 0x06d8  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:23:00.0495 0x06d8  usbohci - ok
16:23:00.0537 0x06d8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
16:23:00.0537 0x06d8  usbprint - ok
16:23:00.0567 0x06d8  [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:23:00.0577 0x06d8  USBSTOR - ok
16:23:00.0587 0x06d8  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:23:00.0607 0x06d8  usbuhci - ok
16:23:00.0637 0x06d8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
16:23:00.0647 0x06d8  usbvideo - ok
16:23:00.0677 0x06d8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:23:00.0687 0x06d8  UxSms - ok
16:23:00.0697 0x06d8  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
16:23:00.0697 0x06d8  VaultSvc - ok
16:23:00.0758 0x06d8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:23:00.0759 0x06d8  vdrvroot - ok
16:23:00.0799 0x06d8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:23:00.0829 0x06d8  vds - ok
16:23:00.0859 0x06d8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:23:00.0869 0x06d8  vga - ok
16:23:00.0889 0x06d8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:23:00.0899 0x06d8  VgaSave - ok
16:23:00.0919 0x06d8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:23:00.0929 0x06d8  vhdmp - ok
16:23:00.0949 0x06d8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:23:00.0959 0x06d8  viaide - ok
16:23:00.0999 0x06d8  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
16:23:01.0009 0x06d8  vmbus - ok
16:23:01.0029 0x06d8  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
16:23:01.0039 0x06d8  VMBusHID - ok
16:23:01.0049 0x06d8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:23:01.0059 0x06d8  volmgr - ok
16:23:01.0089 0x06d8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:23:01.0109 0x06d8  volmgrx - ok
16:23:01.0129 0x06d8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:23:01.0159 0x06d8  volsnap - ok
16:23:01.0179 0x06d8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:23:01.0189 0x06d8  vsmraid - ok
16:23:01.0279 0x06d8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:23:01.0349 0x06d8  VSS - ok
16:23:01.0369 0x06d8  vToolbarUpdater3.2.0 - ok
16:23:01.0379 0x06d8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:23:01.0379 0x06d8  vwifibus - ok
16:23:01.0399 0x06d8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:23:01.0419 0x06d8  vwififlt - ok
16:23:01.0429 0x06d8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:23:01.0459 0x06d8  W32Time - ok
16:23:01.0479 0x06d8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:23:01.0489 0x06d8  WacomPen - ok
16:23:01.0509 0x06d8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:23:01.0519 0x06d8  WANARP - ok
16:23:01.0529 0x06d8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:23:01.0529 0x06d8  Wanarpv6 - ok
16:23:01.0579 0x06d8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:23:01.0639 0x06d8  wbengine - ok
16:23:01.0649 0x06d8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:23:01.0669 0x06d8  WbioSrvc - ok
16:23:01.0689 0x06d8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:23:01.0709 0x06d8  wcncsvc - ok
16:23:01.0729 0x06d8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:23:01.0739 0x06d8  WcsPlugInService - ok
16:23:01.0771 0x06d8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
16:23:01.0777 0x06d8  Wd - ok
16:23:01.0851 0x06d8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:23:01.0881 0x06d8  Wdf01000 - ok
16:23:01.0921 0x06d8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:23:01.0931 0x06d8  WdiServiceHost - ok
16:23:01.0931 0x06d8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:23:01.0941 0x06d8  WdiSystemHost - ok
16:23:01.0951 0x06d8  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
16:23:01.0971 0x06d8  WebClient - ok
16:23:02.0031 0x06d8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:23:02.0051 0x06d8  Wecsvc - ok
16:23:02.0071 0x06d8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:23:02.0091 0x06d8  wercplsupport - ok
16:23:02.0121 0x06d8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:23:02.0131 0x06d8  WerSvc - ok
16:23:02.0161 0x06d8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:23:02.0171 0x06d8  WfpLwf - ok
16:23:02.0191 0x06d8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:23:02.0191 0x06d8  WIMMount - ok
16:23:02.0221 0x06d8  WinDefend - ok
16:23:02.0251 0x06d8  WinHttpAutoProxySvc - ok
16:23:02.0311 0x06d8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:23:02.0331 0x06d8  Winmgmt - ok
16:23:02.0441 0x06d8  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:23:02.0511 0x06d8  WinRM - ok
16:23:02.0591 0x06d8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:23:02.0601 0x06d8  WinUsb - ok
16:23:02.0671 0x06d8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:23:02.0711 0x06d8  Wlansvc - ok
16:23:02.0731 0x06d8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
16:23:02.0741 0x06d8  WmiAcpi - ok
16:23:02.0781 0x06d8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:23:02.0791 0x06d8  wmiApSrv - ok
16:23:02.0821 0x06d8  WMPNetworkSvc - ok
