Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert

Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert


Log-Analyse und Auswertung: Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Seite 1 von 2 1 2
Alt 09.04.2015, 18:17   #1
Ellaspirella
 
Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert - Standard

Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert


Hallo zusammen,

Anfang März habe ich bereits einen Brief der Telekom bekommen, dass ein PC mit einem Trojaner infiziert ist - Antivir hat am 9.3. den Trojaner generic gefunden und in Quarantäne gesetzt. Damit dachte ich, es wäre erledigt.

Heute kam wieder ein Brief und im Telekom Emailaccount sind mehrere Emails von abuse@telekom.de mit dem identischen Wortlaut, dass immer noch ein PC mit dem Trojaner generic infiziert ist.

Antivir findet nichts... Nun bin ich etwas aufgescheucht, habe hierher gefunden und gelesen und erstmal ... ich hoffe, das war jetzt nicht verkehrt, Farbar Recovery Scan Tool heruntergeladen und durchlaufen lassen...

FRST.txt
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Mari (administrator) on MARINIX on 09-04-2015 18:47:33
Running from C:\Users\Mari\Documents\Downloads
Loaded Profiles: UpdatusUser & Mari (Available profiles: UpdatusUser & Mari)
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Pegatron Corporation) C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Users\Mari\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
(Pegatron Corporation) C:\Program Files (x86)\PHotkey\POsd.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10918504 2010-06-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2092648 2010-06-14] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323072 2009-08-01] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2028328 2010-01-22] (Synaptics Incorporated)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-03] (CyberLink)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] => C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [171104 2010-03-03] (CyberLink Corp.)
HKLM-x32\...\Run: [HF_G_Jul] => "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe"  /DoAction
HKLM-x32\...\Run: [ROC_ROC_JULY_P1] => "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
HKLM-x32\...\Run: [ROC_ROC_NT] => "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1022922106-43553289-3458902837-1000\...\RunOnce: [spchecker] => "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe"
HKU\S-1-5-21-1022922106-43553289-3458902837-1001\...\Run: [EPSON Stylus Photo RX585 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICLE.EXE [213504 2007-03-30] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1022922106-43553289-3458902837-1001\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-1022922106-43553289-3458902837-1001\...\Run: [Amazon Music] => C:\Users\Mari\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281024 2014-10-15] ()
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [112232 2010-09-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [100968 2010-09-02] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1022922106-43553289-3458902837-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1022922106-43553289-3458902837-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=MDNB&bmod=MDNB
HKU\S-1-5-21-1022922106-43553289-3458902837-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-1022922106-43553289-3458902837-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-1022922106-43553289-3458902837-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-12-27] (Sun Microsystems, Inc.)
BHO-x32: Soda 3D PDF Reader Helper -> {2FE0F895-6D1D-4c80-A20D-18E42DE9B631} -> C:\Program Files (x86)\Soda 3D PDF Reader\PDFIEHelper.dll [2011-12-23] (LULU Software)
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssie.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation)
Toolbar: HKLM-x32 - Soda 3D PDF Reader Toolbar - {64C9D46E-8F8B-4158-9780-A6581C7439B1} - C:\Program Files (x86)\Soda 3D PDF Reader\PDFIEPlugin.dll [2011-12-23] (LULU Software)
Toolbar: HKU\S-1-5-21-1022922106-43553289-3458902837-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Mari\AppData\Roaming\Mozilla\Firefox\Profiles\byp7pn5n.default
FF Homepage: hxxp://www.farmerama.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-07] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2010-12-27] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-07] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-10-31] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2013-03-25] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2010-09-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2010-09-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1022922106-43553289-3458902837-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mari\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2011-03-02] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1022922106-43553289-3458902837-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll [2012-07-25] (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2011-12-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2011-12-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2011-12-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2011-12-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2011-12-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2011-12-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2011-12-17] (Apple Inc.)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Mari\AppData\Roaming\Mozilla\Firefox\Profiles\byp7pn5n.default\Extensions\adblockpopups@jessehakanen.net.xpi [2012-03-21]
FF Extension: OpenFarm Beta - C:\Users\Mari\AppData\Roaming\Mozilla\Firefox\Profiles\byp7pn5n.default\Extensions\jid0-LNZz8gri2ybpbeKiJ0pKzBEqjFM@jetpack.xpi [2013-08-18]
FF Extension: Adblock Plus - C:\Users\Mari\AppData\Roaming\Mozilla\Firefox\Profiles\byp7pn5n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-08-25]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-08-25]
FF HKLM-x32\...\Thunderbird\Extensions: [avgthb@avg.com] - C:\Program Files (x86)\AVG\AVG2012\Thunderbird

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=MDNB&bmod=MDNB
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2011-07-03]
CHR Extension: (Google News) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2013-10-09]
CHR Extension: (Trusted Shops-Erweiterung für Google Chrome) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcpnemckonbbmnoakbjgjkgokkbaeo [2015-03-13]
CHR Extension: (CHIP Online) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhjmdobefakhdbfdpnnopoaldabldbgd [2013-08-24]
CHR Extension: (AdBlock) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-06-05]
CHR Extension: (Inoreader - RSS, News and Social Reader) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhglljfmpijadbpkalkclnhlncncdono [2013-10-09]
CHR Extension: (Isoball 3) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj [2011-10-29]
CHR Extension: (Northern Lights) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbnkklencjcmkepldaineciclcheaoef [2013-11-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [96768 2012-07-13] (Freemake) [File not signed]
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [159752 2010-04-24] ()
S4 Soda 3D PDF Reader Helper Service; C:\Program Files (x86)\Soda 3D PDF Reader\HelperService.exe [821592 2011-12-23] (LULU Software)
S4 Soda 3D PDF Reader Service; C:\Program Files (x86)\Soda 3D PDF Reader\ConversionService.exe [892760 2011-12-23] (LULU Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [281056 2015-03-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [341472 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [133088 2015-02-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [284128 2015-02-25] (AVG Technologies CZ, s.r.o.)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-12] (PEGATRON)
R1 SLEE_16_DRIVER; C:\Windows\Sleen1664.sys [85952 2008-10-01] (Softwareentwicklung Remus - ArchiCrypt )

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-09 18:47 - 2015-04-09 18:47 - 00000000 ____D () C:\FRST
2015-03-25 11:21 - 2015-03-25 11:21 - 00281056 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-03-11 11:35 - 2015-03-11 11:35 - 00001402 _____ () C:\Users\Mari\Desktop\Nostale.exe - Verknüpfung.lnk
2015-03-11 11:32 - 2015-03-15 01:13 - 00000000 ____D () C:\Program Files (x86)\NosTale
2015-03-10 12:19 - 2015-03-10 12:19 - 00000356 _____ () C:\Windows\PFRO.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-09 18:33 - 2013-10-08 12:25 - 01834221 _____ () C:\Windows\WindowsUpdate.log
2015-04-09 18:29 - 2013-05-22 13:20 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-09 18:20 - 2011-04-12 23:07 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-09 18:16 - 2011-04-12 22:31 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-05 15:26 - 2009-07-14 06:45 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-05 15:26 - 2009-07-14 06:45 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-04 19:10 - 2010-05-12 11:33 - 00610436 _____ () C:\Windows\system32\perfh01F.dat
2015-04-04 19:10 - 2010-05-12 11:33 - 00121760 _____ () C:\Windows\system32\perfc01F.dat
2015-04-04 19:10 - 2010-05-12 11:21 - 00679576 _____ () C:\Windows\system32\prfh0816.dat
2015-04-04 19:10 - 2010-05-12 11:21 - 00133986 _____ () C:\Windows\system32\prfc0816.dat
2015-04-04 19:10 - 2010-05-12 11:13 - 00689960 _____ () C:\Windows\system32\perfh015.dat
2015-04-04 19:10 - 2010-05-12 11:13 - 00135074 _____ () C:\Windows\system32\perfc015.dat
2015-04-04 19:10 - 2010-05-12 11:05 - 00691426 _____ () C:\Windows\system32\perfh013.dat
2015-04-04 19:10 - 2010-05-12 11:05 - 00133174 _____ () C:\Windows\system32\perfc013.dat
2015-04-04 19:10 - 2010-05-12 10:57 - 00689342 _____ () C:\Windows\system32\perfh010.dat
2015-04-04 19:10 - 2010-05-12 10:57 - 00127378 _____ () C:\Windows\system32\perfc010.dat
2015-04-04 19:10 - 2010-05-12 10:51 - 00632414 _____ () C:\Windows\system32\perfh00E.dat
2015-04-04 19:10 - 2010-05-12 10:51 - 00148544 _____ () C:\Windows\system32\perfc00E.dat
2015-04-04 19:10 - 2010-05-12 10:44 - 00694664 _____ () C:\Windows\system32\perfh00C.dat
2015-04-04 19:10 - 2010-05-12 10:44 - 00130374 _____ () C:\Windows\system32\perfc00C.dat
2015-04-04 19:10 - 2010-05-12 10:36 - 00693688 _____ () C:\Windows\system32\perfh00A.dat
2015-04-04 19:10 - 2010-05-12 10:36 - 00137296 _____ () C:\Windows\system32\perfc00A.dat
2015-04-04 19:10 - 2010-05-12 10:30 - 00552004 _____ () C:\Windows\system32\perfh008.dat
2015-04-04 19:10 - 2010-05-12 10:30 - 00089670 _____ () C:\Windows\system32\perfc008.dat
2015-04-04 19:10 - 2010-05-12 10:18 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2015-04-04 19:10 - 2010-05-12 10:18 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2015-04-04 19:10 - 2009-07-14 07:13 - 08573400 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-04 19:06 - 2010-12-27 21:38 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-04 19:05 - 2015-01-03 22:08 - 00002421 _____ () C:\Windows\setupact.log
2015-04-04 19:05 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-01 14:04 - 2014-10-21 11:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-03-10 12:19 - 2014-09-26 22:55 - 00000000 ____D () C:\Program Files (x86)\OXXOGames
2015-03-10 11:45 - 2013-01-19 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-03-10 00:45 - 2014-12-08 00:55 - 00000000 ____D () C:\Users\Mari\Documents\Auszüge
2015-03-10 00:44 - 2013-05-18 19:07 - 00083968 ___SH () C:\Users\Mari\Thumbs.db

==================== Files in the root of some directories =======

2013-08-20 22:52 - 2014-11-19 00:39 - 0007597 _____ () C:\Users\Mari\AppData\Local\Resmon.ResmonCfg
2011-04-17 00:54 - 2011-04-17 00:54 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-07 16:50

==================== End Of Log ============================
Addition.txt

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Mari at 2015-04-09 18:49:09
Running from C:\Users\Mari\Documents\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.880 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.615 - Adobe Systems, Inc.)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.4.1217.35202 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.4.1217.35202 - Alcor Micro Corp.) Hidden
Amazon Kindle (HKU\S-1-5-21-1022922106-43553289-3458902837-1001\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3-Downloader 1.0.15 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.15 - Amazon Services LLC)
Amazon Music (HKU\S-1-5-21-1022922106-43553289-3458902837-1001\...\Amazon Amazon Music) (Version: 3.6.0.671 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.26 - Atheros Communications Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5863 - AVG Technologies)
AVG 2015 (Version: 15.0.4328 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5863 - AVG Technologies) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.13 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2602 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2326 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2626 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-1022922106-43553289-3458902837-1001\...\Dropbox) (Version: 2.8.4 - Dropbox, Inc.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Freemake Audio Converter Version 1.1.0 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.0 - Ellora Assets Corporation)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Drive (HKLM-x32\...\{6C36881B-0E51-4231-9D02-BF2149664D34}) (Version: 1.20.8672.3137 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
iCloud (HKLM\...\{D0CB24F4-084F-40DE-B6B9-A03626E682F0}) (Version: 2.1.1.3 - Apple Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2119 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
iTunes (HKLM\...\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}) (Version: 11.0.1.12 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java(TM) 6 Update 23 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416023FF}) (Version: 6.0.230 - Oracle)
Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.1505 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.1505 - CyberLink Corp.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 23.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 23.0.1 (x86 de)) (Version: 23.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 23.0.1 - Mozilla)
Mozilla Thunderbird 11.0.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 11.0.1 (x86 de)) (Version: 11.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5957 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.5957 - NVIDIA Corporation)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{A68C62E8-B243-4777-89BB-12173DFA1D45}) (Version: 1.0.1 - OLYMPUS IMAGING CORP.)
OLYMPUS Viewer 2 (HKLM-x32\...\{7177EE4E-3D1D-4F45-85B5-B93DC758BA0B}) (Version: 1.1.1 - OLYMPUS IMAGING CORP.)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0017 - Pegatron Corporation)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6136 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0148 - REALTEK Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Soda 3D PDF Reader (HKLM-x32\...\{1CBB6DE3-43F0-409D-8DD3-0171B498DE01}) (Version: 1.0.154.2600 - LULU Software)
Steganos Safe OEM (HKLM-x32\...\{9A4F72EE-8378-49BD-8C10-301E25907B5B}) (Version: 10.0.2 - Steganos GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.4.0 - Synaptics Incorporated)
Unity Web Player (HKU\S-1-5-21-1022922106-43553289-3458902837-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
Versandhelfer (HKLM-x32\...\dpdhl.versandhelfer.medionlap.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1) (Version: 0.9.511 - Deutsche Post AG)
Versandhelfer (x32 Version: 0.9.511 - Deutsche Post AG) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1022922106-43553289-3458902837-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Mari\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1022922106-43553289-3458902837-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1022922106-43553289-3458902837-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1022922106-43553289-3458902837-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1022922106-43553289-3458902837-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {23C618FB-0145-44C5-BD22-9FEBEA89CC3B} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {5A6957DE-BEE5-4100-AA0F-FDCF77409851} - System32\Tasks\{A6E7A91E-15FA-496D-837D-EFCBF1E960F6} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {6BBCBC01-7A2E-4084-9744-5686B4D053D4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {A609E222-1BCE-4989-BF53-FE2D6DED26C2} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {AD1192FE-B75A-4BFC-A506-10DABEF079CE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-07] (Adobe Systems Incorporated)
Task: {B6206ED6-A780-4E6E-BECA-5C06F2EBE66D} - System32\Tasks\{14F5F9BD-017B-40BD-A119-D08B02A9DE0C} => pcalua.exe -a "C:\Users\Mari\Desktop\OpenOffice.org 3.4.1 (de) Installation Files\setup.exe" -d "C:\Users\Mari\Desktop\OpenOffice.org 3.4.1 (de) Installation Files"
Task: {C808EF94-0306-4F68-9FAA-494D749EE5DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe

==================== Loaded Modules (whitelisted) ==============

2010-12-27 21:51 - 2009-12-19 01:40 - 00104968 ____R () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
2010-12-27 21:51 - 2010-04-24 04:13 - 00159752 ____R () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2010-12-27 21:51 - 2010-01-13 03:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2010-12-27 21:51 - 2010-01-13 03:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2012-01-10 22:12 - 2012-01-10 22:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-06-18 00:12 - 2014-10-15 07:35 - 06281024 _____ () C:\Users\Mari\AppData\Local\Amazon Music\Amazon Music Helper.exe
2010-12-27 21:51 - 2010-01-16 05:13 - 00589320 ____R () C:\Program Files (x86)\PHotkey\PVDesktop.exe
2010-12-27 21:51 - 2009-12-19 01:20 - 00462856 ____R () C:\Program Files (x86)\PHotkey\PVDAgent.exe
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-12-27 21:51 - 2009-12-19 01:41 - 00129544 ____R () C:\Program Files (x86)\PHotkey\GFNEX.dll
2009-11-03 00:20 - 2009-11-03 00:20 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-03 00:23 - 2009-11-03 00:23 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2015-04-04 00:34 - 2015-03-30 23:07 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libglesv2.dll
2015-04-04 00:34 - 2015-03-30 23:07 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libegl.dll
2015-04-04 00:34 - 2015-03-30 23:07 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1022922106-43553289-3458902837-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Mari\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Soda 3D PDF Reader Helper Service => 3
MSCONFIG\Services: Soda 3D PDF Reader Service => 2
MSCONFIG\startupfolder: C:^Users^Mari^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Amazon Music => "C:\Users\Mari\AppData\Local\Amazon Music\Amazon Music Helper.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"

==================== Accounts: =============================

Administrator (S-1-5-21-1022922106-43553289-3458902837-500 - Administrator - Disabled)
Gast (S-1-5-21-1022922106-43553289-3458902837-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1022922106-43553289-3458902837-1003 - Limited - Enabled)
Mari (S-1-5-21-1022922106-43553289-3458902837-1001 - Administrator - Enabled) => C:\Users\Mari
UpdatusUser (S-1-5-21-1022922106-43553289-3458902837-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/06/2015 02:08:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3105

Error: (04/06/2015 02:08:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3105

Error: (04/06/2015 02:08:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/06/2015 02:08:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2044

Error: (04/06/2015 02:08:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2044

Error: (04/06/2015 02:08:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/06/2015 02:08:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1030

Error: (04/06/2015 02:08:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1030

Error: (04/06/2015 02:08:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/06/2015 01:53:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7719288


System errors:
=============
Error: (04/04/2015 07:05:35 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎04.‎04.‎2015 um 19:03:35 unerwartet heruntergefahren.

Error: (04/02/2015 08:53:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Freemake Improver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/02/2015 08:53:41 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Freemake Improver erreicht.

Error: (03/21/2015 05:17:18 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎21.‎03.‎2015 um 15:39:40 unerwartet heruntergefahren.

Error: (03/14/2015 08:56:06 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎14.‎03.‎2015 um 19:54:16 unerwartet heruntergefahren.

Error: (03/14/2015 08:35:59 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst avgwd erreicht.

Error: (03/14/2015 08:33:18 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst avgwd erreicht.

Error: (03/14/2015 08:27:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst avgwd erreicht.

Error: (03/14/2015 08:24:57 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst avgwd erreicht.

Error: (03/14/2015 08:23:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst avgwd erreicht.


