Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Sprechblase für Windowsupdater(nicht von Microsoft) geht auf

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 05.02.2015, 08:27   #1
Ggnis
 
Sprechblase für Windowsupdater(nicht von Microsoft) geht auf - Standard

Sprechblase für Windowsupdater(nicht von Microsoft) geht auf



Hallo Forum =)
Habe seit einiger Zeit das Problem, dass sich unten rechts ein Fenster für ein angebliches Windowsupdate öffnet.
Klicke ich darauf um das Fenster zu schliessen, soll ich iwelchen AGB`s zustimmen und ein Programm runterladen.
Dieses Fenster lässt sich auch nur über den Taskmanager schliessen...

Ich hoffe mir kann hier jemand weiterhelfen

MfG GGnis

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-02-2015 01
Ran by Adrian (administrator) on ADRIAN-PC on 05-02-2015 07:55:33
Running from C:\Users\Adrian\Downloads
Loaded Profiles: Adrian (Available profiles: Adrian)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Users\Adrian\AppData\Roaming\SoftwareUpdater\SUsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Game Inc.) C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.234\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.18\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.127\deploy\LolClient.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-05-14] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-03-06] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403288 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [GamingKeyboard] => C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe [1803264 2012-06-07] (Game Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\MountPoints2: {b9e95629-6a8c-11e4-96a5-448a5b8fc06d} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\MountPoints2: {e738d354-2979-11e4-b5ff-448a5b8fc06d} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\MountPoints2: {f1df56f7-47c6-11e4-8f77-448a5b8fc06d} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\Run: [AviraSpeedup] => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [7937840 2015-01-21] (Avira Operations GmbH & Co. KG)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default
FF Homepage: https://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_296.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF SearchPlugin: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\searchplugins\avira-safesearch.xml
FF SearchPlugin: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\searchplugins\google-maps.xml
FF Extension: Avira Browser Safety - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\Extensions\abs@avira.com [2015-02-03]
FF Extension: Firefox improver - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\Extensions\jid1-U7omKQ6kQfxMaQ@jetpack [2015-01-28]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-27]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [807672 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [993584 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2014-03-06] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720792 2014-08-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18973144 2014-08-09] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-30] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-08-21] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-08-21] ()
R2 serversu; C:\Users\Adrian\AppData\Roaming\SoftwareUpdater\SUsrv.exe [120832 2015-01-28] () [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-09-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-09-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-23] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [43064 2014-09-26] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-07] (Disc Soft Ltd)
S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Intel Corporation)
R3 GameKB; C:\Windows\System32\drivers\GameKB.sys [27648 2012-05-11] ()
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2014-02-26] (Intel Corporation)
R3 ISCT; C:\Windows\system32\drivers\ISCTD64.sys [44992 2012-02-09] ()
R3 MEIx64; C:\Windows\system32\drivers\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20440 2014-08-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-10-25] (Realtek Semiconductor Corporation                           )

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-05 07:55 - 2015-02-05 07:55 - 00013701 _____ () C:\Users\Adrian\Downloads\FRST.txt
2015-02-05 07:55 - 2015-02-05 07:55 - 00000000 ____D () C:\FRST
2015-02-05 07:54 - 2015-02-05 07:54 - 02131968 _____ (Farbar) C:\Users\Adrian\Downloads\FRST64.exe
2015-02-05 07:53 - 2015-02-05 07:53 - 00000544 _____ () C:\Users\Adrian\Downloads\defogger_disable.log
2015-02-05 07:53 - 2015-02-05 07:53 - 00000168 _____ () C:\Users\Adrian\defogger_reenable
2015-02-05 07:52 - 2015-02-05 07:52 - 00050477 _____ () C:\Users\Adrian\Downloads\Defogger.exe
2015-01-30 02:39 - 2015-01-30 02:39 - 00001222 _____ () C:\DelFix.txt
2015-01-30 02:39 - 2015-01-30 02:39 - 00000000 ____D () C:\Windows\ERUNT
2015-01-30 01:15 - 2015-01-30 01:15 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-30 01:15 - 2015-01-30 01:15 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-30 01:15 - 2015-01-30 01:15 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Adobe
2015-01-29 18:33 - 2015-01-29 18:33 - 00001221 _____ () C:\Users\Public\Desktop\Avira System Speedup.lnk
2015-01-28 15:06 - 2015-01-28 15:06 - 00000000 __RHD () C:\MSOCache
2015-01-28 15:04 - 2015-01-28 15:04 - 00000000 ____D () C:\Users\Adrian\Documents\Benutzerdefinierte Office-Vorlagen
2015-01-28 14:58 - 2015-01-28 14:58 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Microsoft Help
2015-01-28 14:51 - 2015-01-28 14:51 - 00347816 _____ (Microsoft Corporation) C:\Users\Adrian\Downloads\MicrosoftFixit.wu.LB.134588027784228.1.1.Run.exe
2015-01-28 14:41 - 2015-01-28 14:50 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\SoftwareUpdater
2015-01-28 14:40 - 2015-01-28 14:40 - 00000000 ____D () C:\ProgramData\737bcb150000081b
2015-01-28 14:38 - 2015-02-02 02:43 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GU Player
2015-01-28 14:38 - 2015-02-02 02:43 - 00000000 ____D () C:\Program Files (x86)\GU Player
2015-01-28 14:38 - 2015-01-28 15:04 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Firefox-improver
2015-01-28 14:37 - 2015-01-28 14:37 - 00523856 _____ () C:\Users\Adrian\Downloads\Microsoft%20Word.exe
2015-01-28 14:32 - 2015-01-28 14:32 - 00002140 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-01-28 14:32 - 2015-01-28 14:32 - 00002140 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-01-28 14:32 - 2015-01-28 14:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2015-01-28 14:31 - 2015-01-28 15:00 - 00002210 _____ () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-01-28 14:31 - 2015-01-28 14:31 - 00000000 ___RD () C:\Users\Adrian\OneDrive
2015-01-28 14:31 - 2015-01-28 14:31 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-01-28 14:31 - 2015-01-28 14:31 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-01-28 14:30 - 2015-01-28 18:45 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-01-28 14:30 - 2015-01-28 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-28 14:29 - 2015-01-28 14:30 - 01064632 _____ (Microsoft Corporation) C:\Users\Adrian\Downloads\Setup.X86.de-DE_O365HomePremRetail_c45264ce-a25c-46e7-ab4e-e8f594a0467d_TX_DB_.exe
2015-01-28 14:21 - 2015-01-28 14:21 - 00668376 _____ (Blue Labs, LLC) C:\Users\Adrian\Downloads\FreeEditor.exe
2015-01-28 13:20 - 2015-01-28 13:20 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-28 02:49 - 2015-01-28 02:49 - 00009094 _____ () C:\Users\Adrian\Documents\a.txt
2015-01-28 02:22 - 2015-01-28 02:41 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-28 02:22 - 2015-01-28 02:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-28 02:22 - 2015-01-28 02:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-28 02:22 - 2015-01-28 02:22 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-28 02:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-28 02:22 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-28 02:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-28 02:21 - 2015-01-28 02:21 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Adrian\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-27 23:41 - 2015-01-27 23:42 - 00014648 _____ () C:\Users\Adrian\Documents\Ereignisse.txt
2015-01-27 23:23 - 2015-01-27 23:23 - 39712504 _____ () C:\Users\Adrian\Downloads\Firefox_Setup_de35.0.1 (1).exe
2015-01-27 23:23 - 2015-01-27 23:23 - 00001179 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-27 23:23 - 2015-01-27 23:23 - 00001167 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-27 23:23 - 2015-01-27 23:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-27 23:22 - 2015-01-27 23:22 - 39712504 _____ () C:\Users\Adrian\Downloads\Firefox_Setup_de35.0.1.exe
2015-01-27 23:21 - 2015-01-27 23:21 - 00000000 __SHD () C:\Users\Adrian\AppData\Local\EmieBrowserModeList
2015-01-27 05:14 - 2015-01-27 23:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 12:22 - 2015-01-26 12:22 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-26 12:22 - 2015-01-26 12:22 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-26 02:15 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-26 02:15 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-26 02:15 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-26 02:15 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-26 02:15 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-26 02:15 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-26 02:15 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-26 02:15 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-26 02:15 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-26 02:15 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-26 02:15 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-26 02:15 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-26 02:15 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-05 07:53 - 2014-08-19 18:57 - 00000000 ____D () C:\Users\Adrian
2015-02-05 07:08 - 2009-07-14 05:45 - 00020288 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-05 07:08 - 2009-07-14 05:45 - 00020288 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-05 07:06 - 2011-04-12 08:43 - 00700146 _____ () C:\Windows\system32\perfh007.dat
2015-02-05 07:06 - 2011-04-12 08:43 - 00149784 _____ () C:\Windows\system32\perfc007.dat
2015-02-05 07:06 - 2009-07-14 06:13 - 01622778 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-05 07:00 - 2014-10-03 13:39 - 00061521 _____ () C:\Windows\setupact.log
2015-02-05 07:00 - 2014-08-15 08:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-05 07:00 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-05 06:59 - 2014-08-19 19:53 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Battle.net
2015-02-04 19:19 - 2014-08-19 18:57 - 01095753 _____ () C:\Windows\WindowsUpdate.log
2015-02-04 18:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-03 00:44 - 2014-08-21 22:33 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\TS3Client
2015-01-30 02:31 - 2014-11-10 00:07 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-01-29 18:33 - 2014-10-01 18:23 - 00000000 ____D () C:\Users\Adrian\AppData\Local\AviraSpeedup
2015-01-29 18:33 - 2014-10-01 18:21 - 00003320 _____ () C:\Windows\System32\Tasks\AviraSpeedup
2015-01-29 18:33 - 2014-10-01 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup
2015-01-29 18:33 - 2014-10-01 18:16 - 00001153 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-01-29 18:33 - 2014-08-19 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-01-29 18:33 - 2014-08-19 23:59 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-01-29 18:33 - 2014-04-03 06:44 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-29 12:19 - 2014-10-24 06:49 - 00015250 _____ () C:\Windows\PFRO.log
2015-01-28 14:45 - 2009-07-14 05:45 - 00438272 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-28 14:38 - 2014-08-19 18:59 - 00111400 _____ () C:\Users\Adrian\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-28 14:30 - 2014-08-19 18:57 - 00000000 ____D () C:\Users\Adrian\AppData\Local\VirtualStore
2015-01-28 14:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-28 02:55 - 2014-08-19 19:29 - 00000000 ___RD () C:\Users\Adrian\Desktop\Programme
2015-01-28 02:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Speech
2015-01-26 03:01 - 2014-08-20 23:41 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-26 03:00 - 2014-08-20 23:41 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-08 09:55 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2014-08-15 08:24 - 2014-08-15 08:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Adrian\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-25 21:02

==================== End Of Log ============================
         
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2015 01
Ran by Adrian at 2015-02-05 07:55:51
Running from C:\Users\Adrian\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Antivirus Pro (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Avira (HKLM-x32\...\{2c18809c-4097-4b51-a4d0-3deade730ef3}) (Version: 1.1.29.22350 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.29.22350 - Avira Operations & Co. KG) Hidden
Avira System Speedup 1.6 (HKLM-x32\...\Avira System Speedup_is1) (Version: 1.6 - 2000 - 2014 Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Firefox-improver (HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\Firefox-improver) (Version: 2 - Appli LLC)
GU Player (remove only) (HKLM-x32\...\GU Player) (Version:  - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.2.1000 - Intel Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 35.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 de)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
SHARKOON Skiller (HKLM-x32\...\{91C25547-9534-41A5-823A-1E54BA16EA3F}) (Version: 1.00.0000 - )
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\SoftwareUpdater) (Version: 1.0.0.0 - Software Updater Ltd)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TP-LINK 300Mbps Wireless USB Adapter Treiber (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
Warcraft 3 (HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\Warcraft 3) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3579592859-3594887549-3632172591-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3579592859-3594887549-3632172591-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3579592859-3594887549-3632172591-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3579592859-3594887549-3632172591-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3579592859-3594887549-3632172591-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Adrian\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

04-02-2015 17:44:42 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {56B11E81-0B0E-477B-B5AF-9EF7E3C27156} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {7B482FF0-9CD7-48FC-ADBE-2D675006F35D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-01-28] (Microsoft Corporation)
Task: {A3262DA4-E76F-4CD0-ABCE-90AFBBA0BBDD} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [2015-01-21] (Avira Operations GmbH & Co. KG)
Task: {BC6DF72C-1398-4199-91BA-1CC067908112} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

==================== Loaded Modules (whitelisted) ==============

2015-01-28 14:30 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-08-21 03:02 - 2014-08-21 03:02 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-01-28 14:41 - 2015-01-28 14:41 - 00120832 _____ () C:\Users\Adrian\AppData\Roaming\SoftwareUpdater\SUsrv.exe
2014-08-15 08:25 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-06-12 17:11 - 2014-08-19 19:43 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2014-08-19 19:43 - 2015-02-04 17:56 - 02445816 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.234\deploy\LoLLauncher.exe
2015-02-04 17:56 - 2015-02-04 17:56 - 04234232 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.18\deploy\LoLPatcher.exe
2014-08-19 20:09 - 2014-08-19 20:09 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.127\deploy\LolClient.exe
2015-02-04 17:56 - 2015-02-04 17:56 - 01618424 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.18\deploy\RiotLauncher.dll
2014-08-19 20:09 - 2014-08-19 20:09 - 04774248 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.127\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2015-01-27 23:23 - 2015-01-23 11:37 - 03925104 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-3579592859-3594887549-3632172591-500 - Administrator - Disabled)
Adrian (S-1-5-21-3579592859-3594887549-3632172591-1000 - Administrator - Enabled) => C:\Users\Adrian
Gast (S-1-5-21-3579592859-3594887549-3632172591-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3579592859-3594887549-3632172591-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/05/2015 07:02:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/05/2015 07:00:49 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcX509CertManager::KeyCertInit failed [0]

Error: (02/04/2015 10:15:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2015 10:13:20 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcX509CertManager::KeyCertInit failed [0]

Error: (02/04/2015 05:42:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2015 05:40:33 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcX509CertManager::KeyCertInit failed [0]

Error: (02/02/2015 11:20:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/02/2015 11:19:06 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcX509CertManager::KeyCertInit failed [0]

Error: (02/02/2015 04:53:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/02/2015 04:51:19 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcX509CertManager::KeyCertInit failed [0]


System errors:
=============
Error: (02/05/2015 07:00:46 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎05.‎02.‎2015 um 06:58:27 unerwartet heruntergefahren.

Error: (01/29/2015 11:21:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Stereoscopic 3D Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/28/2015 05:32:01 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/28/2015 05:02:58 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht.

Error: (01/28/2015 02:24:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/28/2015 02:24:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/28/2015 02:24:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/28/2015 02:24:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/28/2015 02:24:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/28/2015 02:24:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Compatibility Verify" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (02/05/2015 07:02:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/05/2015 07:00:49 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcX509CertManager::KeyCertInit failed [0]

Error: (02/04/2015 10:15:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2015 10:13:20 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcX509CertManager::KeyCertInit failed [0]

Error: (02/04/2015 05:42:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/04/2015 05:40:33 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcX509CertManager::KeyCertInit failed [0]

Error: (02/02/2015 11:20:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/02/2015 11:19:06 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcX509CertManager::KeyCertInit failed [0]

Error: (02/02/2015 04:53:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/02/2015 04:51:19 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcX509CertManager::KeyCertInit failed [0]


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz
Percentage of memory in use: 28%
Total physical RAM: 8120.02 MB
Available physical RAM: 5795.46 MB
Total Pagefile: 16238.21 MB
Available Pagefile: 13507.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:111.79 GB) (Free:9.05 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data1) (Fixed) (Total:931.51 GB) (Free:931.31 GB) NTFS
Drive g: () (CDROM) (Total:1.07 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 50489017)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 50489002)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-02-05 08:24:36
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000064 Samsung_ rev.EXT0 111,79GB
Running: vpl5fhzr.exe; Driver: C:\Users\Adrian\AppData\Local\Temp\ugliqpod.sys


---- User code sections - GMER 2.1 ----

.text    C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                          00000000769d1401 2 bytes JMP 767fb21b C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                            00000000769d1419 2 bytes JMP 767fb346 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                          00000000769d1431 2 bytes JMP 76878ea9 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                          00000000769d144a 2 bytes CALL 767d48ad C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                     * 9
.text    C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                             00000000769d14dd 2 bytes JMP 768787a2 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                      00000000769d14f5 2 bytes JMP 76878978 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                             00000000769d150d 2 bytes JMP 76878698 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                      00000000769d1525 2 bytes JMP 76878a62 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                            00000000769d153d 2 bytes JMP 767efca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                 00000000769d1555 2 bytes JMP 767f68ef C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                          00000000769d156d 2 bytes JMP 76878f61 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                            00000000769d1585 2 bytes JMP 76878ac2 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                               00000000769d159d 2 bytes JMP 7687865c C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                            00000000769d15b5 2 bytes JMP 767efd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                          00000000769d15cd 2 bytes JMP 767fb2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                      00000000769d16b2 2 bytes JMP 76878e24 C:\Windows\syswow64\kernel32.dll
.text    C:\Windows\system32\PnkBstrA.exe[2000] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                      00000000769d16bd 2 bytes JMP 768785f1 C:\Windows\syswow64\kernel32.dll

---- Threads - GMER 2.1 ----

Thread   C:\Program Files\Windows Media Player\wmpnetwk.exe [3832:4416]                                                                                                          000007fefac22bf8
---- Processes - GMER 2.1 ----

Process  C:\Users\Adrian\AppData\Roaming\SoftwareUpdater\SUsrv.exe (*** suspicious ***) @ C:\Users\Adrian\AppData\Roaming\SoftwareUpdater\SUsrv.exe [2024](2015-01-28 13:41:51)  0000000001300000

---- EOF - GMER 2.1 ----
         

Alt 05.02.2015, 08:36   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Sprechblase für Windowsupdater(nicht von Microsoft) geht auf - Standard

Sprechblase für Windowsupdater(nicht von Microsoft) geht auf



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 05.02.2015, 18:53   #3
Ggnis
 
Sprechblase für Windowsupdater(nicht von Microsoft) geht auf - Standard

Sprechblase für Windowsupdater(nicht von Microsoft) geht auf



Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.08.3.1004
www.malwarebytes.org

Database version:
  main:    v2015.02.05.08
  rootkit: v2015.02.03.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Adrian :: ADRIAN-PC [administrator]