16:23:02.0831 0x06d8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:23:02.0841 0x06d8  WPCSvc - ok
16:23:02.0851 0x06d8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:23:02.0861 0x06d8  WPDBusEnum - ok
16:23:02.0881 0x06d8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:23:02.0881 0x06d8  ws2ifsl - ok
16:23:02.0891 0x06d8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:23:02.0911 0x06d8  wscsvc - ok
16:23:02.0921 0x06d8  WSearch - ok
16:23:03.0053 0x06d8  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:23:03.0133 0x06d8  wuauserv - ok
16:23:03.0163 0x06d8  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:23:03.0163 0x06d8  WudfPf - ok
16:23:03.0193 0x06d8  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:23:03.0213 0x06d8  WUDFRd - ok
16:23:03.0243 0x06d8  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:23:03.0263 0x06d8  wudfsvc - ok
16:23:03.0273 0x06d8  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:23:03.0293 0x06d8  WwanSvc - ok
16:23:03.0323 0x06d8  ================ Scan global ===============================
16:23:03.0353 0x06d8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:23:03.0393 0x06d8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:23:03.0423 0x06d8  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:23:03.0463 0x06d8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:23:03.0523 0x06d8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:23:03.0547 0x06d8  [ Global ] - ok
16:23:03.0548 0x06d8  ================ Scan MBR ==================================
16:23:03.0565 0x06d8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:23:03.0965 0x06d8  \Device\Harddisk0\DR0 - ok
16:23:03.0965 0x06d8  ================ Scan VBR ==================================
16:23:03.0965 0x06d8  [ 54BA4C37D203C2B279E01A9F91269268 ] \Device\Harddisk0\DR0\Partition1
16:23:03.0965 0x06d8  \Device\Harddisk0\DR0\Partition1 - ok
16:23:03.0965 0x06d8  [ B92AF4BC5DFDD737B0B8D7D4C6A1738F ] \Device\Harddisk0\DR0\Partition2
16:23:03.0975 0x06d8  \Device\Harddisk0\DR0\Partition2 - ok
16:23:03.0975 0x06d8  ================ Scan generic autorun ======================
16:23:04.0005 0x06d8  [ A38D377D4FC5403602EBF3CAD8F8EA4E, 63D673BC7F3AB3185B35DE40263C11D2FB83FA4DDF4EE3C9B37BF9CCD9BBB08D ] C:\Windows\system32\igfxtray.exe
16:23:04.0015 0x06d8  IgfxTray - ok
16:23:04.0045 0x06d8  [ D3AF93D8029B326DCCF3197C14E7ECFF, 43315E01904D141136C2B579A78242376F65E3405C4108BB29F966B0BE0613DC ] C:\Windows\system32\hkcmd.exe
16:23:04.0065 0x06d8  HotKeysCmds - ok
16:23:04.0107 0x06d8  [ 7738067DEF9AF9E6DBFDEB0178046575, 1F7AB6E03C8FD0587287E8B7E3D365E0C5F90C6AB3014B0DB75980B0542AE6FB ] C:\Windows\system32\igfxpers.exe
16:23:04.0127 0x06d8  Persistence - ok
16:23:04.0207 0x06d8  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
16:23:04.0267 0x06d8  Adobe ARM - ok
16:23:04.0267 0x06d8  AVG_UI - ok
16:23:04.0367 0x06d8  [ DAA21DC0AA2E688370D356757892816D, 97EBF3B8A4B8544B6C1379A391AA4079F38EB4D507931249BC1427D961F58F8C ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
16:23:04.0397 0x06d8  avgnt - ok
16:23:04.0427 0x06d8  [ 5CBF14D14D559ABC5C9936B3120A1A45, A1706B92AC2E02023A342FF4CF9D53AB6D8587EFC3A207B615CD49C36ABE0B4D ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
16:23:04.0447 0x06d8  Avira Systray - ok
16:23:04.0527 0x06d8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:23:04.0597 0x06d8  Sidebar - ok
16:23:04.0638 0x06d8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:23:04.0649 0x06d8  mctadmin - ok
16:23:04.0699 0x06d8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:23:04.0729 0x06d8  Sidebar - ok
16:23:04.0739 0x06d8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:23:04.0739 0x06d8  mctadmin - ok
16:23:04.0769 0x06d8  Skype - ok
16:23:04.0769 0x06d8  Waiting for KSN requests completion. In queue: 338
16:23:05.0769 0x06d8  Waiting for KSN requests completion. In queue: 338
16:23:06.0771 0x06d8  Waiting for KSN requests completion. In queue: 338
16:23:07.0773 0x06d8  Waiting for KSN requests completion. In queue: 338
16:23:08.0775 0x06d8  Waiting for KSN requests completion. In queue: 338
16:23:09.0775 0x06d8  Waiting for KSN requests completion. In queue: 338
16:23:10.0775 0x06d8  Waiting for KSN requests completion. In queue: 338
16:23:11.0775 0x06d8  Waiting for KSN requests completion. In queue: 338
16:23:12.0775 0x06d8  Waiting for KSN requests completion. In queue: 338
16:23:13.0775 0x06d8  Waiting for KSN requests completion. In queue: 338
16:23:14.0775 0x06d8  Waiting for KSN requests completion. In queue: 338
16:23:15.0775 0x06d8  Waiting for KSN requests completion. In queue: 338
16:23:16.0869 0x06d8  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.266 ), 0x41000 ( enabled : updated )
16:23:16.0881 0x06d8  Win FW state via NFP2: enabled
16:23:19.0571 0x06d8  ============================================================
16:23:19.0571 0x06d8  Scan finished
16:23:19.0571 0x06d8  ============================================================
16:23:19.0571 0x1b9c  Detected object count: 0
16:23:19.0571 0x1b9c  Actual detected object count: 0
         