Microsoft Office Sessions:
=========================
Error: (04/06/2015 02:08:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3105

Error: (04/06/2015 02:08:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3105

Error: (04/06/2015 02:08:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/06/2015 02:08:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2044

Error: (04/06/2015 02:08:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2044

Error: (04/06/2015 02:08:01 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/06/2015 02:08:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1030

Error: (04/06/2015 02:08:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1030

Error: (04/06/2015 02:08:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/06/2015 01:53:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7719288


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 72%
Total physical RAM: 3893.07 MB
Available physical RAM: 1062.62 MB
Total Pagefile: 7784.28 MB
Available Pagefile: 3897.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:256.99 GB) (Free:188.57 GB) NTFS
Drive d: (Recover) (Fixed) (Total:40 GB) (Free:20.96 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 29DD2CD8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=257 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=40 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
vielleicht könnt ihr mir helfen, den Trojaner wieder loszuwerden

vielen Dank schonmal
Liebe Grüße Ellaspirella

Alt 09.04.2015, 18:22   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert - Standard

Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert


hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________
Alt 09.04.2015, 19:34   #3
Ellaspirella
 
Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert - Standard

Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert


vielen Dank für die schnelle Antwort

hier die Ergebnisse
1. mbar-log

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.04.09.06
  rootkit: v2015.03.31.01

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Mari :: MARINIX [administrator]

09.04.2015 19:32:17
mbar-log-2015-04-09 (19-32-17).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 395085
Time elapsed: 21 minute(s), 1 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Program Files (x86)\Steganos Safe OEM\dllregister.exe (Adware.Agent.ZGen) -> Delete on reboot. [2b5f303ae3a7f640536a7b27a75951af]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
2. mbar log

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.04.09.06
  rootkit: v2015.03.31.01

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Mari :: MARINIX [administrator]