05.02.2015 18:24:17
mbar-log-2015-02-05 (18-24-17).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 330854
Time elapsed: 5 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
18:32:12.0578 0x1190  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
18:32:19.0522 0x1190  ============================================================
18:32:19.0522 0x1190  Current date / time: 2015/02/05 18:32:19.0522
18:32:19.0522 0x1190  SystemInfo:
18:32:19.0522 0x1190  
18:32:19.0522 0x1190  OS Version: 6.1.7601 ServicePack: 1.0
18:32:19.0522 0x1190  Product type: Workstation
18:32:19.0522 0x1190  ComputerName: ADRIAN-PC
18:32:19.0523 0x1190  UserName: Adrian
18:32:19.0523 0x1190  Windows directory: C:\Windows
18:32:19.0523 0x1190  System windows directory: C:\Windows
18:32:19.0523 0x1190  Running under WOW64
18:32:19.0523 0x1190  Processor architecture: Intel x64
18:32:19.0523 0x1190  Number of processors: 4
18:32:19.0523 0x1190  Page size: 0x1000
18:32:19.0523 0x1190  Boot type: Normal boot
18:32:19.0523 0x1190  ============================================================
18:32:19.0745 0x1190  KLMD registered as C:\Windows\system32\drivers\03075249.sys
18:32:20.0049 0x1190  System UUID: {EA3AF40E-A93A-5705-77FF-56025B71591C}
18:32:20.0873 0x1190  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:32:20.0874 0x1190  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:32:20.0877 0x1190  ============================================================
18:32:20.0877 0x1190  \Device\Harddisk0\DR0:
18:32:20.0877 0x1190  MBR partitions:
18:32:20.0877 0x1190  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDF93BB0
18:32:20.0877 0x1190  \Device\Harddisk1\DR1:
18:32:20.0877 0x1190  MBR partitions:
18:32:20.0877 0x1190  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
18:32:20.0877 0x1190  ============================================================
18:32:20.0878 0x1190  C: <-> \Device\Harddisk0\DR0\Partition1
18:32:20.0905 0x1190  D: <-> \Device\Harddisk1\DR1\Partition1
18:32:20.0905 0x1190  ============================================================
18:32:20.0905 0x1190  Initialize success
18:32:20.0905 0x1190  ============================================================
18:34:15.0712 0x0e34  ============================================================
18:34:15.0712 0x0e34  Scan started
18:34:15.0712 0x0e34  Mode: Manual; SigCheck; TDLFS; 
18:34:15.0712 0x0e34  ============================================================
18:34:15.0712 0x0e34  KSN ping started
18:34:29.0529 0x0e34  KSN ping finished: true
18:34:29.0816 0x0e34  ================ Scan system memory ========================
18:34:29.0816 0x0e34  System memory - ok
18:34:29.0817 0x0e34  ================ Scan services =============================
18:34:29.0831 0x0e34  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:34:29.0855 0x0e34  1394ohci - ok
18:34:29.0866 0x0e34  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:34:29.0875 0x0e34  ACPI - ok
18:34:29.0877 0x0e34  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:34:29.0890 0x0e34  AcpiPmi - ok
18:34:29.0899 0x0e34  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:34:29.0910 0x0e34  adp94xx - ok
18:34:29.0918 0x0e34  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:34:29.0927 0x0e34  adpahci - ok
18:34:29.0932 0x0e34  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:34:29.0939 0x0e34  adpu320 - ok
18:34:29.0947 0x0e34  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:34:30.0035 0x0e34  AeLookupSvc - ok
18:34:30.0058 0x0e34  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
18:34:30.0080 0x0e34  AFD - ok
18:34:30.0084 0x0e34  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
18:34:30.0090 0x0e34  agp440 - ok
18:34:30.0095 0x0e34  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:34:30.0109 0x0e34  ALG - ok
18:34:30.0111 0x0e34  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:34:30.0117 0x0e34  aliide - ok
18:34:30.0119 0x0e34  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:34:30.0124 0x0e34  amdide - ok
18:34:30.0127 0x0e34  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
18:34:30.0134 0x0e34  AmdK8 - ok
18:34:30.0137 0x0e34  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
18:34:30.0143 0x0e34  AmdPPM - ok
18:34:30.0147 0x0e34  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:34:30.0153 0x0e34  amdsata - ok
18:34:30.0158 0x0e34  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:34:30.0165 0x0e34  amdsbs - ok
18:34:30.0167 0x0e34  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:34:30.0172 0x0e34  amdxata - ok
18:34:30.0188 0x0e34  [ D0F2BD42CD3AC015BD93A81638210BC7, 87C4DD26623959A8D7A5F2031D57BCBA68F02EEA2F6D0016D6AD06F4EADC4C7A ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
18:34:30.0203 0x0e34  AntiVirMailService - ok
18:34:30.0211 0x0e34  [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:34:30.0220 0x0e34  AntiVirSchedulerService - ok
18:34:30.0228 0x0e34  [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:34:30.0237 0x0e34  AntiVirService - ok
18:34:30.0252 0x0e34  [ 027820FE847A7B4245234A4E6E825BE1, EB5638C22C52D0B07F9782B7660BBA730A10A80DC138B7DAD20F849221DEF80B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
18:34:30.0268 0x0e34  AntiVirWebService - ok
18:34:30.0271 0x0e34  [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID           C:\Windows\system32\drivers\appid.sys
18:34:30.0281 0x0e34  AppID - ok
18:34:30.0283 0x0e34  [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:34:30.0289 0x0e34  AppIDSvc - ok
18:34:30.0294 0x0e34  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
18:34:30.0305 0x0e34  Appinfo - ok
18:34:30.0308 0x0e34  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
18:34:30.0314 0x0e34  arc - ok
18:34:30.0317 0x0e34  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:34:30.0323 0x0e34  arcsas - ok
18:34:30.0331 0x0e34  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:34:30.0337 0x0e34  aspnet_state - ok
18:34:30.0340 0x0e34  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:34:30.0357 0x0e34  AsyncMac - ok
18:34:30.0360 0x0e34  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:34:30.0365 0x0e34  atapi - ok
18:34:30.0376 0x0e34  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:34:30.0394 0x0e34  AudioEndpointBuilder - ok
18:34:30.0404 0x0e34  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:34:30.0418 0x0e34  AudioSrv - ok
18:34:30.0422 0x0e34  [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
18:34:30.0433 0x0e34  avgntflt - ok
18:34:30.0436 0x0e34  [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
18:34:30.0442 0x0e34  avipbb - ok
18:34:30.0447 0x0e34  [ 523EBA6B6124EC416FF35A37BB47C30A, D2C545BB78E91ECCD3FFACFB524D03DFD5E277871A2500164F3602445A8A86FA ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
18:34:30.0453 0x0e34  Avira.OE.ServiceHost - ok
18:34:30.0455 0x0e34  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
18:34:30.0460 0x0e34  avkmgr - ok
18:34:30.0463 0x0e34  [ F627BFFCC52587350E49FC2C2A03C7F9, 5BB748CEEB72199E6AAB6C48B111342A89EC03649EC28ED32BA12E95E3B6F607 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
18:34:30.0468 0x0e34  avnetflt - ok
18:34:30.0475 0x0e34  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:34:30.0489 0x0e34  AxInstSV - ok
18:34:30.0499 0x0e34  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
18:34:30.0512 0x0e34  b06bdrv - ok
18:34:30.0527 0x0e34  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:34:30.0536 0x0e34  b57nd60a - ok
18:34:30.0542 0x0e34  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:34:30.0552 0x0e34  BDESVC - ok
18:34:30.0554 0x0e34  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:34:30.0571 0x0e34  Beep - ok
18:34:30.0601 0x0e34  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
18:34:30.0620 0x0e34  BFE - ok
18:34:30.0686 0x0e34  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
18:34:30.0743 0x0e34  BITS - ok
18:34:30.0747 0x0e34  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
18:34:30.0753 0x0e34  blbdrive - ok
18:34:30.0760 0x0e34  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:34:30.0769 0x0e34  bowser - ok
18:34:30.0771 0x0e34  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
18:34:30.0779 0x0e34  BrFiltLo - ok
18:34:30.0781 0x0e34  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
18:34:30.0789 0x0e34  BrFiltUp - ok
18:34:30.0796 0x0e34  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
18:34:30.0806 0x0e34  Browser - ok
18:34:30.0812 0x0e34  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:34:30.0823 0x0e34  Brserid - ok
18:34:30.0826 0x0e34  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:34:30.0833 0x0e34  BrSerWdm - ok
18:34:30.0836 0x0e34  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:34:30.0842 0x0e34  BrUsbMdm - ok
18:34:30.0845 0x0e34  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:34:30.0850 0x0e34  BrUsbSer - ok
18:34:30.0853 0x0e34  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
18:34:30.0861 0x0e34  BTHMODEM - ok
18:34:30.0867 0x0e34  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
18:34:30.0885 0x0e34  bthserv - ok
18:34:30.0905 0x0e34  [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
18:34:30.0929 0x0e34  c2cautoupdatesvc - ok
18:34:30.0956 0x0e34  [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
18:34:30.0984 0x0e34  c2cpnrsvc - ok
18:34:30.0993 0x0e34  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:34:31.0011 0x0e34  cdfs - ok
18:34:31.0016 0x0e34  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:34:31.0023 0x0e34  cdrom - ok
18:34:31.0029 0x0e34  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:34:31.0046 0x0e34  CertPropSvc - ok
18:34:31.0048 0x0e34  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
18:34:31.0056 0x0e34  circlass - ok
18:34:31.0079 0x0e34  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
18:34:31.0089 0x0e34  CLFS - ok
18:34:31.0125 0x0e34  [ 7E526C5B4DD233EBCF1EA3EC211E2913, 9DC99F18454001AF5462C773C174E2D6E503316550C7E9D7824E9CBC503FCA3B ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
18:34:31.0162 0x0e34  ClickToRunSvc - ok
18:34:31.0169 0x0e34  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:34:31.0175 0x0e34  clr_optimization_v2.0.50727_32 - ok
18:34:31.0179 0x0e34  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:34:31.0185 0x0e34  clr_optimization_v2.0.50727_64 - ok
18:34:31.0194 0x0e34  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:34:31.0201 0x0e34  clr_optimization_v4.0.30319_32 - ok
18:34:31.0209 0x0e34  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:34:31.0217 0x0e34  clr_optimization_v4.0.30319_64 - ok
18:34:31.0219 0x0e34  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
18:34:31.0224 0x0e34  CmBatt - ok
18:34:31.0226 0x0e34  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:34:31.0231 0x0e34  cmdide - ok
18:34:31.0250 0x0e34  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
18:34:31.0264 0x0e34  CNG - ok
18:34:31.0266 0x0e34  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
18:34:31.0271 0x0e34  Compbatt - ok
18:34:31.0273 0x0e34  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:34:31.0281 0x0e34  CompositeBus - ok
18:34:31.0283 0x0e34  COMSysApp - ok
18:34:31.0285 0x0e34  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:34:31.0290 0x0e34  crcdisk - ok
18:34:31.0296 0x0e34  [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:34:31.0306 0x0e34  CryptSvc - ok
18:34:31.0334 0x0e34  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:34:31.0357 0x0e34  DcomLaunch - ok
18:34:31.0376 0x0e34  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:34:31.0396 0x0e34  defragsvc - ok
18:34:31.0404 0x0e34  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:34:31.0421 0x0e34  DfsC - ok
18:34:31.0438 0x0e34  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:34:31.0452 0x0e34  Dhcp - ok
18:34:31.0456 0x0e34  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
18:34:31.0474 0x0e34  discache - ok
18:34:31.0477 0x0e34  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
18:34:31.0483 0x0e34  Disk - ok
18:34:31.0491 0x0e34  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:34:31.0502 0x0e34  Dnscache - ok
18:34:31.0513 0x0e34  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:34:31.0532 0x0e34  dot3svc - ok
18:34:31.0541 0x0e34  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
18:34:31.0559 0x0e34  DPS - ok
18:34:31.0562 0x0e34  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:34:31.0570 0x0e34  drmkaud - ok
18:34:31.0576 0x0e34  [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:34:31.0584 0x0e34  dtsoftbus01 - ok
18:34:31.0616 0x0e34  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:34:31.0633 0x0e34  DXGKrnl - ok
18:34:31.0644 0x0e34  [ A6DB3A7828B456A574243066E2E77D8C, 852F14E5FD77A47BF901E0A27F6D21BD9236275135C33ABB30589D0346341179 ] E100B           C:\Windows\system32\DRIVERS\efe5b32e.sys
18:34:31.0652 0x0e34  E100B - ok
18:34:31.0660 0x0e34  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
18:34:31.0679 0x0e34  EapHost - ok
18:34:31.0723 0x0e34  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
18:34:31.0771 0x0e34  ebdrv - ok
18:34:31.0778 0x0e34  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
18:34:31.0787 0x0e34  EFS - ok
18:34:31.0824 0x0e34  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:34:31.0841 0x0e34  ehRecvr - ok
18:34:31.0845 0x0e34  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
18:34:31.0852 0x0e34  ehSched - ok
18:34:31.0861 0x0e34  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:34:31.0873 0x0e34  elxstor - ok
18:34:31.0875 0x0e34  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:34:31.0881 0x0e34  ErrDev - ok
18:34:31.0901 0x0e34  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
18:34:31.0923 0x0e34  EventSystem - ok
18:34:31.0932 0x0e34  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:34:31.0951 0x0e34  exfat - ok
18:34:31.0963 0x0e34  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:34:31.0982 0x0e34  fastfat - ok
18:34:32.0012 0x0e34  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
18:34:32.0028 0x0e34  Fax - ok
18:34:32.0031 0x0e34  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
18:34:32.0037 0x0e34  fdc - ok
18:34:32.0041 0x0e34  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
18:34:32.0058 0x0e34  fdPHost - ok
18:34:32.0063 0x0e34  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:34:32.0081 0x0e34  FDResPub - ok
18:34:32.0087 0x0e34  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:34:32.0093 0x0e34  FileInfo - ok
18:34:32.0095 0x0e34  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:34:32.0112 0x0e34  Filetrace - ok
18:34:32.0115 0x0e34  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
18:34:32.0120 0x0e34  flpydisk - ok
18:34:32.0137 0x0e34  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:34:32.0145 0x0e34  FltMgr - ok
18:34:32.0179 0x0e34  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
18:34:32.0205 0x0e34  FontCache - ok
18:34:32.0210 0x0e34  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:34:32.0215 0x0e34  FontCache3.0.0.0 - ok
18:34:32.0219 0x0e34  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:34:32.0225 0x0e34  FsDepends - ok
18:34:32.0228 0x0e34  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:34:32.0233 0x0e34  Fs_Rec - ok
18:34:32.0245 0x0e34  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:34:32.0254 0x0e34  fvevol - ok
18:34:32.0257 0x0e34  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:34:32.0262 0x0e34  gagp30kx - ok
18:34:32.0265 0x0e34  [ F5D15F93007259AFD6FC2DEC420132A1, EB1B5D0478861AC038A7E0CD7317EFA836DDBD66B1419067B5DD75CE924421BA ] GameKB          C:\Windows\system32\drivers\GameKB.sys
18:34:32.0271 0x0e34  GameKB - ok
18:34:32.0318 0x0e34  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:34:32.0358 0x0e34  gpsvc - ok
18:34:32.0362 0x0e34  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:34:32.0371 0x0e34  hcw85cir - ok
18:34:32.0394 0x0e34  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:34:32.0405 0x0e34  HdAudAddService - ok
18:34:32.0409 0x0e34  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:34:32.0417 0x0e34  HDAudBus - ok
18:34:32.0419 0x0e34  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
18:34:32.0425 0x0e34  HidBatt - ok
18:34:32.0428 0x0e34  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:34:32.0436 0x0e34  HidBth - ok
18:34:32.0439 0x0e34  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
18:34:32.0446 0x0e34  HidIr - ok
18:34:32.0450 0x0e34  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
18:34:32.0467 0x0e34  hidserv - ok
18:34:32.0470 0x0e34  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:34:32.0477 0x0e34  HidUsb - ok
18:34:32.0484 0x0e34  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:34:32.0501 0x0e34  hkmsvc - ok
18:34:32.0513 0x0e34  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:34:32.0524 0x0e34  HomeGroupListener - ok
18:34:32.0536 0x0e34  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:34:32.0544 0x0e34  HomeGroupProvider - ok
18:34:32.0547 0x0e34  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:34:32.0553 0x0e34  HpSAMD - ok
18:34:32.0588 0x0e34  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:34:32.0614 0x0e34  HTTP - ok
18:34:32.0617 0x0e34  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:34:32.0622 0x0e34  hwpolicy - ok
18:34:32.0625 0x0e34  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:34:32.0632 0x0e34  i8042prt - ok
18:34:32.0642 0x0e34  [ 96FBFC177A603840FFDF059EEB804176, A83FB1DF4B3DF774D44305B6CA566338FD95D937CA53E266A40E2DE19EFC6AB6 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
18:34:32.0655 0x0e34  iaStorA - ok
18:34:32.0659 0x0e34  [ ED45EB18204F5211310E2596B7418BED, 407929394175454DDBE87A34D53EC19E1D56A162BF868A1CF9F2DE776789FBFC ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:34:32.0663 0x0e34  IAStorDataMgrSvc - ok
18:34:32.0665 0x0e34  [ 7B9E39DB30155E0A71B97AAB038E5F24, D56BC1D31A5B9555AA4E7AB2CAC224361F9F74263E2D6969292893184689D430 ] iaStorF         C:\Windows\system32\drivers\iaStorF.sys
18:34:32.0670 0x0e34  iaStorF - ok
18:34:32.0678 0x0e34  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:34:32.0688 0x0e34  iaStorV - ok
18:34:32.0701 0x0e34  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:34:32.0717 0x0e34  idsvc - ok
18:34:32.0720 0x0e34  IEEtwCollectorService - ok
18:34:32.0722 0x0e34  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:34:32.0728 0x0e34  iirsp - ok
18:34:32.0777 0x0e34  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
18:34:32.0794 0x0e34  IKEEXT - ok
18:34:32.0986 0x0e34  [ 39246F2CFBF1D32C3A12E242661EC039, EADF06D9B142844C16C2B0E412D708DB02BA07E2CD96BBFB2F0984DD6BB63E28 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:34:33.0042 0x0e34  IntcAzAudAddService - ok
18:34:33.0049 0x0e34  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:34:33.0054 0x0e34  intelide - ok
18:34:33.0057 0x0e34  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
18:34:33.0064 0x0e34  intelppm - ok
18:34:33.0071 0x0e34  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:34:33.0089 0x0e34  IPBusEnum - ok
18:34:33.0096 0x0e34  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:34:33.0103 0x1100  Object required for P2P: [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI
18:34:33.0115 0x0e34  IpFilterDriver - ok
18:34:33.0153 0x0e34  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:34:33.0181 0x0e34  iphlpsvc - ok
18:34:33.0184 0x0e34  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:34:33.0191 0x0e34  IPMIDRV - ok
18:34:33.0198 0x0e34  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:34:33.0216 0x0e34  IPNAT - ok
18:34:33.0219 0x0e34  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:34:33.0227 0x0e34  IRENUM - ok
18:34:33.0229 0x0e34  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:34:33.0234 0x0e34  isapnp - ok
18:34:33.0239 0x0e34  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:34:33.0248 0x0e34  iScsiPrt - ok
18:34:33.0250 0x0e34  [ 970995B7C36F4408ED31C3BF204FE1F5, 466C5FA3A26E997009E33EA9B0923BFE7FCC9D367444F31C1BEB3D6EACDB6BA9 ] ISCT            C:\Windows\system32\drivers\ISCTD64.sys
18:34:33.0255 0x0e34  ISCT - ok
18:34:33.0257 0x0e34  [ 3AD2F2F5D891FD49F9305D394BCF7A54, 7567F0DF0E527BAC1651A4A39B5252AF2B1F186B5FD4F0122B3B30207972F0E4 ] iusb3hcs        C:\Windows\system32\drivers\iusb3hcs.sys
18:34:33.0262 0x0e34  iusb3hcs - ok
18:34:33.0271 0x0e34  [ F7248248D3F126E07E22193F3E5DDF77, A11FD50CFE329B4AE07387A31581BC01A972917F451C4257CDB45F818074EE9B ] iusb3hub        C:\Windows\system32\drivers\iusb3hub.sys
18:34:33.0280 0x0e34  iusb3hub - ok
18:34:33.0293 0x0e34  [ AF7F994D4E9C37D54E9CDB6880D83205, A74F99786BC302101B4BEDEF543DBE85D75A2B1FEC6B4513626E6B941EF8D6A9 ] iusb3xhc        C:\Windows\system32\drivers\iusb3xhc.sys
18:34:33.0308 0x0e34  iusb3xhc - ok
18:34:33.0311 0x0e34  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:34:33.0317 0x0e34  kbdclass - ok
18:34:33.0319 0x0e34  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:34:33.0324 0x0e34  kbdhid - ok
18:34:33.0328 0x0e34  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
18:34:33.0334 0x0e34  KeyIso - ok
18:34:33.0340 0x0e34  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:34:33.0346 0x0e34  KSecDD - ok
18:34:33.0350 0x0e34  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:34:33.0356 0x0e34  KSecPkg - ok
18:34:33.0360 0x0e34  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:34:33.0377 0x0e34  ksthunk - ok
18:34:33.0399 0x0e34  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:34:33.0421 0x0e34  KtmRm - ok
18:34:33.0433 0x0e34  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:34:33.0452 0x0e34  LanmanServer - ok
18:34:33.0459 0x0e34  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:34:33.0477 0x0e34  LanmanWorkstation - ok
18:34:33.0484 0x0e34  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:34:33.0502 0x0e34  lltdio - ok
18:34:33.0524 0x0e34  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:34:33.0545 0x0e34  lltdsvc - ok
18:34:33.0549 0x0e34  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:34:33.0566 0x0e34  lmhosts - ok
18:34:33.0571 0x0e34  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:34:33.0577 0x0e34  LSI_FC - ok
18:34:33.0580 0x0e34  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:34:33.0586 0x0e34  LSI_SAS - ok
18:34:33.0589 0x0e34  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:34:33.0595 0x0e34  LSI_SAS2 - ok
18:34:33.0598 0x0e34  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:34:33.0604 0x0e34  LSI_SCSI - ok
18:34:33.0611 0x0e34  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:34:33.0630 0x0e34  luafv - ok
18:34:33.0636 0x0e34  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:34:33.0643 0x0e34  Mcx2Svc - ok
18:34:33.0646 0x0e34  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
18:34:33.0651 0x0e34  megasas - ok
18:34:33.0657 0x0e34  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
18:34:33.0666 0x0e34  MegaSR - ok
18:34:33.0669 0x0e34  [ 8751062F2F7EC78DE92D778A08099DDE, F10BE771FF9E02A51CF3A167BB967167DE4F66647D7F1508CB27D8FDD8623700 ] MEIx64          C:\Windows\system32\drivers\TeeDriverx64.sys
18:34:33.0676 0x0e34  MEIx64 - ok
18:34:33.0680 0x0e34  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
18:34:33.0698 0x0e34  MMCSS - ok
18:34:33.0702 0x0e34  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
18:34:33.0720 0x0e34  Modem - ok
18:34:33.0723 0x0e34  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:34:33.0731 0x0e34  monitor - ok
18:34:33.0733 0x0e34  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:34:33.0738 0x0e34  mouclass - ok
18:34:33.0740 0x0e34  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:34:33.0747 0x0e34  mouhid - ok
18:34:33.0753 0x0e34  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:34:33.0759 0x0e34  mountmgr - ok
18:34:33.0763 0x0e34  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:34:33.0769 0x0e34  MozillaMaintenance - ok
18:34:33.0773 0x0e34  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:34:33.0780 0x0e34  mpio - ok
18:34:33.0787 0x0e34  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:34:33.0804 0x0e34  mpsdrv - ok
18:34:33.0850 0x0e34  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:34:33.0885 0x0e34  MpsSvc - ok
18:34:33.0890 0x0e34  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:34:33.0898 0x0e34  MRxDAV - ok
18:34:33.0916 0x0e34  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:34:33.0925 0x0e34  mrxsmb - ok
18:34:33.0941 0x0e34  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:34:33.0949 0x0e34  mrxsmb10 - ok
18:34:33.0953 0x0e34  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:34:33.0960 0x0e34  mrxsmb20 - ok
18:34:33.0962 0x0e34  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:34:33.0967 0x0e34  msahci - ok
18:34:33.0971 0x0e34  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:34:33.0977 0x0e34  msdsm - ok
18:34:33.0985 0x0e34  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
18:34:33.0993 0x0e34  MSDTC - ok
18:34:33.0997 0x0e34  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:34:34.0014 0x0e34  Msfs - ok
18:34:34.0017 0x0e34  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:34:34.0034 0x0e34  mshidkmdf - ok
18:34:34.0036 0x0e34  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:34:34.0041 0x0e34  msisadrv - ok
18:34:34.0051 0x0e34  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:34:34.0070 0x0e34  MSiSCSI - ok
18:34:34.0072 0x0e34  msiserver - ok
18:34:34.0074 0x0e34  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:34:34.0092 0x0e34  MSKSSRV - ok
18:34:34.0095 0x0e34  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:34:34.0112 0x0e34  MSPCLOCK - ok
18:34:34.0114 0x0e34  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:34:34.0131 0x0e34  MSPQM - ok
18:34:34.0147 0x0e34  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:34:34.0157 0x0e34  MsRPC - ok
18:34:34.0160 0x0e34  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:34:34.0165 0x0e34  mssmbios - ok
18:34:34.0168 0x0e34  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:34:34.0185 0x0e34  MSTEE - ok
18:34:34.0187 0x0e34  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
18:34:34.0192 0x0e34  MTConfig - ok
18:34:34.0197 0x0e34  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
18:34:34.0202 0x0e34  Mup - ok
18:34:34.0230 0x0e34  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
18:34:34.0253 0x0e34  napagent - ok
18:34:34.0272 0x0e34  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:34:34.0284 0x0e34  NativeWifiP - ok
18:34:34.0347 0x0e34  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:34:34.0370 0x0e34  NDIS - ok
18:34:34.0374 0x0e34  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:34:34.0391 0x0e34  NdisCap - ok
18:34:34.0395 0x0e34  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:34:34.0412 0x0e34  NdisTapi - ok
18:34:34.0416 0x0e34  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:34:34.0433 0x0e34  Ndisuio - ok
18:34:34.0442 0x0e34  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:34:34.0462 0x0e34  NdisWan - ok
18:34:34.0465 0x0e34  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:34:34.0482 0x0e34  NDProxy - ok
18:34:34.0485 0x0e34  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:34:34.0503 0x0e34  NetBIOS - ok
18:34:34.0515 0x0e34  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:34:34.0535 0x0e34  NetBT - ok
18:34:34.0539 0x0e34  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
18:34:34.0545 0x0e34  Netlogon - ok
18:34:34.0565 0x0e34  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
18:34:34.0587 0x0e34  Netman - ok
18:34:34.0596 0x0e34  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:34:34.0603 0x0e34  NetMsmqActivator - ok
18:34:34.0611 0x0e34  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:34:34.0619 0x0e34  NetPipeActivator - ok