Alt 01.11.2014, 15:36   #6
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Überwachungstool ? - Standard

Überwachungstool ?



OK, noch das hier:

Schritt 1
Downloade Dir HitmanProauf Deinen Desktop:

HitmanPro-32 Bit Version
HitmanPro-64 Bit Version
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.
__________________
--> Überwachungstool ?

Alt 01.11.2014, 17:13   #7
klopsiman
 
Überwachungstool ? - Standard

Überwachungstool ?



Code:
ATTFilter
HitmanPro 3.7.9.232
www.hitmanpro.com

   Computer name . . . . : KLOPSI-PC
   Windows . . . . . . . : 6.1.1.7601.X64/2
   User name . . . . . . : klopsi-PC\klopsi
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2014-11-01 17:45:01
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 3m 6s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 4

   Objects scanned . . . : 1.043.063
   Files scanned . . . . : 11.874
   Remnants scanned  . . : 246.943 files / 784.246 keys

Suspicious files ____________________________________________________________

   C:\Users\klopsi\Desktop\FRST64.exe
      Size . . . . . . . : 2.114.048 bytes
      Age  . . . . . . . : 0.2 days (2014-11-01 12:27:42)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : AE2D2C0759325087D4D2B6133D55129121438CE56BEAEA6141A9AF306183FCE5
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      References
         HKU\S-1-5-21-2515552902-1029408911-2965342807-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\klopsi\Desktop\FRST64.exe

   C:\Users\klopsi\Desktop\FRST\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2.112.000 bytes
      Age  . . . . . . . : 14.2 days (2014-10-18 13:22:39)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 3ADC96D45DA2FCB4DAD5C5BD17D58394871EA61D73A345FF6291F4DB0DD22862
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 23.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\klopsi\Desktop\FRST\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\klopsi\Desktop\FRST\FRST64.exe
          0.0s C:\Users\klopsi\Desktop\FRST\FRST64.exe

   C:\Users\klopsi\Desktop\FRST\FRST64.exe
      Size . . . . . . . : 2.112.512 bytes
      Age  . . . . . . . : 14.2 days (2014-10-18 13:22:39)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 7F619D4E28A401051015E77116913A7E6DC3891B1248A2D08FCB439B38C730A6
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 23.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\klopsi\Desktop\FRST\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\klopsi\Desktop\FRST\FRST64.exe
          0.0s C:\Users\klopsi\Desktop\FRST\FRST64.exe
         
Hab grad einen Skriptfehler von hxxp://www2.avira.com/assets/02945385cc41c354d3e0faf9d40afad9.js bekommen.
www2 ?
Noch nie was von gehört.

Alt 01.11.2014, 17:52   #8
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Überwachungstool ? - Standard

Überwachungstool ?



Zitat:
Zitat von klopsiman Beitrag anzeigen
Noch nie was von gehört.
Ich auch nicht...

Ansonsten sehe ich und die Scanner nichts von einem "Überwachungstool".

Was Du aber mal machen kannst ist das hier um das AVG-Zeug los zu werden:
http://download.avg.com/filedir/util..._2014_4116.exe

Und wenn Du "viel Zeit" hast kannst auch zu Deiner Beruhigung ESET scannen lassen.


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 01.11.2014, 20:31   #9
klopsiman
 
Überwachungstool ? - Standard

Überwachungstool ?