09.04.2015 20:00:46
mbar-log-2015-04-09 (20-00-46).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 394615
Time elapsed: 19 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
TDSS Killer hat nichts gefunden, hier der logfile
Code:
ATTFilter
20:08:03.0391 0x0c30  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
20:08:14.0691 0x0c30  ============================================================
20:08:14.0691 0x0c30  Current date / time: 2015/04/09 20:08:14.0691
20:08:14.0691 0x0c30  SystemInfo:
20:08:14.0692 0x0c30  
20:08:14.0692 0x0c30  OS Version: 6.1.7600 ServicePack: 0.0
20:08:14.0692 0x0c30  Product type: Workstation
20:08:14.0692 0x0c30  ComputerName: MARINIX
20:08:14.0692 0x0c30  UserName: Mari
20:08:14.0692 0x0c30  Windows directory: C:\Windows
20:08:14.0692 0x0c30  System windows directory: C:\Windows
20:08:14.0692 0x0c30  Running under WOW64
20:08:14.0692 0x0c30  Processor architecture: Intel x64
20:08:14.0692 0x0c30  Number of processors: 4
20:08:14.0692 0x0c30  Page size: 0x1000
20:08:14.0692 0x0c30  Boot type: Normal boot
20:08:14.0692 0x0c30  ============================================================
20:08:15.0768 0x0c30  KLMD registered as C:\Windows\system32\drivers\41552640.sys
20:08:16.0661 0x0c30  System UUID: {FCD4D191-064E-3165-FCD6-561D31AFEAD5}
20:08:18.0038 0x0c30  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:08:18.0049 0x0c30  ============================================================
20:08:18.0049 0x0c30  \Device\Harddisk0\DR0:
20:08:18.0053 0x0c30  MBR partitions:
20:08:18.0053 0x0c30  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:08:18.0053 0x0c30  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x201FA800
20:08:18.0053 0x0c30  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2022D000, BlocksNum 0x5000000
20:08:18.0053 0x0c30  ============================================================
20:08:18.0080 0x0c30  C: <-> \Device\Harddisk0\DR0\Partition2
20:08:18.0124 0x0c30  D: <-> \Device\Harddisk0\DR0\Partition3
20:08:18.0124 0x0c30  ============================================================
20:08:18.0124 0x0c30  Initialize success
20:08:18.0124 0x0c30  ============================================================
20:20:37.0057 0x0ca8  ============================================================
20:20:37.0057 0x0ca8  Scan started
20:20:37.0057 0x0ca8  Mode: Manual; 
20:20:37.0057 0x0ca8  ============================================================
20:20:37.0057 0x0ca8  KSN ping started
20:20:40.0574 0x0ca8  KSN ping finished: true
20:20:41.0873 0x0ca8  ================ Scan system memory ========================
20:20:41.0873 0x0ca8  System memory - ok
20:20:41.0874 0x0ca8  ================ Scan services =============================
20:20:42.0072 0x0ca8  [ 969C91060CBB5D17CB8440B5F78B4C51, 9B5754DDACA15B11DB4D22B0473360C72CFA854AD4AD57546AF3B3C63AAE7759 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
20:20:42.0087 0x0ca8  1394ohci - ok
20:20:42.0395 0x0ca8  [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
20:20:42.0415 0x0ca8  ACPI - ok
20:20:42.0461 0x0ca8  [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
20:20:42.0463 0x0ca8  AcpiPmi - ok
20:20:42.0547 0x0ca8  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:20:42.0552 0x0ca8  AdobeARMservice - ok
20:20:42.0713 0x0ca8  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:20:42.0729 0x0ca8  AdobeFlashPlayerUpdateSvc - ok
20:20:42.0797 0x0ca8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
20:20:42.0828 0x0ca8  adp94xx - ok
20:20:42.0890 0x0ca8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
20:20:42.0911 0x0ca8  adpahci - ok
20:20:42.0950 0x0ca8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
20:20:42.0962 0x0ca8  adpu320 - ok
20:20:43.0009 0x0ca8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:20:43.0015 0x0ca8  AeLookupSvc - ok
20:20:43.0087 0x0ca8  [ DB9D6C6B2CD95A9CA414D045B627422E, A4A0B2ACBFE311C20EF9F06A49DBE02CE90433C2364B292F6E8F78F6C274DF88 ] AFD             C:\Windows\system32\drivers\afd.sys
20:20:43.0117 0x0ca8  AFD - ok
20:20:43.0154 0x0ca8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
20:20:43.0159 0x0ca8  agp440 - ok
20:20:43.0197 0x0ca8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
20:20:43.0204 0x0ca8  ALG - ok
20:20:43.0225 0x0ca8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
20:20:43.0228 0x0ca8  aliide - ok
20:20:43.0244 0x0ca8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
20:20:43.0247 0x0ca8  amdide - ok
20:20:43.0282 0x0ca8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
20:20:43.0288 0x0ca8  AmdK8 - ok
20:20:43.0299 0x0ca8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
20:20:43.0304 0x0ca8  AmdPPM - ok
20:20:43.0345 0x0ca8  [ EC7EBAB00A4D8448BAB68D1E49B4BEB9, 786B30C86FA7FEC6BA2569FF818044AA0F7C134693304ED0FF7BD0541F9A755F ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:20:43.0352 0x0ca8  amdsata - ok
20:20:43.0390 0x0ca8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
20:20:43.0403 0x0ca8  amdsbs - ok
20:20:43.0424 0x0ca8  [ DB27766102C7BF7E95140A2AA81D042E, 489F812B596EA06E53D891CD05047AA17CDF752854BBD553BA65D10799AF78DF ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:20:43.0427 0x0ca8  amdxata - ok
20:20:43.0451 0x0ca8  [ 37EA167782AF19301AF9C05804948BB2, 6BAD7DB48485C65043BBD5D9376D2D225561506C7780E7D56B4C85D26DFB38FB ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
20:20:43.0454 0x0ca8  AmUStor - ok
20:20:43.0475 0x0ca8  [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID           C:\Windows\system32\drivers\appid.sys
20:20:43.0481 0x0ca8  AppID - ok
20:20:43.0498 0x0ca8  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:20:43.0502 0x0ca8  AppIDSvc - ok
20:20:43.0562 0x0ca8  [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo         C:\Windows\System32\appinfo.dll
20:20:43.0568 0x0ca8  Appinfo - ok
20:20:43.0629 0x0ca8  [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:20:43.0634 0x0ca8  Apple Mobile Device - ok
20:20:43.0666 0x0ca8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
20:20:43.0684 0x0ca8  arc - ok
20:20:43.0730 0x0ca8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
20:20:43.0752 0x0ca8  arcsas - ok
20:20:43.0838 0x0ca8  [ EFD89582B55DD32DC79C1A4EB54612A1, 7631F39174E7AE2A162F25D7069123C51274130298A3E5AE10AC1406CD948355 ] ASLDRService    C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
20:20:43.0844 0x0ca8  ASLDRService - ok
20:20:43.0878 0x0ca8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:20:43.0883 0x0ca8  AsyncMac - ok
20:20:43.0918 0x0ca8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
20:20:43.0922 0x0ca8  atapi - ok
20:20:43.0981 0x0ca8  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:20:44.0034 0x0ca8  AudioEndpointBuilder - ok
20:20:44.0081 0x0ca8  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:20:44.0115 0x0ca8  AudioSrv - ok
20:20:44.0175 0x0ca8  [ 54FE1CAFA3B3029B282E6A05EA672031, E972B8A22322FF06903A1E3AB20585E02A21C3A6EA9A75C172231494A08D14D1 ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
20:20:44.0184 0x0ca8  Avgdiska - ok
20:20:44.0502 0x0ca8  [ E2FDE8691C03525F095C8D01F005FA97, B234D8642F528550FB246127CBA24A2A115F8EAF8ED1BC8FD37562AFEBEF4978 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
20:20:44.0675 0x0ca8  AVGIDSAgent - ok
20:20:44.0743 0x0ca8  [ 079F75EE36CD275620298DA7D7636006, 323BA7B327BBE1FBEED3D16D83C2CF0DE5D0D0B9F38A86E3B93E40547FA742B7 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
20:20:44.0758 0x0ca8  AVGIDSDriver - ok
20:20:44.0805 0x0ca8  [ 68070AEEE757ACC6EC5BC291B1E8EA1A, 8A4902CE6F4696F33CD6CF98F96FDA7895B99A676916F3137CF34192AF3C25A4 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
20:20:44.0817 0x0ca8  AVGIDSHA - ok
20:20:44.0863 0x0ca8  [ 7C9E8FD2BFCE60BDF9B5944C0BE47C87, 0F51507BAECDEF7B6F553066621A03832FF070EC6837A8E304AABA1227F779BF ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
20:20:44.0876 0x0ca8  Avgldx64 - ok
20:20:44.0933 0x0ca8  [ 179835151F9B3FCC2FCB5E633D4F1A2B, 0520CF4C897BD74601CB887E583A7F45AC78B8420293CDE0F8107FB05CD2AA70 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
20:20:44.0952 0x0ca8  Avgloga - ok
20:20:44.0988 0x0ca8  [ 66B7273493BF49EE6BDECB574BC5B877, 59779808E57DCC3DF70DEC9779D09B7D62137DBBE2B535C51A08BD7A5DF8EA99 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
20:20:44.0997 0x0ca8  Avgmfx64 - ok
20:20:45.0027 0x0ca8  [ 3CE824D46BA1871713ABF147E6BAD556, B4D8AFC388BE06D6E3C5CDC865F80FF101E731E1D2B221FFC6C1E28487E1B3CD ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
20:20:45.0030 0x0ca8  Avgrkx64 - ok
20:20:45.0062 0x0ca8  [ C76F53C265E79A2DEFF020E78AF4B6BA, 663A7F8FADB4E5669AD70763CE643AB47D001C7613F2E0F1D611A6E8447CD7B0 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
20:20:45.0077 0x0ca8  Avgtdia - ok
20:20:45.0128 0x0ca8  [ DCF350D917112A03D3CDC33C8ADEA87A, 78E7B8E6575EEB07C993EA71D699443C428B3258A748236264F75571FE23D796 ] avgwd           C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
20:20:45.0143 0x0ca8  avgwd - ok
20:20:45.0182 0x0ca8  [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:20:45.0189 0x0ca8  AxInstSV - ok
20:20:45.0248 0x0ca8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
20:20:45.0278 0x0ca8  b06bdrv - ok
20:20:45.0335 0x0ca8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:20:45.0352 0x0ca8  b57nd60a - ok
20:20:45.0392 0x0ca8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:20:45.0399 0x0ca8  BDESVC - ok
20:20:45.0410 0x0ca8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:20:45.0411 0x0ca8  Beep - ok
20:20:45.0489 0x0ca8  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE             C:\Windows\System32\bfe.dll
20:20:45.0535 0x0ca8  BFE - ok
20:20:45.0622 0x0ca8  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS            C:\Windows\System32\qmgr.dll
20:20:45.0675 0x0ca8  BITS - ok
20:20:45.0711 0x0ca8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:20:45.0715 0x0ca8  blbdrive - ok
20:20:45.0811 0x0ca8  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:20:45.0835 0x0ca8  Bonjour Service - ok
20:20:45.0859 0x0ca8  [ 19D20159708E152267E53B66677A4995, 6401FA5C3EFF26BED075FEC68F868CD8D0598FDB45EA9381810615F7252F7A9A ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:20:45.0865 0x0ca8  bowser - ok
20:20:45.0881 0x0ca8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:20:45.0884 0x0ca8  BrFiltLo - ok
20:20:45.0915 0x0ca8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:20:45.0917 0x0ca8  BrFiltUp - ok
20:20:45.0964 0x0ca8  [ 6B054C67AAA87843504E8E3C09102009, 284AA58625FBDBFECB851A35407331B40BAEC141F2DCEDB9F15733BAB22F5C81 ] Browser         C:\Windows\System32\browser.dll
20:20:45.0973 0x0ca8  Browser - ok
20:20:46.0015 0x0ca8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:20:46.0035 0x0ca8  Brserid - ok
20:20:46.0057 0x0ca8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:20:46.0062 0x0ca8  BrSerWdm - ok
20:20:46.0080 0x0ca8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:20:46.0083 0x0ca8  BrUsbMdm - ok
20:20:46.0092 0x0ca8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:20:46.0097 0x0ca8  BrUsbSer - ok
20:20:46.0121 0x0ca8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
20:20:46.0130 0x0ca8  BTHMODEM - ok
20:20:46.0174 0x0ca8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
20:20:46.0181 0x0ca8  bthserv - ok
20:20:46.0207 0x0ca8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:20:46.0214 0x0ca8  cdfs - ok
20:20:46.0248 0x0ca8  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:20:46.0255 0x0ca8  cdrom - ok
20:20:46.0287 0x0ca8  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:20:46.0293 0x0ca8  CertPropSvc - ok
20:20:46.0312 0x0ca8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
20:20:46.0317 0x0ca8  circlass - ok
20:20:46.0358 0x0ca8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
20:20:46.0378 0x0ca8  CLFS - ok
20:20:46.0457 0x0ca8  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:20:46.0462 0x0ca8  clr_optimization_v2.0.50727_32 - ok
20:20:46.0535 0x0ca8  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:20:46.0544 0x0ca8  clr_optimization_v2.0.50727_64 - ok
20:20:46.0611 0x0ca8  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:20:46.0620 0x0ca8  clr_optimization_v4.0.30319_32 - ok
20:20:46.0653 0x0ca8  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:20:46.0662 0x0ca8  clr_optimization_v4.0.30319_64 - ok
20:20:46.0686 0x0ca8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:20:46.0688 0x0ca8  CmBatt - ok
20:20:46.0713 0x0ca8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
20:20:46.0719 0x0ca8  cmdide - ok
20:20:46.0776 0x0ca8  [ CA7720B73446FDDEC5C69519C1174C98, F24796765587CC1D653A04783B1659564F42E600DA3AFA3DED724592B291D033 ] CNG             C:\Windows\system32\Drivers\cng.sys
20:20:46.0807 0x0ca8  CNG - ok
20:20:46.0846 0x0ca8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:20:46.0849 0x0ca8  Compbatt - ok
20:20:46.0890 0x0ca8  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
20:20:46.0894 0x0ca8  CompositeBus - ok
20:20:46.0925 0x0ca8  COMSysApp - ok
20:20:46.0953 0x0ca8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
20:20:46.0956 0x0ca8  crcdisk - ok
20:20:46.0997 0x0ca8  [ BAF19B633933A9FB4883D27D66C39E9A, 2D8ABB5161736CCCADA67B3E6A8D70B0B5E1E3FE6084561891F394DA191B3439 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:20:47.0008 0x0ca8  CryptSvc - ok
20:20:47.0063 0x0ca8  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:20:47.0093 0x0ca8  DcomLaunch - ok
20:20:47.0136 0x0ca8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:20:47.0153 0x0ca8  defragsvc - ok
20:20:47.0183 0x0ca8  [ 9C253CE7311CA60FC11C774692A13208, 23507138576DB75AA8B7415140F7B5D8A90CB2661796223870461C721A36AEBF ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:20:47.0189 0x0ca8  DfsC - ok
20:20:47.0240 0x0ca8  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:20:47.0260 0x0ca8  Dhcp - ok
20:20:47.0296 0x0ca8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
20:20:47.0300 0x0ca8  discache - ok
20:20:47.0355 0x0ca8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
20:20:47.0361 0x0ca8  Disk - ok
20:20:47.0404 0x0ca8  [ 85CF424C74A1D5EC33533E1DBFF9920A, 882D5FA0D5EC053D76A0C46A6047A621D607651693CF94E5506219EECCC8D079 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:20:47.0416 0x0ca8  Dnscache - ok
20:20:47.0451 0x0ca8  [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:20:47.0468 0x0ca8  dot3svc - ok
20:20:47.0500 0x0ca8  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS             C:\Windows\system32\dps.dll
20:20:47.0511 0x0ca8  DPS - ok
20:20:47.0551 0x0ca8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:20:47.0553 0x0ca8  drmkaud - ok
20:20:47.0647 0x0ca8  [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:20:47.0707 0x0ca8  DXGKrnl - ok
20:20:47.0726 0x0ca8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
20:20:47.0737 0x0ca8  EapHost - ok
20:20:47.0967 0x0ca8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
20:20:48.0141 0x0ca8  ebdrv - ok
20:20:48.0176 0x0ca8  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] EFS             C:\Windows\System32\lsass.exe
20:20:48.0179 0x0ca8  EFS - ok
20:20:48.0265 0x0ca8  [ 47C071994C3F649F23D9CD075AC9304A, B7AA2DD6AD14F18A19620F5FB79D50C630D3750E72DD67BF8D105CC4F5CE1D46 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:20:48.0330 0x0ca8  ehRecvr - ok
20:20:48.0365 0x0ca8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
20:20:48.0378 0x0ca8  ehSched - ok
20:20:48.0445 0x0ca8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
20:20:48.0476 0x0ca8  elxstor - ok
20:20:48.0542 0x0ca8  [ 1E345F2A2D95DA3190596E691CDE9342, 9D1D48F3B749ADA598D155E11E63CD52A4EEABF9BE92A1D997D25D07CF350084 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
20:20:48.0548 0x0ca8  EPSON_PM_RPCV4_01 - ok
20:20:48.0581 0x0ca8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
20:20:48.0583 0x0ca8  ErrDev - ok
20:20:48.0661 0x0ca8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
20:20:48.0681 0x0ca8  EventSystem - ok
20:20:48.0711 0x0ca8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:20:48.0721 0x0ca8  exfat - ok
20:20:48.0753 0x0ca8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:20:48.0763 0x0ca8  fastfat - ok
20:20:48.0816 0x0ca8  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax             C:\Windows\system32\fxssvc.exe
20:20:48.0860 0x0ca8  Fax - ok
20:20:48.0887 0x0ca8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:20:48.0890 0x0ca8  fdc - ok
20:20:48.0912 0x0ca8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
20:20:48.0914 0x0ca8  fdPHost - ok
20:20:48.0930 0x0ca8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:20:48.0935 0x0ca8  FDResPub - ok
20:20:48.0969 0x0ca8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:20:48.0974 0x0ca8  FileInfo - ok
20:20:48.0989 0x0ca8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:20:48.0993 0x0ca8  Filetrace - ok
20:20:49.0018 0x0ca8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:20:49.0021 0x0ca8  flpydisk - ok
20:20:49.0062 0x0ca8  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:20:49.0082 0x0ca8  FltMgr - ok
20:20:49.0177 0x0ca8  [ CB5E4B9C319E3C6BB363EB7E58A4A051, C9DCF2C2A6AFE0A0F3E23A265843D0C423C08B2E54702C5B389CF293D9A6BAC5 ] FontCache       C:\Windows\system32\FntCache.dll
20:20:49.0244 0x0ca8  FontCache - ok
20:20:49.0298 0x0ca8  [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:20:49.0302 0x0ca8  FontCache3.0.0.0 - ok
20:20:49.0370 0x0ca8  [ 565619F1B6DA86E3C7BA75A1E60ECFCD, D2C80881CBDB322C91C010D18E7C0FD85BB0A681608EADB63289C395F896F7A8 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
20:20:49.0376 0x0ca8  Freemake Improver - ok
20:20:49.0395 0x0ca8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:20:49.0400 0x0ca8  FsDepends - ok
20:20:49.0421 0x0ca8  [ D3E3F93D67821A2DB2B3D9FAC2DC2064, 727FAA7E15A20ED3A37668D294ABDE6EAF1C87C34EE283C99EE3303E85001404 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:20:49.0424 0x0ca8  Fs_Rec - ok
20:20:49.0470 0x0ca8  [ 1F44F8559E61A8306ECC67BB1E168B7C, 5B7CDD4EDF128B48817145357BB36E2107F0D081C26004B44BFF7C63AD29D99B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:20:49.0483 0x0ca8  fvevol - ok
20:20:49.0534 0x0ca8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
20:20:49.0541 0x0ca8  gagp30kx - ok
20:20:49.0588 0x0ca8  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:20:49.0591 0x0ca8  GEARAspiWDM - ok
20:20:49.0629 0x0ca8  [ 23DEC7050B21A425562AA207ACB5CCB7, 97BF1EBA3BB30C9364B1CA49A51302E7CEE9CADD14196BF22D8C128CFAB69A73 ] GFNEXSrv        C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
20:20:49.0638 0x0ca8  GFNEXSrv - ok
20:20:49.0731 0x0ca8  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:20:49.0778 0x0ca8  gpsvc - ok
20:20:49.0851 0x0ca8  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:20:49.0857 0x0ca8  gupdate - ok
20:20:49.0884 0x0ca8  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:20:49.0890 0x0ca8  gupdatem - ok
20:20:49.0932 0x0ca8  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:20:49.0941 0x0ca8  gusvc - ok
20:20:49.0959 0x0ca8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:20:49.0962 0x0ca8  hcw85cir - ok
20:20:50.0031 0x0ca8  [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:20:50.0052 0x0ca8  HdAudAddService - ok
20:20:50.0089 0x0ca8  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:20:50.0097 0x0ca8  HDAudBus - ok
20:20:50.0130 0x0ca8  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
20:20:50.0135 0x0ca8  HECIx64 - ok
20:20:50.0169 0x0ca8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
20:20:50.0172 0x0ca8  HidBatt - ok
20:20:50.0216 0x0ca8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
20:20:50.0223 0x0ca8  HidBth - ok
20:20:50.0244 0x0ca8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
20:20:50.0249 0x0ca8  HidIr - ok
20:20:50.0273 0x0ca8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
20:20:50.0278 0x0ca8  hidserv - ok
20:20:50.0303 0x0ca8  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:20:50.0306 0x0ca8  HidUsb - ok
20:20:50.0347 0x0ca8  [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:20:50.0355 0x0ca8  hkmsvc - ok
20:20:50.0395 0x0ca8  [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:20:50.0411 0x0ca8  HomeGroupListener - ok
20:20:50.0443 0x0ca8  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:20:50.0458 0x0ca8  HomeGroupProvider - ok
20:20:50.0492 0x0ca8  [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
20:20:50.0498 0x0ca8  HpSAMD - ok
20:20:50.0566 0x0ca8  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:20:50.0610 0x0ca8  HTTP - ok
20:20:50.0623 0x0ca8  [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:20:50.0625 0x0ca8  hwpolicy - ok
20:20:50.0668 0x0ca8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:20:50.0675 0x0ca8  i8042prt - ok
20:20:50.0787 0x0ca8  [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
20:20:50.0816 0x0ca8  iaStor - ok
20:20:50.0881 0x0ca8  [ B75E45C564E944A2657167D197AB29DA, 622EA73F4D9CAE17628C18148FB241817A0AE6D80A74B099204ED27C1A750B24 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:20:50.0906 0x0ca8  iaStorV - ok
20:20:51.0004 0x0ca8  [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:20:51.0054 0x0ca8  idsvc - ok
20:20:51.0852 0x0ca8  [ F4F91789C7C7A159CE8215C1F69F2A85, E60155402FB647B55EAD6B090204A1AA497294D473A7CCF850BB21C0DCCCB49C ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
20:20:52.0665 0x0ca8  igfx - ok
20:20:52.0737 0x0ca8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
20:20:52.0741 0x0ca8  iirsp - ok
20:20:52.0818 0x0ca8  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT          C:\Windows\System32\ikeext.dll
20:20:52.0868 0x0ca8  IKEEXT - ok
20:20:52.0908 0x0ca8  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
20:20:52.0919 0x0ca8  Impcd - ok
20:20:53.0109 0x0ca8  [ 2FAAEA2DC2719E67FD7C0D51F9E743F7, 4F56CB5A0309607EC7DC466E6DC7425DAB34D7194F64C4C258BAEC429A7DB303 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:20:53.0250 0x0ca8  IntcAzAudAddService - ok
20:20:53.0290 0x0ca8  [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
20:20:53.0307 0x0ca8  IntcDAud - ok
20:20:53.0341 0x0ca8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
20:20:53.0346 0x0ca8  intelide - ok
20:20:53.0378 0x0ca8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:20:53.0384 0x0ca8  intelppm - ok
20:20:53.0420 0x0ca8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:20:53.0429 0x0ca8  IPBusEnum - ok