18:34:34.0643 0x0e34  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
18:34:34.0666 0x0e34  netprofm - ok
18:34:34.0675 0x0e34  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:34:34.0682 0x0e34  NetTcpActivator - ok
18:34:34.0691 0x0e34  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:34:34.0698 0x0e34  NetTcpPortSharing - ok
18:34:34.0701 0x0e34  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:34:34.0707 0x0e34  nfrd960 - ok
18:34:34.0713 0x0e34  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:34:34.0723 0x0e34  NlaSvc - ok
18:34:34.0728 0x0e34  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:34:34.0747 0x0e34  Npfs - ok
18:34:34.0750 0x0e34  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
18:34:34.0768 0x0e34  nsi - ok
18:34:34.0771 0x0e34  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:34:34.0789 0x0e34  nsiproxy - ok
18:34:34.0885 0x0e34  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:34:34.0912 0x0e34  Ntfs - ok
18:34:34.0916 0x0e34  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
18:34:34.0933 0x0e34  Null - ok
18:34:34.0946 0x0e34  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
18:34:34.0953 0x0e34  NVHDA - ok
18:34:35.0497 0x0e34  [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:34:35.0670 0x0e34  nvlddmkm - ok
18:34:35.0706 0x0e34  [ D3791C720DDEE697C0933B14DC135D9C, BE10585887F3C48464A856AC3510AF30D14849EEC1556D9E356A506784CB02A5 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:34:35.0734 0x0e34  NvNetworkService - ok
18:34:35.0739 0x0e34  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:34:35.0746 0x0e34  nvraid - ok
18:34:35.0750 0x0e34  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:34:35.0757 0x0e34  nvstor - ok
18:34:35.0760 0x0e34  [ 89C5BFA394D65CD305A35D3C4884265E, AA7C2007C7668817408CC56A593700FAA1D618607F71445C2D039A0BE5DE1DD1 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:34:35.0765 0x0e34  NvStreamKms - ok
18:34:35.0821 0x0d6c  Object required for P2P: [ 975761C778E33CD22498059B91E7373A ] HdAudAddService
18:34:36.0037 0x0e34  [ 5E7DD556394FA56B3C2AAB6B4C624DAC, 11364E6F5B98B21DBAAC3567687C49254CBBDEED666CEF830C4BC7F294FDB245 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
18:34:36.0040 0x1100  Object send P2P result: true
18:34:36.0299 0x0e34  NvStreamSvc - ok
18:34:36.0332 0x0e34  [ C210DB4776C094D9A7A0EAAE8E45A5DE, AA4E0C011C2D7E27D634A68A9BB5A124D1EC2F43B42B67FB2076781379A00F29 ] NvStUSB         C:\Windows\system32\drivers\nvstusb.sys
18:34:36.0342 0x0e34  NvStUSB - ok
18:34:36.0382 0x0e34  [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:34:36.0399 0x0e34  nvsvc - ok
18:34:36.0403 0x0e34  [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
18:34:36.0408 0x0e34  nvvad_WaveExtensible - ok
18:34:36.0412 0x0e34  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:34:36.0418 0x0e34  nv_agp - ok
18:34:36.0420 0x0e34  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:34:36.0427 0x0e34  ohci1394 - ok
18:34:36.0455 0x0e34  [ EF8DA126239D08B7B4734256417AE702, 4BBA0577C20E851F5B30D0D0F19382AB32AF57EFF7AA5B394E0FF6358A7AB287 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
18:34:36.0483 0x0e34  Origin Client Service - ok
18:34:36.0489 0x0e34  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:34:36.0496 0x0e34  ose - ok
18:34:36.0563 0x0e34  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:34:36.0634 0x0e34  osppsvc - ok
18:34:36.0657 0x0e34  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:34:36.0670 0x0e34  p2pimsvc - ok
18:34:36.0691 0x0e34  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:34:36.0702 0x0e34  p2psvc - ok
18:34:36.0705 0x0e34  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
18:34:36.0712 0x0e34  Parport - ok
18:34:36.0719 0x0e34  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:34:36.0724 0x0e34  partmgr - ok
18:34:36.0730 0x0e34  [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:34:36.0739 0x0e34  PcaSvc - ok
18:34:36.0743 0x0e34  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
18:34:36.0751 0x0e34  pci - ok
18:34:36.0753 0x0e34  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:34:36.0758 0x0e34  pciide - ok
18:34:36.0763 0x0e34  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:34:36.0770 0x0e34  pcmcia - ok
18:34:36.0775 0x0e34  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:34:36.0780 0x0e34  pcw - ok
18:34:36.0793 0x0e34  [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:34:36.0806 0x0e34  PEAUTH - ok
18:34:36.0816 0x0e34  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:34:36.0822 0x0e34  PerfHost - ok
18:34:36.0914 0x0e34  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
18:34:36.0953 0x0e34  pla - ok
18:34:36.0975 0x0e34  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:34:36.0989 0x0e34  PlugPlay - ok
18:34:36.0993 0x0e34  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
18:34:36.0999 0x0e34  PnkBstrA - ok
18:34:37.0003 0x0e34  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:34:37.0008 0x0e34  PNRPAutoReg - ok
18:34:37.0027 0x0e34  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:34:37.0036 0x0e34  PNRPsvc - ok
18:34:37.0062 0x0e34  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:34:37.0085 0x0e34  PolicyAgent - ok
18:34:37.0095 0x0e34  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
18:34:37.0116 0x0e34  Power - ok
18:34:37.0123 0x0e34  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:34:37.0140 0x0e34  PptpMiniport - ok
18:34:37.0143 0x0e34  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
18:34:37.0150 0x0e34  Processor - ok
18:34:37.0154 0x0e34  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:34:37.0164 0x0e34  ProfSvc - ok
18:34:37.0168 0x0e34  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:34:37.0173 0x0e34  ProtectedStorage - ok
18:34:37.0182 0x0e34  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:34:37.0200 0x0e34  Psched - ok
18:34:37.0223 0x0e34  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:34:37.0249 0x0e34  ql2300 - ok
18:34:37.0254 0x0e34  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:34:37.0261 0x0e34  ql40xx - ok
18:34:37.0274 0x0e34  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
18:34:37.0286 0x0e34  QWAVE - ok
18:34:37.0291 0x0e34  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:34:37.0300 0x0e34  QWAVEdrv - ok
18:34:37.0302 0x0e34  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:34:37.0319 0x0e34  RasAcd - ok
18:34:37.0323 0x0e34  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:34:37.0340 0x0e34  RasAgileVpn - ok
18:34:37.0347 0x0e34  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
18:34:37.0366 0x0e34  RasAuto - ok
18:34:37.0373 0x0e34  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:34:37.0391 0x0e34  Rasl2tp - ok
18:34:37.0415 0x0e34  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
18:34:37.0437 0x0e34  RasMan - ok
18:34:37.0442 0x0e34  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:34:37.0460 0x0e34  RasPppoe - ok
18:34:37.0466 0x0e34  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:34:37.0484 0x0e34  RasSstp - ok
18:34:37.0501 0x0e34  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:34:37.0521 0x0e34  rdbss - ok
18:34:37.0523 0x0e34  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
18:34:37.0530 0x0e34  rdpbus - ok
18:34:37.0533 0x0e34  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:34:37.0550 0x0e34  RDPCDD - ok
18:34:37.0553 0x0e34  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:34:37.0570 0x0e34  RDPENCDD - ok
18:34:37.0573 0x0e34  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:34:37.0590 0x0e34  RDPREFMP - ok
18:34:37.0594 0x0e34  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:34:37.0601 0x0e34  RdpVideoMiniport - ok
18:34:37.0606 0x0e34  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:34:37.0616 0x0e34  RDPWD - ok
18:34:37.0631 0x0e34  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:34:37.0638 0x0e34  rdyboost - ok
18:34:37.0645 0x0e34  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:34:37.0664 0x0e34  RemoteAccess - ok
18:34:37.0673 0x0e34  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:34:37.0692 0x0e34  RemoteRegistry - ok
18:34:37.0697 0x0e34  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:34:37.0716 0x0e34  RpcEptMapper - ok
18:34:37.0719 0x0e34  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
18:34:37.0725 0x0e34  RpcLocator - ok
18:34:37.0751 0x0e34  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
18:34:37.0773 0x0e34  RpcSs - ok
18:34:37.0780 0x0e34  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:34:37.0798 0x0e34  rspndr - ok
18:34:37.0814 0x0e34  [ D2D055E7ED70A5EE885D17D35DF97E80, 51781E55EEE111140A261822D3F78D76AD288E9DDF8578E236358E0AEB872C2F ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
18:34:37.0830 0x0e34  RTL8167 - ok
18:34:37.0848 0x0e34  [ 7461D3DA1AABB5F703504E958455A900, B77D36E095A476A8191C1771539F20529F82CACF3C945BF55D64C39EEF09D0EA ] RTL8192cu       C:\Windows\system32\DRIVERS\RTL8192cu.sys
18:34:37.0864 0x0e34  RTL8192cu - ok
18:34:37.0869 0x0e34  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
18:34:37.0874 0x0e34  SamSs - ok
18:34:37.0878 0x0e34  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:34:37.0884 0x0e34  sbp2port - ok
18:34:37.0896 0x0e34  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:34:37.0915 0x0e34  SCardSvr - ok
18:34:37.0918 0x0e34  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:34:37.0935 0x0e34  scfilter - ok
18:34:38.0011 0x0e34  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
18:34:38.0052 0x0e34  Schedule - ok
18:34:38.0059 0x0e34  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:34:38.0077 0x0e34  SCPolicySvc - ok
18:34:38.0088 0x0e34  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:34:38.0098 0x0e34  SDRSVC - ok
18:34:38.0102 0x0e34  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:34:38.0120 0x0e34  secdrv - ok
18:34:38.0125 0x0e34  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
18:34:38.0143 0x0e34  seclogon - ok
18:34:38.0148 0x0e34  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
18:34:38.0166 0x0e34  SENS - ok
18:34:38.0170 0x0e34  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:34:38.0178 0x0e34  SensrSvc - ok
18:34:38.0181 0x0e34  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
18:34:38.0186 0x0e34  Serenum - ok
18:34:38.0189 0x0e34  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
18:34:38.0196 0x0e34  Serial - ok
18:34:38.0198 0x0e34  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:34:38.0204 0x0e34  sermouse - ok
18:34:38.0208 0x0e34  [ 5F9D855554A29427B2C2F594D4594B8C, 7FC769E154F0038830E1625529065587C1D7CFE9858E02B496B15D8E6EA35C85 ] serversu        C:\Users\Adrian\AppData\Roaming\SoftwareUpdater\SUsrv.exe
18:34:38.0212 0x0e34  serversu - detected UnsignedFile.Multi.Generic ( 1 )
18:34:38.0579 0x0d6c  Object send P2P result: true
18:34:40.0945 0x0e34  serversu ( UnsignedFile.Multi.Generic ) - warning
18:34:43.0636 0x0e34  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
18:34:43.0676 0x0e34  SessionEnv - ok
18:34:43.0679 0x0e34  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:34:43.0685 0x0e34  sffdisk - ok
18:34:43.0687 0x0e34  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:34:43.0694 0x0e34  sffp_mmc - ok
18:34:43.0696 0x0e34  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:34:43.0703 0x0e34  sffp_sd - ok
18:34:43.0705 0x0e34  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:34:43.0711 0x0e34  sfloppy - ok
18:34:43.0733 0x0e34  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:34:43.0755 0x0e34  SharedAccess - ok
18:34:43.0776 0x0e34  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:34:43.0798 0x0e34  ShellHWDetection - ok
18:34:43.0800 0x0e34  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:34:43.0806 0x0e34  SiSRaid2 - ok
18:34:43.0808 0x0e34  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:34:43.0814 0x0e34  SiSRaid4 - ok
18:34:43.0821 0x0e34  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:34:43.0830 0x0e34  SkypeUpdate - ok
18:34:43.0838 0x0e34  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:34:43.0856 0x0e34  Smb - ok
18:34:43.0860 0x0e34  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:34:43.0867 0x0e34  SNMPTRAP - ok
18:34:43.0870 0x0e34  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:34:43.0875 0x0e34  spldr - ok
18:34:43.0902 0x0e34  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
18:34:43.0916 0x0e34  Spooler - ok
18:34:44.0097 0x0e34  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
18:34:44.0159 0x0e34  sppsvc - ok
18:34:44.0168 0x0e34  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:34:44.0187 0x0e34  sppuinotify - ok
18:34:44.0215 0x0e34  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:34:44.0229 0x0e34  srv - ok
18:34:44.0247 0x0e34  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:34:44.0258 0x0e34  srv2 - ok
18:34:44.0265 0x0e34  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:34:44.0273 0x0e34  srvnet - ok
18:34:44.0283 0x0e34  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:34:44.0304 0x0e34  SSDPSRV - ok
18:34:44.0311 0x0e34  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:34:44.0330 0x0e34  SstpSvc - ok
18:34:44.0343 0x0e34  [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:34:44.0357 0x0e34  Steam Client Service - ok
18:34:44.0376 0x0e34  [ D2230317777033CD0456990BFC4994E5, 0F2F559593EAD7AB4596E67E9AE56E5ABF5C945201366CFC972357C22A4F776A ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:34:44.0386 0x0e34  Stereo Service - ok
18:34:44.0388 0x0e34  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:34:44.0394 0x0e34  stexstor - ok
18:34:44.0425 0x0e34  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
18:34:44.0441 0x0e34  stisvc - ok
18:34:44.0444 0x0e34  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:34:44.0449 0x0e34  swenum - ok
18:34:44.0468 0x0e34  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
18:34:44.0492 0x0e34  swprv - ok
18:34:44.0591 0x0e34  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
18:34:44.0627 0x0e34  SysMain - ok
18:34:44.0635 0x0e34  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:34:44.0644 0x0e34  TabletInputService - ok
18:34:44.0659 0x0e34  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:34:44.0680 0x0e34  TapiSrv - ok
18:34:44.0686 0x0e34  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
18:34:44.0704 0x0e34  TBS - ok
18:34:44.0835 0x0e34  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:34:44.0869 0x0e34  Tcpip - ok
18:34:44.0996 0x0e34  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:34:45.0025 0x0e34  TCPIP6 - ok
18:34:45.0032 0x0e34  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:34:45.0038 0x0e34  tcpipreg - ok
18:34:45.0041 0x0e34  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:34:45.0048 0x0e34  TDPIPE - ok
18:34:45.0051 0x0e34  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:34:45.0056 0x0e34  TDTCP - ok
18:34:45.0064 0x0e34  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:34:45.0082 0x0e34  tdx - ok
18:34:45.0084 0x0e34  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:34:45.0090 0x0e34  TermDD - ok
18:34:45.0092 0x0e34  [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
18:34:45.0099 0x0e34  terminpt - ok
18:34:45.0112 0x0e34  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
18:34:45.0129 0x0e34  TermService - ok
18:34:45.0133 0x0e34  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
18:34:45.0142 0x0e34  Themes - ok
18:34:45.0147 0x0e34  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:34:45.0165 0x0e34  THREADORDER - ok
18:34:45.0171 0x0e34  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
18:34:45.0190 0x0e34  TrkWks - ok
18:34:45.0196 0x0e34  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:34:45.0214 0x0e34  TrustedInstaller - ok
18:34:45.0217 0x0e34  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:34:45.0223 0x0e34  tssecsrv - ok
18:34:45.0230 0x0e34  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:34:45.0238 0x0e34  TsUsbFlt - ok
18:34:45.0241 0x0e34  [ D34789988234DCC8FA55FA9A485AF0EC, 5C1A77EFA23261F5F9C971A12145CA6AC701723A94B6A8AE9BE95EEDD3C02919 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
18:34:45.0247 0x0e34  TsUsbGD - ok
18:34:45.0254 0x0e34  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:34:45.0272 0x0e34  tunnel - ok
18:34:45.0275 0x0e34  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:34:45.0281 0x0e34  uagp35 - ok
18:34:45.0301 0x0e34  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:34:45.0321 0x0e34  udfs - ok
18:34:45.0329 0x0e34  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:34:45.0336 0x0e34  UI0Detect - ok
18:34:45.0338 0x0e34  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:34:45.0344 0x0e34  uliagpkx - ok
18:34:45.0346 0x0e34  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:34:45.0352 0x0e34  umbus - ok
18:34:45.0354 0x0e34  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
18:34:45.0360 0x0e34  UmPass - ok
18:34:45.0390 0x0e34  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
18:34:45.0411 0x0e34  upnphost - ok
18:34:45.0414 0x0e34  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:34:45.0423 0x0e34  usbccgp - ok
18:34:45.0427 0x0e34  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:34:45.0434 0x0e34  usbcir - ok
18:34:45.0437 0x0e34  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:34:45.0443 0x0e34  usbehci - ok
18:34:45.0450 0x0e34  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
18:34:45.0459 0x0e34  usbhub - ok
18:34:45.0462 0x0e34  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:34:45.0467 0x0e34  usbohci - ok
18:34:45.0469 0x0e34  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
18:34:45.0476 0x0e34  usbprint - ok
18:34:45.0479 0x0e34  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:34:45.0488 0x0e34  USBSTOR - ok
18:34:45.0490 0x0e34  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:34:45.0495 0x0e34  usbuhci - ok
18:34:45.0499 0x0e34  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
18:34:45.0517 0x0e34  UxSms - ok
18:34:45.0521 0x0e34  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
18:34:45.0527 0x0e34  VaultSvc - ok
18:34:45.0529 0x0e34  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:34:45.0534 0x0e34  vdrvroot - ok
18:34:45.0563 0x0e34  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
18:34:45.0615 0x0e34  vds - ok
18:34:45.0621 0x0e34  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:34:45.0631 0x0e34  vga - ok
18:34:45.0635 0x0e34  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:34:45.0653 0x0e34  VgaSave - ok
18:34:45.0658 0x0e34  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:34:45.0666 0x0e34  vhdmp - ok
18:34:45.0668 0x0e34  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:34:45.0673 0x0e34  viaide - ok
18:34:45.0676 0x0e34  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:34:45.0681 0x0e34  volmgr - ok
18:34:45.0701 0x0e34  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:34:45.0711 0x0e34  volmgrx - ok
18:34:45.0717 0x0e34  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:34:45.0725 0x0e34  volsnap - ok
18:34:45.0729 0x0e34  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:34:45.0736 0x0e34  vsmraid - ok
18:34:45.0840 0x0e34  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
18:34:45.0885 0x0e34  VSS - ok
18:34:45.0890 0x0e34  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:34:45.0898 0x0e34  vwifibus - ok
18:34:45.0902 0x0e34  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:34:45.0911 0x0e34  vwififlt - ok
18:34:45.0928 0x0e34  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
18:34:45.0950 0x0e34  W32Time - ok
18:34:45.0953 0x0e34  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:34:45.0959 0x0e34  WacomPen - ok
18:34:45.0966 0x0e34  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:34:45.0984 0x0e34  WANARP - ok
18:34:45.0989 0x0e34  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:34:46.0007 0x0e34  Wanarpv6 - ok
18:34:46.0087 0x0e34  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
18:34:46.0119 0x0e34  wbengine - ok
18:34:46.0130 0x0e34  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:34:46.0141 0x0e34  WbioSrvc - ok
18:34:46.0157 0x0e34  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:34:46.0171 0x0e34  wcncsvc - ok
18:34:46.0176 0x0e34  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:34:46.0185 0x0e34  WcsPlugInService - ok
18:34:46.0187 0x0e34  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
18:34:46.0192 0x0e34  Wd - ok
18:34:46.0252 0x0e34  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:34:46.0281 0x0e34  Wdf01000 - ok
18:34:46.0289 0x0e34  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:34:46.0329 0x0e34  WdiServiceHost - ok
18:34:46.0334 0x0e34  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:34:46.0344 0x0e34  WdiSystemHost - ok
18:34:46.0357 0x0e34  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
18:34:46.0369 0x0e34  WebClient - ok
18:34:46.0382 0x0e34  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:34:46.0404 0x0e34  Wecsvc - ok
18:34:46.0410 0x0e34  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:34:46.0430 0x0e34  wercplsupport - ok
18:34:46.0436 0x0e34  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:34:46.0454 0x0e34  WerSvc - ok
18:34:46.0457 0x0e34  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:34:46.0475 0x0e34  WfpLwf - ok
18:34:46.0478 0x0e34  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:34:46.0483 0x0e34  WIMMount - ok
18:34:46.0484 0x0e34  WinDefend - ok
18:34:46.0487 0x0e34  WinHttpAutoProxySvc - ok
18:34:46.0500 0x0e34  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:34:46.0520 0x0e34  Winmgmt - ok
18:34:46.0637 0x0e34  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
18:34:46.0683 0x0e34  WinRM - ok
18:34:46.0689 0x0e34  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:34:46.0696 0x0e34  WinUsb - ok
18:34:46.0731 0x0e34  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:34:46.0751 0x0e34  Wlansvc - ok
18:34:46.0755 0x0e34  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:34:46.0760 0x0e34  WmiAcpi - ok
18:34:46.0771 0x0e34  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:34:46.0779 0x0e34  wmiApSrv - ok
18:34:46.0781 0x0e34  WMPNetworkSvc - ok
18:34:46.0783 0x0e34  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:34:46.0791 0x0e34  WPCSvc - ok
18:34:46.0798 0x0e34  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:34:46.0810 0x0e34  WPDBusEnum - ok
18:34:46.0814 0x0e34  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:34:46.0831 0x0e34  ws2ifsl - ok
18:34:46.0838 0x0e34  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
18:34:46.0848 0x0e34  wscsvc - ok
18:34:46.0849 0x0e34  WSearch - ok
18:34:46.0884 0x0e34  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:34:46.0922 0x0e34  wuauserv - ok
18:34:46.0930 0x0e34  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:34:46.0938 0x0e34  WudfPf - ok
18:34:46.0950 0x0e34  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:34:46.0958 0x0e34  WUDFRd - ok
18:34:46.0964 0x0e34  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:34:46.0971 0x0e34  wudfsvc - ok
18:34:46.0982 0x0e34  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:34:46.0993 0x0e34  WwanSvc - ok
18:34:46.0996 0x0e34  ================ Scan global ===============================
18:34:47.0000 0x0e34  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:34:47.0011 0x0e34  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:34:47.0024 0x0e34  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:34:47.0030 0x0e34  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:34:47.0047 0x0e34  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
18:34:47.0051 0x0e34  [ Global ] - ok
18:34:47.0051 0x0e34  ================ Scan MBR ==================================
18:34:47.0052 0x0e34  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:34:47.0083 0x0e34  \Device\Harddisk0\DR0 - ok
18:34:47.0084 0x0e34  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
18:34:47.0116 0x0e34  \Device\Harddisk1\DR1 - ok
18:34:47.0116 0x0e34  ================ Scan VBR ==================================
18:34:47.0117 0x0e34  [ 2585DC6C759B9B96F209E52FAB334A31 ] \Device\Harddisk0\DR0\Partition1
18:34:47.0118 0x0e34  \Device\Harddisk0\DR0\Partition1 - ok
18:34:47.0119 0x0e34  [ 879D84E81C2D29159C3750996CDB6DF3 ] \Device\Harddisk1\DR1\Partition1
18:34:47.0176 0x0e34  \Device\Harddisk1\DR1\Partition1 - ok
18:34:47.0177 0x0e34  ================ Scan generic autorun ======================
18:34:47.0445 0x0e34  [ 2C1AF8733700FF54C48187797809DC35, AB8BD1BFAF4AB981EB98DDAF357EA77DFC1F434DD7DBDB5DB46649A794F8A309 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
18:34:47.0545 0x0e34  RTHDVCPL - ok
18:34:47.0555 0x0e34  [ ABB77FA17794F584967E364A09AF207F, D80A455AAB523481950508927E24FCCB7AEBE3976B64AA932FABEC93077F0FB6 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
18:34:47.0558 0x0e34  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
18:34:50.0219 0x0e34  Detect skipped due to KSN trusted
18:34:50.0219 0x0e34  IAStorIcon - ok
18:34:50.0288 0x0e34  [ 51F760F54E2CBDE649B342DA35B713D2, EDE61A7F2D5C015404264521FD0578B18B079844B5BEC093D421E44BD87AB28E ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:34:50.0325 0x0e34  NvBackend - ok
18:34:50.0331 0x0e34  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
18:34:50.0338 0x0e34  ShadowPlay - ok
18:34:50.0367 0x0e34  [ 2EA91CA041F7A50D3C1BCFF9A9B6E103, EF00E0102E2CA8AFC1D2B3F4CA4B8A126B9DD413E9B0B7B100F9FDF291544FD6 ] C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe
18:34:50.0392 0x0e34  GamingKeyboard - detected UnsignedFile.Multi.Generic ( 1 )
18:34:53.0136 0x0e34  GamingKeyboard ( UnsignedFile.Multi.Generic ) - warning
18:34:53.0136 0x0e34  Force sending object to P2P due to detect: C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe
18:34:56.0085 0x0e34  Object send P2P result: true
18:34:58.0819 0x0e34  [ A162B967A88BF374A81E01EF6E7A2655, 3616D7DDF72964EB1C7C40E45CCEFD7116252607068AEB9FB093F20064FB5BA2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
18:34:58.0843 0x0e34  avgnt - ok
18:34:58.0848 0x0e34  [ 22283306E9A33D4EB10F8B6C7499C30E, F527A3ED9816EE5C5A191A26A7D29A2CAFAB7DA3BAA3295FE0E8A2D44F0F5F45 ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
18:34:58.0856 0x0e34  Avira Systray - ok
18:34:58.0932 0x0e34  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:34:58.0960 0x0e34  Sidebar - ok
18:34:58.0966 0x0e34  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:34:58.0976 0x0e34  mctadmin - ok
18:34:59.0051 0x0e34  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:34:59.0078 0x0e34  Sidebar - ok
18:34:59.0084 0x0e34  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:34:59.0093 0x0e34  mctadmin - ok
18:34:59.0093 0x0e34  Waiting for KSN requests completion. In queue: 141
18:35:00.0093 0x0e34  Waiting for KSN requests completion. In queue: 141
18:35:01.0101 0x0e34  Waiting for KSN requests completion. In queue: 141
18:35:02.0146 0x0e34  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.440 ), 0x41000 ( enabled : updated )
18:35:02.0177 0x0e34  Win FW state via NFP2: enabled
18:35:04.0907 0x0e34  ============================================================
18:35:04.0907 0x0e34  Scan finished
18:35:04.0907 0x0e34  ============================================================
18:35:04.0907 0x13ec  Detected object count: 2
18:35:04.0907 0x13ec  Actual detected object count: 2
18:40:21.0026 0x13ec  serversu ( UnsignedFile.Multi.Generic ) - skipped by user
18:40:21.0026 0x13ec  serversu ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:40:21.0026 0x13ec  GamingKeyboard ( UnsignedFile.Multi.Generic ) - skipped by user
18:40:21.0026 0x13ec  GamingKeyboard ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:52:15.0429 0x1354  Deinitialize success
         