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=d39155140b87aa4fa3c1ee763f990e5f
# engine=20885
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-01 07:58:38
# local_time=2014-11-01 08:58:38 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 7144 3316458 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 82 1687465 166501768 0 0
# scanned=3202
# found=0
# cleaned=0
# scan_time=60
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=d39155140b87aa4fa3c1ee763f990e5f
# engine=20885
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-01 08:02:50
# local_time=2014-11-01 09:02:50 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 3796 3316710 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 82 1687717 166502020 0 0
# scanned=13917
# found=0
# cleaned=0
# scan_time=204
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=d39155140b87aa4fa3c1ee763f990e5f
# engine=20885
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-01 08:27:55
# local_time=2014-11-01 09:27:55 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 8901 3318215 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 82 1689222 166503525 0 0
# scanned=61713
# found=2
# cleaned=0
# scan_time=918
sh=E7AA7AF674CDE49E1060AB332E610D3A1C2B2B70 ft=1 fh=4a583afd8f4e4e5c vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\klopsi\Downloads\Microsoft NET Framework 4 5 2 - CHIP-Installer.exe"
sh=169D2CC9FDD96EED10F498824055D5CBC425D5A0 ft=1 fh=019d89f002eb2eec vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\klopsi\Downloads\SpeedFan - CHIP-Installer.exe"
         

Alt 01.11.2014, 20:41   #10
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Überwachungstool ? - Standard

Überwachungstool ?



Naja, wenn Du schon den Scan startest, dann bitte nicht selber beenden und auch mit den empfohlenen Einstellungen...
Wie dem auch sei, relevantes hat ESET bei diesen "Scans" nicht gefunden.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 01.11.2014, 20:52   #11
klopsiman
 
Überwachungstool ? - Standard

Überwachungstool ?



Ok, danke.
Eine Frage noch:
Würden bei einer Neuinstallation auch alle Viren gelscht werden (falls man welche hätte) ?

PS: Eigentlich habe ich es nicht selbst beendet (glaub ich )

Alt 01.11.2014, 20:55   #12
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Überwachungstool ? - Standard

Überwachungstool ?



Zitat:
Zitat von klopsiman Beitrag anzeigen
Ok, danke.
Eine Frage noch:
Würden bei einer Neuinstallation auch alle Viren gelscht werden (falls man welche hätte) ?
Da antworte ich mit einem Zitat des Meisters...

Zitat:
Zitat von schrauber Beitrag anzeigen

Nix, nicht mal die NSA oder sonst wer überlebt das

Code:
ATTFilter
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
         
Weder stimmen die Einstellungen noch war der Scan vollständig...
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 01.11.2014, 20:57   #13
klopsiman
 
Überwachungstool ? - Standard

Überwachungstool ?



Verstehe

Gut, dann bedanke ich mich noch mal für die Hilfe

Alt 01.11.2014, 21:00   #14
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Überwachungstool ? - Standard

Überwachungstool ?



Gerne! Machs gut...
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 01.11.2014, 22:15   #15
klopsiman
 
Überwachungstool ? - Standard

Überwachungstool ?



Hier nochmal richtig
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=d39155140b87aa4fa3c1ee763f990e5f
# engine=20885
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-01 07:58:38
# local_time=2014-11-01 08:58:38 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 7144 3316458 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 82 1687465 166501768 0 0
# scanned=3202
# found=0
# cleaned=0
# scan_time=60
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=d39155140b87aa4fa3c1ee763f990e5f
# engine=20885
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-01 08:02:50
# local_time=2014-11-01 09:02:50 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 3796 3316710 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 82 1687717 166502020 0 0
# scanned=13917
# found=0
# cleaned=0
# scan_time=204
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=d39155140b87aa4fa3c1ee763f990e5f
# engine=20885
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-01 08:27:55
# local_time=2014-11-01 09:27:55 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 8901 3318215 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 82 1689222 166503525 0 0
# scanned=61713
# found=2
# cleaned=0
# scan_time=918
sh=E7AA7AF674CDE49E1060AB332E610D3A1C2B2B70 ft=1 fh=4a583afd8f4e4e5c vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\klopsi\Downloads\Microsoft NET Framework 4 5 2 - CHIP-Installer.exe"
sh=169D2CC9FDD96EED10F498824055D5CBC425D5A0 ft=1 fh=019d89f002eb2eec vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\klopsi\Downloads\SpeedFan - CHIP-Installer.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=d39155140b87aa4fa3c1ee763f990e5f
# engine=20888
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-11-01 10:14:46
# local_time=2014-11-01 11:14:46 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 3370 3324626 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 82 1695633 166509936 0 0
# scanned=115383
# found=0
# cleaned=0
# scan_time=3235
         
zum letztem Mal, hoffe ich.

Antwort

Themen zu Überwachungstool ?
ahnung, beiträge, compu, computer, gefunde, google, heulen, liebe, maus, nichts, panik, plötzlich, schließ, schließt, selbständig, sofort, stream, unterwegs, vollbild, würde, öffnet



Zum Thema Überwachungstool ? - Hallo liebe TB-Community Gestern hab ich sofort Panik bekommen, als sich meine Maus plötzlich selbständig gemacht hat und das Vollbild zugemacht hatte, als ich auf twitch.tv unterwegs war. Ich hab - Überwachungstool ?...
Archiv
Du betrachtest: Überwachungstool ? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.