20:20:53.0456 0x0ca8  [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:20:53.0462 0x0ca8  IpFilterDriver - ok
20:20:53.0512 0x0ca8  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:20:53.0543 0x0ca8  iphlpsvc - ok
20:20:53.0583 0x0ca8  [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
20:20:53.0588 0x0ca8  IPMIDRV - ok
20:20:53.0602 0x0ca8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:20:53.0611 0x0ca8  IPNAT - ok
20:20:53.0750 0x0ca8  [ 0F261EC4F514926177C70C1832374231, 7E61B89FE2651C0C7951E10454267174550677DEAB1C497571A9B0B583687304 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:20:53.0789 0x0ca8  iPod Service - ok
20:20:53.0817 0x0ca8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:20:53.0819 0x0ca8  IRENUM - ok
20:20:53.0831 0x0ca8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
20:20:53.0834 0x0ca8  isapnp - ok
20:20:53.0873 0x0ca8  [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
20:20:53.0888 0x0ca8  iScsiPrt - ok
20:20:53.0924 0x0ca8  [ BD5BF20EC242E003A2F570B8754A56D1, B4B3492222E98BF8E6EC453E727187FF4AA50A508D1E88A0CBBD5C46355AE492 ] ivusb           C:\Windows\system32\DRIVERS\ivusb.sys
20:20:53.0927 0x0ca8  ivusb - ok
20:20:53.0964 0x0ca8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:20:53.0969 0x0ca8  kbdclass - ok
20:20:54.0006 0x0ca8  [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:20:54.0010 0x0ca8  kbdhid - ok
20:20:54.0033 0x0ca8  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] KeyIso          C:\Windows\system32\lsass.exe
20:20:54.0038 0x0ca8  KeyIso - ok
20:20:54.0070 0x0ca8  [ 4F4B5FDE429416877DE7143044582EB5, A28FFEA078DBD91F3CC28088810EEEB727107B3F0F48370B44D87DC8F8C55B99 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:20:54.0079 0x0ca8  KSecDD - ok
20:20:54.0102 0x0ca8  [ 6F40465A44ECDC1731BEFAFEC5BDD03C, 317334D414D0AF73CB4D9CA11EA80C641E786760B8800F2795D0CB38378DBB80 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:20:54.0112 0x0ca8  KSecPkg - ok
20:20:54.0131 0x0ca8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:20:54.0132 0x0ca8  ksthunk - ok
20:20:54.0186 0x0ca8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:20:54.0210 0x0ca8  KtmRm - ok
20:20:54.0239 0x0ca8  [ 55480B9C63F3F91A8EBBADCBF28FE581, 5B4BC3F0307B0697DD08DD8AAD4B9EAE99EDD3B33B85D9293D183684D5057293 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
20:20:54.0245 0x0ca8  L1C - ok
20:20:54.0292 0x0ca8  [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:20:54.0309 0x0ca8  LanmanServer - ok
20:20:54.0340 0x0ca8  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:20:54.0350 0x0ca8  LanmanWorkstation - ok
20:20:54.0400 0x0ca8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:20:54.0405 0x0ca8  lltdio - ok
20:20:54.0443 0x0ca8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:20:54.0463 0x0ca8  lltdsvc - ok
20:20:54.0489 0x0ca8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:20:54.0493 0x0ca8  lmhosts - ok
20:20:54.0567 0x0ca8  [ 6D515466AB8BFE61184092B635AE6EB4, 86CEF8700AF4D848DCF5DF217A7588C04F7F0BCEEB10B971E7C0368D8F8E1FAC ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:20:54.0584 0x0ca8  LMS - ok
20:20:54.0621 0x0ca8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
20:20:54.0630 0x0ca8  LSI_FC - ok
20:20:54.0679 0x0ca8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
20:20:54.0687 0x0ca8  LSI_SAS - ok
20:20:54.0707 0x0ca8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:20:54.0713 0x0ca8  LSI_SAS2 - ok
20:20:54.0753 0x0ca8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:20:54.0762 0x0ca8  LSI_SCSI - ok
20:20:54.0791 0x0ca8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:20:54.0797 0x0ca8  luafv - ok
20:20:54.0828 0x0ca8  [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:20:54.0836 0x0ca8  Mcx2Svc - ok
20:20:54.0850 0x0ca8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
20:20:54.0854 0x0ca8  megasas - ok
20:20:54.0888 0x0ca8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
20:20:54.0905 0x0ca8  MegaSR - ok
20:20:54.0929 0x0ca8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
20:20:54.0936 0x0ca8  MMCSS - ok
20:20:54.0957 0x0ca8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
20:20:54.0960 0x0ca8  Modem - ok
20:20:54.0994 0x0ca8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:20:54.0996 0x0ca8  monitor - ok
20:20:55.0020 0x0ca8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:20:55.0024 0x0ca8  mouclass - ok
20:20:55.0059 0x0ca8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:20:55.0062 0x0ca8  mouhid - ok
20:20:55.0087 0x0ca8  [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:20:55.0095 0x0ca8  mountmgr - ok
20:20:55.0163 0x0ca8  [ A35576A433F4AEB0D48976A004657CB6, F820A759119785C3FB10B0EDCF8EF9985886A9B0767ABD45B2ACAC03498B321E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:20:55.0171 0x0ca8  MozillaMaintenance - ok
20:20:55.0197 0x0ca8  [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
20:20:55.0208 0x0ca8  mpio - ok
20:20:55.0240 0x0ca8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:20:55.0245 0x0ca8  mpsdrv - ok
20:20:55.0329 0x0ca8  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:20:55.0380 0x0ca8  MpsSvc - ok
20:20:55.0411 0x0ca8  [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:20:55.0421 0x0ca8  MRxDAV - ok
20:20:55.0472 0x0ca8  [ 040D62A9D8AD28922632137ACDD984F2, D9457BDA88C2E3AA4E716C0657B77A4A3E212328CDABD5C18279B6440E1C1594 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:20:55.0483 0x0ca8  mrxsmb - ok
20:20:55.0556 0x0ca8  [ F0067552F8F9B33D7C59403AB808A3CB, 698B63528E1943BB4253BF7578DC128AA824C71BD04FF0521277E68B20656C02 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:20:55.0574 0x0ca8  mrxsmb10 - ok
20:20:55.0624 0x0ca8  [ 3C142D31DE9F2F193218A53FE2632051, 026B3A932A95D5160B64E470FC414F3D388D429317D5EAEA2D476F715C4CAE75 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:20:55.0632 0x0ca8  mrxsmb20 - ok
20:20:55.0670 0x0ca8  [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
20:20:55.0673 0x0ca8  msahci - ok
20:20:55.0715 0x0ca8  [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
20:20:55.0725 0x0ca8  msdsm - ok
20:20:55.0766 0x0ca8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
20:20:55.0776 0x0ca8  MSDTC - ok
20:20:55.0804 0x0ca8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:20:55.0808 0x0ca8  Msfs - ok
20:20:55.0832 0x0ca8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:20:55.0834 0x0ca8  mshidkmdf - ok
20:20:55.0845 0x0ca8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
20:20:55.0847 0x0ca8  msisadrv - ok
20:20:55.0896 0x0ca8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:20:55.0908 0x0ca8  MSiSCSI - ok
20:20:55.0914 0x0ca8  msiserver - ok
20:20:55.0941 0x0ca8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:20:55.0943 0x0ca8  MSKSSRV - ok
20:20:55.0964 0x0ca8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:20:55.0965 0x0ca8  MSPCLOCK - ok
20:20:55.0982 0x0ca8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:20:55.0984 0x0ca8  MSPQM - ok
20:20:56.0032 0x0ca8  [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:20:56.0055 0x0ca8  MsRPC - ok
20:20:56.0086 0x0ca8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:20:56.0089 0x0ca8  mssmbios - ok
20:20:56.0096 0x0ca8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:20:56.0099 0x0ca8  MSTEE - ok
20:20:56.0136 0x0ca8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
20:20:56.0139 0x0ca8  MTConfig - ok
20:20:56.0160 0x0ca8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
20:20:56.0165 0x0ca8  Mup - ok
20:20:56.0222 0x0ca8  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent        C:\Windows\system32\qagentRT.dll
20:20:56.0254 0x0ca8  napagent - ok
20:20:56.0312 0x0ca8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:20:56.0332 0x0ca8  NativeWifiP - ok
20:20:56.0402 0x0ca8  [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:20:56.0456 0x0ca8  NDIS - ok
20:20:56.0477 0x0ca8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:20:56.0480 0x0ca8  NdisCap - ok
20:20:56.0514 0x0ca8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:20:56.0517 0x0ca8  NdisTapi - ok
20:20:56.0532 0x0ca8  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:20:56.0536 0x0ca8  Ndisuio - ok
20:20:56.0558 0x0ca8  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:20:56.0568 0x0ca8  NdisWan - ok
20:20:56.0581 0x0ca8  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:20:56.0587 0x0ca8  NDProxy - ok
20:20:56.0618 0x0ca8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:20:56.0622 0x0ca8  NetBIOS - ok
20:20:56.0662 0x0ca8  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:20:56.0677 0x0ca8  NetBT - ok
20:20:56.0692 0x0ca8  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] Netlogon        C:\Windows\system32\lsass.exe
20:20:56.0695 0x0ca8  Netlogon - ok
20:20:56.0737 0x0ca8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
20:20:56.0760 0x0ca8  Netman - ok
20:20:56.0815 0x0ca8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
20:20:56.0843 0x0ca8  netprofm - ok
20:20:56.0878 0x0ca8  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:20:56.0886 0x0ca8  NetTcpPortSharing - ok
20:20:56.0928 0x0ca8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
20:20:56.0932 0x0ca8  nfrd960 - ok
20:20:56.0972 0x0ca8  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:20:56.0992 0x0ca8  NlaSvc - ok
20:20:57.0007 0x0ca8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:20:57.0011 0x0ca8  Npfs - ok
20:20:57.0031 0x0ca8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
20:20:57.0035 0x0ca8  nsi - ok
20:20:57.0052 0x0ca8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:20:57.0054 0x0ca8  nsiproxy - ok
20:20:57.0190 0x0ca8  [ 9A6089B056EA1B83B36424FC9D0A300E, EA60282C5A32B497921B568C1FE735F5BDB9D954DDC4E609F7F3CAE5ED823CEC ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:20:57.0281 0x0ca8  Ntfs - ok
20:20:57.0298 0x0ca8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
20:20:57.0300 0x0ca8  Null - ok
20:20:57.0340 0x0ca8  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
20:20:57.0345 0x0ca8  nusb3hub - ok
20:20:57.0386 0x0ca8  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:20:57.0397 0x0ca8  nusb3xhc - ok
20:20:58.0182 0x0ca8  [ F6168EDF9794B7A8D6D030CBA5F6BF68, 7DA45BC540BC4A8014C44F865BE81D025EFBD80672230CA01790DAB963A25C61 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:20:58.0959 0x0ca8  nvlddmkm - ok
20:20:59.0042 0x0ca8  [ FD61DF62375C92B700F34E375796BBAB, 675281E46B2D14D95B5A094BC9DC7ECD823224F6EEE8DD99E1CD2C9A7776D69C ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
20:20:59.0044 0x0ca8  nvpciflt - ok
20:20:59.0084 0x0ca8  [ A4D9C9A608A97F59307C2F2600EDC6A4, D786F4CA2D10BAC31CE14A338C442F7027D4BB2E955AB99BC44C2F241D383BBE ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:20:59.0094 0x0ca8  nvraid - ok
20:20:59.0124 0x0ca8  [ 6C1D5F70E7A6A3FD1C90D840EDC048B9, 8D5337742A0F5B04D636C163CE77D4A9B3684CF81170026912A402513B44BA77 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:20:59.0135 0x0ca8  nvstor - ok
20:20:59.0178 0x0ca8  [ EA94A1F7DA5CF16D28E50511D010CD97, 04562FBD6112042DD000833F345F0C5F542AD9DA107DDEF093D00558477D4789 ] nvsvc           C:\Windows\system32\nvvsvc.exe
20:20:59.0188 0x0ca8  nvsvc - ok
20:20:59.0315 0x0ca8  [ 2F498CD539B8E522EEF8A568A9EE4E80, 8C21728C9173DD318C411002033642174DB1D6CD79144D14923650E0B203D94A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
20:20:59.0395 0x0ca8  nvUpdatusService - ok
20:20:59.0471 0x0ca8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
20:20:59.0480 0x0ca8  nv_agp - ok
20:20:59.0499 0x0ca8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
20:20:59.0506 0x0ca8  ohci1394 - ok
20:20:59.0559 0x0ca8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:20:59.0581 0x0ca8  p2pimsvc - ok
20:20:59.0626 0x0ca8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
20:20:59.0655 0x0ca8  p2psvc - ok
20:20:59.0684 0x0ca8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
20:20:59.0691 0x0ca8  Parport - ok
20:20:59.0726 0x0ca8  [ 90061B1ACFE8CCAA5345750FFE08D8B8, 76309683FFDF380AF9C6E1D9A52E46B011A0BF1026D747181D01F3312B7541C7 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:20:59.0732 0x0ca8  partmgr - ok
20:20:59.0754 0x0ca8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:20:59.0767 0x0ca8  PcaSvc - ok
20:20:59.0807 0x0ca8  [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci             C:\Windows\system32\DRIVERS\pci.sys
20:20:59.0818 0x0ca8  pci - ok
20:20:59.0853 0x0ca8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
20:20:59.0855 0x0ca8  pciide - ok
20:20:59.0895 0x0ca8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
20:20:59.0909 0x0ca8  pcmcia - ok
20:20:59.0941 0x0ca8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:20:59.0947 0x0ca8  pcw - ok
20:20:59.0999 0x0ca8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:21:00.0040 0x0ca8  PEAUTH - ok
20:21:00.0053 0x0ca8  [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN         C:\Program Files (x86)\PHotkey\PEGAGFN.sys
20:21:00.0056 0x0ca8  PEGAGFN - ok
20:21:00.0138 0x0ca8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:21:00.0142 0x0ca8  PerfHost - ok
20:21:00.0271 0x0ca8  [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla             C:\Windows\system32\pla.dll
20:21:00.0351 0x0ca8  pla - ok
20:21:00.0413 0x0ca8  [ 98B1721B8718164293B9701B98C52D77, 27F5F00D4AA394D4D8D0A0062EDC3F944B603E07CAAEDC5CC959BA1E8C208C2A ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:21:00.0438 0x0ca8  PlugPlay - ok
20:21:00.0452 0x0ca8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:21:00.0457 0x0ca8  PNRPAutoReg - ok
20:21:00.0490 0x0ca8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:21:00.0507 0x0ca8  PNRPsvc - ok
20:21:00.0564 0x0ca8  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:21:00.0593 0x0ca8  PolicyAgent - ok
20:21:00.0630 0x0ca8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
20:21:00.0642 0x0ca8  Power - ok
20:21:00.0667 0x0ca8  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:21:00.0674 0x0ca8  PptpMiniport - ok
20:21:00.0704 0x0ca8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
20:21:00.0709 0x0ca8  Processor - ok
20:21:00.0751 0x0ca8  [ 97293447431311C06703368AD0F6C4BE, 302A3CA8F6961717D95469B20A8A71954D4ECFCDF4638238D3D44AAE5A8D9B8B ] ProfSvc         C:\Windows\system32\profsvc.dll
20:21:00.0764 0x0ca8  ProfSvc - ok
20:21:00.0775 0x0ca8  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:21:00.0778 0x0ca8  ProtectedStorage - ok
20:21:00.0808 0x0ca8  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:21:00.0815 0x0ca8  Psched - ok
20:21:00.0934 0x0ca8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
20:21:01.0021 0x0ca8  ql2300 - ok
20:21:01.0059 0x0ca8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
20:21:01.0068 0x0ca8  ql40xx - ok
20:21:01.0108 0x0ca8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
20:21:01.0125 0x0ca8  QWAVE - ok
20:21:01.0144 0x0ca8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:21:01.0147 0x0ca8  QWAVEdrv - ok
20:21:01.0179 0x0ca8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:21:01.0181 0x0ca8  RasAcd - ok
20:21:01.0212 0x0ca8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:21:01.0217 0x0ca8  RasAgileVpn - ok
20:21:01.0237 0x0ca8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
20:21:01.0246 0x0ca8  RasAuto - ok
20:21:01.0269 0x0ca8  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:21:01.0278 0x0ca8  Rasl2tp - ok
20:21:01.0313 0x0ca8  [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan          C:\Windows\System32\rasmans.dll
20:21:01.0336 0x0ca8  RasMan - ok
20:21:01.0353 0x0ca8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:21:01.0359 0x0ca8  RasPppoe - ok
20:21:01.0374 0x0ca8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:21:01.0380 0x0ca8  RasSstp - ok
20:21:01.0413 0x0ca8  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:21:01.0431 0x0ca8  rdbss - ok
20:21:01.0497 0x0ca8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
20:21:01.0499 0x0ca8  rdpbus - ok
20:21:01.0546 0x0ca8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:21:01.0547 0x0ca8  RDPCDD - ok
20:21:01.0565 0x0ca8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:21:01.0567 0x0ca8  RDPENCDD - ok
20:21:01.0584 0x0ca8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:21:01.0586 0x0ca8  RDPREFMP - ok
20:21:01.0622 0x0ca8  [ 447DE7E3DEA39D422C1504F245B668B1, C54D90D2F9405E011E490D3C2F0F64488B87B969C95E367C076BBFCFD8654909 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:21:01.0635 0x0ca8  RDPWD - ok
20:21:01.0674 0x0ca8  [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:21:01.0687 0x0ca8  rdyboost - ok
20:21:01.0720 0x0ca8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:21:01.0729 0x0ca8  RemoteAccess - ok
20:21:01.0760 0x0ca8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:21:01.0772 0x0ca8  RemoteRegistry - ok
20:21:01.0802 0x0ca8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:21:01.0809 0x0ca8  RpcEptMapper - ok
20:21:01.0821 0x0ca8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
20:21:01.0825 0x0ca8  RpcLocator - ok
20:21:01.0870 0x0ca8  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs           C:\Windows\system32\rpcss.dll
20:21:01.0899 0x0ca8  RpcSs - ok
20:21:01.0920 0x0ca8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:21:01.0924 0x0ca8  rspndr - ok
20:21:02.0023 0x0ca8  [ A5986B46C4348CB35EBB98F220948DF7, 8E8F2180735D982F3D8278441D1430E6789926983AE737546F473CB1E843B3F5 ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys
20:21:02.0086 0x0ca8  rtl8192se - ok
20:21:02.0100 0x0ca8  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] SamSs           C:\Windows\system32\lsass.exe
20:21:02.0104 0x0ca8  SamSs - ok
20:21:02.0138 0x0ca8  [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
20:21:02.0146 0x0ca8  sbp2port - ok
20:21:02.0187 0x0ca8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:21:02.0202 0x0ca8  SCardSvr - ok
20:21:02.0229 0x0ca8  [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:21:02.0232 0x0ca8  scfilter - ok
20:21:02.0325 0x0ca8  [ 624D0F5FF99428BB90A5B8A4123E918E, 90A43E6F09B56CB86A3E3851F8E5ABB74905AEB70296F4B87BEDBC3027E65E86 ] Schedule        C:\Windows\system32\schedsvc.dll
20:21:02.0391 0x0ca8  Schedule - ok
20:21:02.0421 0x0ca8  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:21:02.0426 0x0ca8  SCPolicySvc - ok
20:21:02.0458 0x0ca8  [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:21:02.0471 0x0ca8  SDRSVC - ok
20:21:02.0491 0x0ca8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:21:02.0494 0x0ca8  secdrv - ok
20:21:02.0508 0x0ca8  [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon        C:\Windows\system32\seclogon.dll
20:21:02.0513 0x0ca8  seclogon - ok
20:21:02.0529 0x0ca8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
20:21:02.0536 0x0ca8  SENS - ok
20:21:02.0565 0x0ca8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:21:02.0571 0x0ca8  SensrSvc - ok
20:21:02.0603 0x0ca8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
20:21:02.0606 0x0ca8  Serenum - ok
20:21:02.0641 0x0ca8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:21:02.0648 0x0ca8  Serial - ok
20:21:02.0687 0x0ca8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
20:21:02.0690 0x0ca8  sermouse - ok
20:21:02.0728 0x0ca8  [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:21:02.0738 0x0ca8  SessionEnv - ok
20:21:02.0765 0x0ca8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
20:21:02.0767 0x0ca8  sffdisk - ok
20:21:02.0782 0x0ca8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
20:21:02.0784 0x0ca8  sffp_mmc - ok
20:21:02.0798 0x0ca8  [ 178298F767FE638C9FEDCBDEF58BB5E4, 053D12CFEE5C54EA7D06F9C9CAE93544FE258A4825CDE2A14090BC81A96E1CF7 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
20:21:02.0801 0x0ca8  sffp_sd - ok
20:21:02.0811 0x0ca8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
20:21:02.0814 0x0ca8  sfloppy - ok
20:21:02.0852 0x0ca8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:21:02.0874 0x0ca8  SharedAccess - ok
20:21:02.0924 0x0ca8  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:21:02.0948 0x0ca8  ShellHWDetection - ok
20:21:02.0982 0x0ca8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:21:02.0986 0x0ca8  SiSRaid2 - ok
20:21:03.0020 0x0ca8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
20:21:03.0027 0x0ca8  SiSRaid4 - ok
20:21:03.0103 0x0ca8  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:21:03.0113 0x0ca8  SkypeUpdate - ok
20:21:03.0145 0x0ca8  [ 0DFAA06B71FC75D0878907A7D18F5240, 57C48A3FFAFC11E70085F246E582EAC5A68F0EAEE4C450125E54C837968EFEA7 ] SLEE_16_DRIVER  C:\Windows\Sleen1664.sys
20:21:03.0151 0x0ca8  SLEE_16_DRIVER - ok
20:21:03.0196 0x0ca8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:21:03.0202 0x0ca8  Smb - ok
20:21:03.0243 0x0ca8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:21:03.0248 0x0ca8  SNMPTRAP - ok
20:21:03.0337 0x0ca8  [ F9FDE7DFDEA905859F54B23EA62352EC, 5F5C3C81C342114EE0A51C4F78CF9FF2113DB7814A459372A4B6D4D34FB9D2AD ] Soda 3D PDF Reader Helper Service C:\Program Files (x86)\Soda 3D PDF Reader\HelperService.exe
20:21:03.0382 0x0ca8  Soda 3D PDF Reader Helper Service - ok
20:21:03.0472 0x0ca8  [ 050323983CF4A056E649179058236796, C259412C7F782A0D226322CC812FA585C0DE606302C88E6EF2362D06D95AE2D6 ] Soda 3D PDF Reader Service C:\Program Files (x86)\Soda 3D PDF Reader\ConversionService.exe
20:21:03.0522 0x0ca8  Soda 3D PDF Reader Service - ok
20:21:03.0549 0x0ca8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:21:03.0551 0x0ca8  spldr - ok
20:21:03.0616 0x0ca8  [ 567977DC43CC13C4C35ED7084C0B84D5, 93EEC3ABA66DA83157F49F056EF1CB3355122204F2BB0F8B618064AF47D59A61 ] Spooler         C:\Windows\System32\spoolsv.exe
20:21:03.0652 0x0ca8  Spooler - ok
20:21:03.0890 0x0ca8  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc          C:\Windows\system32\sppsvc.exe
20:21:04.0073 0x0ca8  sppsvc - ok
20:21:04.0116 0x0ca8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:21:04.0124 0x0ca8  sppuinotify - ok
20:21:04.0174 0x0ca8  [ 2408C0366D96BCDF63E8F1C78E4A29C5, 66F646890695B5D80536E88B1566C8765D89CFE25954ED650F6D773EFF045016 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:21:04.0202 0x0ca8  srv - ok
20:21:04.0242 0x0ca8  [ 76548F7B818881B47D8D1AE1BE9C11F8, 8F1356B07A6A55746FC71B6DB0322128941AE890850196F2B19BC01E6FC9B41C ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:21:04.0265 0x0ca8  srv2 - ok