__________________

Alt 06.02.2015, 07:48   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Sprechblase für Windowsupdater(nicht von Microsoft) geht auf - Standard

Sprechblase für Windowsupdater(nicht von Microsoft) geht auf



Zitat:
18:40:21.0026 0x13ec serversu ( UnsignedFile.Multi.Generic ) - skipped by user
18:40:21.0026 0x13ec serversu ( UnsignedFile.Multi.Generic ) - User select action: Skip

Starte TDSSkiller.exe mit Doppelklick.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Drücke auf Start Scan.
    Mache während dem Scan nichts am Rechner
  • Gehe sicher das Cure ( default ) angehackt ist !
  • Drücke Continue --> Reboot.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern ( Meistens C:\ )
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt

Poste den Inhalt bitte hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.02.2015, 16:50   #5
Ggnis
 
Sprechblase für Windowsupdater(nicht von Microsoft) geht auf - Standard

Sprechblase für Windowsupdater(nicht von Microsoft) geht auf



Code:
ATTFilter
16:41:50.0928 0x0c40  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
16:41:54.0735 0x0c40  ============================================================
16:41:54.0735 0x0c40  Current date / time: 2015/02/06 16:41:54.0735
16:41:54.0735 0x0c40  SystemInfo:
16:41:54.0735 0x0c40  
16:41:54.0735 0x0c40  OS Version: 6.1.7601 ServicePack: 1.0
16:41:54.0735 0x0c40  Product type: Workstation
16:41:54.0735 0x0c40  ComputerName: ADRIAN-PC
16:41:54.0735 0x0c40  UserName: Adrian
16:41:54.0735 0x0c40  Windows directory: C:\Windows
16:41:54.0735 0x0c40  System windows directory: C:\Windows
16:41:54.0735 0x0c40  Running under WOW64
16:41:54.0735 0x0c40  Processor architecture: Intel x64
16:41:54.0735 0x0c40  Number of processors: 4
16:41:54.0735 0x0c40  Page size: 0x1000
16:41:54.0735 0x0c40  Boot type: Normal boot
16:41:54.0735 0x0c40  ============================================================
16:41:54.0969 0x0c40  KLMD registered as C:\Windows\system32\drivers\39809809.sys
16:41:55.0062 0x0c40  System UUID: {EA3AF40E-A93A-5705-77FF-56025B71591C}
16:41:55.0281 0x0c40  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:41:55.0281 0x0c40  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:41:55.0281 0x0c40  ============================================================
16:41:55.0281 0x0c40  \Device\Harddisk0\DR0:
16:41:55.0281 0x0c40  MBR partitions:
16:41:55.0281 0x0c40  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDF93BB0
16:41:55.0281 0x0c40  \Device\Harddisk1\DR1:
16:41:55.0281 0x0c40  MBR partitions:
16:41:55.0281 0x0c40  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
16:41:55.0281 0x0c40  ============================================================
16:41:55.0281 0x0c40  C: <-> \Device\Harddisk0\DR0\Partition1
16:41:55.0281 0x0c40  D: <-> \Device\Harddisk1\DR1\Partition1
16:41:55.0281 0x0c40  ============================================================
16:41:55.0281 0x0c40  Initialize success
16:41:55.0281 0x0c40  ============================================================
16:42:28.0618 0x10f4  ============================================================
16:42:28.0618 0x10f4  Scan started
16:42:28.0618 0x10f4  Mode: Manual; 
16:42:28.0618 0x10f4  ============================================================
16:42:28.0618 0x10f4  KSN ping started
16:42:42.0424 0x10f4  KSN ping finished: true
16:42:42.0549 0x10f4  ================ Scan system memory ========================
16:42:42.0549 0x10f4  System memory - ok
16:42:42.0549 0x10f4  ================ Scan services =============================
16:42:42.0564 0x10f4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:42:42.0564 0x10f4  1394ohci - ok
16:42:42.0580 0x10f4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:42:42.0580 0x10f4  ACPI - ok
16:42:42.0580 0x10f4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:42:42.0580 0x10f4  AcpiPmi - ok
16:42:42.0596 0x10f4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:42:42.0596 0x10f4  adp94xx - ok
16:42:42.0611 0x10f4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:42:42.0611 0x10f4  adpahci - ok
16:42:42.0611 0x10f4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:42:42.0611 0x10f4  adpu320 - ok
16:42:42.0627 0x10f4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:42:42.0627 0x10f4  AeLookupSvc - ok
16:42:42.0642 0x10f4  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
16:42:42.0642 0x10f4  AFD - ok
16:42:42.0642 0x10f4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:42:42.0642 0x10f4  agp440 - ok
16:42:42.0658 0x10f4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:42:42.0658 0x10f4  ALG - ok
16:42:42.0658 0x10f4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:42:42.0658 0x10f4  aliide - ok
16:42:42.0658 0x10f4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:42:42.0658 0x10f4  amdide - ok
16:42:42.0658 0x10f4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:42:42.0658 0x10f4  AmdK8 - ok
16:42:42.0658 0x10f4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
16:42:42.0658 0x10f4  AmdPPM - ok
16:42:42.0674 0x10f4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:42:42.0674 0x10f4  amdsata - ok
16:42:42.0674 0x10f4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:42:42.0674 0x10f4  amdsbs - ok
16:42:42.0674 0x10f4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:42:42.0674 0x10f4  amdxata - ok
16:42:42.0689 0x10f4  [ D0F2BD42CD3AC015BD93A81638210BC7, 87C4DD26623959A8D7A5F2031D57BCBA68F02EEA2F6D0016D6AD06F4EADC4C7A ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
16:42:42.0705 0x10f4  AntiVirMailService - ok
16:42:42.0705 0x10f4  [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:42:42.0720 0x10f4  AntiVirSchedulerService - ok
16:42:42.0720 0x10f4  [ C2700D35AA42311A32DF7EA09630B401, 35B305916DB91EBC86CA70AF23140684F57CF527A0ADE099A79610335C61E861 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:42:42.0720 0x10f4  AntiVirService - ok
16:42:42.0736 0x10f4  [ 027820FE847A7B4245234A4E6E825BE1, EB5638C22C52D0B07F9782B7660BBA730A10A80DC138B7DAD20F849221DEF80B ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
16:42:42.0752 0x10f4  AntiVirWebService - ok
16:42:42.0752 0x10f4  [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID           C:\Windows\system32\drivers\appid.sys
16:42:42.0752 0x10f4  AppID - ok
16:42:42.0752 0x10f4  [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:42:42.0752 0x10f4  AppIDSvc - ok
16:42:42.0767 0x10f4  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
16:42:42.0767 0x10f4  Appinfo - ok
16:42:42.0767 0x10f4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
16:42:42.0767 0x10f4  arc - ok
16:42:42.0767 0x10f4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:42:42.0767 0x10f4  arcsas - ok
16:42:42.0783 0x10f4  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:42:42.0783 0x10f4  aspnet_state - ok
16:42:42.0783 0x10f4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:42:42.0783 0x10f4  AsyncMac - ok
16:42:42.0783 0x10f4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:42:42.0783 0x10f4  atapi - ok
16:42:42.0798 0x10f4  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:42:42.0798 0x10f4  AudioEndpointBuilder - ok
16:42:42.0814 0x10f4  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:42:42.0814 0x10f4  AudioSrv - ok
16:42:42.0830 0x10f4  [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
16:42:42.0830 0x10f4  avgntflt - ok
16:42:42.0830 0x10f4  [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
16:42:42.0830 0x10f4  avipbb - ok
16:42:42.0830 0x10f4  [ 523EBA6B6124EC416FF35A37BB47C30A, D2C545BB78E91ECCD3FFACFB524D03DFD5E277871A2500164F3602445A8A86FA ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
16:42:42.0830 0x10f4  Avira.OE.ServiceHost - ok
16:42:42.0845 0x10f4  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
16:42:42.0845 0x10f4  avkmgr - ok
16:42:42.0845 0x10f4  [ F627BFFCC52587350E49FC2C2A03C7F9, 5BB748CEEB72199E6AAB6C48B111342A89EC03649EC28ED32BA12E95E3B6F607 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
16:42:42.0845 0x10f4  avnetflt - ok
16:42:42.0845 0x10f4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:42:42.0845 0x10f4  AxInstSV - ok
16:42:42.0861 0x10f4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:42:42.0861 0x10f4  b06bdrv - ok
16:42:42.0876 0x10f4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:42:42.0876 0x10f4  b57nd60a - ok
16:42:42.0892 0x10f4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:42:42.0892 0x10f4  BDESVC - ok
16:42:42.0892 0x10f4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:42:42.0892 0x10f4  Beep - ok
16:42:42.0923 0x10f4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:42:42.0923 0x10f4  BFE - ok
16:42:42.0970 0x10f4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:42:43.0001 0x10f4  BITS - ok
16:42:43.0001 0x10f4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
16:42:43.0001 0x10f4  blbdrive - ok
16:42:43.0001 0x10f4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:42:43.0017 0x10f4  bowser - ok
16:42:43.0017 0x10f4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:42:43.0017 0x10f4  BrFiltLo - ok
16:42:43.0017 0x10f4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:42:43.0017 0x10f4  BrFiltUp - ok
16:42:43.0017 0x10f4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:42:43.0017 0x10f4  Browser - ok
16:42:43.0032 0x10f4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:42:43.0032 0x10f4  Brserid - ok
16:42:43.0032 0x10f4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:42:43.0032 0x10f4  BrSerWdm - ok
16:42:43.0048 0x10f4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:42:43.0048 0x10f4  BrUsbMdm - ok
16:42:43.0048 0x10f4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:42:43.0048 0x10f4  BrUsbSer - ok
16:42:43.0048 0x10f4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:42:43.0048 0x10f4  BTHMODEM - ok
16:42:43.0048 0x10f4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:42:43.0064 0x10f4  bthserv - ok
16:42:43.0079 0x10f4  [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
16:42:43.0095 0x10f4  c2cautoupdatesvc - ok
16:42:43.0126 0x10f4  [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
16:42:43.0142 0x10f4  c2cpnrsvc - ok
16:42:43.0142 0x10f4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:42:43.0142 0x10f4  cdfs - ok
16:42:43.0157 0x10f4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:42:43.0157 0x10f4  cdrom - ok
16:42:43.0157 0x10f4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:42:43.0157 0x10f4  CertPropSvc - ok
16:42:43.0157 0x10f4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
16:42:43.0157 0x10f4  circlass - ok
16:42:43.0188 0x10f4  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
16:42:43.0188 0x10f4  CLFS - ok
16:42:43.0220 0x10f4  [ 7E526C5B4DD233EBCF1EA3EC211E2913, 9DC99F18454001AF5462C773C174E2D6E503316550C7E9D7824E9CBC503FCA3B ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
16:42:43.0251 0x10f4  ClickToRunSvc - ok
16:42:43.0251 0x10f4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:42:43.0251 0x10f4  clr_optimization_v2.0.50727_32 - ok
16:42:43.0266 0x10f4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:42:43.0266 0x10f4  clr_optimization_v2.0.50727_64 - ok
16:42:43.0266 0x10f4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:42:43.0266 0x10f4  clr_optimization_v4.0.30319_32 - ok
16:42:43.0282 0x10f4  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:42:43.0282 0x10f4  clr_optimization_v4.0.30319_64 - ok
16:42:43.0282 0x10f4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
16:42:43.0282 0x10f4  CmBatt - ok
16:42:43.0282 0x10f4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:42:43.0282 0x10f4  cmdide - ok
16:42:43.0298 0x10f4  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
16:42:43.0313 0x10f4  CNG - ok
16:42:43.0313 0x10f4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:42:43.0313 0x10f4  Compbatt - ok
16:42:43.0313 0x10f4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:42:43.0313 0x10f4  CompositeBus - ok
16:42:43.0313 0x10f4  COMSysApp - ok
16:42:43.0313 0x10f4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:42:43.0313 0x10f4  crcdisk - ok
16:42:43.0329 0x10f4  [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:42:43.0329 0x10f4  CryptSvc - ok
16:42:43.0360 0x10f4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:42:43.0360 0x10f4  DcomLaunch - ok
16:42:43.0376 0x10f4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:42:43.0376 0x10f4  defragsvc - ok
16:42:43.0391 0x10f4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:42:43.0391 0x10f4  DfsC - ok
16:42:43.0407 0x10f4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:42:43.0407 0x10f4  Dhcp - ok
16:42:43.0422 0x10f4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:42:43.0422 0x10f4  discache - ok
16:42:43.0422 0x10f4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
16:42:43.0422 0x10f4  Disk - ok
16:42:43.0422 0x10f4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:42:43.0422 0x10f4  Dnscache - ok
16:42:43.0438 0x10f4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:42:43.0438 0x10f4  dot3svc - ok
16:42:43.0454 0x10f4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:42:43.0454 0x10f4  DPS - ok
16:42:43.0454 0x10f4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:42:43.0454 0x10f4  drmkaud - ok
16:42:43.0469 0x10f4  [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:42:43.0469 0x10f4  dtsoftbus01 - ok
16:42:43.0500 0x10f4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:42:43.0500 0x10f4  DXGKrnl - ok
16:42:43.0516 0x10f4  [ A6DB3A7828B456A574243066E2E77D8C, 852F14E5FD77A47BF901E0A27F6D21BD9236275135C33ABB30589D0346341179 ] E100B           C:\Windows\system32\DRIVERS\efe5b32e.sys
16:42:43.0516 0x10f4  E100B - ok
16:42:43.0532 0x10f4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:42:43.0532 0x10f4  EapHost - ok
16:42:43.0578 0x10f4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:42:43.0610 0x10f4  ebdrv - ok
16:42:43.0610 0x10f4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
16:42:43.0610 0x10f4  EFS - ok
16:42:43.0656 0x10f4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:42:43.0656 0x10f4  ehRecvr - ok
16:42:43.0656 0x10f4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:42:43.0656 0x10f4  ehSched - ok
16:42:43.0672 0x10f4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:42:43.0672 0x10f4  elxstor - ok
16:42:43.0672 0x10f4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:42:43.0672 0x10f4  ErrDev - ok
16:42:43.0703 0x10f4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:42:43.0703 0x10f4  EventSystem - ok
16:42:43.0719 0x10f4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:42:43.0719 0x10f4  exfat - ok
16:42:43.0719 0x10f4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:42:43.0734 0x10f4  fastfat - ok
16:42:43.0750 0x10f4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:42:43.0766 0x10f4  Fax - ok
16:42:43.0766 0x10f4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
16:42:43.0766 0x10f4  fdc - ok
16:42:43.0766 0x10f4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:42:43.0766 0x10f4  fdPHost - ok
16:42:43.0781 0x10f4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:42:43.0781 0x10f4  FDResPub - ok
16:42:43.0781 0x10f4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:42:43.0781 0x10f4  FileInfo - ok
16:42:43.0781 0x10f4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:42:43.0781 0x10f4  Filetrace - ok
16:42:43.0781 0x10f4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:42:43.0781 0x10f4  flpydisk - ok
16:42:43.0797 0x10f4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:42:43.0812 0x10f4  FltMgr - ok
16:42:43.0844 0x10f4  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
16:42:43.0859 0x10f4  FontCache - ok
16:42:43.0859 0x10f4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:42:43.0859 0x10f4  FontCache3.0.0.0 - ok
16:42:43.0859 0x10f4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:42:43.0859 0x10f4  FsDepends - ok
16:42:43.0859 0x10f4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:42:43.0859 0x10f4  Fs_Rec - ok
16:42:43.0875 0x10f4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:42:43.0875 0x10f4  fvevol - ok
16:42:43.0875 0x10f4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:42:43.0875 0x10f4  gagp30kx - ok
16:42:43.0890 0x10f4  [ F5D15F93007259AFD6FC2DEC420132A1, EB1B5D0478861AC038A7E0CD7317EFA836DDBD66B1419067B5DD75CE924421BA ] GameKB          C:\Windows\system32\drivers\GameKB.sys
16:42:43.0890 0x10f4  GameKB - ok
16:42:43.0922 0x10f4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:42:43.0922 0x10f4  gpsvc - ok
16:42:43.0937 0x10f4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:42:43.0937 0x10f4  hcw85cir - ok
16:42:43.0953 0x10f4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:42:43.0953 0x10f4  HdAudAddService - ok
16:42:43.0953 0x10f4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
16:42:43.0953 0x10f4  HDAudBus - ok
16:42:43.0968 0x10f4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:42:43.0968 0x10f4  HidBatt - ok
16:42:43.0968 0x10f4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:42:43.0968 0x10f4  HidBth - ok
16:42:43.0968 0x10f4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:42:43.0968 0x10f4  HidIr - ok
16:42:43.0968 0x10f4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:42:43.0968 0x10f4  hidserv - ok
16:42:43.0968 0x10f4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:42:43.0984 0x10f4  HidUsb - ok
16:42:43.0984 0x10f4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:42:43.0984 0x10f4  hkmsvc - ok
16:42:44.0000 0x10f4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:42:44.0000 0x10f4  HomeGroupListener - ok
16:42:44.0015 0x10f4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:42:44.0015 0x10f4  HomeGroupProvider - ok
16:42:44.0015 0x10f4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:42:44.0015 0x10f4  HpSAMD - ok
16:42:44.0046 0x10f4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:42:44.0062 0x10f4  HTTP - ok
16:42:44.0062 0x10f4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:42:44.0062 0x10f4  hwpolicy - ok
16:42:44.0062 0x10f4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:42:44.0062 0x10f4  i8042prt - ok
16:42:44.0078 0x10f4  [ 96FBFC177A603840FFDF059EEB804176, A83FB1DF4B3DF774D44305B6CA566338FD95D937CA53E266A40E2DE19EFC6AB6 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
16:42:44.0078 0x10f4  iaStorA - ok
16:42:44.0078 0x10f4  [ ED45EB18204F5211310E2596B7418BED, 407929394175454DDBE87A34D53EC19E1D56A162BF868A1CF9F2DE776789FBFC ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:42:44.0078 0x10f4  IAStorDataMgrSvc - ok
16:42:44.0093 0x10f4  [ 7B9E39DB30155E0A71B97AAB038E5F24, D56BC1D31A5B9555AA4E7AB2CAC224361F9F74263E2D6969292893184689D430 ] iaStorF         C:\Windows\system32\drivers\iaStorF.sys
16:42:44.0093 0x10f4  iaStorF - ok
16:42:44.0093 0x10f4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:42:44.0093 0x10f4  iaStorV - ok
16:42:44.0109 0x10f4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:42:44.0124 0x10f4  idsvc - ok
16:42:44.0124 0x10f4  IEEtwCollectorService - ok
16:42:44.0124 0x10f4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:42:44.0124 0x10f4  iirsp - ok
16:42:44.0202 0x10f4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
16:42:44.0218 0x10f4  IKEEXT - ok
16:42:44.0405 0x10f4  [ 39246F2CFBF1D32C3A12E242661EC039, EADF06D9B142844C16C2B0E412D708DB02BA07E2CD96BBFB2F0984DD6BB63E28 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:42:44.0452 0x10f4  IntcAzAudAddService - ok
16:42:44.0468 0x10f4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:42:44.0468 0x10f4  intelide - ok
16:42:44.0468 0x10f4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
16:42:44.0468 0x10f4  intelppm - ok
16:42:44.0468 0x10f4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:42:44.0468 0x10f4  IPBusEnum - ok
16:42:44.0483 0x10f4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:42:44.0483 0x10f4  IpFilterDriver - ok
16:42:44.0514 0x10f4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:42:44.0514 0x10f4  iphlpsvc - ok
16:42:44.0514 0x10f4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:42:44.0514 0x10f4  IPMIDRV - ok
16:42:44.0530 0x10f4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:42:44.0530 0x10f4  IPNAT - ok
16:42:44.0530 0x10f4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:42:44.0530 0x10f4  IRENUM - ok
16:42:44.0530 0x10f4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:42:44.0530 0x10f4  isapnp - ok
16:42:44.0546 0x10f4  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:42:44.0546 0x10f4  iScsiPrt - ok
16:42:44.0546 0x10f4  [ 970995B7C36F4408ED31C3BF204FE1F5, 466C5FA3A26E997009E33EA9B0923BFE7FCC9D367444F31C1BEB3D6EACDB6BA9 ] ISCT            C:\Windows\system32\drivers\ISCTD64.sys
16:42:44.0546 0x10f4  ISCT - ok
16:42:44.0546 0x10f4  [ 3AD2F2F5D891FD49F9305D394BCF7A54, 7567F0DF0E527BAC1651A4A39B5252AF2B1F186B5FD4F0122B3B30207972F0E4 ] iusb3hcs        C:\Windows\system32\drivers\iusb3hcs.sys
16:42:44.0546 0x10f4  iusb3hcs - ok
16:42:44.0561 0x10f4  [ F7248248D3F126E07E22193F3E5DDF77, A11FD50CFE329B4AE07387A31581BC01A972917F451C4257CDB45F818074EE9B ] iusb3hub        C:\Windows\system32\drivers\iusb3hub.sys
16:42:44.0561 0x10f4  iusb3hub - ok
16:42:44.0577 0x10f4  [ AF7F994D4E9C37D54E9CDB6880D83205, A74F99786BC302101B4BEDEF543DBE85D75A2B1FEC6B4513626E6B941EF8D6A9 ] iusb3xhc        C:\Windows\system32\drivers\iusb3xhc.sys
16:42:44.0577 0x10f4  iusb3xhc - ok
16:42:44.0577 0x10f4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:42:44.0577 0x10f4  kbdclass - ok
16:42:44.0592 0x10f4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:42:44.0592 0x10f4  kbdhid - ok
16:42:44.0592 0x10f4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
16:42:44.0592 0x10f4  KeyIso - ok
16:42:44.0592 0x10f4  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:42:44.0592 0x10f4  KSecDD - ok
16:42:44.0608 0x10f4  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:42:44.0608 0x10f4  KSecPkg - ok
16:42:44.0608 0x10f4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:42:44.0608 0x10f4  ksthunk - ok
16:42:44.0624 0x10f4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:42:44.0639 0x10f4  KtmRm - ok
16:42:44.0639 0x10f4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:42:44.0639 0x10f4  LanmanServer - ok
16:42:44.0655 0x10f4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:42:44.0655 0x10f4  LanmanWorkstation - ok
16:42:44.0655 0x10f4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:42:44.0655 0x10f4  lltdio - ok
16:42:44.0686 0x10f4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:42:44.0686 0x10f4  lltdsvc - ok
16:42:44.0686 0x10f4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:42:44.0686 0x10f4  lmhosts - ok
16:42:44.0686 0x10f4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:42:44.0702 0x10f4  LSI_FC - ok
16:42:44.0702 0x10f4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:42:44.0702 0x10f4  LSI_SAS - ok
16:42:44.0702 0x10f4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:42:44.0702 0x10f4  LSI_SAS2 - ok
16:42:44.0702 0x10f4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:42:44.0702 0x10f4  LSI_SCSI - ok
16:42:44.0717 0x10f4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:42:44.0717 0x10f4  luafv - ok
16:42:44.0717 0x10f4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:42:44.0717 0x10f4  Mcx2Svc - ok
16:42:44.0717 0x10f4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:42:44.0717 0x10f4  megasas - ok
16:42:44.0733 0x10f4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:42:44.0733 0x10f4  MegaSR - ok
16:42:44.0733 0x10f4  [ 8751062F2F7EC78DE92D778A08099DDE, F10BE771FF9E02A51CF3A167BB967167DE4F66647D7F1508CB27D8FDD8623700 ] MEIx64          C:\Windows\system32\drivers\TeeDriverx64.sys
16:42:44.0733 0x10f4  MEIx64 - ok
16:42:44.0748 0x10f4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:42:44.0748 0x10f4  MMCSS - ok
16:42:44.0748 0x10f4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:42:44.0748 0x10f4  Modem - ok
16:42:44.0748 0x10f4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:42:44.0748 0x10f4  monitor - ok
16:42:44.0748 0x10f4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:42:44.0748 0x10f4  mouclass - ok
16:42:44.0748 0x10f4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:42:44.0748 0x10f4  mouhid - ok
16:42:44.0764 0x10f4  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:42:44.0764 0x10f4  mountmgr - ok
16:42:44.0764 0x10f4  [ 345477F02C308B7480702767218C86A2, 98AFB5CF35BD82BA44B8F52CBC5FA3760506ADD7892C2AA1A77E8DF71FC8523F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:42:44.0764 0x10f4  MozillaMaintenance - ok
16:42:44.0780 0x10f4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:42:44.0780 0x10f4  mpio - ok
16:42:44.0780 0x10f4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:42:44.0780 0x10f4  mpsdrv - ok
16:42:44.0826 0x10f4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:42:44.0842 0x10f4  MpsSvc - ok
16:42:44.0842 0x10f4  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:42:44.0842 0x10f4  MRxDAV - ok
16:42:44.0858 0x10f4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:42:44.0858 0x10f4  mrxsmb - ok
16:42:44.0873 0x10f4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:42:44.0873 0x10f4  mrxsmb10 - ok
16:42:44.0873 0x10f4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:42:44.0873 0x10f4  mrxsmb20 - ok
16:42:44.0873 0x10f4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:42:44.0889 0x10f4  msahci - ok
16:42:44.0889 0x10f4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:42:44.0889 0x10f4  msdsm - ok
16:42:44.0889 0x10f4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:42:44.0889 0x10f4  MSDTC - ok
16:42:44.0904 0x10f4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:42:44.0904 0x10f4  Msfs - ok
16:42:44.0904 0x10f4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:42:44.0904 0x10f4  mshidkmdf - ok
16:42:44.0904 0x10f4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:42:44.0904 0x10f4  msisadrv - ok
16:42:44.0920 0x10f4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:42:44.0920 0x10f4  MSiSCSI - ok
16:42:44.0920 0x10f4  msiserver - ok
16:42:44.0920 0x10f4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:42:44.0920 0x10f4  MSKSSRV - ok
16:42:44.0920 0x10f4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:42:44.0920 0x10f4  MSPCLOCK - ok
16:42:44.0920 0x10f4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:42:44.0936 0x10f4  MSPQM - ok
16:42:44.0951 0x10f4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:42:44.0951 0x10f4  MsRPC - ok
16:42:44.0951 0x10f4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:42:44.0951 0x10f4  mssmbios - ok
16:42:44.0951 0x10f4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:42:44.0951 0x10f4  MSTEE - ok
16:42:44.0951 0x10f4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:42:44.0951 0x10f4  MTConfig - ok
16:42:44.0967 0x10f4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:42:44.0967 0x10f4  Mup - ok
16:42:44.0982 0x10f4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:42:44.0998 0x10f4  napagent - ok
16:42:45.0014 0x10f4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:42:45.0014 0x10f4  NativeWifiP - ok
16:42:45.0060 0x10f4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:42:45.0060 0x10f4  NDIS - ok
16:42:45.0060 0x10f4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:42:45.0060 0x10f4  NdisCap - ok
16:42:45.0076 0x10f4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:42:45.0076 0x10f4  NdisTapi - ok
16:42:45.0076 0x10f4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:42:45.0076 0x10f4  Ndisuio - ok
16:42:45.0076 0x10f4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:42:45.0092 0x10f4  NdisWan - ok
16:42:45.0092 0x10f4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:42:45.0092 0x10f4  NDProxy - ok
16:42:45.0092 0x10f4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:42:45.0092 0x10f4  NetBIOS - ok
16:42:45.0107 0x10f4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:42:45.0107 0x10f4  NetBT - ok
16:42:45.0107 0x10f4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
16:42:45.0107 0x10f4  Netlogon - ok
16:42:45.0123 0x10f4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:42:45.0138 0x10f4  Netman - ok
16:42:45.0138 0x10f4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:42:45.0138 0x10f4  NetMsmqActivator - ok
16:42:45.0154 0x10f4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:42:45.0154 0x10f4  NetPipeActivator - ok
16:42:45.0185 0x10f4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:42:45.0185 0x10f4  netprofm - ok
16:42:45.0185 0x10f4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:42:45.0201 0x10f4  NetTcpActivator - ok
16:42:45.0201 0x10f4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:42:45.0201 0x10f4  NetTcpPortSharing - ok
16:42:45.0201 0x10f4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:42:45.0201 0x10f4  nfrd960 - ok
16:42:45.0216 0x10f4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:42:45.0216 0x10f4  NlaSvc - ok
16:42:45.0216 0x10f4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:42:45.0216 0x10f4  Npfs - ok
16:42:45.0232 0x10f4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:42:45.0232 0x10f4  nsi - ok
16:42:45.0232 0x10f4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:42:45.0232 0x10f4  nsiproxy - ok
16:42:45.0326 0x10f4  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:42:45.0357 0x10f4  Ntfs - ok
16:42:45.0357 0x10f4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:42:45.0357 0x10f4  Null - ok
16:42:45.0372 0x10f4  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
16:42:45.0372 0x10f4  NVHDA - ok
16:42:45.0918 0x10f4  [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:42:45.0996 0x11d8  Object required for P2P: [ DE3E38431B00C2EA247C53675DCF01A0 ] AudioEndpointBuilder
16:42:46.0043 0x10f4  nvlddmkm - ok
16:42:46.0090 0x10f4  [ D3791C720DDEE697C0933B14DC135D9C, BE10585887F3C48464A856AC3510AF30D14849EEC1556D9E356A506784CB02A5 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
16:42:46.0106 0x10f4  NvNetworkService - ok
16:42:46.0106 0x10f4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:42:46.0106 0x10f4  nvraid - ok
16:42:46.0106 0x10f4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:42:46.0106 0x10f4  nvstor - ok
16:42:46.0121 0x10f4  [ 89C5BFA394D65CD305A35D3C4884265E, AA7C2007C7668817408CC56A593700FAA1D618607F71445C2D039A0BE5DE1DD1 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:42:46.0121 0x10f4  NvStreamKms - ok
16:42:46.0355 0x10f4  [ 5E7DD556394FA56B3C2AAB6B4C624DAC, 11364E6F5B98B21DBAAC3567687C49254CBBDEED666CEF830C4BC7F294FDB245 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
16:42:46.0542 0x10f4  NvStreamSvc - ok
16:42:46.0574 0x10f4  [ C210DB4776C094D9A7A0EAAE8E45A5DE, AA4E0C011C2D7E27D634A68A9BB5A124D1EC2F43B42B67FB2076781379A00F29 ] NvStUSB         C:\Windows\system32\drivers\nvstusb.sys
16:42:46.0574 0x10f4  NvStUSB - ok
16:42:46.0620 0x10f4  [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc           C:\Windows\system32\nvvsvc.exe
16:42:46.0620 0x10f4  nvsvc - ok
16:42:46.0620 0x10f4  [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
16:42:46.0620 0x10f4  nvvad_WaveExtensible - ok
16:42:46.0636 0x10f4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:42:46.0636 0x10f4  nv_agp - ok
16:42:46.0636 0x10f4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:42:46.0636 0x10f4  ohci1394 - ok
16:42:46.0667 0x10f4  [ EF8DA126239D08B7B4734256417AE702, 4BBA0577C20E851F5B30D0D0F19382AB32AF57EFF7AA5B394E0FF6358A7AB287 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
16:42:46.0683 0x10f4  Origin Client Service - ok
16:42:46.0683 0x10f4  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:42:46.0683 0x10f4  ose - ok
16:42:46.0761 0x10f4  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:42:46.0808 0x10f4  osppsvc - ok
16:42:46.0839 0x10f4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:42:46.0839 0x10f4  p2pimsvc - ok
16:42:46.0854 0x10f4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:42:46.0854 0x10f4  p2psvc - ok
16:42:46.0870 0x10f4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
16:42:46.0870 0x10f4  Parport - ok
16:42:46.0870 0x10f4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:42:46.0870 0x10f4  partmgr - ok
16:42:46.0886 0x10f4  [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:42:46.0886 0x10f4  PcaSvc - ok
16:42:46.0886 0x10f4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:42:46.0886 0x10f4  pci - ok
16:42:46.0886 0x10f4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:42:46.0886 0x10f4  pciide - ok
16:42:46.0886 0x10f4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:42:46.0901 0x10f4  pcmcia - ok
16:42:46.0901 0x10f4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:42:46.0901 0x10f4  pcw - ok
16:42:46.0917 0x10f4  [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:42:46.0917 0x10f4  PEAUTH - ok
16:42:46.0932 0x10f4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:42:46.0932 0x10f4  PerfHost - ok
16:42:47.0010 0x10f4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:42:47.0026 0x10f4  pla - ok
16:42:47.0057 0x10f4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:42:47.0057 0x10f4  PlugPlay - ok
16:42:47.0057 0x10f4  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
16:42:47.0057 0x10f4  PnkBstrA - ok
16:42:47.0057 0x10f4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:42:47.0073 0x10f4  PNRPAutoReg - ok
16:42:47.0088 0x10f4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:42:47.0088 0x10f4  PNRPsvc - ok
16:42:47.0120 0x10f4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:42:47.0120 0x10f4  PolicyAgent - ok
16:42:47.0135 0x10f4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:42:47.0135 0x10f4  Power - ok
16:42:47.0135 0x10f4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:42:47.0135 0x10f4  PptpMiniport - ok
16:42:47.0135 0x10f4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
16:42:47.0135 0x10f4  Processor - ok
16:42:47.0151 0x10f4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:42:47.0151 0x10f4  ProfSvc - ok
16:42:47.0151 0x10f4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:42:47.0151 0x10f4  ProtectedStorage - ok
16:42:47.0166 0x10f4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:42:47.0166 0x10f4  Psched - ok
16:42:47.0182 0x10f4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:42:47.0198 0x10f4  ql2300 - ok
16:42:47.0198 0x10f4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:42:47.0213 0x10f4  ql40xx - ok
16:42:47.0213 0x10f4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:42:47.0229 0x10f4  QWAVE - ok
16:42:47.0229 0x10f4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:42:47.0229 0x10f4  QWAVEdrv - ok
16:42:47.0229 0x10f4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:42:47.0229 0x10f4  RasAcd - ok
16:42:47.0229 0x10f4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:42:47.0229 0x10f4  RasAgileVpn - ok
16:42:47.0244 0x10f4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:42:47.0244 0x10f4  RasAuto - ok
16:42:47.0244 0x10f4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:42:47.0244 0x10f4  Rasl2tp - ok
16:42:47.0276 0x10f4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:42:47.0276 0x10f4  RasMan - ok
16:42:47.0276 0x10f4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:42:47.0291 0x10f4  RasPppoe - ok
16:42:47.0291 0x10f4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:42:47.0291 0x10f4  RasSstp - ok
16:42:47.0307 0x10f4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:42:47.0307 0x10f4  rdbss - ok
16:42:47.0307 0x10f4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
16:42:47.0307 0x10f4  rdpbus - ok
16:42:47.0307 0x10f4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:42:47.0307 0x10f4  RDPCDD - ok
16:42:47.0322 0x10f4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:42:47.0322 0x10f4  RDPENCDD - ok
16:42:47.0322 0x10f4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:42:47.0322 0x10f4  RDPREFMP - ok
16:42:47.0322 0x10f4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:42:47.0322 0x10f4  RdpVideoMiniport - ok
16:42:47.0322 0x10f4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:42:47.0322 0x10f4  RDPWD - ok
16:42:47.0338 0x10f4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:42:47.0354 0x10f4  rdyboost - ok
16:42:47.0354 0x10f4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:42:47.0354 0x10f4  RemoteAccess - ok
16:42:47.0369 0x10f4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:42:47.0369 0x10f4  RemoteRegistry - ok
16:42:47.0369 0x10f4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:42:47.0369 0x10f4  RpcEptMapper - ok
16:42:47.0369 0x10f4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:42:47.0385 0x10f4  RpcLocator - ok
16:42:47.0400 0x10f4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
16:42:47.0416 0x10f4  RpcSs - ok
16:42:47.0416 0x10f4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:42:47.0416 0x10f4  rspndr - ok
16:42:47.0432 0x10f4  [ D2D055E7ED70A5EE885D17D35DF97E80, 51781E55EEE111140A261822D3F78D76AD288E9DDF8578E236358E0AEB872C2F ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
16:42:47.0447 0x10f4  RTL8167 - ok
16:42:47.0463 0x10f4  [ 7461D3DA1AABB5F703504E958455A900, B77D36E095A476A8191C1771539F20529F82CACF3C945BF55D64C39EEF09D0EA ] RTL8192cu       C:\Windows\system32\DRIVERS\RTL8192cu.sys
16:42:47.0463 0x10f4  RTL8192cu - ok
16:42:47.0463 0x10f4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
16:42:47.0463 0x10f4  SamSs - ok
16:42:47.0478 0x10f4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:42:47.0478 0x10f4  sbp2port - ok
16:42:47.0478 0x10f4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:42:47.0494 0x10f4  SCardSvr - ok
16:42:47.0494 0x10f4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:42:47.0494 0x10f4  scfilter - ok
16:42:47.0525 0x073c  Object required for P2P: [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV
16:42:47.0541 0x10f4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:42:47.0556 0x10f4  Schedule - ok
16:42:47.0556 0x10f4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:42:47.0556 0x10f4  SCPolicySvc - ok
16:42:47.0572 0x10f4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:42:47.0572 0x10f4  SDRSVC - ok
16:42:47.0572 0x10f4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:42:47.0572 0x10f4  secdrv - ok
16:42:47.0588 0x10f4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:42:47.0588 0x10f4  seclogon - ok
16:42:47.0588 0x10f4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:42:47.0588 0x10f4  SENS - ok
16:42:47.0588 0x10f4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:42:47.0588 0x10f4  SensrSvc - ok
16:42:47.0588 0x10f4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
16:42:47.0588 0x10f4  Serenum - ok
16:42:47.0603 0x10f4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
16:42:47.0603 0x10f4  Serial - ok
16:42:47.0603 0x10f4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:42:47.0603 0x10f4  sermouse - ok
16:42:47.0603 0x10f4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:42:47.0603 0x10f4  SessionEnv - ok
16:42:47.0619 0x10f4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:42:47.0619 0x10f4  sffdisk - ok
16:42:47.0619 0x10f4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:42:47.0619 0x10f4  sffp_mmc - ok
16:42:47.0619 0x10f4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:42:47.0619 0x10f4  sffp_sd - ok
16:42:47.0619 0x10f4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:42:47.0619 0x10f4  sfloppy - ok
16:42:47.0634 0x10f4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:42:47.0650 0x10f4  SharedAccess - ok
16:42:47.0666 0x10f4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:42:47.0666 0x10f4  ShellHWDetection - ok
16:42:47.0666 0x10f4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:42:47.0666 0x10f4  SiSRaid2 - ok
16:42:47.0681 0x10f4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:42:47.0681 0x10f4  SiSRaid4 - ok
16:42:47.0681 0x10f4  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:42:47.0681 0x10f4  SkypeUpdate - ok
16:42:47.0697 0x10f4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:42:47.0697 0x10f4  Smb - ok
16:42:47.0697 0x10f4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:42:47.0697 0x10f4  SNMPTRAP - ok
16:42:47.0697 0x10f4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:42:47.0697 0x10f4  spldr - ok
16:42:47.0728 0x10f4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
16:42:47.0744 0x10f4  Spooler - ok
16:42:47.0931 0x10f4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:42:47.0962 0x10f4  sppsvc - ok
16:42:47.0978 0x10f4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:42:47.0978 0x10f4  sppuinotify - ok
16:42:48.0024 0x10f4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:42:48.0040 0x10f4  srv - ok
16:42:48.0056 0x10f4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:42:48.0056 0x10f4  srv2 - ok
16:42:48.0071 0x10f4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:42:48.0071 0x10f4  srvnet - ok
16:42:48.0087 0x10f4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:42:48.0087 0x10f4  SSDPSRV - ok
16:42:48.0087 0x10f4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:42:48.0087 0x10f4  SstpSvc - ok
16:42:48.0102 0x10f4  [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:42:48.0118 0x10f4  Steam Client Service - ok
16:42:48.0134 0x10f4  [ D2230317777033CD0456990BFC4994E5, 0F2F559593EAD7AB4596E67E9AE56E5ABF5C945201366CFC972357C22A4F776A ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:42:48.0134 0x10f4  Stereo Service - ok
16:42:48.0134 0x10f4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:42:48.0134 0x10f4  stexstor - ok
16:42:48.0165 0x10f4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:42:48.0180 0x10f4  stisvc - ok
16:42:48.0180 0x10f4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:42:48.0180 0x10f4  swenum - ok
16:42:48.0196 0x10f4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:42:48.0212 0x10f4  swprv - ok
16:42:48.0305 0x10f4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
16:42:48.0321 0x10f4  SysMain - ok
16:42:48.0336 0x10f4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:42:48.0336 0x10f4  TabletInputService - ok
16:42:48.0352 0x10f4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:42:48.0352 0x10f4  TapiSrv - ok
16:42:48.0368 0x10f4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:42:48.0368 0x10f4  TBS - ok
16:42:48.0492 0x10f4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:42:48.0524 0x10f4  Tcpip - ok
16:42:48.0648 0x10f4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:42:48.0680 0x10f4  TCPIP6 - ok
16:42:48.0680 0x10f4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:42:48.0680 0x10f4  tcpipreg - ok
16:42:48.0695 0x10f4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:42:48.0695 0x10f4  TDPIPE - ok
16:42:48.0695 0x10f4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:42:48.0695 0x10f4  TDTCP - ok
16:42:48.0695 0x10f4  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:42:48.0695 0x10f4  tdx - ok
16:42:48.0711 0x10f4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:42:48.0711 0x10f4  TermDD - ok
16:42:48.0711 0x10f4  [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
16:42:48.0711 0x10f4  terminpt - ok
16:42:48.0711 0x10f4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
16:42:48.0726 0x10f4  TermService - ok
16:42:48.0726 0x10f4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:42:48.0726 0x10f4  Themes - ok
16:42:48.0742 0x10f4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:42:48.0742 0x10f4  THREADORDER - ok
16:42:48.0742 0x10f4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:42:48.0742 0x10f4  TrkWks - ok
16:42:48.0742 0x10f4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:42:48.0758 0x10f4  TrustedInstaller - ok
16:42:48.0758 0x10f4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:42:48.0758 0x10f4  tssecsrv - ok
16:42:48.0758 0x10f4  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:42:48.0758 0x10f4  TsUsbFlt - ok
16:42:48.0758 0x10f4  [ D34789988234DCC8FA55FA9A485AF0EC, 5C1A77EFA23261F5F9C971A12145CA6AC701723A94B6A8AE9BE95EEDD3C02919 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:42:48.0758 0x10f4  TsUsbGD - ok
16:42:48.0773 0x10f4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:42:48.0773 0x10f4  tunnel - ok
16:42:48.0773 0x10f4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:42:48.0773 0x10f4  uagp35 - ok
16:42:48.0789 0x10f4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:42:48.0804 0x10f4  udfs - ok
16:42:48.0804 0x10f4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:42:48.0804 0x10f4  UI0Detect - ok
16:42:48.0804 0x10f4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:42:48.0804 0x10f4  uliagpkx - ok
16:42:48.0804 0x10f4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:42:48.0820 0x10f4  umbus - ok
16:42:48.0820 0x10f4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:42:48.0820 0x10f4  UmPass - ok
16:42:48.0836 0x10f4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:42:48.0836 0x10f4  upnphost - ok
16:42:48.0836 0x10f4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:42:48.0836 0x10f4  usbccgp - ok
16:42:48.0836 0x10f4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:42:48.0851 0x10f4  usbcir - ok
16:42:48.0851 0x10f4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
16:42:48.0851 0x10f4  usbehci - ok
16:42:48.0851 0x10f4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
16:42:48.0851 0x10f4  usbhub - ok
16:42:48.0851 0x10f4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:42:48.0867 0x10f4  usbohci - ok
16:42:48.0867 0x10f4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
16:42:48.0867 0x10f4  usbprint - ok
16:42:48.0867 0x10f4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:42:48.0867 0x10f4  USBSTOR - ok
16:42:48.0867 0x10f4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:42:48.0867 0x10f4  usbuhci - ok
16:42:48.0867 0x10f4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:42:48.0867 0x10f4  UxSms - ok
16:42:48.0882 0x10f4  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
16:42:48.0882 0x10f4  VaultSvc - ok
16:42:48.0882 0x10f4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:42:48.0882 0x10f4  vdrvroot - ok
16:42:48.0898 0x10f4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:42:48.0914 0x10f4  vds - ok
16:42:48.0914 0x10f4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:42:48.0914 0x10f4  vga - ok
16:42:48.0914 0x10f4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:42:48.0914 0x10f4  VgaSave - ok
16:42:48.0929 0x10f4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:42:48.0929 0x10f4  vhdmp - ok
16:42:48.0929 0x10f4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:42:48.0929 0x10f4  viaide - ok
16:42:48.0929 0x10f4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:42:48.0929 0x10f4  volmgr - ok
16:42:48.0945 0x10f4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:42:48.0960 0x10f4  volmgrx - ok
16:42:48.0960 0x10f4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:42:48.0960 0x10f4  volsnap - ok
16:42:48.0976 0x10f4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:42:48.0976 0x10f4  vsmraid - ok
16:42:49.0023 0x11d8  Object send P2P result: true
16:42:49.0023 0x11d8  Object required for P2P: [ DE3E38431B00C2EA247C53675DCF01A0 ] AudioSrv
16:42:49.0054 0x10f4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:42:49.0070 0x10f4  VSS - ok
16:42:49.0085 0x10f4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:42:49.0085 0x10f4  vwifibus - ok
16:42:49.0085 0x10f4  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:42:49.0085 0x10f4  vwififlt - ok
16:42:49.0101 0x10f4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:42:49.0101 0x10f4  W32Time - ok
16:42:49.0116 0x10f4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:42:49.0116 0x10f4  WacomPen - ok
16:42:49.0116 0x10f4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:42:49.0116 0x10f4  WANARP - ok
16:42:49.0116 0x10f4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:42:49.0116 0x10f4  Wanarpv6 - ok
16:42:49.0210 0x10f4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:42:49.0241 0x10f4  wbengine - ok
16:42:49.0257 0x10f4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:42:49.0257 0x10f4  WbioSrvc - ok
16:42:49.0272 0x10f4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:42:49.0272 0x10f4  wcncsvc - ok
16:42:49.0272 0x10f4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:42:49.0288 0x10f4  WcsPlugInService - ok
16:42:49.0288 0x10f4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
16:42:49.0288 0x10f4  Wd - ok
16:42:49.0319 0x10f4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:42:49.0335 0x10f4  Wdf01000 - ok
16:42:49.0335 0x10f4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:42:49.0335 0x10f4  WdiServiceHost - ok
16:42:49.0335 0x10f4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:42:49.0350 0x10f4  WdiSystemHost - ok
16:42:49.0350 0x10f4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
16:42:49.0366 0x10f4  WebClient - ok
16:42:49.0382 0x10f4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:42:49.0382 0x10f4  Wecsvc - ok
16:42:49.0382 0x10f4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:42:49.0382 0x10f4  wercplsupport - ok
16:42:49.0397 0x10f4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:42:49.0397 0x10f4  WerSvc - ok
16:42:49.0397 0x10f4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:42:49.0397 0x10f4  WfpLwf - ok
16:42:49.0397 0x10f4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:42:49.0397 0x10f4  WIMMount - ok
16:42:49.0397 0x10f4  WinDefend - ok
16:42:49.0397 0x10f4  WinHttpAutoProxySvc - ok
16:42:49.0413 0x10f4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:42:49.0413 0x10f4  Winmgmt - ok
16:42:49.0538 0x10f4  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:42:49.0569 0x10f4  WinRM - ok
16:42:49.0569 0x10f4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:42:49.0569 0x10f4  WinUsb - ok
16:42:49.0600 0x10f4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:42:49.0616 0x10f4  Wlansvc - ok
16:42:49.0616 0x10f4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:42:49.0616 0x10f4  WmiAcpi - ok
16:42:49.0631 0x10f4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:42:49.0631 0x10f4  wmiApSrv - ok
16:42:49.0631 0x10f4  WMPNetworkSvc - ok
16:42:49.0631 0x10f4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:42:49.0631 0x10f4  WPCSvc - ok
16:42:49.0647 0x10f4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:42:49.0647 0x10f4  WPDBusEnum - ok
16:42:49.0647 0x10f4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:42:49.0647 0x10f4  ws2ifsl - ok
16:42:49.0647 0x10f4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:42:49.0662 0x10f4  wscsvc - ok
16:42:49.0662 0x10f4  WSearch - ok
16:42:49.0694 0x10f4  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:42:49.0725 0x10f4  wuauserv - ok
16:42:49.0725 0x10f4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:42:49.0725 0x10f4  WudfPf - ok
16:42:49.0740 0x10f4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:42:49.0740 0x10f4  WUDFRd - ok
16:42:49.0740 0x10f4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:42:49.0756 0x10f4  wudfsvc - ok
16:42:49.0756 0x10f4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:42:49.0772 0x10f4  WwanSvc - ok
16:42:49.0772 0x10f4  ================ Scan global ===============================
16:42:49.0772 0x10f4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:42:49.0787 0x10f4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:42:49.0803 0x10f4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:42:49.0803 0x10f4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:42:49.0818 0x10f4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:42:49.0818 0x10f4  [ Global ] - ok
16:42:49.0818 0x10f4  ================ Scan MBR ==================================
16:42:49.0818 0x10f4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:42:49.0850 0x10f4  \Device\Harddisk0\DR0 - ok
16:42:49.0850 0x10f4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:42:49.0850 0x10f4  \Device\Harddisk1\DR1 - ok
16:42:49.0850 0x10f4  ================ Scan VBR ==================================
16:42:49.0850 0x10f4  [ 2585DC6C759B9B96F209E52FAB334A31 ] \Device\Harddisk0\DR0\Partition1
16:42:49.0850 0x10f4  \Device\Harddisk0\DR0\Partition1 - ok
16:42:49.0850 0x10f4  [ 879D84E81C2D29159C3750996CDB6DF3 ] \Device\Harddisk1\DR1\Partition1
16:42:49.0850 0x10f4  \Device\Harddisk1\DR1\Partition1 - ok
16:42:49.0850 0x10f4  ================ Scan generic autorun ======================
16:42:50.0115 0x10f4  [ 2C1AF8733700FF54C48187797809DC35, AB8BD1BFAF4AB981EB98DDAF357EA77DFC1F434DD7DBDB5DB46649A794F8A309 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
16:42:50.0193 0x10f4  RTHDVCPL - ok
16:42:50.0208 0x10f4  [ ABB77FA17794F584967E364A09AF207F, D80A455AAB523481950508927E24FCCB7AEBE3976B64AA932FABEC93077F0FB6 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
16:42:50.0208 0x10f4  IAStorIcon - ok
16:42:50.0240 0x10f4  [ 51F760F54E2CBDE649B342DA35B713D2, EDE61A7F2D5C015404264521FD0578B18B079844B5BEC093D421E44BD87AB28E ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
16:42:50.0255 0x10f4  NvBackend - ok
16:42:50.0271 0x10f4  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
16:42:50.0271 0x10f4  ShadowPlay - ok
16:42:50.0286 0x10f4  [ 2EA91CA041F7A50D3C1BCFF9A9B6E103, EF00E0102E2CA8AFC1D2B3F4CA4B8A126B9DD413E9B0B7B100F9FDF291544FD6 ] C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe
16:42:50.0318 0x10f4  GamingKeyboard - ok
16:42:50.0318 0x10f4  [ A162B967A88BF374A81E01EF6E7A2655, 3616D7DDF72964EB1C7C40E45CCEFD7116252607068AEB9FB093F20064FB5BA2 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
16:42:50.0333 0x10f4  avgnt - ok
16:42:50.0333 0x10f4  [ 22283306E9A33D4EB10F8B6C7499C30E, F527A3ED9816EE5C5A191A26A7D29A2CAFAB7DA3BAA3295FE0E8A2D44F0F5F45 ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
16:42:50.0333 0x10f4  Avira Systray - ok
16:42:50.0427 0x10f4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:42:50.0442 0x10f4  Sidebar - ok
16:42:50.0442 0x10f4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:42:50.0442 0x10f4  mctadmin - ok
16:42:50.0536 0x10f4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:42:50.0567 0x10f4  Sidebar - ok
16:42:50.0567 0x10f4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:42:50.0567 0x10f4  mctadmin - ok
16:42:50.0567 0x10f4  Waiting for KSN requests completion. In queue: 228
16:42:51.0581 0x10f4  Waiting for KSN requests completion. In queue: 228
16:42:52.0595 0x10f4  Waiting for KSN requests completion. In queue: 228
16:42:53.0328 0x0e60  Object required for P2P: [ B6A58491307B4CADA572583D863DC602 ] ProfSvc
16:42:53.0609 0x10f4  Waiting for KSN requests completion. In queue: 193
16:42:54.0623 0x10f4  Waiting for KSN requests completion. In queue: 193
16:42:55.0637 0x10f4  Waiting for KSN requests completion. In queue: 193
16:42:56.0214 0x0e60  Object send P2P result: true
16:42:56.0230 0x0e60  Object required for P2P: [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid
16:42:56.0651 0x10f4  Waiting for KSN requests completion. In queue: 81
16:42:57.0665 0x10f4  Waiting for KSN requests completion. In queue: 81
16:42:58.0679 0x10f4  Waiting for KSN requests completion. In queue: 81
16:42:59.0100 0x0e60  Object send P2P result: true
16:42:59.0693 0x10f4  Waiting for KSN requests completion. In queue: 33
16:43:00.0707 0x10f4  Waiting for KSN requests completion. In queue: 33
16:43:01.0721 0x10f4  Waiting for KSN requests completion. In queue: 33
16:43:02.0735 0x10f4  Waiting for KSN requests completion. In queue: 33
16:43:03.0749 0x10f4  Waiting for KSN requests completion. In queue: 33
16:43:04.0763 0x10f4  Waiting for KSN requests completion. In queue: 33
16:43:05.0777 0x10f4  Waiting for KSN requests completion. In queue: 33
16:43:06.0791 0x10f4  Waiting for KSN requests completion. In queue: 33
16:43:07.0540 0x073c  Object send P2P result: false
16:43:07.0805 0x10f4  Waiting for KSN requests completion. In queue: 26
16:43:08.0819 0x10f4  Waiting for KSN requests completion. In queue: 26
16:43:09.0038 0x11d8  Object send P2P result: false
16:43:09.0849 0x10f4  AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.440 ), 0x41000 ( enabled : updated )
16:43:09.0849 0x10f4  Win FW state via NFP2: enabled
16:43:12.0626 0x10f4  ============================================================
16:43:12.0626 0x10f4  Scan finished
16:43:12.0626 0x10f4  ============================================================
16:43:12.0626 0x0764  Detected object count: 0
16:43:12.0626 0x0764  Actual detected object count: 0
16:43:20.0940 0x117c  Deinitialize success
         