20:21:04.0298 0x0ca8  [ 0AF6E19D39C70844C5CAA8FB0183C36E, 4494EEFDEA7198888D32E74727E5BC0AC628FFA70B1FE7EB59DBEEDC1A95D0DD ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:21:04.0308 0x0ca8  srvnet - ok
20:21:04.0344 0x0ca8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:21:04.0358 0x0ca8  SSDPSRV - ok
20:21:04.0372 0x0ca8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:21:04.0381 0x0ca8  SstpSvc - ok
20:21:04.0441 0x0ca8  [ BA696186045E49A7276B2282AFE5E1C8, 94CD2DDF0B055AEBC4BEC0EA45F2BC42E004D52953A7C78847B2CBAC5F73B73F ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:21:04.0453 0x0ca8  Stereo Service - ok
20:21:04.0488 0x0ca8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
20:21:04.0491 0x0ca8  stexstor - ok
20:21:04.0561 0x0ca8  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc          C:\Windows\System32\wiaservc.dll
20:21:04.0598 0x0ca8  stisvc - ok
20:21:04.0629 0x0ca8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:21:04.0631 0x0ca8  swenum - ok
20:21:04.0690 0x0ca8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
20:21:04.0724 0x0ca8  swprv - ok
20:21:04.0772 0x0ca8  [ BE2B928DE9AF2848289DB7A54C7E2398, A3B07D0CCE0CE228FF62757EBA90E189438C4FA82BE4B5B8FFAED6DB25F06107 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
20:21:04.0791 0x0ca8  SynTP - ok
20:21:04.0918 0x0ca8  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain         C:\Windows\system32\sysmain.dll
20:21:05.0023 0x0ca8  SysMain - ok
20:21:05.0055 0x0ca8  [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:21:05.0066 0x0ca8  TabletInputService - ok
20:21:05.0096 0x0ca8  [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:21:05.0118 0x0ca8  TapiSrv - ok
20:21:05.0134 0x0ca8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
20:21:05.0144 0x0ca8  TBS - ok
20:21:05.0286 0x0ca8  [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:21:05.0391 0x0ca8  Tcpip - ok
20:21:05.0511 0x0ca8  [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:21:05.0600 0x0ca8  TCPIP6 - ok
20:21:05.0631 0x0ca8  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:21:05.0635 0x0ca8  tcpipreg - ok
20:21:05.0660 0x0ca8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:21:05.0662 0x0ca8  TDPIPE - ok
20:21:05.0692 0x0ca8  [ 7518F7BCFD4B308ABC9192BACAF6C970, CF08E547EF4059DA3F5A2FCBA98939E84092BB6E0E37F9BBCD1E4D9EBB8A58BB ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:21:05.0695 0x0ca8  TDTCP - ok
20:21:05.0727 0x0ca8  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:21:05.0734 0x0ca8  tdx - ok
20:21:05.0748 0x0ca8  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:21:05.0753 0x0ca8  TermDD - ok
20:21:05.0811 0x0ca8  [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService     C:\Windows\System32\termsrv.dll
20:21:05.0846 0x0ca8  TermService - ok
20:21:05.0866 0x0ca8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
20:21:05.0873 0x0ca8  Themes - ok
20:21:05.0904 0x0ca8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
20:21:05.0910 0x0ca8  THREADORDER - ok
20:21:05.0933 0x0ca8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
20:21:05.0944 0x0ca8  TrkWks - ok
20:21:06.0003 0x0ca8  [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:21:06.0015 0x0ca8  TrustedInstaller - ok
20:21:06.0033 0x0ca8  [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:21:06.0036 0x0ca8  tssecsrv - ok
20:21:06.0081 0x0ca8  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:21:06.0090 0x0ca8  tunnel - ok
20:21:06.0111 0x0ca8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
20:21:06.0116 0x0ca8  uagp35 - ok
20:21:06.0160 0x0ca8  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:21:06.0180 0x0ca8  udfs - ok
20:21:06.0216 0x0ca8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:21:06.0222 0x0ca8  UI0Detect - ok
20:21:06.0253 0x0ca8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
20:21:06.0258 0x0ca8  uliagpkx - ok
20:21:06.0304 0x0ca8  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:21:06.0308 0x0ca8  umbus - ok
20:21:06.0330 0x0ca8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
20:21:06.0332 0x0ca8  UmPass - ok
20:21:06.0535 0x0ca8  [ 0FADD949576A164B4E51E716F46B6C33, 34B33EC767FFCF58647090F5293DD1942BA9CDC5AB9976528DE3793EF327D48E ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:21:06.0657 0x0ca8  UNS - ok
20:21:06.0719 0x0ca8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
20:21:06.0741 0x0ca8  upnphost - ok
20:21:06.0777 0x0ca8  [ 43228F8EDD1B0BCDD3145AD246E63D39, 108D8793E9F94C0A0E895398599B359121751F2E7BAA8B7BD24838AEF646726D ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
20:21:06.0782 0x0ca8  USBAAPL64 - ok
20:21:06.0813 0x0ca8  [ 7B6A127C93EE590E4D79A5F2A76FE46F, 6F178916EF6D58D1E5B26C0D9D95C276B776505BFC9F716BB1E3ABD3B2B72FCE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:21:06.0820 0x0ca8  usbccgp - ok
20:21:06.0850 0x0ca8  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
20:21:06.0858 0x0ca8  usbcir - ok
20:21:06.0887 0x0ca8  [ 92969BA5AC44E229C55A332864F79677, 4ED1E1049E7641D3FFF5D296F2D59060225CE52AB9F7B5CA618898B46A772F98 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
20:21:06.0890 0x0ca8  usbehci - ok
20:21:06.0951 0x0ca8  [ E7DF1CFD28CA86B35EF5ADD0735CEEF3, AA751288EC34D61D934D7E8C036B60BBCEDC2A746815623478BB015D87D6A998 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:21:06.0970 0x0ca8  usbhub - ok
20:21:06.0988 0x0ca8  [ F1BB1E55F1E7A65C5839CCC7B36D773E, 4F517F81FA5688D78D3627EA7D2EA16AD4EB410D7624FE483C7AF26951E579A9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:21:06.0991 0x0ca8  usbohci - ok
20:21:07.0010 0x0ca8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:21:07.0013 0x0ca8  usbprint - ok
20:21:07.0039 0x0ca8  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
20:21:07.0042 0x0ca8  usbscan - ok
20:21:07.0065 0x0ca8  [ F39983647BC1F3E6100778DDFE9DCE29, 3BD36594F7C753680DB5A4354B1D6A33FC3011631D2D56DD4B2464AA99C85F7B ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:21:07.0072 0x0ca8  USBSTOR - ok
20:21:07.0091 0x0ca8  [ BC3070350A491D84B518D7CCA9ABD36F, 96FFF9F76A93CF4806297AE7C11A5C6D1E7A9980260E6CFC960F8247D5032161 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
20:21:07.0094 0x0ca8  usbuhci - ok
20:21:07.0127 0x0ca8  [ 7CB8C573C6E4A2714402CC0A36EAB4FE, FCD65AA3723617F58F77C4DA93CE910C712B8AA9411B5C4A60DC6C684EA53C1B ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
20:21:07.0138 0x0ca8  usbvideo - ok
20:21:07.0170 0x0ca8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
20:21:07.0177 0x0ca8  UxSms - ok
20:21:07.0192 0x0ca8  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] VaultSvc        C:\Windows\system32\lsass.exe
20:21:07.0196 0x0ca8  VaultSvc - ok
20:21:07.0229 0x0ca8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
20:21:07.0232 0x0ca8  vdrvroot - ok
20:21:07.0275 0x0ca8  [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds             C:\Windows\System32\vds.exe
20:21:07.0310 0x0ca8  vds - ok
20:21:07.0339 0x0ca8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:21:07.0342 0x0ca8  vga - ok
20:21:07.0366 0x0ca8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:21:07.0368 0x0ca8  VgaSave - ok
20:21:07.0409 0x0ca8  [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
20:21:07.0422 0x0ca8  vhdmp - ok
20:21:07.0459 0x0ca8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
20:21:07.0462 0x0ca8  viaide - ok
20:21:07.0505 0x0ca8  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
20:21:07.0510 0x0ca8  volmgr - ok
20:21:07.0542 0x0ca8  [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:21:07.0563 0x0ca8  volmgrx - ok
20:21:07.0608 0x0ca8  [ 9E425AC5C9A5A973273D169F43B4F5E1, 64C9A9D4A39865E56F01B4FDE1B56034C4B2A2AEF2ABE15EC1C37911C59595B0 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:21:07.0627 0x0ca8  volsnap - ok
20:21:07.0667 0x0ca8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
20:21:07.0678 0x0ca8  vsmraid - ok
20:21:07.0806 0x0ca8  [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS             C:\Windows\system32\vssvc.exe
20:21:07.0898 0x0ca8  VSS - ok
20:21:07.0916 0x0ca8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:21:07.0919 0x0ca8  vwifibus - ok
20:21:07.0957 0x0ca8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:21:07.0962 0x0ca8  vwififlt - ok
20:21:07.0999 0x0ca8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
20:21:08.0024 0x0ca8  W32Time - ok
20:21:08.0058 0x0ca8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
20:21:08.0061 0x0ca8  WacomPen - ok
20:21:08.0088 0x0ca8  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:21:08.0094 0x0ca8  WANARP - ok
20:21:08.0116 0x0ca8  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:21:08.0121 0x0ca8  Wanarpv6 - ok
20:21:08.0227 0x0ca8  [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine        C:\Windows\system32\wbengine.exe
20:21:08.0313 0x0ca8  wbengine - ok
20:21:08.0345 0x0ca8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:21:08.0360 0x0ca8  WbioSrvc - ok
20:21:08.0410 0x0ca8  [ DD1BAE8EBFC653824D29CCF8C9054D68, 81D6640222FE276D721168745F6BB905D4E756909A9B2C706AF25465D748772D ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:21:08.0434 0x0ca8  wcncsvc - ok
20:21:08.0448 0x0ca8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:21:08.0454 0x0ca8  WcsPlugInService - ok
20:21:08.0486 0x0ca8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
20:21:08.0488 0x0ca8  Wd - ok
20:21:08.0565 0x0ca8  [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:21:08.0609 0x0ca8  Wdf01000 - ok
20:21:08.0640 0x0ca8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:21:08.0649 0x0ca8  WdiServiceHost - ok
20:21:08.0660 0x0ca8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:21:08.0669 0x0ca8  WdiSystemHost - ok
20:21:08.0709 0x0ca8  [ 733006127F235BE7C35354EBEE7B9A7B, 2C7E7030D586C36261F33F29883337695493D48CEA415D6DBA7C5635845A5B32 ] WebClient       C:\Windows\System32\webclnt.dll
20:21:08.0728 0x0ca8  WebClient - ok
20:21:08.0757 0x0ca8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:21:08.0774 0x0ca8  Wecsvc - ok
20:21:08.0791 0x0ca8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:21:08.0800 0x0ca8  wercplsupport - ok
20:21:08.0832 0x0ca8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:21:08.0841 0x0ca8  WerSvc - ok
20:21:08.0875 0x0ca8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:21:08.0876 0x0ca8  WfpLwf - ok
20:21:08.0901 0x0ca8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:21:08.0904 0x0ca8  WIMMount - ok
20:21:08.0936 0x0ca8  WinDefend - ok
20:21:08.0943 0x0ca8  WinHttpAutoProxySvc - ok
20:21:09.0012 0x0ca8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:21:09.0028 0x0ca8  Winmgmt - ok
20:21:09.0181 0x0ca8  [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:21:09.0289 0x0ca8  WinRM - ok
20:21:09.0341 0x0ca8  [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:21:09.0345 0x0ca8  WinUsb - ok
20:21:09.0410 0x0ca8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:21:09.0464 0x0ca8  Wlansvc - ok
20:21:09.0518 0x0ca8  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:21:09.0523 0x0ca8  wlcrasvc - ok
20:21:09.0711 0x0ca8  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:21:09.0823 0x0ca8  wlidsvc - ok
20:21:09.0874 0x0ca8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
20:21:09.0876 0x0ca8  WmiAcpi - ok
20:21:09.0919 0x0ca8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:21:09.0931 0x0ca8  wmiApSrv - ok
20:21:09.0953 0x0ca8  WMPNetworkSvc - ok
20:21:09.0978 0x0ca8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:21:09.0984 0x0ca8  WPCSvc - ok
20:21:10.0001 0x0ca8  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:21:10.0011 0x0ca8  WPDBusEnum - ok
20:21:10.0040 0x0ca8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:21:10.0043 0x0ca8  ws2ifsl - ok
20:21:10.0122 0x0ca8  [ 8F9F3969933C02DA96EB0F84576DB43E, C424D7B881A4DCC348433CF02044383013E32DB94CC66D1D20E1866CB3B0F952 ] wscsvc          C:\Windows\System32\wscsvc.dll
20:21:10.0132 0x0ca8  wscsvc - ok
20:21:10.0139 0x0ca8  WSearch - ok
20:21:10.0310 0x0ca8  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:21:10.0433 0x0ca8  wuauserv - ok
20:21:10.0527 0x0ca8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:21:10.0533 0x0ca8  WudfPf - ok
20:21:10.0585 0x0ca8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:21:10.0598 0x0ca8  WUDFRd - ok
20:21:10.0645 0x0ca8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:21:10.0655 0x0ca8  wudfsvc - ok
20:21:10.0690 0x0ca8  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:21:10.0708 0x0ca8  WwanSvc - ok
20:21:10.0744 0x0ca8  ================ Scan global ===============================
20:21:10.0769 0x0ca8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:21:10.0800 0x0ca8  [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll
20:21:10.0831 0x0ca8  [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll
20:21:10.0864 0x0ca8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:21:10.0904 0x0ca8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
20:21:10.0925 0x0ca8  [ Global ] - ok
20:21:10.0926 0x0ca8  ================ Scan MBR ==================================
20:21:10.0941 0x0ca8  [ 2E0FE7FC299470E30383716B164CF901 ] \Device\Harddisk0\DR0
20:21:16.0459 0x0ca8  \Device\Harddisk0\DR0 - ok
20:21:16.0460 0x0ca8  ================ Scan VBR ==================================
20:21:16.0463 0x0ca8  [ AFBCF946E9BB90B4C852AD98B6145737 ] \Device\Harddisk0\DR0\Partition1
20:21:16.0465 0x0ca8  \Device\Harddisk0\DR0\Partition1 - ok
20:21:16.0469 0x0ca8  [ 5DD399644F6D76F889250E73A4901C00 ] \Device\Harddisk0\DR0\Partition2
20:21:16.0471 0x0ca8  \Device\Harddisk0\DR0\Partition2 - ok
20:21:16.0476 0x0ca8  [ 3DF8CA21913705B725AC71032CE77577 ] \Device\Harddisk0\DR0\Partition3
20:21:16.0477 0x0ca8  \Device\Harddisk0\DR0\Partition3 - ok
20:21:16.0478 0x0ca8  ================ Scan generic autorun ======================
20:21:17.0210 0x0ca8  [ BF657386FF476CE3630F693182E37800, 03A444880214BD61EBBC80BE8298358CF4F3425C675FF6851923071FC9E2C997 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:21:17.0677 0x0ca8  RtHDVCpl - ok
20:21:17.0841 0x0ca8  [ 5E8015140DF120DDBF4C957B8DF8CDED, 6F16D471527DD718B856117FDD3DB7FC8C1FA071B75BFB6F4A39B0E648E12960 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:21:17.0926 0x0ca8  RtHDVBg - ok
20:21:18.0046 0x0ca8  [ 42EB7A79867ED8AD99349FF0F0A7F39A, AF289350D625123BB697532B53A35B48D574ADB9861A288DA68F8EC2AB6F2E3A ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
20:21:18.0062 0x0ca8  AmIcoSinglun64 - ok
20:21:18.0064 0x0ca8  SynTPEnh - ok
20:21:18.0098 0x0ca8  [ 810A5F70CEB063CEC85360394BEC2C56, FCC289B23B2347AD7C34B48E6EFB1914B5ED8D9DD397B0816D94747B168DFD64 ] C:\Windows\system32\igfxtray.exe
20:21:18.0107 0x0ca8  IgfxTray - ok
20:21:18.0155 0x0ca8  [ 2FE8F6A30802B69A3F501607F346DEEA, CD603DB6055861E9EAD397234120FBE0D3CACEFADB0D6001099CF0DA9DF1CC34 ] C:\Windows\system32\hkcmd.exe
20:21:18.0178 0x0ca8  HotKeysCmds - ok
20:21:18.0216 0x0ca8  [ CA1941B93BA45B7EA4D7D9F451B25C84, B0648762862931CB12004C92CD7A7EF8E3B1C14DD33C980A490D8AA56F7AA723 ] C:\Windows\system32\igfxpers.exe
20:21:18.0236 0x0ca8  Persistence - ok
20:21:18.0272 0x0ca8  [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
20:21:18.0278 0x0ca8  NUSB3MON - ok
20:21:18.0335 0x0ca8  [ 57B4D34232852BFE4453BE571DF90D21, 3D329499D7BCACAE5F6377F988B90714F5A8301784CDB22D5B54A2266AC50D79 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
20:21:18.0340 0x0ca8  CLMLServer - ok
20:21:18.0385 0x0ca8  [ 441AEAA45A35495644CC6530AC5BD725, 6E971A7D58A5FDDE3673CDD0A866B1C12B396633B3AA98D1278D487210D06245 ] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
20:21:18.0393 0x0ca8  YouCam Mirror Tray icon - ok
20:21:18.0395 0x0ca8  HF_G_Jul - ok
20:21:18.0400 0x0ca8  ROC_ROC_JULY_P1 - ok
20:21:18.0404 0x0ca8  ROC_ROC_NT - ok
20:21:18.0682 0x0ca8  [ 9F22AF691BB098BA98951BC3DFDD779A, E52F319D82A40A3A016C9A3624B940B97FF15C6A26229B69645C279704DDD0C9 ] C:\Program Files (x86)\AVG\AVG2015\avgui.exe
20:21:18.0839 0x0ca8  AVG_UI - ok
20:21:18.0977 0x0ca8  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:21:19.0036 0x0ca8  Sidebar - ok
20:21:19.0077 0x0ca8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:21:19.0087 0x0ca8  mctadmin - ok
20:21:19.0165 0x0ca8  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:21:19.0224 0x0ca8  Sidebar - ok
20:21:19.0237 0x0ca8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:21:19.0244 0x0ca8  mctadmin - ok
20:21:19.0317 0x0ca8  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:21:19.0376 0x0ca8  Sidebar - ok
20:21:19.0389 0x0ca8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:21:19.0396 0x0ca8  mctadmin - ok
20:21:19.0397 0x0ca8  spchecker - ok
20:21:19.0483 0x0ca8  [ 78CB1D49A6367FE5C382B853006100E3, 6540F2A8413248D59B0A665A511AB7FD43F21610A052712D5345FBBA0078B3A5 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICLE.EXE
20:21:19.0497 0x0ca8  EPSON Stylus Photo RX585 Series - ok
20:21:19.0560 0x0ca8  MobileDocuments - ok
20:21:20.0043 0x0ca8  [ 674C18BDC0EABE1C9FD363459759CA5B, BB34F0E9D8E2C5CF0CCB9E55D47C984F9F516671A15A124CC9763E6F26E15175 ] C:\Users\Mari\AppData\Local\Amazon Music\Amazon Music Helper.exe
20:21:20.0311 0x0ca8  Amazon Music - ok
20:21:20.0322 0x0ca8  Waiting for KSN requests completion. In queue: 18
20:21:21.0322 0x0ca8  Waiting for KSN requests completion. In queue: 18
20:21:22.0322 0x0ca8  Waiting for KSN requests completion. In queue: 18
20:21:23.0435 0x0ca8  AV detected via SS2: AVG AntiVirus Free Edition 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.5863 ), 0x41000 ( enabled : updated )
20:21:23.0461 0x0ca8  Win FW state via NFP2: enabled
20:21:26.0104 0x0ca8  ============================================================
20:21:26.0104 0x0ca8  Scan finished
20:21:26.0104 0x0ca8  ============================================================
20:21:26.0122 0x0c78  Detected object count: 0
20:21:26.0122 0x0c78  Actual detected object count: 0
20:22:05.0527 0x1690  ============================================================
20:22:05.0527 0x1690  Scan started
20:22:05.0527 0x1690  Mode: Manual; SigCheck; TDLFS; 
20:22:05.0527 0x1690  ============================================================
20:22:05.0527 0x1690  KSN ping started
20:22:10.0449 0x1690  KSN ping finished: true
20:22:10.0843 0x1690  ================ Scan system memory ========================
20:22:10.0843 0x1690  System memory - ok
20:22:10.0844 0x1690  ================ Scan services =============================
20:22:11.0007 0x1690  [ 969C91060CBB5D17CB8440B5F78B4C51, 9B5754DDACA15B11DB4D22B0473360C72CFA854AD4AD57546AF3B3C63AAE7759 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
20:22:11.0250 0x1690  1394ohci - ok
20:22:11.0297 0x1690  [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
20:22:11.0349 0x1690  ACPI - ok
20:22:11.0379 0x1690  [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
20:22:11.0433 0x1690  AcpiPmi - ok
20:22:11.0499 0x1690  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:22:11.0528 0x1690  AdobeARMservice - ok
20:22:11.0647 0x1690  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:22:11.0687 0x1690  AdobeFlashPlayerUpdateSvc - ok
20:22:11.0739 0x1690  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
20:22:11.0800 0x1690  adp94xx - ok
20:22:11.0847 0x1690  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
20:22:11.0899 0x1690  adpahci - ok
20:22:11.0945 0x1690  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
20:22:11.0985 0x1690  adpu320 - ok
20:22:12.0019 0x1690  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:22:12.0221 0x1690  AeLookupSvc - ok
20:22:12.0281 0x1690  [ DB9D6C6B2CD95A9CA414D045B627422E, A4A0B2ACBFE311C20EF9F06A49DBE02CE90433C2364B292F6E8F78F6C274DF88 ] AFD             C:\Windows\system32\drivers\afd.sys
20:22:12.0391 0x1690  AFD - ok
20:22:12.0423 0x1690  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
20:22:12.0455 0x1690  agp440 - ok
20:22:12.0491 0x1690  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
20:22:12.0575 0x1690  ALG - ok
20:22:12.0582 0x1690  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
20:22:12.0611 0x1690  aliide - ok
20:22:12.0630 0x1690  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
20:22:12.0655 0x1690  amdide - ok
20:22:12.0692 0x1690  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
20:22:12.0735 0x1690  AmdK8 - ok
20:22:12.0745 0x1690  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
20:22:12.0790 0x1690  AmdPPM - ok
20:22:12.0839 0x1690  [ EC7EBAB00A4D8448BAB68D1E49B4BEB9, 786B30C86FA7FEC6BA2569FF818044AA0F7C134693304ED0FF7BD0541F9A755F ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:22:12.0871 0x1690  amdsata - ok
20:22:12.0908 0x1690  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
20:22:12.0950 0x1690  amdsbs - ok
20:22:12.0968 0x1690  [ DB27766102C7BF7E95140A2AA81D042E, 489F812B596EA06E53D891CD05047AA17CDF752854BBD553BA65D10799AF78DF ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:22:12.0997 0x1690  amdxata - ok
20:22:13.0019 0x1690  [ 37EA167782AF19301AF9C05804948BB2, 6BAD7DB48485C65043BBD5D9376D2D225561506C7780E7D56B4C85D26DFB38FB ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
20:22:13.0080 0x1690  AmUStor - ok
20:22:13.0103 0x1690  [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID           C:\Windows\system32\drivers\appid.sys
20:22:13.0217 0x1690  AppID - ok
20:22:13.0250 0x1690  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:22:13.0376 0x1690  AppIDSvc - ok
20:22:13.0398 0x1690  [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo         C:\Windows\System32\appinfo.dll
20:22:13.0476 0x1690  Appinfo - ok
20:22:13.0531 0x1690  [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:22:13.0558 0x1690  Apple Mobile Device - ok
20:22:13.0594 0x1690  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
20:22:13.0627 0x1690  arc - ok
20:22:13.0650 0x1690  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
20:22:13.0684 0x1690  arcsas - ok
20:22:13.0723 0x1690  [ EFD89582B55DD32DC79C1A4EB54612A1, 7631F39174E7AE2A162F25D7069123C51274130298A3E5AE10AC1406CD948355 ] ASLDRService    C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
20:22:13.0763 0x1690  ASLDRService - ok
20:22:13.0789 0x1690  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:22:13.0910 0x1690  AsyncMac - ok
20:22:13.0929 0x1690  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
__________________
Alt 09.04.2015, 19:36   #4
Ellaspirella
 
Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert - Standard

Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert


und teil 2
Code:
ATTFilter
20:22:13.0958 0x1690  atapi - ok
20:22:14.0024 0x1690  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:22:14.0175 0x1690  AudioEndpointBuilder - ok
20:22:14.0215 0x1690  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:22:14.0348 0x1690  AudioSrv - ok
20:22:14.0392 0x1690  [ 54FE1CAFA3B3029B282E6A05EA672031, E972B8A22322FF06903A1E3AB20585E02A21C3A6EA9A75C172231494A08D14D1 ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
20:22:14.0422 0x1690  Avgdiska - ok
20:22:14.0731 0x1690  [ E2FDE8691C03525F095C8D01F005FA97, B234D8642F528550FB246127CBA24A2A115F8EAF8ED1BC8FD37562AFEBEF4978 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
20:22:14.0990 0x1690  AVGIDSAgent - ok
20:22:15.0054 0x1690  [ 079F75EE36CD275620298DA7D7636006, 323BA7B327BBE1FBEED3D16D83C2CF0DE5D0D0B9F38A86E3B93E40547FA742B7 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
20:22:15.0100 0x1690  AVGIDSDriver - ok
20:22:15.0133 0x1690  [ 68070AEEE757ACC6EC5BC291B1E8EA1A, 8A4902CE6F4696F33CD6CF98F96FDA7895B99A676916F3137CF34192AF3C25A4 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
20:22:15.0168 0x1690  AVGIDSHA - ok
20:22:15.0215 0x1690  [ 7C9E8FD2BFCE60BDF9B5944C0BE47C87, 0F51507BAECDEF7B6F553066621A03832FF070EC6837A8E304AABA1227F779BF ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
20:22:15.0250 0x1690  Avgldx64 - ok
20:22:15.0292 0x1690  [ 179835151F9B3FCC2FCB5E633D4F1A2B, 0520CF4C897BD74601CB887E583A7F45AC78B8420293CDE0F8107FB05CD2AA70 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
20:22:15.0336 0x1690  Avgloga - ok
20:22:15.0373 0x1690  [ 66B7273493BF49EE6BDECB574BC5B877, 59779808E57DCC3DF70DEC9779D09B7D62137DBBE2B535C51A08BD7A5DF8EA99 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
20:22:15.0404 0x1690  Avgmfx64 - ok
20:22:15.0428 0x1690  [ 3CE824D46BA1871713ABF147E6BAD556, B4D8AFC388BE06D6E3C5CDC865F80FF101E731E1D2B221FFC6C1E28487E1B3CD ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
20:22:15.0450 0x1690  Avgrkx64 - ok
20:22:15.0480 0x1690  [ C76F53C265E79A2DEFF020E78AF4B6BA, 663A7F8FADB4E5669AD70763CE643AB47D001C7613F2E0F1D611A6E8447CD7B0 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
20:22:15.0520 0x1690  Avgtdia - ok
20:22:15.0571 0x1690  [ DCF350D917112A03D3CDC33C8ADEA87A, 78E7B8E6575EEB07C993EA71D699443C428B3258A748236264F75571FE23D796 ] avgwd           C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
20:22:15.0615 0x1690  avgwd - ok
20:22:15.0650 0x1690  [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:22:15.0718 0x1690  AxInstSV - ok
20:22:15.0771 0x1690  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
20:22:15.0870 0x1690  b06bdrv - ok
20:22:15.0919 0x1690  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:22:15.0994 0x1690  b57nd60a - ok
20:22:16.0035 0x1690  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:22:16.0084 0x1690  BDESVC - ok
20:22:16.0104 0x1690  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:22:16.0237 0x1690  Beep - ok
20:22:16.0299 0x1690  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE             C:\Windows\System32\bfe.dll
20:22:16.0470 0x1690  BFE - ok
20:22:16.0552 0x1690  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS            C:\Windows\System32\qmgr.dll
20:22:16.0715 0x1690  BITS - ok
20:22:16.0754 0x1690  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:22:16.0799 0x1690  blbdrive - ok
20:22:16.0886 0x1690  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:22:16.0928 0x1690  Bonjour Service - ok
20:22:16.0965 0x1690  [ 19D20159708E152267E53B66677A4995, 6401FA5C3EFF26BED075FEC68F868CD8D0598FDB45EA9381810615F7252F7A9A ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:22:17.0034 0x1690  bowser - ok
20:22:17.0058 0x1690  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:22:17.0121 0x1690  BrFiltLo - ok
20:22:17.0158 0x1690  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:22:17.0207 0x1690  BrFiltUp - ok
20:22:17.0249 0x1690  [ 6B054C67AAA87843504E8E3C09102009, 284AA58625FBDBFECB851A35407331B40BAEC141F2DCEDB9F15733BAB22F5C81 ] Browser         C:\Windows\System32\browser.dll
20:22:17.0332 0x1690  Browser - ok
20:22:17.0375 0x1690  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:22:17.0449 0x1690  Brserid - ok
20:22:17.0475 0x1690  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:22:17.0521 0x1690  BrSerWdm - ok
20:22:17.0540 0x1690  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:22:17.0591 0x1690  BrUsbMdm - ok
20:22:17.0600 0x1690  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:22:17.0641 0x1690  BrUsbSer - ok
20:22:17.0655 0x1690  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
20:22:17.0716 0x1690  BTHMODEM - ok
20:22:17.0748 0x1690  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
20:22:17.0859 0x1690  bthserv - ok
20:22:17.0882 0x1690  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:22:17.0991 0x1690  cdfs - ok
20:22:18.0024 0x1690  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:22:18.0089 0x1690  cdrom - ok
20:22:18.0113 0x1690  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:22:18.0228 0x1690  CertPropSvc - ok
20:22:18.0264 0x1690  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
20:22:18.0325 0x1690  circlass - ok
20:22:18.0380 0x1690  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
20:22:18.0432 0x1690  CLFS - ok
20:22:18.0492 0x1690  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:22:18.0521 0x1690  clr_optimization_v2.0.50727_32 - ok
20:22:18.0587 0x1690  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:22:18.0615 0x1690  clr_optimization_v2.0.50727_64 - ok
20:22:18.0671 0x1690  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:22:18.0704 0x1690  clr_optimization_v4.0.30319_32 - ok
20:22:18.0737 0x1690  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:22:18.0767 0x1690  clr_optimization_v4.0.30319_64 - ok
20:22:18.0779 0x1690  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:22:18.0829 0x1690  CmBatt - ok
20:22:18.0864 0x1690  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
20:22:18.0889 0x1690  cmdide - ok
20:22:18.0941 0x1690  [ CA7720B73446FDDEC5C69519C1174C98, F24796765587CC1D653A04783B1659564F42E600DA3AFA3DED724592B291D033 ] CNG             C:\Windows\system32\Drivers\cng.sys
20:22:19.0012 0x1690  CNG - ok
20:22:19.0039 0x1690  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:22:19.0065 0x1690  Compbatt - ok
20:22:19.0090 0x1690  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
20:22:19.0151 0x1690  CompositeBus - ok
20:22:19.0158 0x1690  COMSysApp - ok
20:22:19.0188 0x1690  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
20:22:19.0213 0x1690  crcdisk - ok
20:22:19.0248 0x1690  [ BAF19B633933A9FB4883D27D66C39E9A, 2D8ABB5161736CCCADA67B3E6A8D70B0B5E1E3FE6084561891F394DA191B3439 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:22:19.0330 0x1690  CryptSvc - ok
20:22:19.0390 0x1690  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:22:19.0542 0x1690  DcomLaunch - ok
20:22:19.0588 0x1690  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:22:19.0729 0x1690  defragsvc - ok
20:22:19.0768 0x1690  [ 9C253CE7311CA60FC11C774692A13208, 23507138576DB75AA8B7415140F7B5D8A90CB2661796223870461C721A36AEBF ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:22:19.0836 0x1690  DfsC - ok
20:22:19.0874 0x1690  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:22:19.0986 0x1690  Dhcp - ok
20:22:20.0014 0x1690  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
20:22:20.0140 0x1690  discache - ok
20:22:20.0174 0x1690  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
20:22:20.0206 0x1690  Disk - ok
20:22:20.0238 0x1690  [ 85CF424C74A1D5EC33533E1DBFF9920A, 882D5FA0D5EC053D76A0C46A6047A621D607651693CF94E5506219EECCC8D079 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:22:20.0311 0x1690  Dnscache - ok
20:22:20.0349 0x1690  [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:22:20.0493 0x1690  dot3svc - ok
20:22:20.0520 0x1690  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS             C:\Windows\system32\dps.dll
20:22:20.0653 0x1690  DPS - ok
20:22:20.0702 0x1690  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:22:20.0754 0x1690  drmkaud - ok
20:22:20.0838 0x1690  [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:22:20.0937 0x1690  DXGKrnl - ok
20:22:20.0960 0x1690  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
20:22:21.0083 0x1690  EapHost - ok
20:22:21.0304 0x1690  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
20:22:21.0599 0x1690  ebdrv - ok
20:22:21.0635 0x1690  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] EFS             C:\Windows\System32\lsass.exe
20:22:21.0715 0x1690  EFS - ok
20:22:21.0797 0x1690  [ 47C071994C3F649F23D9CD075AC9304A, B7AA2DD6AD14F18A19620F5FB79D50C630D3750E72DD67BF8D105CC4F5CE1D46 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:22:21.0937 0x1690  ehRecvr - ok
20:22:21.0972 0x1690  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
20:22:22.0059 0x1690  ehSched - ok
20:22:22.0118 0x1690  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
20:22:22.0198 0x1690  elxstor - ok
20:22:22.0269 0x1690  [ 1E345F2A2D95DA3190596E691CDE9342, 9D1D48F3B749ADA598D155E11E63CD52A4EEABF9BE92A1D997D25D07CF350084 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
20:22:22.0320 0x1690  EPSON_PM_RPCV4_01 - ok
20:22:22.0349 0x1690  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
20:22:22.0403 0x1690  ErrDev - ok
20:22:22.0467 0x1690  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
20:22:22.0622 0x1690  EventSystem - ok
20:22:22.0647 0x1690  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:22:22.0755 0x1690  exfat - ok
20:22:22.0789 0x1690  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:22:22.0916 0x1690  fastfat - ok
20:22:22.0971 0x1690  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax             C:\Windows\system32\fxssvc.exe
20:22:23.0088 0x1690  Fax - ok
20:22:23.0121 0x1690  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:22:23.0161 0x1690  fdc - ok
20:22:23.0188 0x1690  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
20:22:23.0297 0x1690  fdPHost - ok
20:22:23.0323 0x1690  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:22:23.0448 0x1690  FDResPub - ok
20:22:23.0478 0x1690  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:22:23.0511 0x1690  FileInfo - ok
20:22:23.0524 0x1690  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:22:23.0643 0x1690  Filetrace - ok
20:22:23.0651 0x1690  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:22:23.0696 0x1690  flpydisk - ok
20:22:23.0737 0x1690  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:22:23.0785 0x1690  FltMgr - ok
20:22:23.0871 0x1690  [ CB5E4B9C319E3C6BB363EB7E58A4A051, C9DCF2C2A6AFE0A0F3E23A265843D0C423C08B2E54702C5B389CF293D9A6BAC5 ] FontCache       C:\Windows\system32\FntCache.dll
20:22:24.0029 0x1690  FontCache - ok
20:22:24.0082 0x1690  [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:22:24.0105 0x1690  FontCache3.0.0.0 - ok
20:22:24.0138 0x1690  [ 565619F1B6DA86E3C7BA75A1E60ECFCD, D2C80881CBDB322C91C010D18E7C0FD85BB0A681608EADB63289C395F896F7A8 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
20:22:24.0171 0x1690  Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )
20:22:24.0171 0x1690  Detect skipped due to KSN trusted
20:22:24.0171 0x1690  Freemake Improver - ok
20:22:24.0197 0x1690  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:22:24.0225 0x1690  FsDepends - ok
20:22:24.0247 0x1690  [ D3E3F93D67821A2DB2B3D9FAC2DC2064, 727FAA7E15A20ED3A37668D294ABDE6EAF1C87C34EE283C99EE3303E85001404 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:22:24.0277 0x1690  Fs_Rec - ok
20:22:24.0314 0x1690  [ 1F44F8559E61A8306ECC67BB1E168B7C, 5B7CDD4EDF128B48817145357BB36E2107F0D081C26004B44BFF7C63AD29D99B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:22:24.0365 0x1690  fvevol - ok
20:22:24.0394 0x1690  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
20:22:24.0426 0x1690  gagp30kx - ok
20:22:24.0456 0x1690  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:22:24.0478 0x1690  GEARAspiWDM - ok
20:22:24.0514 0x1690  [ 23DEC7050B21A425562AA207ACB5CCB7, 97BF1EBA3BB30C9364B1CA49A51302E7CEE9CADD14196BF22D8C128CFAB69A73 ] GFNEXSrv        C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
20:22:24.0552 0x1690  GFNEXSrv - ok
20:22:24.0626 0x1690  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:22:24.0754 0x1690  gpsvc - ok
20:22:24.0819 0x1690  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:22:24.0845 0x1690  gupdate - ok
20:22:24.0855 0x1690  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:22:24.0878 0x1690  gupdatem - ok
20:22:24.0907 0x1690  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:22:24.0937 0x1690  gusvc - ok
20:22:24.0960 0x1690  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:22:25.0037 0x1690  hcw85cir - ok
20:22:25.0090 0x1690  [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:22:25.0154 0x1690  HdAudAddService - ok
20:22:25.0181 0x1690  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:22:25.0242 0x1690  HDAudBus - ok
20:22:25.0273 0x1690  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
20:22:25.0297 0x1690  HECIx64 - ok
20:22:25.0328 0x1690  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
20:22:25.0365 0x1690  HidBatt - ok
20:22:25.0408 0x1690  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
20:22:25.0458 0x1690  HidBth - ok
20:22:25.0478 0x1690  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
20:22:25.0529 0x1690  HidIr - ok
20:22:25.0558 0x1690  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
20:22:25.0678 0x1690  hidserv - ok
20:22:25.0696 0x1690  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:22:25.0752 0x1690  HidUsb - ok
20:22:25.0790 0x1690  [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:22:25.0917 0x1690  hkmsvc - ok
20:22:25.0955 0x1690  [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:22:26.0030 0x1690  HomeGroupListener - ok
20:22:26.0060 0x1690  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:22:26.0119 0x1690  HomeGroupProvider - ok
20:22:26.0151 0x1690  [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
20:22:26.0180 0x1690  HpSAMD - ok
20:22:26.0248 0x1690  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:22:26.0424 0x1690  HTTP - ok
20:22:26.0450 0x1690  [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:22:26.0478 0x1690  hwpolicy - ok
20:22:26.0503 0x1690  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:22:26.0543 0x1690  i8042prt - ok
20:22:26.0592 0x1690  [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
20:22:26.0648 0x1690  iaStor - ok
20:22:26.0708 0x1690  [ B75E45C564E944A2657167D197AB29DA, 622EA73F4D9CAE17628C18148FB241817A0AE6D80A74B099204ED27C1A750B24 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:22:26.0763 0x1690  iaStorV - ok
20:22:26.0851 0x1690  [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:22:26.0920 0x1690  idsvc - ok
20:22:27.0753 0x1690  [ F4F91789C7C7A159CE8215C1F69F2A85, E60155402FB647B55EAD6B090204A1AA497294D473A7CCF850BB21C0DCCCB49C ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
20:22:28.0723 0x1690  igfx - ok
20:22:28.0788 0x1690  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
20:22:28.0816 0x1690  iirsp - ok
20:22:28.0885 0x1690  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT          C:\Windows\System32\ikeext.dll
20:22:29.0045 0x1690  IKEEXT - ok
20:22:29.0083 0x1690  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
20:22:29.0133 0x1690  Impcd - ok
20:22:29.0311 0x1690  [ 2FAAEA2DC2719E67FD7C0D51F9E743F7, 4F56CB5A0309607EC7DC466E6DC7425DAB34D7194F64C4C258BAEC429A7DB303 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:22:29.0504 0x1690  IntcAzAudAddService - ok
20:22:29.0557 0x1690  [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
20:22:29.0633 0x1690  IntcDAud - ok
20:22:29.0654 0x1690  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
20:22:29.0683 0x1690  intelide - ok
20:22:29.0704 0x1690  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:22:29.0753 0x1690  intelppm - ok
20:22:29.0787 0x1690  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:22:29.0907 0x1690  IPBusEnum - ok
20:22:29.0926 0x1690  [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:22:30.0032 0x1690  IpFilterDriver - ok
20:22:30.0082 0x1690  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:22:30.0234 0x1690  iphlpsvc - ok
20:22:30.0268 0x1690  [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
20:22:30.0310 0x1690  IPMIDRV - ok
20:22:30.0329 0x1690  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:22:30.0445 0x1690  IPNAT - ok
20:22:30.0517 0x1690  [ 0F261EC4F514926177C70C1832374231, 7E61B89FE2651C0C7951E10454267174550677DEAB1C497571A9B0B583687304 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:22:30.0573 0x1690  iPod Service - ok
20:22:30.0595 0x1690  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:22:30.0646 0x1690  IRENUM - ok
20:22:30.0667 0x1690  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
20:22:30.0690 0x1690  isapnp - ok
20:22:30.0724 0x1690  [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
20:22:30.0758 0x1690  iScsiPrt - ok
20:22:30.0784 0x1690  [ BD5BF20EC242E003A2F570B8754A56D1, B4B3492222E98BF8E6EC453E727187FF4AA50A508D1E88A0CBBD5C46355AE492 ] ivusb           C:\Windows\system32\DRIVERS\ivusb.sys
20:22:30.0804 0x1690  ivusb - ok
20:22:30.0833 0x1690  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:22:30.0857 0x1690  kbdclass - ok
20:22:30.0883 0x1690  [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:22:30.0918 0x1690  kbdhid - ok
20:22:30.0936 0x1690  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] KeyIso          C:\Windows\system32\lsass.exe
20:22:30.0963 0x1690  KeyIso - ok
20:22:30.0997 0x1690  [ 4F4B5FDE429416877DE7143044582EB5, A28FFEA078DBD91F3CC28088810EEEB727107B3F0F48370B44D87DC8F8C55B99 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:22:31.0023 0x1690  KSecDD - ok
20:22:31.0048 0x1690  [ 6F40465A44ECDC1731BEFAFEC5BDD03C, 317334D414D0AF73CB4D9CA11EA80C641E786760B8800F2795D0CB38378DBB80 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:22:31.0092 0x1690  KSecPkg - ok
20:22:31.0108 0x1690  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:22:31.0226 0x1690  ksthunk - ok
20:22:31.0288 0x1690  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:22:31.0433 0x1690  KtmRm - ok
20:22:31.0467 0x1690  [ 55480B9C63F3F91A8EBBADCBF28FE581, 5B4BC3F0307B0697DD08DD8AAD4B9EAE99EDD3B33B85D9293D183684D5057293 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
20:22:31.0493 0x1690  L1C - ok
20:22:31.0535 0x1690  [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:22:31.0618 0x1690  LanmanServer - ok
20:22:31.0650 0x1690  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:22:31.0775 0x1690  LanmanWorkstation - ok
20:22:31.0811 0x1690  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:22:31.0913 0x1690  lltdio - ok
20:22:31.0951 0x1690  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:22:32.0077 0x1690  lltdsvc - ok
20:22:32.0099 0x1690  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:22:32.0189 0x1690  lmhosts - ok
20:22:32.0254 0x1690  [ 6D515466AB8BFE61184092B635AE6EB4, 86CEF8700AF4D848DCF5DF217A7588C04F7F0BCEEB10B971E7C0368D8F8E1FAC ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:22:32.0291 0x1690  LMS - ok
20:22:32.0323 0x1690  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
20:22:32.0354 0x1690  LSI_FC - ok
20:22:32.0389 0x1690  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
20:22:32.0419 0x1690  LSI_SAS - ok
20:22:32.0441 0x1690  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:22:32.0466 0x1690  LSI_SAS2 - ok
20:22:32.0488 0x1690  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:22:32.0518 0x1690  LSI_SCSI - ok
20:22:32.0543 0x1690  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:22:32.0629 0x1690  luafv - ok
20:22:32.0663 0x1690  [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:22:32.0713 0x1690  Mcx2Svc - ok
20:22:32.0735 0x1690  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
20:22:32.0760 0x1690  megasas - ok
20:22:32.0797 0x1690  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
20:22:32.0837 0x1690  MegaSR - ok
20:22:32.0857 0x1690  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
20:22:32.0950 0x1690  MMCSS - ok
20:22:32.0976 0x1690  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
20:22:33.0068 0x1690  Modem - ok
20:22:33.0096 0x1690  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:22:33.0148 0x1690  monitor - ok
20:22:33.0172 0x1690  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:22:33.0197 0x1690  mouclass - ok
20:22:33.0228 0x1690  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:22:33.0268 0x1690  mouhid - ok
20:22:33.0297 0x1690  [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:22:33.0333 0x1690  mountmgr - ok
20:22:33.0374 0x1690  [ A35576A433F4AEB0D48976A004657CB6, F820A759119785C3FB10B0EDCF8EF9985886A9B0767ABD45B2ACAC03498B321E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:22:33.0406 0x1690  MozillaMaintenance - ok
20:22:33.0434 0x1690  [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
20:22:33.0472 0x1690  mpio - ok
20:22:33.0501 0x1690  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:22:33.0606 0x1690  mpsdrv - ok
20:22:33.0689 0x1690  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:22:33.0870 0x1690  MpsSvc - ok
20:22:33.0895 0x1690  [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:22:33.0954 0x1690  MRxDAV - ok
20:22:33.0998 0x1690  [ 040D62A9D8AD28922632137ACDD984F2, D9457BDA88C2E3AA4E716C0657B77A4A3E212328CDABD5C18279B6440E1C1594 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:22:34.0065 0x1690  mrxsmb - ok
20:22:34.0106 0x1690  [ F0067552F8F9B33D7C59403AB808A3CB, 698B63528E1943BB4253BF7578DC128AA824C71BD04FF0521277E68B20656C02 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:22:34.0167 0x1690  mrxsmb10 - ok
20:22:34.0200 0x1690  [ 3C142D31DE9F2F193218A53FE2632051, 026B3A932A95D5160B64E470FC414F3D388D429317D5EAEA2D476F715C4CAE75 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:22:34.0237 0x1690  mrxsmb20 - ok
20:22:34.0272 0x1690  [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
20:22:34.0298 0x1690  msahci - ok
20:22:34.0333 0x1690  [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
20:22:34.0366 0x1690  msdsm - ok
20:22:34.0408 0x1690  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
20:22:34.0462 0x1690  MSDTC - ok
20:22:34.0490 0x1690  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:22:34.0592 0x1690  Msfs - ok
20:22:34.0609 0x1690  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:22:34.0726 0x1690  mshidkmdf - ok
20:22:34.0747 0x1690  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
20:22:34.0776 0x1690  msisadrv - ok
20:22:34.0807 0x1690  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:22:34.0942 0x1690  MSiSCSI - ok
20:22:34.0948 0x1690  msiserver - ok
20:22:34.0961 0x1690  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:22:35.0065 0x1690  MSKSSRV - ok
20:22:35.0083 0x1690  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:22:35.0180 0x1690  MSPCLOCK - ok
20:22:35.0201 0x1690  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:22:35.0301 0x1690  MSPQM - ok
20:22:35.0349 0x1690  [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:22:35.0397 0x1690  MsRPC - ok
20:22:35.0430 0x1690  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:22:35.0456 0x1690  mssmbios - ok
20:22:35.0462 0x1690  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:22:35.0569 0x1690  MSTEE - ok
20:22:35.0605 0x1690  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
20:22:35.0633 0x1690  MTConfig - ok
20:22:35.0653 0x1690  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
20:22:35.0679 0x1690  Mup - ok
20:22:35.0728 0x1690  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent        C:\Windows\system32\qagentRT.dll
20:22:35.0862 0x1690  napagent - ok
20:22:35.0904 0x1690  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:22:35.0973 0x1690  NativeWifiP - ok
20:22:36.0045 0x1690  [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:22:36.0117 0x1690  NDIS - ok
20:22:36.0137 0x1690  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:22:36.0222 0x1690  NdisCap - ok
20:22:36.0250 0x1690  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:22:36.0352 0x1690  NdisTapi - ok
20:22:36.0376 0x1690  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:22:36.0483 0x1690  Ndisuio - ok
20:22:36.0510 0x1690  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:22:36.0622 0x1690  NdisWan - ok
20:22:36.0643 0x1690  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:22:36.0762 0x1690  NDProxy - ok
20:22:36.0787 0x1690  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:22:36.0901 0x1690  NetBIOS - ok
20:22:36.0947 0x1690  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:22:37.0075 0x1690  NetBT - ok
20:22:37.0102 0x1690  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] Netlogon        C:\Windows\system32\lsass.exe
20:22:37.0133 0x1690  Netlogon - ok
20:22:37.0178 0x1690  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
20:22:37.0303 0x1690  Netman - ok
20:22:37.0357 0x1690  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
20:22:37.0499 0x1690  netprofm - ok
20:22:37.0538 0x1690  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:22:37.0564 0x1690  NetTcpPortSharing - ok
20:22:37.0605 0x1690  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
20:22:37.0632 0x1690  nfrd960 - ok
20:22:37.0682 0x1690  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:22:37.0817 0x1690  NlaSvc - ok
20:22:37.0835 0x1690  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:22:37.0972 0x1690  Npfs - ok
20:22:38.0000 0x1690  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
20:22:38.0105 0x1690  nsi - ok
20:22:38.0129 0x1690  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:22:38.0235 0x1690  nsiproxy - ok
20:22:38.0380 0x1690  [ 9A6089B056EA1B83B36424FC9D0A300E, EA60282C5A32B497921B568C1FE735F5BDB9D954DDC4E609F7F3CAE5ED823CEC ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:22:38.0531 0x1690  Ntfs - ok
20:22:38.0559 0x1690  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
20:22:38.0659 0x1690  Null - ok
20:22:38.0684 0x1690  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
20:22:38.0734 0x1690  nusb3hub - ok
20:22:38.0780 0x1690  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:22:38.0836 0x1690  nusb3xhc - ok
20:22:39.0650 0x1690  [ F6168EDF9794B7A8D6D030CBA5F6BF68, 7DA45BC540BC4A8014C44F865BE81D025EFBD80672230CA01790DAB963A25C61 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:22:40.0362 0x1690  nvlddmkm - ok
20:22:40.0435 0x1690  [ FD61DF62375C92B700F34E375796BBAB, 675281E46B2D14D95B5A094BC9DC7ECD823224F6EEE8DD99E1CD2C9A7776D69C ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
20:22:40.0452 0x1690  nvpciflt - ok
20:22:40.0477 0x1690  [ A4D9C9A608A97F59307C2F2600EDC6A4, D786F4CA2D10BAC31CE14A338C442F7027D4BB2E955AB99BC44C2F241D383BBE ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:22:40.0506 0x1690  nvraid - ok
20:22:40.0533 0x1690  [ 6C1D5F70E7A6A3FD1C90D840EDC048B9, 8D5337742A0F5B04D636C163CE77D4A9B3684CF81170026912A402513B44BA77 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:22:40.0564 0x1690  nvstor - ok
20:22:40.0604 0x1690  [ EA94A1F7DA5CF16D28E50511D010CD97, 04562FBD6112042DD000833F345F0C5F542AD9DA107DDEF093D00558477D4789 ] nvsvc           C:\Windows\system32\nvvsvc.exe
20:22:40.0645 0x1690  nvsvc - ok
20:22:40.0771 0x1690  [ 2F498CD539B8E522EEF8A568A9EE4E80, 8C21728C9173DD318C411002033642174DB1D6CD79144D14923650E0B203D94A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
20:22:40.0908 0x1690  nvUpdatusService - ok
20:22:40.0998 0x1690  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
20:22:41.0034 0x1690  nv_agp - ok
20:22:41.0060 0x1690  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
20:22:41.0109 0x1690  ohci1394 - ok
20:22:41.0162 0x1690  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:22:41.0259 0x1690  p2pimsvc - ok
20:22:41.0303 0x1690  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
20:22:41.0380 0x1690  p2psvc - ok
20:22:41.0403 0x1690  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
20:22:41.0446 0x1690  Parport - ok
20:22:41.0478 0x1690  [ 90061B1ACFE8CCAA5345750FFE08D8B8, 76309683FFDF380AF9C6E1D9A52E46B011A0BF1026D747181D01F3312B7541C7 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:22:41.0506 0x1690  partmgr - ok