Habe gerade durch Zufall bemerkt, ds ich ein Programm namens Systemupdater in der Systemsteuerung habe... Habe es gelöscht und seitdem keine Probleme mehr, jedenfalls keine die mir Auffallen

PS: Hab da weder ein Häkchen mit Cure gefunden noch gabs nen reboot nachdem ich auf continue geklickt habe


Alt 07.02.2015, 11:30   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Sprechblase für Windowsupdater(nicht von Microsoft) geht auf - Standard

Sprechblase für Windowsupdater(nicht von Microsoft) geht auf



Wir sind noch nicht fertig

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Sprechblase für Windowsupdater(nicht von Microsoft) geht auf

Alt 07.02.2015, 23:38   #7
Ggnis
 
Sprechblase für Windowsupdater(nicht von Microsoft) geht auf - Standard

Sprechblase für Windowsupdater(nicht von Microsoft) geht auf



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 07.02.2015
Suchlauf-Zeit: 22:57:24
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.02.07.10
Rootkit Datenbank: v2015.02.03.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Adrian

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 332525
Verstrichene Zeit: 7 Min, 1 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{cae99edb}, In Quarantäne, [14fe42d80e7cbd7913d48d1ef50e6898], 

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 19
PUP.Optional.SmootherWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\jetpack\jid1-U7omKQ6kQfxMaQ@jetpack, In Quarantäne, [b16199811377aa8c21c1e4971ee5cb35], 
PUP.Optional.SmootherWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\jetpack\jid1-U7omKQ6kQfxMaQ@jetpack\simple-storage, In Quarantäne, [b16199811377aa8c21c1e4971ee5cb35], 
PUP.Optional.GUPlayer.A, C:\PROGRAM FILES (X86)\GU Player, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], 
PUP.Optional.GUPlayer.A, C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GU Player, In Quarantäne, [a07235e58dfd0234aaa67015a0636c94], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\defaults, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\defaults\preferences, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\locale, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\addon-sdk, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\addon-sdk\lib, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\livecharity, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\livecharity\data, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\livecharity\data\fonts, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\livecharity\data\img, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\smootherweb, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\smootherweb\data, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\smootherweb\lib, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\smootherweb\tests, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 

Dateien: 29
PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\Uninstaller.exe, In Quarantäne, [d73b31e94c3e0333fa8328f130d2c739], 
PUP.Optional.Solimba, C:\Users\Adrian\Downloads\Microsoft%20Word.exe, In Quarantäne, [1200d446fa9070c650cc779e5ba7ec14], 
PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\avcodec-54.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], 
PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\avdevice-54.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], 
PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\avformat-54.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], 
PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\avutil-51.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], 
PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\GuPlayer.exe, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], 
PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\libfreetype-6.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], 
PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\libpng15-15.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], 
PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\postproc-52.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], 
PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\SDL.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], 
PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\SDL_image.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], 
PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\SDL_ttf.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], 
PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\swresample-0.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], 
PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\swscale-2.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], 
PUP.Optional.GUPlayer.A, C:\Program Files (x86)\GU Player\zlib1.dll, In Quarantäne, [32e009111e6c41f59cb37c090af923dd], 
PUP.Optional.GUPlayer.A, C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GU Player\GU Player.lnk, In Quarantäne, [a07235e58dfd0234aaa67015a0636c94], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\.buildpath, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\.project, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\bootstrap.js, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\harness-options.json, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\icon.png, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\icon64.png, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\install.rdf, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\locales.json, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\defaults\preferences\prefs.js, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\smootherweb\data\easylist.txt, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\smootherweb\lib\main.js, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 
PUP.Optional.BoosterWeb.A, C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\extensions\jid1-U7omKQ6kQfxMaQ@jetpack\resources\smootherweb\lib\main.js-backup, In Quarantäne, [01115fbb4b3f86b0dc9f15703cc711ef], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         
Code:
ATTFilter
# AdwCleaner v4.110 - Bericht erstellt 07/02/2015 um 23:25:23
# Aktualisiert 05/02/2015 von Xplode
# Datenbank : 2015-02-05.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Adrian - ADRIAN-PC
# Gestarted von : C:\Users\Adrian\Downloads\AdwCleaner_4.110.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\737bcb150000081b

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\Super Optimizer
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v35.0.1 (x86 de)


*************************

AdwCleaner[R0].txt - [1375 Bytes] - [07/02/2015 23:08:24]
AdwCleaner[R1].txt - [1434 Bytes] - [07/02/2015 23:24:54]
AdwCleaner[S0].txt - [1242 Bytes] - [07/02/2015 23:25:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1301  Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Home Premium x64
Ran by Adrian on 07.02.2015 at 23:28:38,67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Successfully deleted: [File] C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\nw9ljsvn.default\searchplugins\avira-safesearch.xml
Successfully deleted the following from C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\nw9ljsvn.default\prefs.js

user_pref("avira.safe_search.search_was_active", "true");
Emptied folder: C:\Users\Adrian\AppData\Roaming\mozilla\firefox\profiles\nw9ljsvn.default\minidumps [26 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.02.2015 at 23:30:05,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2015
Ran by Adrian (administrator) on ADRIAN-PC on 07-02-2015 23:30:49
Running from C:\Users\Adrian\Downloads
Loaded Profiles: Adrian (Available profiles: Adrian)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Game Inc.) C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-05-14] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-03-06] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403288 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [GamingKeyboard] => C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe [1803264 2012-06-07] (Game Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\MountPoints2: {b9e95629-6a8c-11e4-96a5-448a5b8fc06d} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\MountPoints2: {e738d354-2979-11e4-b5ff-448a5b8fc06d} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\MountPoints2: {f1df56f7-47c6-11e4-8f77-448a5b8fc06d} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\Run: [AviraSpeedup] => "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default
FF Homepage: https://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF SearchPlugin: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\searchplugins\google-maps.xml
FF Extension: Avira Browser Safety - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\Extensions\abs@avira.com [2015-02-03]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-27]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [807672 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [993584 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2014-03-06] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720792 2014-08-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18973144 2014-08-09] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-30] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-08-21] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-08-21] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-09-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-09-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-23] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [43064 2014-09-26] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-07] (Disc Soft Ltd)
S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Intel Corporation)
R3 GameKB; C:\Windows\System32\drivers\GameKB.sys [27648 2012-05-11] ()
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2014-02-26] (Intel Corporation)
R3 ISCT; C:\Windows\system32\drivers\ISCTD64.sys [44992 2012-02-09] ()
R3 MEIx64; C:\Windows\system32\drivers\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20440 2014-08-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-10-25] (Realtek Semiconductor Corporation                           )