20:22:41.0538 0x1690  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:22:41.0616 0x1690  PcaSvc - ok
20:22:41.0658 0x1690  [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci             C:\Windows\system32\DRIVERS\pci.sys
20:22:41.0692 0x1690  pci - ok
20:22:41.0722 0x1690  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
20:22:41.0746 0x1690  pciide - ok
20:22:41.0788 0x1690  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
20:22:41.0824 0x1690  pcmcia - ok
20:22:41.0852 0x1690  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:22:41.0879 0x1690  pcw - ok
20:22:41.0931 0x1690  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:22:42.0072 0x1690  PEAUTH - ok
20:22:42.0088 0x1690  [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN         C:\Program Files (x86)\PHotkey\PEGAGFN.sys
20:22:42.0104 0x1690  PEGAGFN - ok
20:22:42.0190 0x1690  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:22:42.0237 0x1690  PerfHost - ok
20:22:42.0368 0x1690  [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla             C:\Windows\system32\pla.dll
20:22:42.0660 0x1690  pla - ok
20:22:42.0716 0x1690  [ 98B1721B8718164293B9701B98C52D77, 27F5F00D4AA394D4D8D0A0062EDC3F944B603E07CAAEDC5CC959BA1E8C208C2A ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:22:42.0811 0x1690  PlugPlay - ok
20:22:42.0829 0x1690  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:22:42.0859 0x1690  PNRPAutoReg - ok
20:22:42.0893 0x1690  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:22:42.0943 0x1690  PNRPsvc - ok
20:22:42.0999 0x1690  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:22:43.0140 0x1690  PolicyAgent - ok
20:22:43.0182 0x1690  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
20:22:43.0299 0x1690  Power - ok
20:22:43.0328 0x1690  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:22:43.0438 0x1690  PptpMiniport - ok
20:22:43.0473 0x1690  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
20:22:43.0508 0x1690  Processor - ok
20:22:43.0545 0x1690  [ 97293447431311C06703368AD0F6C4BE, 302A3CA8F6961717D95469B20A8A71954D4ECFCDF4638238D3D44AAE5A8D9B8B ] ProfSvc         C:\Windows\system32\profsvc.dll
20:22:43.0621 0x1690  ProfSvc - ok
20:22:43.0635 0x1690  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:22:43.0669 0x1690  ProtectedStorage - ok
20:22:43.0687 0x1690  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:22:43.0819 0x1690  Psched - ok
20:22:43.0939 0x1690  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
20:22:44.0077 0x1690  ql2300 - ok
20:22:44.0186 0x1690  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
20:22:44.0226 0x1690  ql40xx - ok
20:22:44.0268 0x1690  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
20:22:44.0331 0x1690  QWAVE - ok
20:22:44.0347 0x1690  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:22:44.0409 0x1690  QWAVEdrv - ok
20:22:44.0448 0x1690  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:22:44.0548 0x1690  RasAcd - ok
20:22:44.0573 0x1690  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:22:44.0678 0x1690  RasAgileVpn - ok
20:22:44.0706 0x1690  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
20:22:44.0804 0x1690  RasAuto - ok
20:22:44.0821 0x1690  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:22:44.0932 0x1690  Rasl2tp - ok
20:22:44.0981 0x1690  [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan          C:\Windows\System32\rasmans.dll
20:22:45.0111 0x1690  RasMan - ok
20:22:45.0138 0x1690  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:22:45.0248 0x1690  RasPppoe - ok
20:22:45.0276 0x1690  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:22:45.0369 0x1690  RasSstp - ok
20:22:45.0413 0x1690  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:22:45.0538 0x1690  rdbss - ok
20:22:45.0574 0x1690  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
20:22:45.0620 0x1690  rdpbus - ok
20:22:45.0639 0x1690  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:22:45.0725 0x1690  RDPCDD - ok
20:22:45.0735 0x1690  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:22:45.0853 0x1690  RDPENCDD - ok
20:22:45.0878 0x1690  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:22:45.0980 0x1690  RDPREFMP - ok
20:22:46.0025 0x1690  [ 447DE7E3DEA39D422C1504F245B668B1, C54D90D2F9405E011E490D3C2F0F64488B87B969C95E367C076BBFCFD8654909 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:22:46.0094 0x1690  RDPWD - ok
20:22:46.0124 0x1690  [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:22:46.0158 0x1690  rdyboost - ok
20:22:46.0189 0x1690  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:22:46.0319 0x1690  RemoteAccess - ok
20:22:46.0363 0x1690  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:22:46.0501 0x1690  RemoteRegistry - ok
20:22:46.0529 0x1690  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:22:46.0657 0x1690  RpcEptMapper - ok
20:22:46.0690 0x1690  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
20:22:46.0778 0x1690  RpcLocator - ok
20:22:46.0850 0x1690  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs           C:\Windows\system32\rpcss.dll
20:22:46.0985 0x1690  RpcSs - ok
20:22:47.0080 0x1690  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:22:47.0195 0x1690  rspndr - ok
20:22:47.0282 0x1690  [ A5986B46C4348CB35EBB98F220948DF7, 8E8F2180735D982F3D8278441D1430E6789926983AE737546F473CB1E843B3F5 ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys
20:22:47.0369 0x1690  rtl8192se - ok
20:22:47.0461 0x1690  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] SamSs           C:\Windows\system32\lsass.exe
20:22:47.0495 0x1690  SamSs - ok
20:22:47.0533 0x1690  [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
20:22:47.0564 0x1690  sbp2port - ok
20:22:47.0606 0x1690  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:22:47.0726 0x1690  SCardSvr - ok
20:22:47.0756 0x1690  [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:22:47.0869 0x1690  scfilter - ok
20:22:47.0959 0x1690  [ 624D0F5FF99428BB90A5B8A4123E918E, 90A43E6F09B56CB86A3E3851F8E5ABB74905AEB70296F4B87BEDBC3027E65E86 ] Schedule        C:\Windows\system32\schedsvc.dll
20:22:48.0093 0x1690  Schedule - ok
20:22:48.0122 0x1690  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:22:48.0213 0x1690  SCPolicySvc - ok
20:22:48.0243 0x1690  [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:22:48.0315 0x1690  SDRSVC - ok
20:22:48.0327 0x1690  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:22:48.0428 0x1690  secdrv - ok
20:22:48.0451 0x1690  [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon        C:\Windows\system32\seclogon.dll
20:22:48.0561 0x1690  seclogon - ok
20:22:48.0589 0x1690  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
20:22:48.0694 0x1690  SENS - ok
20:22:48.0717 0x1690  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:22:48.0773 0x1690  SensrSvc - ok
20:22:48.0805 0x1690  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
20:22:48.0839 0x1690  Serenum - ok
20:22:48.0859 0x1690  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:22:48.0893 0x1690  Serial - ok
20:22:48.0923 0x1690  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
20:22:48.0960 0x1690  sermouse - ok
20:22:49.0005 0x1690  [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:22:49.0100 0x1690  SessionEnv - ok
20:22:49.0134 0x1690  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
20:22:49.0176 0x1690  sffdisk - ok
20:22:49.0200 0x1690  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
20:22:49.0236 0x1690  sffp_mmc - ok
20:22:49.0250 0x1690  [ 178298F767FE638C9FEDCBDEF58BB5E4, 053D12CFEE5C54EA7D06F9C9CAE93544FE258A4825CDE2A14090BC81A96E1CF7 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
20:22:49.0288 0x1690  sffp_sd - ok
20:22:49.0306 0x1690  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
20:22:49.0356 0x1690  sfloppy - ok
20:22:49.0413 0x1690  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:22:49.0564 0x1690  SharedAccess - ok
20:22:49.0600 0x1690  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:22:49.0698 0x1690  ShellHWDetection - ok
20:22:49.0734 0x1690  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:22:49.0763 0x1690  SiSRaid2 - ok
20:22:49.0796 0x1690  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
20:22:49.0829 0x1690  SiSRaid4 - ok
20:22:49.0879 0x1690  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:22:49.0921 0x1690  SkypeUpdate - ok
20:22:49.0947 0x1690  [ 0DFAA06B71FC75D0878907A7D18F5240, 57C48A3FFAFC11E70085F246E582EAC5A68F0EAEE4C450125E54C837968EFEA7 ] SLEE_16_DRIVER  C:\Windows\Sleen1664.sys
20:22:49.0974 0x1690  SLEE_16_DRIVER - ok
20:22:49.0998 0x1690  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:22:50.0111 0x1690  Smb - ok
20:22:50.0153 0x1690  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:22:50.0206 0x1690  SNMPTRAP - ok
20:22:50.0300 0x1690  [ F9FDE7DFDEA905859F54B23EA62352EC, 5F5C3C81C342114EE0A51C4F78CF9FF2113DB7814A459372A4B6D4D34FB9D2AD ] Soda 3D PDF Reader Helper Service C:\Program Files (x86)\Soda 3D PDF Reader\HelperService.exe
20:22:50.0366 0x1690  Soda 3D PDF Reader Helper Service - ok
20:22:50.0443 0x1690  [ 050323983CF4A056E649179058236796, C259412C7F782A0D226322CC812FA585C0DE606302C88E6EF2362D06D95AE2D6 ] Soda 3D PDF Reader Service C:\Program Files (x86)\Soda 3D PDF Reader\ConversionService.exe
20:22:50.0510 0x1690  Soda 3D PDF Reader Service - ok
20:22:50.0534 0x1690  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:22:50.0559 0x1690  spldr - ok
20:22:50.0616 0x1690  [ 567977DC43CC13C4C35ED7084C0B84D5, 93EEC3ABA66DA83157F49F056EF1CB3355122204F2BB0F8B618064AF47D59A61 ] Spooler         C:\Windows\System32\spoolsv.exe
20:22:50.0730 0x1690  Spooler - ok
20:22:50.0982 0x1690  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc          C:\Windows\system32\sppsvc.exe
20:22:51.0317 0x1690  sppsvc - ok
20:22:51.0343 0x1690  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:22:51.0457 0x1690  sppuinotify - ok
20:22:51.0507 0x1690  [ 2408C0366D96BCDF63E8F1C78E4A29C5, 66F646890695B5D80536E88B1566C8765D89CFE25954ED650F6D773EFF045016 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:22:51.0578 0x1690  srv - ok
20:22:51.0618 0x1690  [ 76548F7B818881B47D8D1AE1BE9C11F8, 8F1356B07A6A55746FC71B6DB0322128941AE890850196F2B19BC01E6FC9B41C ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:22:51.0694 0x1690  srv2 - ok
20:22:51.0733 0x1690  [ 0AF6E19D39C70844C5CAA8FB0183C36E, 4494EEFDEA7198888D32E74727E5BC0AC628FFA70B1FE7EB59DBEEDC1A95D0DD ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:22:51.0788 0x1690  srvnet - ok
20:22:51.0830 0x1690  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:22:51.0970 0x1690  SSDPSRV - ok
20:22:51.0998 0x1690  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:22:52.0124 0x1690  SstpSvc - ok
20:22:52.0177 0x1690  [ BA696186045E49A7276B2282AFE5E1C8, 94CD2DDF0B055AEBC4BEC0EA45F2BC42E004D52953A7C78847B2CBAC5F73B73F ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:22:52.0213 0x1690  Stereo Service - ok
20:22:52.0249 0x1690  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
20:22:52.0278 0x1690  stexstor - ok
20:22:52.0332 0x1690  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc          C:\Windows\System32\wiaservc.dll
20:22:52.0447 0x1690  stisvc - ok
20:22:52.0481 0x1690  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:22:52.0508 0x1690  swenum - ok
20:22:52.0564 0x1690  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
20:22:52.0706 0x1690  swprv - ok
20:22:52.0756 0x1690  [ BE2B928DE9AF2848289DB7A54C7E2398, A3B07D0CCE0CE228FF62757EBA90E189438C4FA82BE4B5B8FFAED6DB25F06107 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
20:22:52.0792 0x1690  SynTP - ok
20:22:52.0921 0x1690  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain         C:\Windows\system32\sysmain.dll
20:22:53.0182 0x1690  SysMain - ok
20:22:53.0208 0x1690  [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:22:53.0261 0x1690  TabletInputService - ok
20:22:53.0289 0x1690  [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:22:53.0435 0x1690  TapiSrv - ok
20:22:53.0462 0x1690  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
20:22:53.0572 0x1690  TBS - ok
20:22:53.0722 0x1690  [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:22:53.0900 0x1690  Tcpip - ok
20:22:54.0010 0x1690  [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:22:54.0149 0x1690  TCPIP6 - ok
20:22:54.0200 0x1690  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:22:54.0319 0x1690  tcpipreg - ok
20:22:54.0337 0x1690  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:22:54.0392 0x1690  TDPIPE - ok
20:22:54.0419 0x1690  [ 7518F7BCFD4B308ABC9192BACAF6C970, CF08E547EF4059DA3F5A2FCBA98939E84092BB6E0E37F9BBCD1E4D9EBB8A58BB ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:22:54.0464 0x1690  TDTCP - ok
20:22:54.0480 0x1690  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:22:54.0604 0x1690  tdx - ok
20:22:54.0627 0x1690  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:22:54.0659 0x1690  TermDD - ok
20:22:54.0722 0x1690  [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService     C:\Windows\System32\termsrv.dll
20:22:54.0885 0x1690  TermService - ok
20:22:54.0910 0x1690  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
20:22:54.0970 0x1690  Themes - ok
20:22:54.0990 0x1690  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
20:22:55.0083 0x1690  THREADORDER - ok
20:22:55.0102 0x1690  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
20:22:55.0215 0x1690  TrkWks - ok
20:22:55.0279 0x1690  [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:22:55.0321 0x1690  TrustedInstaller - ok
20:22:55.0335 0x1690  [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:22:55.0431 0x1690  tssecsrv - ok
20:22:55.0466 0x1690  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:22:55.0610 0x1690  tunnel - ok
20:22:55.0630 0x1690  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
20:22:55.0666 0x1690  uagp35 - ok
20:22:55.0715 0x1690  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:22:55.0861 0x1690  udfs - ok
20:22:55.0901 0x1690  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:22:55.0955 0x1690  UI0Detect - ok
20:22:55.0972 0x1690  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
20:22:56.0003 0x1690  uliagpkx - ok
20:22:56.0039 0x1690  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:22:56.0088 0x1690  umbus - ok
20:22:56.0115 0x1690  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
20:22:56.0156 0x1690  UmPass - ok
20:22:56.0366 0x1690  [ 0FADD949576A164B4E51E716F46B6C33, 34B33EC767FFCF58647090F5293DD1942BA9CDC5AB9976528DE3793EF327D48E ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:22:56.0573 0x1690  UNS - ok
20:22:56.0642 0x1690  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
20:22:56.0782 0x1690  upnphost - ok
20:22:56.0805 0x1690  [ 43228F8EDD1B0BCDD3145AD246E63D39, 108D8793E9F94C0A0E895398599B359121751F2E7BAA8B7BD24838AEF646726D ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
20:22:56.0866 0x1690  USBAAPL64 - ok
20:22:56.0899 0x1690  [ 7B6A127C93EE590E4D79A5F2A76FE46F, 6F178916EF6D58D1E5B26C0D9D95C276B776505BFC9F716BB1E3ABD3B2B72FCE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:22:56.0964 0x1690  usbccgp - ok
20:22:56.0993 0x1690  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
20:22:57.0048 0x1690  usbcir - ok
20:22:57.0080 0x1690  [ 92969BA5AC44E229C55A332864F79677, 4ED1E1049E7641D3FFF5D296F2D59060225CE52AB9F7B5CA618898B46A772F98 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
20:22:57.0122 0x1690  usbehci - ok
20:22:57.0178 0x1690  [ E7DF1CFD28CA86B35EF5ADD0735CEEF3, AA751288EC34D61D934D7E8C036B60BBCEDC2A746815623478BB015D87D6A998 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:22:57.0253 0x1690  usbhub - ok
20:22:57.0273 0x1690  [ F1BB1E55F1E7A65C5839CCC7B36D773E, 4F517F81FA5688D78D3627EA7D2EA16AD4EB410D7624FE483C7AF26951E579A9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:22:57.0328 0x1690  usbohci - ok
20:22:57.0353 0x1690  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:22:57.0416 0x1690  usbprint - ok
20:22:57.0440 0x1690  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
20:22:57.0505 0x1690  usbscan - ok
20:22:57.0533 0x1690  [ F39983647BC1F3E6100778DDFE9DCE29, 3BD36594F7C753680DB5A4354B1D6A33FC3011631D2D56DD4B2464AA99C85F7B ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:22:57.0605 0x1690  USBSTOR - ok
20:22:57.0634 0x1690  [ BC3070350A491D84B518D7CCA9ABD36F, 96FFF9F76A93CF4806297AE7C11A5C6D1E7A9980260E6CFC960F8247D5032161 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
20:22:57.0678 0x1690  usbuhci - ok
20:22:57.0720 0x1690  [ 7CB8C573C6E4A2714402CC0A36EAB4FE, FCD65AA3723617F58F77C4DA93CE910C712B8AA9411B5C4A60DC6C684EA53C1B ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
20:22:57.0773 0x1690  usbvideo - ok
20:22:57.0806 0x1690  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
20:22:57.0914 0x1690  UxSms - ok
20:22:57.0936 0x1690  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] VaultSvc        C:\Windows\system32\lsass.exe
20:22:57.0965 0x1690  VaultSvc - ok
20:22:57.0989 0x1690  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
20:22:58.0018 0x1690  vdrvroot - ok
20:22:58.0058 0x1690  [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds             C:\Windows\System32\vds.exe
20:22:58.0138 0x1690  vds - ok
20:22:58.0174 0x1690  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:22:58.0219 0x1690  vga - ok
20:22:58.0243 0x1690  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:22:58.0350 0x1690  VgaSave - ok
20:22:58.0394 0x1690  [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
20:22:58.0433 0x1690  vhdmp - ok
20:22:58.0461 0x1690  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
20:22:58.0486 0x1690  viaide - ok
20:22:58.0523 0x1690  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
20:22:58.0553 0x1690  volmgr - ok
20:22:58.0584 0x1690  [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:22:58.0632 0x1690  volmgrx - ok
20:22:58.0677 0x1690  [ 9E425AC5C9A5A973273D169F43B4F5E1, 64C9A9D4A39865E56F01B4FDE1B56034C4B2A2AEF2ABE15EC1C37911C59595B0 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:22:58.0720 0x1690  volsnap - ok
20:22:58.0753 0x1690  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
20:22:58.0788 0x1690  vsmraid - ok
20:22:58.0910 0x1690  [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS             C:\Windows\system32\vssvc.exe
20:22:59.0070 0x1690  VSS - ok
20:22:59.0092 0x1690  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:22:59.0153 0x1690  vwifibus - ok
20:22:59.0192 0x1690  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:22:59.0257 0x1690  vwififlt - ok
20:22:59.0304 0x1690  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
20:22:59.0439 0x1690  W32Time - ok
20:22:59.0476 0x1690  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
20:22:59.0520 0x1690  WacomPen - ok
20:22:59.0549 0x1690  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:22:59.0663 0x1690  WANARP - ok
20:22:59.0674 0x1690  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:22:59.0773 0x1690  Wanarpv6 - ok
20:22:59.0890 0x1690  [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine        C:\Windows\system32\wbengine.exe
20:23:00.0066 0x1690  wbengine - ok
20:23:00.0097 0x1690  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:23:00.0165 0x1690  WbioSrvc - ok
20:23:00.0219 0x1690  [ DD1BAE8EBFC653824D29CCF8C9054D68, 81D6640222FE276D721168745F6BB905D4E756909A9B2C706AF25465D748772D ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:23:00.0307 0x1690  wcncsvc - ok
20:23:00.0324 0x1690  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:23:00.0387 0x1690  WcsPlugInService - ok
20:23:00.0413 0x1690  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
20:23:00.0445 0x1690  Wd - ok
20:23:00.0527 0x1690  [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:23:00.0615 0x1690  Wdf01000 - ok
20:23:00.0651 0x1690  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:23:00.0717 0x1690  WdiServiceHost - ok
20:23:00.0729 0x1690  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:23:00.0785 0x1690  WdiSystemHost - ok
20:23:00.0827 0x1690  [ 733006127F235BE7C35354EBEE7B9A7B, 2C7E7030D586C36261F33F29883337695493D48CEA415D6DBA7C5635845A5B32 ] WebClient       C:\Windows\System32\webclnt.dll
20:23:00.0908 0x1690  WebClient - ok
20:23:00.0933 0x1690  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:23:01.0057 0x1690  Wecsvc - ok
20:23:01.0085 0x1690  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:23:01.0211 0x1690  wercplsupport - ok
20:23:01.0234 0x1690  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:23:01.0355 0x1690  WerSvc - ok
20:23:01.0385 0x1690  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:23:01.0499 0x1690  WfpLwf - ok
20:23:01.0520 0x1690  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:23:01.0557 0x1690  WIMMount - ok
20:23:01.0587 0x1690  WinDefend - ok
20:23:01.0595 0x1690  WinHttpAutoProxySvc - ok
20:23:01.0663 0x1690  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:23:01.0776 0x1690  Winmgmt - ok
20:23:01.0910 0x1690  [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:23:02.0208 0x1690  WinRM - ok
20:23:02.0259 0x1690  [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:23:02.0317 0x1690  WinUsb - ok
20:23:02.0402 0x1690  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:23:02.0536 0x1690  Wlansvc - ok
20:23:02.0603 0x1690  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:23:02.0628 0x1690  wlcrasvc - ok
20:23:02.0825 0x1690  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:23:02.0990 0x1690  wlidsvc - ok
20:23:03.0051 0x1690  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
20:23:03.0090 0x1690  WmiAcpi - ok
20:23:03.0136 0x1690  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:23:03.0193 0x1690  wmiApSrv - ok
20:23:03.0222 0x1690  WMPNetworkSvc - ok
20:23:03.0247 0x1690  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:23:03.0292 0x1690  WPCSvc - ok
20:23:03.0311 0x1690  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:23:03.0392 0x1690  WPDBusEnum - ok
20:23:03.0426 0x1690  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:23:03.0537 0x1690  ws2ifsl - ok
20:23:03.0565 0x1690  [ 8F9F3969933C02DA96EB0F84576DB43E, C424D7B881A4DCC348433CF02044383013E32DB94CC66D1D20E1866CB3B0F952 ] wscsvc          C:\Windows\System32\wscsvc.dll
20:23:03.0632 0x1690  wscsvc - ok
20:23:03.0639 0x1690  WSearch - ok
20:23:03.0826 0x1690  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:23:03.0989 0x1690  wuauserv - ok
20:23:04.0038 0x1690  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:23:04.0101 0x1690  WudfPf - ok
20:23:04.0137 0x1690  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:23:04.0180 0x1690  WUDFRd - ok
20:23:04.0221 0x1690  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:23:04.0274 0x1690  wudfsvc - ok
20:23:04.0317 0x1690  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:23:04.0378 0x1690  WwanSvc - ok
20:23:04.0409 0x1690  ================ Scan global ===============================
20:23:04.0438 0x1690  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:23:04.0468 0x1690  [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll
20:23:04.0496 0x1690  [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll
20:23:04.0533 0x1690  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:23:04.0571 0x1690  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
20:23:04.0588 0x1690  [ Global ] - ok
20:23:04.0589 0x1690  ================ Scan MBR ==================================
20:23:04.0602 0x1690  [ 2E0FE7FC299470E30383716B164CF901 ] \Device\Harddisk0\DR0
20:23:10.0002 0x1690  \Device\Harddisk0\DR0 - ok
20:23:10.0004 0x1690  ================ Scan VBR ==================================
20:23:10.0006 0x1690  [ AFBCF946E9BB90B4C852AD98B6145737 ] \Device\Harddisk0\DR0\Partition1
20:23:10.0008 0x1690  \Device\Harddisk0\DR0\Partition1 - ok
20:23:10.0013 0x1690  [ 5DD399644F6D76F889250E73A4901C00 ] \Device\Harddisk0\DR0\Partition2
20:23:10.0015 0x1690  \Device\Harddisk0\DR0\Partition2 - ok
20:23:10.0020 0x1690  [ 3DF8CA21913705B725AC71032CE77577 ] \Device\Harddisk0\DR0\Partition3
20:23:10.0021 0x1690  \Device\Harddisk0\DR0\Partition3 - ok
20:23:10.0022 0x1690  ================ Scan generic autorun ======================
20:23:10.0791 0x1690  [ BF657386FF476CE3630F693182E37800, 03A444880214BD61EBBC80BE8298358CF4F3425C675FF6851923071FC9E2C997 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:23:11.0708 0x1690  RtHDVCpl - ok
20:23:11.0898 0x1690  [ 5E8015140DF120DDBF4C957B8DF8CDED, 6F16D471527DD718B856117FDD3DB7FC8C1FA071B75BFB6F4A39B0E648E12960 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:23:12.0048 0x1690  RtHDVBg - ok
20:23:12.0151 0x1690  [ 42EB7A79867ED8AD99349FF0F0A7F39A, AF289350D625123BB697532B53A35B48D574ADB9861A288DA68F8EC2AB6F2E3A ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
20:23:12.0199 0x1690  AmIcoSinglun64 - detected UnsignedFile.Multi.Generic ( 1 )
20:23:12.0199 0x1690  Detect skipped due to KSN trusted
20:23:12.0199 0x1690  AmIcoSinglun64 - ok
20:23:12.0200 0x1690  SynTPEnh - ok
20:23:12.0235 0x1690  [ 810A5F70CEB063CEC85360394BEC2C56, FCC289B23B2347AD7C34B48E6EFB1914B5ED8D9DD397B0816D94747B168DFD64 ] C:\Windows\system32\igfxtray.exe
20:23:12.0271 0x1690  IgfxTray - ok
20:23:12.0326 0x1690  [ 2FE8F6A30802B69A3F501607F346DEEA, CD603DB6055861E9EAD397234120FBE0D3CACEFADB0D6001099CF0DA9DF1CC34 ] C:\Windows\system32\hkcmd.exe
20:23:12.0380 0x1690  HotKeysCmds - ok
20:23:12.0423 0x1690  [ CA1941B93BA45B7EA4D7D9F451B25C84, B0648762862931CB12004C92CD7A7EF8E3B1C14DD33C980A490D8AA56F7AA723 ] C:\Windows\system32\igfxpers.exe
20:23:12.0478 0x1690  Persistence - ok
20:23:12.0517 0x1690  [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
20:23:12.0545 0x1690  NUSB3MON - ok
20:23:12.0605 0x1690  [ 57B4D34232852BFE4453BE571DF90D21, 3D329499D7BCACAE5F6377F988B90714F5A8301784CDB22D5B54A2266AC50D79 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
20:23:12.0631 0x1690  CLMLServer - ok
20:23:12.0681 0x1690  [ 441AEAA45A35495644CC6530AC5BD725, 6E971A7D58A5FDDE3673CDD0A866B1C12B396633B3AA98D1278D487210D06245 ] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
20:23:12.0736 0x1690  YouCam Mirror Tray icon - detected UnsignedFile.Multi.Generic ( 1 )
20:23:12.0737 0x1690  Detect skipped due to KSN trusted
20:23:12.0737 0x1690  YouCam Mirror Tray icon - ok
20:23:12.0737 0x1690  HF_G_Jul - ok
20:23:12.0745 0x1690  ROC_ROC_JULY_P1 - ok
20:23:12.0748 0x1690  ROC_ROC_NT - ok
20:23:13.0077 0x1690  [ 9F22AF691BB098BA98951BC3DFDD779A, E52F319D82A40A3A016C9A3624B940B97FF15C6A26229B69645C279704DDD0C9 ] C:\Program Files (x86)\AVG\AVG2015\avgui.exe
20:23:13.0337 0x1690  AVG_UI - ok
20:23:13.0482 0x1690  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:23:13.0655 0x1690  Sidebar - ok
20:23:13.0690 0x1690  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:23:13.0748 0x1690  mctadmin - ok
20:23:13.0823 0x1690  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:23:13.0952 0x1690  Sidebar - ok
20:23:13.0966 0x1690  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:23:14.0020 0x1690  mctadmin - ok
20:23:14.0088 0x1690  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:23:14.0229 0x1690  Sidebar - ok
20:23:14.0248 0x1690  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:23:14.0301 0x1690  mctadmin - ok
20:23:14.0306 0x1690  spchecker - ok
20:23:14.0375 0x1690  [ 78CB1D49A6367FE5C382B853006100E3, 6540F2A8413248D59B0A665A511AB7FD43F21610A052712D5345FBBA0078B3A5 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICLE.EXE
20:23:14.0434 0x1690  EPSON Stylus Photo RX585 Series - ok
20:23:14.0504 0x1690  MobileDocuments - ok
20:23:14.0969 0x1690  [ 674C18BDC0EABE1C9FD363459759CA5B, BB34F0E9D8E2C5CF0CCB9E55D47C984F9F516671A15A124CC9763E6F26E15175 ] C:\Users\Mari\AppData\Local\Amazon Music\Amazon Music Helper.exe
20:23:15.0450 0x1690  Amazon Music - ok
20:23:15.0474 0x1690  AV detected via SS2: AVG AntiVirus Free Edition 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.5863 ), 0x41000 ( enabled : updated )
20:23:15.0483 0x1690  Win FW state via NFP2: enabled
20:23:18.0363 0x1690  ============================================================
20:23:18.0363 0x1690  Scan finished
20:23:18.0363 0x1690  ============================================================
20:23:18.0378 0x0700  Detected object count: 0
20:23:18.0378 0x0700  Actual detected object count: 0