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-07 23:30 - 2015-02-07 23:30 - 00001153 _____ () C:\Users\Adrian\Desktop\JRT.txt
2015-02-07 23:30 - 2015-02-07 23:30 - 00000000 ____D () C:\Users\Adrian\Downloads\FRST-OlderVersion
2015-02-07 23:26 - 2015-02-07 23:26 - 00001381 _____ () C:\Users\Adrian\Desktop\AdwCleaner[S0].txt
2015-02-07 23:06 - 2015-02-07 23:06 - 00009937 _____ () C:\Users\Adrian\Desktop\mbam.txt
2015-02-07 23:03 - 2015-02-07 23:03 - 01388274 _____ (Thisisu) C:\Users\Adrian\Downloads\JRT.exe
2015-02-07 23:01 - 2015-02-07 23:25 - 00000000 ____D () C:\AdwCleaner
2015-02-07 23:01 - 2015-02-07 23:01 - 02112512 _____ () C:\Users\Adrian\Downloads\AdwCleaner_4.110.exe
2015-02-07 22:56 - 2015-02-07 22:56 - 00001122 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-07 22:55 - 2015-02-07 22:55 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Adrian\Downloads\mbam-setup-2.0.4.1028(1).exe
2015-02-05 18:32 - 2015-02-05 18:32 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Adrian\Downloads\tdsskiller.exe
2015-02-05 18:23 - 2015-02-07 23:26 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-05 18:22 - 2015-02-05 18:30 - 00000000 ____D () C:\Users\Adrian\Desktop\mbar
2015-02-05 18:22 - 2015-02-05 18:22 - 16466552 _____ (Malwarebytes Corp.) C:\Users\Adrian\Downloads\mbar-1.08.3.1004.exe
2015-02-05 07:56 - 2015-02-05 07:56 - 00380416 _____ () C:\Users\Adrian\Downloads\vpl5fhzr.exe
2015-02-05 07:55 - 2015-02-07 23:30 - 00012969 _____ () C:\Users\Adrian\Downloads\FRST.txt
2015-02-05 07:55 - 2015-02-07 23:30 - 00000000 ____D () C:\FRST
2015-02-05 07:55 - 2015-02-05 07:56 - 00021961 _____ () C:\Users\Adrian\Downloads\Addition.txt
2015-02-05 07:54 - 2015-02-07 23:30 - 02132992 _____ (Farbar) C:\Users\Adrian\Downloads\FRST64.exe
2015-02-05 07:53 - 2015-02-05 07:53 - 00000544 _____ () C:\Users\Adrian\Downloads\defogger_disable.log
2015-02-05 07:53 - 2015-02-05 07:53 - 00000168 _____ () C:\Users\Adrian\defogger_reenable
2015-02-05 07:52 - 2015-02-05 07:52 - 00050477 _____ () C:\Users\Adrian\Downloads\Defogger.exe
2015-01-30 02:39 - 2015-01-30 02:39 - 00001222 _____ () C:\DelFix.txt
2015-01-30 02:39 - 2015-01-30 02:39 - 00000000 ____D () C:\Windows\ERUNT
2015-01-30 01:15 - 2015-02-06 16:36 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-30 01:15 - 2015-02-06 16:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-30 01:15 - 2015-01-30 01:15 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Adobe
2015-01-28 15:06 - 2015-01-28 15:06 - 00000000 __RHD () C:\MSOCache
2015-01-28 15:04 - 2015-01-28 15:04 - 00000000 ____D () C:\Users\Adrian\Documents\Benutzerdefinierte Office-Vorlagen
2015-01-28 14:58 - 2015-01-28 14:58 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Microsoft Help
2015-01-28 14:51 - 2015-01-28 14:51 - 00347816 _____ (Microsoft Corporation) C:\Users\Adrian\Downloads\MicrosoftFixit.wu.LB.134588027784228.1.1.Run.exe
2015-01-28 14:38 - 2015-01-28 15:04 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Firefox-improver
2015-01-28 14:32 - 2015-01-28 14:32 - 00002140 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-01-28 14:32 - 2015-01-28 14:32 - 00002140 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-01-28 14:32 - 2015-01-28 14:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2015-01-28 14:31 - 2015-01-28 15:00 - 00002210 _____ () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-01-28 14:31 - 2015-01-28 14:31 - 00000000 ___RD () C:\Users\Adrian\OneDrive
2015-01-28 14:31 - 2015-01-28 14:31 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-01-28 14:31 - 2015-01-28 14:31 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-01-28 14:30 - 2015-01-28 18:45 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-01-28 14:30 - 2015-01-28 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-28 14:29 - 2015-01-28 14:30 - 01064632 _____ (Microsoft Corporation) C:\Users\Adrian\Downloads\Setup.X86.de-DE_O365HomePremRetail_c45264ce-a25c-46e7-ab4e-e8f594a0467d_TX_DB_.exe
2015-01-28 14:21 - 2015-01-28 14:21 - 00668376 _____ (Blue Labs, LLC) C:\Users\Adrian\Downloads\FreeEditor.exe
2015-01-28 13:20 - 2015-01-28 13:20 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-28 02:49 - 2015-01-28 02:49 - 00009094 _____ () C:\Users\Adrian\Documents\a.txt
2015-01-28 02:22 - 2015-02-07 22:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-28 02:22 - 2015-02-07 22:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-28 02:22 - 2015-02-07 22:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-28 02:22 - 2015-01-28 02:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-28 02:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-28 02:22 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-28 02:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-28 02:21 - 2015-01-28 02:21 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Adrian\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-27 23:41 - 2015-01-27 23:42 - 00014648 _____ () C:\Users\Adrian\Documents\Ereignisse.txt
2015-01-27 23:23 - 2015-01-27 23:23 - 39712504 _____ () C:\Users\Adrian\Downloads\Firefox_Setup_de35.0.1 (1).exe
2015-01-27 23:23 - 2015-01-27 23:23 - 00001179 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-27 23:23 - 2015-01-27 23:23 - 00001167 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-27 23:23 - 2015-01-27 23:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-27 23:22 - 2015-01-27 23:22 - 39712504 _____ () C:\Users\Adrian\Downloads\Firefox_Setup_de35.0.1.exe
2015-01-27 23:21 - 2015-01-27 23:21 - 00000000 __SHD () C:\Users\Adrian\AppData\Local\EmieBrowserModeList
2015-01-27 05:14 - 2015-01-27 23:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 12:22 - 2015-01-26 12:22 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-26 12:22 - 2015-01-26 12:22 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-26 02:15 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-26 02:15 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-26 02:15 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-26 02:15 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-26 02:15 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-26 02:15 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-26 02:15 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-26 02:15 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-26 02:15 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-26 02:15 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-26 02:15 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-26 02:15 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-26 02:15 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-07 23:26 - 2014-10-03 13:39 - 00062865 _____ () C:\Windows\setupact.log
2015-02-07 23:26 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-07 23:25 - 2014-10-24 06:49 - 00031580 _____ () C:\Windows\PFRO.log
2015-02-07 23:25 - 2014-08-19 18:57 - 01204429 _____ () C:\Windows\WindowsUpdate.log
2015-02-07 23:25 - 2014-08-15 08:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-07 22:38 - 2009-07-14 05:45 - 00020288 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-07 22:38 - 2009-07-14 05:45 - 00020288 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-07 01:13 - 2014-08-21 22:33 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\TS3Client
2015-02-07 00:06 - 2014-08-19 19:53 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Battle.net
2015-02-06 23:11 - 2011-04-12 08:43 - 00700146 _____ () C:\Windows\system32\perfh007.dat
2015-02-06 23:11 - 2011-04-12 08:43 - 00149784 _____ () C:\Windows\system32\perfc007.dat
2015-02-06 23:11 - 2009-07-14 06:13 - 01622778 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-06 19:56 - 2014-08-19 19:52 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-02-06 16:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-05 07:53 - 2014-08-19 18:57 - 00000000 ____D () C:\Users\Adrian
2015-01-30 02:31 - 2014-11-10 00:07 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-01-29 18:33 - 2014-10-01 18:16 - 00001153 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-01-29 18:33 - 2014-08-19 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-01-29 18:33 - 2014-08-19 23:59 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-01-29 18:33 - 2014-04-03 06:44 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-28 14:45 - 2009-07-14 05:45 - 00438272 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-28 14:38 - 2014-08-19 18:59 - 00111400 _____ () C:\Users\Adrian\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-28 14:30 - 2014-08-19 18:57 - 00000000 ____D () C:\Users\Adrian\AppData\Local\VirtualStore
2015-01-28 14:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-28 02:55 - 2014-08-19 19:29 - 00000000 ___RD () C:\Users\Adrian\Desktop\Programme
2015-01-28 02:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Speech
2015-01-26 03:01 - 2014-08-20 23:41 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-26 03:00 - 2014-08-20 23:41 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-08 09:55 - 2010-11-21 04:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2014-08-15 08:24 - 2014-08-15 08:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Adrian\AppData\Local\Temp\avgnt.exe
C:\Users\Adrian\AppData\Local\Temp\Quarantine.exe
C:\Users\Adrian\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-05 19:32

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Code:
ATTFilter
Antivirus Pro
Erstellungsdatum der Reportdatei: Samstag, 7. Februar 2015  23:05


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Adrian Stachowski
Seriennummer   : 2229046492-PEPWE-0000001
Plattform      : Windows 7 Home Premium
Windowsversion : (Service Pack 1)  [6.1.7601]
Boot Modus     : Normal gebootet
Benutzername   : SYSTEM
Computername   : ADRIAN-PC

Versionsinformationen:
BUILD.DAT      : 14.0.7.468     94169 Bytes  24.11.2014 10:23:00
AVSCAN.EXE     : 14.0.7.462   1015544 Bytes  16.12.2014 18:47:55
AVSCANRC.DLL   : 14.0.7.308     64304 Bytes  06.11.2014 08:37:56
LUKE.DLL       : 14.0.7.462     60664 Bytes  16.12.2014 18:48:03
AVSCPLR.DLL    : 14.0.7.440     93488 Bytes  16.12.2014 18:47:55
REPAIR.DLL     : 14.0.7.412    366328 Bytes  16.12.2014 18:47:54
REPAIR.RDF     : 1.0.4.60      704786 Bytes  05.02.2015 17:20:56
AVREG.DLL      : 14.0.7.310    264952 Bytes  06.11.2014 08:37:56
AVLODE.DLL     : 14.0.7.440    561456 Bytes  16.12.2014 18:47:51
AVLODE.RDF     : 14.0.4.54      78895 Bytes  05.12.2014 20:41:15
XBV00015.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:33
XBV00016.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:33
XBV00017.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:33
XBV00018.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:33
XBV00019.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:33
XBV00020.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:33
XBV00021.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:33
XBV00022.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:33
XBV00023.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:33
XBV00024.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:34
XBV00025.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:34
XBV00026.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:34
XBV00027.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:34
XBV00028.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:34
XBV00029.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:34
XBV00030.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:34
XBV00031.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:34
XBV00032.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:34
XBV00033.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:35
XBV00034.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:35
XBV00035.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:35
XBV00036.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:35
XBV00037.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:35
XBV00038.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:35
XBV00039.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:35
XBV00040.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:35
XBV00041.VDF   : 8.11.165.190     2048 Bytes  07.08.2014 23:08:35
XBV00073.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00074.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00075.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00076.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00077.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00078.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00079.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00080.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00081.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00082.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00083.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00084.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00085.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00086.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00087.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00088.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00089.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00090.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00091.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00092.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00093.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00094.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00095.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00096.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00097.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00098.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00099.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00100.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:39
XBV00101.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00102.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00103.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00104.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00105.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00106.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00107.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00108.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00109.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00110.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00111.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00112.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00113.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00114.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00115.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00116.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00117.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00118.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00119.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00120.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00121.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00122.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00123.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00124.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00125.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00126.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00127.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00128.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00129.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00130.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00131.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00132.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00133.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00134.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00135.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00136.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00137.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00138.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:40
XBV00139.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00140.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00141.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00142.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00143.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00144.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00145.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00146.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00147.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00148.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00149.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00150.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00151.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00152.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00153.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00154.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00155.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00156.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00157.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00158.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00159.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00160.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00161.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00162.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00163.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00164.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00165.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00166.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00167.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00168.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00169.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00170.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00171.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00172.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00173.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00174.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00175.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:41
XBV00176.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00177.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00178.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00179.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00180.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00181.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00182.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00183.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00184.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00185.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00186.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00187.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00188.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00189.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00190.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00191.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00192.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00193.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00194.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00195.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00196.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00197.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00198.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00199.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00200.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00201.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00202.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00203.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00204.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00205.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00206.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00207.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00208.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00209.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00210.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00211.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00212.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00213.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:42
XBV00214.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00215.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00216.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00217.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00218.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00219.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00220.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00221.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00222.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00223.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00224.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00225.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00226.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00227.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00228.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00229.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00230.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00231.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00232.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00233.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00234.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00235.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00236.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00237.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00238.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00239.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00240.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00241.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00242.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00243.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00244.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00245.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00246.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00247.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00248.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00249.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00250.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00251.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00252.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:43
XBV00253.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:44
XBV00254.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:44
XBV00255.VDF   : 8.11.206.252     2048 Bytes  04.02.2015 16:45:44
XBV00000.VDF   : 7.11.70.0   66736640 Bytes  04.04.2013 11:29:41
XBV00001.VDF   : 7.11.74.226  2201600 Bytes  30.04.2013 11:29:41
XBV00002.VDF   : 7.11.80.60   2751488 Bytes  28.05.2013 11:29:41
XBV00003.VDF   : 7.11.85.214  2162688 Bytes  21.06.2013 11:29:41
XBV00004.VDF   : 7.11.91.176  3903488 Bytes  23.07.2013 11:29:41
XBV00005.VDF   : 7.11.98.186  6822912 Bytes  29.08.2013 11:29:41
XBV00006.VDF   : 7.11.139.38 15708672 Bytes  27.03.2014 11:29:41
XBV00007.VDF   : 7.11.152.100  4193792 Bytes  02.06.2014 11:29:41
XBV00008.VDF   : 8.11.165.192  4251136 Bytes  07.08.2014 23:08:32
XBV00009.VDF   : 8.11.172.30  2094080 Bytes  15.09.2014 01:11:57
XBV00010.VDF   : 8.11.178.32  1581056 Bytes  14.10.2014 18:53:53
XBV00011.VDF   : 8.11.184.50  2178560 Bytes  11.11.2014 11:48:02
XBV00012.VDF   : 8.11.190.32  1876992 Bytes  03.12.2014 11:34:38
XBV00013.VDF   : 8.11.201.28  2973696 Bytes  14.01.2015 01:04:33
XBV00014.VDF   : 8.11.206.252  2695680 Bytes  04.02.2015 16:45:38
XBV00042.VDF   : 8.11.207.24    43520 Bytes  04.02.2015 21:18:19
XBV00043.VDF   : 8.11.207.50     2048 Bytes  04.02.2015 21:18:19
XBV00044.VDF   : 8.11.207.52     2048 Bytes  04.02.2015 21:18:19
XBV00045.VDF   : 8.11.207.78    20480 Bytes  04.02.2015 23:18:19
XBV00046.VDF   : 8.11.207.104     5632 Bytes  04.02.2015 17:20:52
XBV00047.VDF   : 8.11.207.106     2048 Bytes  05.02.2015 17:20:52
XBV00048.VDF   : 8.11.207.108    23040 Bytes  05.02.2015 17:20:52
XBV00049.VDF   : 8.11.207.110    34304 Bytes  05.02.2015 17:20:52
XBV00050.VDF   : 8.11.207.112     2048 Bytes  05.02.2015 17:20:52
XBV00051.VDF   : 8.11.207.134    15360 Bytes  05.02.2015 17:20:52
XBV00052.VDF   : 8.11.207.154     9728 Bytes  05.02.2015 17:20:52
XBV00053.VDF   : 8.11.207.178    39936 Bytes  05.02.2015 21:42:29
XBV00054.VDF   : 8.11.207.200    32256 Bytes  05.02.2015 16:54:38
XBV00055.VDF   : 8.11.207.204     2560 Bytes  05.02.2015 16:54:38
XBV00056.VDF   : 8.11.207.208    57856 Bytes  06.02.2015 16:54:38
XBV00057.VDF   : 8.11.207.210     2048 Bytes  06.02.2015 16:54:38
XBV00058.VDF   : 8.11.207.212     5120 Bytes  06.02.2015 16:54:38
XBV00059.VDF   : 8.11.207.232    18944 Bytes  06.02.2015 16:54:38
XBV00060.VDF   : 8.11.207.252    24576 Bytes  06.02.2015 16:54:38
XBV00061.VDF   : 8.11.208.16     9216 Bytes  06.02.2015 16:54:38
XBV00062.VDF   : 8.11.208.18     4096 Bytes  06.02.2015 16:54:38
XBV00063.VDF   : 8.11.208.20     2560 Bytes  06.02.2015 16:54:38
XBV00064.VDF   : 8.11.208.42    54272 Bytes  06.02.2015 22:09:26
XBV00065.VDF   : 8.11.208.62     2048 Bytes  06.02.2015 22:09:26
XBV00066.VDF   : 8.11.208.84    28160 Bytes  06.02.2015 02:09:26
XBV00067.VDF   : 8.11.208.86     2048 Bytes  06.02.2015 02:09:26
XBV00068.VDF   : 8.11.208.88     2048 Bytes  07.02.2015 02:09:26
XBV00069.VDF   : 8.11.208.92    61440 Bytes  07.02.2015 21:23:29
XBV00070.VDF   : 8.11.208.112     2048 Bytes  07.02.2015 21:23:29
XBV00071.VDF   : 8.11.208.130    40448 Bytes  07.02.2015 21:23:29
XBV00072.VDF   : 8.11.208.148     2048 Bytes  07.02.2015 21:23:29
LOCAL000.VDF   : 8.11.208.148 120584704 Bytes  07.02.2015 21:23:38
Engineversion  : 8.3.28.16 
AEVDF.DLL      : 8.3.1.6       133992 Bytes  20.08.2014 18:27:55
AESCRIPT.DLL   : 8.2.2.54      550824 Bytes  06.02.2015 16:54:38
AESCN.DLL      : 8.3.2.2       139456 Bytes  23.07.2014 11:29:06
AESBX.DLL      : 8.2.20.24    1409224 Bytes  23.07.2014 11:29:06
AERDL.DLL      : 8.2.1.16      743328 Bytes  29.10.2014 16:19:10
AEPACK.DLL     : 8.4.0.58      789360 Bytes  26.01.2015 01:04:32
AEOFFICE.DLL   : 8.3.1.10      351088 Bytes  26.01.2015 01:04:32
AEMOBILE.DLL   : 8.1.2.0       277360 Bytes  16.12.2014 18:47:48
AEHEUR.DLL     : 8.1.4.1522   8071080 Bytes  06.02.2015 16:54:38
AEHELP.DLL     : 8.3.1.0       278728 Bytes  23.07.2014 11:29:06
AEGEN.DLL      : 8.1.7.40      456608 Bytes  20.12.2014 16:49:01
AEEXP.DLL      : 8.4.2.70      255904 Bytes  06.02.2015 16:54:38
AEEMU.DLL      : 8.1.3.4       399264 Bytes  19.08.2014 23:08:11
AEDROID.DLL    : 8.4.3.6       850800 Bytes  16.12.2014 18:47:48
AECORE.DLL     : 8.3.4.0       243624 Bytes  16.12.2014 18:47:48
AEBB.DLL       : 8.1.2.0        60448 Bytes  19.08.2014 23:08:10
AVWINLL.DLL    : 14.0.7.308     25904 Bytes  06.11.2014 08:37:54
AVPREF.DLL     : 14.0.7.308     52016 Bytes  06.11.2014 08:37:56
AVREP.DLL      : 14.0.7.308    220976 Bytes  06.11.2014 08:37:56
AVARKT.DLL     : 14.0.7.308    227632 Bytes  06.11.2014 08:37:54
AVEVTLOG.DLL   : 14.0.7.440    184112 Bytes  16.12.2014 18:47:50
SQLITE3.DLL    : 14.0.7.308    453936 Bytes  06.11.2014 08:38:03
AVSMTP.DLL     : 14.0.7.308     79096 Bytes  06.11.2014 08:37:57
NETNT.DLL      : 14.0.7.308     15152 Bytes  06.11.2014 08:38:02
RCIMAGE.DLL    : 14.0.7.308   4888824 Bytes  06.11.2014 08:37:54
RCTEXT.DLL     : 14.0.7.318     76080 Bytes  06.11.2014 08:37:54

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: c:\program files (x86)\avira\antivir desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, 
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Samstag, 7. Februar 2015  23:05

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:)'
    [INFO]      Es wurde kein Virus gefunden!
Bootsektor 'HDD1(D:)'
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvSCPAPISvr.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '94' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '114' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '155' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvxdsync.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '143' Modul(e) wurden durchsucht
Durchsuche Prozess 'SkypeC2CAutoUpdateSvc.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'SkypeC2CPNRSvc.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'OfficeClickToRun.exe' - '91' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvNetworkService.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'PnkBstrA.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.ServiceHost.exe' - '127' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'avmailc7.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'avwebg7.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorDataMgrSvc.exe' - '103' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '119' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '175' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvBackend.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'RtkNGUI64.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'GameMon.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '109' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.OE.Systray.exe' - '123' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtray.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorIcon.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '161' Modul(e) wurden durchsucht
Durchsuche Prozess 'mbam.exe' - '132' Modul(e) wurden durchsucht
Durchsuche Prozess 'AdwCleaner_4.110.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '117' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '124' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '1301' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <System>
C:\Users\Adrian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\954G0RFK\Setup[1].exe
  [FUND]      Enthält Erkennungsmuster der Adware ADWARE/InstallCore.588455
Beginne mit der Suche in 'D:\' <Data1>

Beginne mit der Desinfektion:
C:\Users\Adrian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\954G0RFK\Setup[1].exe
  [FUND]      Enthält Erkennungsmuster der Adware ADWARE/InstallCore.588455
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '53493eca.qua' verschoben!


Ende des Suchlaufs: Samstag, 7. Februar 2015  23:22
Benötigte Zeit: 15:22 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

  50312 Verzeichnisse wurden überprüft
 600767 Dateien wurden geprüft
      1 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      1 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 600766 Dateien ohne Befall
   4503 Archive wurden durchsucht
      0 Warnungen
      1 Hinweise
 782570 Objekte wurden beim Rootkitscan durchsucht
      0 Versteckte Objekte wurden gefunden
         
Da sich Avira zu Wort gemeldet hat und Alarm geschlagen hat, habe ich diesen log auch noch gepostet, falls du damit auch was anfangen kannst

Alt 08.02.2015, 11:38   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Sprechblase für Windowsupdater(nicht von Microsoft) geht auf - Standard

Sprechblase für Windowsupdater(nicht von Microsoft) geht auf




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.02.2015, 19:57   #9
Ggnis
 
Sprechblase für Windowsupdater(nicht von Microsoft) geht auf - Standard

Sprechblase für Windowsupdater(nicht von Microsoft) geht auf



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=44b1e72354ebc049928bd056d4f7569f
# engine=22191
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-28 05:10:50
# local_time=2015-01-28 06:10:50 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 7617 174094900 0 0
# scanned=157197
# found=11
# cleaned=0
# scan_time=3769
sh=B98C851D46F6F34607DEC601FF82469DA350D9EC ft=1 fh=95a049650cc65f75 vn="Variante von Win64/Adware.Adpeak.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\004\rqpbhevlkc64.exe.vir"
sh=8B67C4946B050285FE89EFE36AB6DC2F7B3E2D2F ft=1 fh=d91722da20002316 vn="Variante von Win64/Riskware.NetFilter.F Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\netfilter64.sys.vir"
sh=7ABFFAAC5A64F72C2675F588BFDD67C25C2A77A9 ft=1 fh=7f527dcaa4a2e4a3 vn="Variante von Win32/FirseriaInstaller.V evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\GU Player\GUPlayerUninstaller.exe"
sh=86796560DB0AE55C365CEC423A5B78809AADC139 ft=1 fh=8c7a4ac81187f375 vn="Variante von Win32/OptimizerEliteMax.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Adrian\AppData\Local\Temp\optprosetup.exe"
sh=68F71677C9DBAF71857BEBDF5A997C41468340B9 ft=1 fh=8936360fc9736a34 vn="Variante von Win32/FirseriaInstaller.V evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Adrian\AppData\Local\Temp\n4516\GUSetup_ge-5cae4326.exe"
sh=5BDE683A0EE1839A2E41E9CB7162EE8670FCE802 ft=1 fh=ca9f6b2171b06cd9 vn="Variante von Win32/AdWare.SpeedingUpMyPC.P Anwendung" ac=I fn="C:\Users\Adrian\AppData\Local\Temp\n4516\OptimizerProInstaller.exe"
sh=701C731421B95DA078F8FB2D6942AC37C9FB83A8 ft=1 fh=2af9c47ac8a07022 vn="Variante von MSIL/Solimba.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Adrian\AppData\Local\Temp\n4516\s4516.exe"
sh=701C731421B95DA078F8FB2D6942AC37C9FB83A8 ft=1 fh=2af9c47ac8a07022 vn="Variante von MSIL/Solimba.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Adrian\AppData\Local\Temp\n5417\s5417.exe"
sh=9840C957D7EC5F8C4F43C018A01C7E34AE2ACFD1 ft=1 fh=38614386ad14ad13 vn="Variante von MSIL/Solimba.AK.gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Adrian\Downloads\Microsoft%20Word.exe"
sh=0B547922EA789C01BAA87AA742F998F5C948A3AC ft=1 fh=1cd1321574700fd9 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Adrian\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe"
sh=F3244CED9E174DEB4232C4517BE14F5EF2BDF21B ft=1 fh=23dcaa93e780676c vn="Variante von Win32/AdSuproot Trojaner" ac=I fn="C:\Windows\Temp\aaccee\aabbcc.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=44b1e72354ebc049928bd056d4f7569f
# engine=22365
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-08 06:25:53
# local_time=2015-02-08 07:25:53 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 159413 175049803 0 0
# scanned=153399
# found=2
# cleaned=0
# scan_time=1344
sh=6579AB75B6D1097A365AA2F2B1ED21A777AA4DF2 ft=1 fh=12b05cc00faf068d vn="Win32/VOPackage.BN evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Adrian\AppData\Local\Temp\is45637729\2773280_stp\Generic_vo.exe"
sh=0B547922EA789C01BAA87AA742F998F5C948A3AC ft=1 fh=1cd1321574700fd9 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Adrian\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe"
         
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.96  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
  Java 64-bit 8 Update 31  
 Adobe Flash Player 16.0.0.305  
 Mozilla Firefox (35.0.1) 
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2015
Ran by Adrian (administrator) on ADRIAN-PC on 08-02-2015 19:55:19
Running from C:\Users\Adrian\Downloads
Loaded Profiles: Adrian (Available profiles: Adrian)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Game Inc.) C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.3733\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.5522\Battle.net.exe
() C:\Program Files (x86)\Hearthstone\Hearthstone.exe
() C:\Users\Adrian\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-05-14] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-03-06] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403288 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [GamingKeyboard] => C:\Program Files (x86)\SHARKOON Skiller\GameMon.exe [1803264 2012-06-07] (Game Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2014-12-31] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\MountPoints2: {b9e95629-6a8c-11e4-96a5-448a5b8fc06d} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\MountPoints2: {e738d354-2979-11e4-b5ff-448a5b8fc06d} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\...\MountPoints2: {f1df56f7-47c6-11e4-8f77-448a5b8fc06d} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-18\...\Run: [AviraSpeedup] => "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3579592859-3594887549-3632172591-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF ProfilePath: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default
FF Homepage: https://www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF SearchPlugin: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\searchplugins\google-maps.xml
FF Extension: Avira Browser Safety - C:\Users\Adrian\AppData\Roaming\Mozilla\Firefox\Profiles\nw9ljsvn.default\Extensions\abs@avira.com [2015-02-03]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-01-27]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [807672 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [993584 2014-12-16] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [178424 2014-12-31] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2014-03-06] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720792 2014-08-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18973144 2014-08-09] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-30] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-08-21] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-08-21] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-09-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-09-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-23] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [43064 2014-09-26] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-09-07] (Disc Soft Ltd)
S3 E100B; C:\Windows\System32\DRIVERS\efe5b32e.sys [192256 2009-06-10] (Intel Corporation)
R3 GameKB; C:\Windows\System32\drivers\GameKB.sys [27648 2012-05-11] ()
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2014-02-26] (Intel Corporation)
R3 ISCT; C:\Windows\system32\drivers\ISCTD64.sys [44992 2012-02-09] ()
R3 MEIx64; C:\Windows\system32\drivers\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20440 2014-08-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-10-25] (Realtek Semiconductor Corporation                           )

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-08 19:01 - 2015-02-08 19:01 - 00852594 _____ () C:\Users\Adrian\Downloads\SecurityCheck.exe
2015-02-08 19:00 - 2015-02-08 19:00 - 02347384 _____ (ESET) C:\Users\Adrian\Downloads\esetsmartinstaller_deu.exe
2015-02-07 23:30 - 2015-02-07 23:30 - 00001153 _____ () C:\Users\Adrian\Desktop\JRT.txt
2015-02-07 23:30 - 2015-02-07 23:30 - 00000000 ____D () C:\Users\Adrian\Downloads\FRST-OlderVersion
2015-02-07 23:26 - 2015-02-07 23:26 - 00001381 _____ () C:\Users\Adrian\Desktop\AdwCleaner[S0].txt
2015-02-07 23:06 - 2015-02-07 23:06 - 00009937 _____ () C:\Users\Adrian\Desktop\mbam.txt
2015-02-07 23:03 - 2015-02-07 23:03 - 01388274 _____ (Thisisu) C:\Users\Adrian\Downloads\JRT.exe
2015-02-07 23:01 - 2015-02-07 23:25 - 00000000 ____D () C:\AdwCleaner
2015-02-07 23:01 - 2015-02-07 23:01 - 02112512 _____ () C:\Users\Adrian\Downloads\AdwCleaner_4.110.exe
2015-02-07 22:56 - 2015-02-07 22:56 - 00001122 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-07 22:55 - 2015-02-07 22:55 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Adrian\Downloads\mbam-setup-2.0.4.1028(1).exe
2015-02-05 18:32 - 2015-02-05 18:32 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Adrian\Downloads\tdsskiller.exe
2015-02-05 18:23 - 2015-02-07 23:26 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-02-05 18:22 - 2015-02-05 18:30 - 00000000 ____D () C:\Users\Adrian\Desktop\mbar
2015-02-05 18:22 - 2015-02-05 18:22 - 16466552 _____ (Malwarebytes Corp.) C:\Users\Adrian\Downloads\mbar-1.08.3.1004.exe
2015-02-05 07:56 - 2015-02-05 07:56 - 00380416 _____ () C:\Users\Adrian\Downloads\vpl5fhzr.exe
2015-02-05 07:55 - 2015-02-08 19:55 - 00013478 _____ () C:\Users\Adrian\Downloads\FRST.txt
2015-02-05 07:55 - 2015-02-08 19:55 - 00000000 ____D () C:\FRST
2015-02-05 07:55 - 2015-02-05 07:56 - 00021961 _____ () C:\Users\Adrian\Downloads\Addition.txt
2015-02-05 07:54 - 2015-02-07 23:30 - 02132992 _____ (Farbar) C:\Users\Adrian\Downloads\FRST64.exe
2015-02-05 07:53 - 2015-02-05 07:53 - 00000544 _____ () C:\Users\Adrian\Downloads\defogger_disable.log
2015-02-05 07:53 - 2015-02-05 07:53 - 00000168 _____ () C:\Users\Adrian\defogger_reenable
2015-02-05 07:52 - 2015-02-05 07:52 - 00050477 _____ () C:\Users\Adrian\Downloads\Defogger.exe
2015-01-30 02:39 - 2015-01-30 02:39 - 00001222 _____ () C:\DelFix.txt
2015-01-30 02:39 - 2015-01-30 02:39 - 00000000 ____D () C:\Windows\ERUNT
2015-01-30 01:15 - 2015-02-06 16:36 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-30 01:15 - 2015-02-06 16:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-30 01:15 - 2015-01-30 01:15 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Adobe
2015-01-28 15:06 - 2015-01-28 15:06 - 00000000 __RHD () C:\MSOCache
2015-01-28 15:04 - 2015-01-28 15:04 - 00000000 ____D () C:\Users\Adrian\Documents\Benutzerdefinierte Office-Vorlagen
2015-01-28 14:58 - 2015-01-28 14:58 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Microsoft Help
2015-01-28 14:51 - 2015-01-28 14:51 - 00347816 _____ (Microsoft Corporation) C:\Users\Adrian\Downloads\MicrosoftFixit.wu.LB.134588027784228.1.1.Run.exe
2015-01-28 14:38 - 2015-01-28 15:04 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\Firefox-improver
2015-01-28 14:32 - 2015-01-28 14:32 - 00002140 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-01-28 14:32 - 2015-01-28 14:32 - 00002140 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-01-28 14:32 - 2015-01-28 14:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft OneDrive
2015-01-28 14:31 - 2015-01-28 15:00 - 00002210 _____ () C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2015-01-28 14:31 - 2015-01-28 14:31 - 00000000 ___RD () C:\Users\Adrian\OneDrive
2015-01-28 14:31 - 2015-01-28 14:31 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-01-28 14:31 - 2015-01-28 14:31 - 00000000 ____D () C:\ProgramData\Microsoft OneDrive
2015-01-28 14:30 - 2015-01-28 18:45 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-01-28 14:30 - 2015-01-28 14:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-28 14:29 - 2015-01-28 14:30 - 01064632 _____ (Microsoft Corporation) C:\Users\Adrian\Downloads\Setup.X86.de-DE_O365HomePremRetail_c45264ce-a25c-46e7-ab4e-e8f594a0467d_TX_DB_.exe
2015-01-28 14:21 - 2015-01-28 14:21 - 00668376 _____ (Blue Labs, LLC) C:\Users\Adrian\Downloads\FreeEditor.exe
2015-01-28 13:20 - 2015-01-28 13:20 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-28 02:49 - 2015-01-28 02:49 - 00009094 _____ () C:\Users\Adrian\Documents\a.txt
2015-01-28 02:22 - 2015-02-07 22:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-28 02:22 - 2015-02-07 22:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-28 02:22 - 2015-02-07 22:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-28 02:22 - 2015-01-28 02:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-28 02:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-28 02:22 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-28 02:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-28 02:21 - 2015-01-28 02:21 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Adrian\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-27 23:41 - 2015-01-27 23:42 - 00014648 _____ () C:\Users\Adrian\Documents\Ereignisse.txt
2015-01-27 23:23 - 2015-01-27 23:23 - 39712504 _____ () C:\Users\Adrian\Downloads\Firefox_Setup_de35.0.1 (1).exe
2015-01-27 23:23 - 2015-01-27 23:23 - 00001179 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-27 23:23 - 2015-01-27 23:23 - 00001167 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-27 23:23 - 2015-01-27 23:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-01-27 23:22 - 2015-01-27 23:22 - 39712504 _____ () C:\Users\Adrian\Downloads\Firefox_Setup_de35.0.1.exe
2015-01-27 23:21 - 2015-01-27 23:21 - 00000000 __SHD () C:\Users\Adrian\AppData\Local\EmieBrowserModeList
2015-01-27 05:14 - 2015-01-27 23:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-01-26 12:22 - 2015-01-26 12:22 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-01-26 12:22 - 2015-01-26 12:22 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-01-26 02:15 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-26 02:15 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-26 02:15 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-26 02:15 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-26 02:15 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-26 02:15 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-26 02:15 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-26 02:15 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-26 02:15 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-26 02:15 - 2014-12-11 18:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-26 02:15 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-26 02:15 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-26 02:15 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-08 19:54 - 2014-08-19 19:53 - 00000000 ____D () C:\Users\Adrian\AppData\Local\Battle.net
2015-02-08 18:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-02-08 18:00 - 2014-10-03 13:39 - 00063425 _____ () C:\Windows\setupact.log
2015-02-08 09:08 - 2011-04-12 08:43 - 00700146 _____ () C:\Windows\system32\perfh007.dat
2015-02-08 09:08 - 2011-04-12 08:43 - 00149784 _____ () C:\Windows\system32\perfc007.dat
2015-02-08 09:08 - 2009-07-14 06:13 - 01622778 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-08 09:08 - 2009-07-14 05:45 - 00020288 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-08 09:08 - 2009-07-14 05:45 - 00020288 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-08 09:01 - 2014-10-24 06:49 - 00031922 _____ () C:\Windows\PFRO.log
2015-02-08 09:01 - 2014-08-15 08:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-08 09:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-08 05:10 - 2014-08-19 18:57 - 01228485 _____ () C:\Windows\WindowsUpdate.log
2015-02-07 01:13 - 2014-08-21 22:33 - 00000000 ____D () C:\Users\Adrian\AppData\Roaming\TS3Client
2015-02-06 19:56 - 2014-08-19 19:52 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-02-05 07:53 - 2014-08-19 18:57 - 00000000 ____D () C:\Users\Adrian
2015-01-30 02:31 - 2014-11-10 00:07 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-01-29 18:33 - 2014-10-01 18:16 - 00001153 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-01-29 18:33 - 2014-08-19 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-01-29 18:33 - 2014-08-19 23:59 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-01-29 18:33 - 2014-04-03 06:44 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-28 14:45 - 2009-07-14 05:45 - 00438272 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-28 14:38 - 2014-08-19 18:59 - 00111400 _____ () C:\Users\Adrian\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-28 14:30 - 2014-08-19 18:57 - 00000000 ____D () C:\Users\Adrian\AppData\Local\VirtualStore
2015-01-28 14:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-01-28 02:55 - 2014-08-19 19:29 - 00000000 ___RD () C:\Users\Adrian\Desktop\Programme
2015-01-28 02:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Speech
2015-01-26 03:01 - 2014-08-20 23:41 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-26 03:00 - 2014-08-20 23:41 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2014-08-15 08:24 - 2014-08-15 08:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Adrian\AppData\Local\Temp\avgnt.exe
C:\Users\Adrian\AppData\Local\Temp\Quarantine.exe
C:\Users\Adrian\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-05 19:32

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Nein, jedenfalls keine mir bekannten Probleme

Alt 09.02.2015, 06:46   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Sprechblase für Windowsupdater(nicht von Microsoft) geht auf - Standard

Sprechblase für Windowsupdater(nicht von Microsoft) geht auf



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\AdwCleaner\Quarantine\C\Program Files\004\rqpbhevlkc64.exe.vir

C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\netfilter64.sys.vir

C:\Program Files (x86)\GU Player\GUPlayerUninstaller.exe

C:\Users\Adrian\AppData\Local\Temp\optprosetup.exe

C:\Users\Adrian\AppData\Local\Temp\n4516\GUSetup_ge-5cae4326.exe

C:\Users\Adrian\AppData\Local\Temp\n4516\OptimizerProInstaller.exe

C:\Users\Adrian\AppData\Local\Temp\n4516\s4516.exe

C:\Users\Adrian\AppData\Local\Temp\n5417\s5417.exe

C:\Users\Adrian\Downloads\Microsoft%20Word.exe

C:\Users\Adrian\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe

C:\Windows\Temp\aaccee\aabbcc.exe

C:\Users\Adrian\AppData\Local\Temp\is45637729\2773280_stp\Generic_vo.exe
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.02.2015, 14:34   #11
Ggnis
 
Sprechblase für Windowsupdater(nicht von Microsoft) geht auf - Standard

Sprechblase für Windowsupdater(nicht von Microsoft) geht auf



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-02-2015
Ran by Adrian at 2015-02-09 14:27:53 Run:1
Running from C:\Users\Adrian\Downloads\FRST-OlderVersion\FRST-OlderVersion
Loaded Profiles: Adrian (Available profiles: Adrian)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\AdwCleaner\Quarantine\C\Program Files\004\rqpbhevlkc64.exe.vir

C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\netfilter64.sys.vir

C:\Program Files (x86)\GU Player\GUPlayerUninstaller.exe

C:\Users\Adrian\AppData\Local\Temp\optprosetup.exe

C:\Users\Adrian\AppData\Local\Temp\n4516\GUSetup_ge-5cae4326.exe

C:\Users\Adrian\AppData\Local\Temp\n4516\OptimizerProInstaller.exe

C:\Users\Adrian\AppData\Local\Temp\n4516\s4516.exe

C:\Users\Adrian\AppData\Local\Temp\n5417\s5417.exe

C:\Users\Adrian\Downloads\Microsoft%20Word.exe

C:\Users\Adrian\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe

C:\Windows\Temp\aaccee\aabbcc.exe

C:\Users\Adrian\AppData\Local\Temp\is45637729\2773280_stp\Generic_vo.exe
Emptytemp:
*****************

"C:\AdwCleaner\Quarantine\C\Program Files\004\rqpbhevlkc64.exe.vir" => File/Directory not found.
"C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\netfilter64.sys.vir" => File/Directory not found.
"C:\Program Files (x86)\GU Player\GUPlayerUninstaller.exe" => File/Directory not found.
"C:\Users\Adrian\AppData\Local\Temp\optprosetup.exe" => File/Directory not found.
"C:\Users\Adrian\AppData\Local\Temp\n4516\GUSetup_ge-5cae4326.exe" => File/Directory not found.
"C:\Users\Adrian\AppData\Local\Temp\n4516\OptimizerProInstaller.exe" => File/Directory not found.
"C:\Users\Adrian\AppData\Local\Temp\n4516\s4516.exe" => File/Directory not found.
"C:\Users\Adrian\AppData\Local\Temp\n5417\s5417.exe" => File/Directory not found.
"C:\Users\Adrian\Downloads\Microsoft%20Word.exe" => File/Directory not found.
C:\Users\Adrian\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe => Moved successfully.
"C:\Windows\Temp\aaccee\aabbcc.exe" => File/Directory not found.
C:\Users\Adrian\AppData\Local\Temp\is45637729\2773280_stp\Generic_vo.exe => Moved successfully.
EmptyTemp: => Removed 706.4 MB temporary data.


The system needed a reboot. 

==== End of Fixlog 14:28:16 ====
         

Alt 09.02.2015, 18:11   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Sprechblase für Windowsupdater(nicht von Microsoft) geht auf - Standard

Sprechblase für Windowsupdater(nicht von Microsoft) geht auf



fertig
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Sprechblase für Windowsupdater(nicht von Microsoft) geht auf
adware, antivir, avira, browser, cpu, defender, desktop, failed, firefox, flash player, helper, home, homepage, league of legends, mozilla, office 365, problem, programm, realtek, registry, rundll, scan, security, services.exe, svchost.exe, system, taskmanager, teredo



Ähnliche Themen: Sprechblase für Windowsupdater(nicht von Microsoft) geht auf


  1. Booten langsam, Drucker geht...geht nicht,Programme öffnen geht...geht nicht
    Plagegeister aller Art und deren Bekämpfung - 25.06.2015 (19)
  2. Auf ein mal mehrere Probleme: Datein nicht zu öffnen, youtube geht nicht, Download geht nicht...
    Plagegeister aller Art und deren Bekämpfung - 28.02.2015 (20)
  3. lollipop geht nicht zu deinstallieren und mein pc geht neuerdings immer aus, der akku ist dann auf 0%
    Plagegeister aller Art und deren Bekämpfung - 24.02.2014 (1)
  4. IMinent runtergeladen, rote Sprechblase auf Desktop - Laptop sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 20.12.2013 (11)
  5. Microsoft security client user interface geht nicht.
    Plagegeister aller Art und deren Bekämpfung - 29.07.2013 (5)
  6. Rote Sprechblase/ Iminent - Virus? Wie loswerden?
    Plagegeister aller Art und deren Bekämpfung - 18.07.2013 (21)
  7. Win7 herunterfahren Button reagiert nicht, strg+alt+entf geht nicht mehr & cmd.exe geht nicht auf
    Plagegeister aller Art und deren Bekämpfung - 15.12.2011 (25)
  8. microsoft security essential trojaner/ desktop weiß nix geht nach passwort eingabe beim anmelden
    Plagegeister aller Art und deren Bekämpfung - 28.10.2010 (1)
  9. Problem! Kabel-Internet geht nicht, WLAN geht!
    Plagegeister aller Art und deren Bekämpfung - 16.08.2010 (1)
  10. Microsoft geht juristisch gegen Botnet vor
    Nachrichten - 25.02.2010 (0)
  11. Microsoft geht gerichtlich gegen schädliche Online-Werbung vor
    Nachrichten - 18.09.2009 (0)
  12. Firefox, opera, internet explorer geht nicht, aber ICQ geht
    Netzwerk und Hardware - 05.08.2009 (9)
  13. Microsoft.com geht nicht!
    Log-Analyse und Auswertung - 04.08.2009 (2)
  14. windows-update geht nicht und kein downloads auf microsoft-site möglich
    Plagegeister aller Art und deren Bekämpfung - 28.11.2008 (3)
  15. Microsoft Internet Explorer geht nicht
    Log-Analyse und Auswertung - 22.10.2008 (1)
  16. Internet geht auf einem PC nicht mehr, Laptop (am gleichen Router angeschlossen) geht
    Plagegeister aller Art und deren Bekämpfung - 04.12.2007 (0)
  17. Firewall geht nicht und Internet geht nur manchmal
    Log-Analyse und Auswertung - 29.07.2007 (6)

Zum Thema Sprechblase für Windowsupdater(nicht von Microsoft) geht auf - Hallo Forum =) Habe seit einiger Zeit das Problem, dass sich unten rechts ein Fenster für ein angebliches Windowsupdate öffnet. Klicke ich darauf um das Fenster zu schliessen, soll ich - Sprechblase für Windowsupdater(nicht von Microsoft) geht auf...
Archiv
Du betrachtest: Sprechblase für Windowsupdater(nicht von Microsoft) geht auf auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.