Alt 09.04.2015, 20:42   #5
Ellaspirella
 
Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert - Standard

Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert


und noch der Report vom TDSS Killer - das hab ich übersehen, dass ich den posten sollte, sorry

Code:
ATTFilter
21:25:36.0317 0x0f9c  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
21:25:40.0769 0x0f9c  ============================================================
21:25:40.0769 0x0f9c  Current date / time: 2015/04/09 21:25:40.0769
21:25:40.0769 0x0f9c  SystemInfo:
21:25:40.0769 0x0f9c  
21:25:40.0769 0x0f9c  OS Version: 6.1.7600 ServicePack: 0.0
21:25:40.0769 0x0f9c  Product type: Workstation
21:25:40.0770 0x0f9c  ComputerName: MARINIX
21:25:40.0770 0x0f9c  UserName: Mari
21:25:40.0770 0x0f9c  Windows directory: C:\Windows
21:25:40.0770 0x0f9c  System windows directory: C:\Windows
21:25:40.0770 0x0f9c  Running under WOW64
21:25:40.0770 0x0f9c  Processor architecture: Intel x64
21:25:40.0770 0x0f9c  Number of processors: 4
21:25:40.0770 0x0f9c  Page size: 0x1000
21:25:40.0770 0x0f9c  Boot type: Normal boot
21:25:40.0770 0x0f9c  ============================================================
21:25:41.0071 0x0f9c  KLMD registered as C:\Windows\system32\drivers\18716050.sys
21:25:41.0448 0x0f9c  System UUID: {FCD4D191-064E-3165-FCD6-561D31AFEAD5}
21:25:42.0290 0x0f9c  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:25:42.0298 0x0f9c  ============================================================
21:25:42.0299 0x0f9c  \Device\Harddisk0\DR0:
21:25:42.0299 0x0f9c  MBR partitions:
21:25:42.0299 0x0f9c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:25:42.0299 0x0f9c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x201FA800
21:25:42.0299 0x0f9c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2022D000, BlocksNum 0x5000000
21:25:42.0299 0x0f9c  ============================================================
21:25:42.0324 0x0f9c  C: <-> \Device\Harddisk0\DR0\Partition2
21:25:42.0368 0x0f9c  D: <-> \Device\Harddisk0\DR0\Partition3
21:25:42.0368 0x0f9c  ============================================================
21:25:42.0368 0x0f9c  Initialize success
21:25:42.0368 0x0f9c  ============================================================
21:26:45.0983 0x05c0  ============================================================
21:26:45.0983 0x05c0  Scan started
21:26:45.0983 0x05c0  Mode: Manual; SigCheck; TDLFS; 
21:26:45.0984 0x05c0  ============================================================
21:26:45.0984 0x05c0  KSN ping started
21:26:50.0305 0x05c0  KSN ping finished: true
21:26:51.0175 0x05c0  ================ Scan system memory ========================
21:26:51.0175 0x05c0  System memory - ok
21:26:51.0176 0x05c0  ================ Scan services =============================
21:26:51.0382 0x05c0  [ 969C91060CBB5D17CB8440B5F78B4C51, 9B5754DDACA15B11DB4D22B0473360C72CFA854AD4AD57546AF3B3C63AAE7759 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
21:26:51.0542 0x05c0  1394ohci - ok
21:26:51.0605 0x05c0  [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
21:26:51.0655 0x05c0  ACPI - ok
21:26:51.0688 0x05c0  [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
21:26:51.0723 0x05c0  AcpiPmi - ok
21:26:51.0816 0x05c0  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:26:51.0847 0x05c0  AdobeARMservice - ok
21:26:51.0981 0x05c0  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:26:52.0021 0x05c0  AdobeFlashPlayerUpdateSvc - ok
21:26:52.0090 0x05c0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:26:52.0152 0x05c0  adp94xx - ok
21:26:52.0206 0x05c0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:26:52.0262 0x05c0  adpahci - ok
21:26:52.0311 0x05c0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:26:52.0351 0x05c0  adpu320 - ok
21:26:52.0394 0x05c0  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:26:52.0492 0x05c0  AeLookupSvc - ok
21:26:52.0551 0x05c0  [ DB9D6C6B2CD95A9CA414D045B627422E, A4A0B2ACBFE311C20EF9F06A49DBE02CE90433C2364B292F6E8F78F6C274DF88 ] AFD             C:\Windows\system32\drivers\afd.sys
21:26:52.0617 0x05c0  AFD - ok
21:26:52.0648 0x05c0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
21:26:52.0676 0x05c0  agp440 - ok
21:26:52.0699 0x05c0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:26:52.0734 0x05c0  ALG - ok
21:26:52.0752 0x05c0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
21:26:52.0778 0x05c0  aliide - ok
21:26:52.0796 0x05c0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
21:26:52.0822 0x05c0  amdide - ok
21:26:52.0858 0x05c0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:26:52.0895 0x05c0  AmdK8 - ok
21:26:52.0905 0x05c0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:26:52.0942 0x05c0  AmdPPM - ok
21:26:52.0979 0x05c0  [ EC7EBAB00A4D8448BAB68D1E49B4BEB9, 786B30C86FA7FEC6BA2569FF818044AA0F7C134693304ED0FF7BD0541F9A755F ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:26:53.0015 0x05c0  amdsata - ok
21:26:53.0059 0x05c0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:26:53.0100 0x05c0  amdsbs - ok
21:26:53.0126 0x05c0  [ DB27766102C7BF7E95140A2AA81D042E, 489F812B596EA06E53D891CD05047AA17CDF752854BBD553BA65D10799AF78DF ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:26:53.0155 0x05c0  amdxata - ok
21:26:53.0186 0x05c0  [ 37EA167782AF19301AF9C05804948BB2, 6BAD7DB48485C65043BBD5D9376D2D225561506C7780E7D56B4C85D26DFB38FB ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
21:26:53.0217 0x05c0  AmUStor - ok
21:26:53.0252 0x05c0  [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID           C:\Windows\system32\drivers\appid.sys
21:26:53.0305 0x05c0  AppID - ok
21:26:53.0333 0x05c0  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:26:53.0434 0x05c0  AppIDSvc - ok
21:26:53.0456 0x05c0  [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo         C:\Windows\System32\appinfo.dll
21:26:53.0493 0x05c0  Appinfo - ok
21:26:53.0549 0x05c0  [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:26:53.0576 0x05c0  Apple Mobile Device - ok
21:26:53.0611 0x05c0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:26:53.0645 0x05c0  arc - ok
21:26:53.0684 0x05c0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:26:53.0718 0x05c0  arcsas - ok
21:26:53.0766 0x05c0  [ EFD89582B55DD32DC79C1A4EB54612A1, 7631F39174E7AE2A162F25D7069123C51274130298A3E5AE10AC1406CD948355 ] ASLDRService    C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
21:26:53.0804 0x05c0  ASLDRService - ok
21:26:53.0840 0x05c0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:26:53.0938 0x05c0  AsyncMac - ok
21:26:53.0971 0x05c0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
21:26:53.0999 0x05c0  atapi - ok
21:26:54.0074 0x05c0  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:26:54.0229 0x05c0  AudioEndpointBuilder - ok
21:26:54.0269 0x05c0  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:26:54.0400 0x05c0  AudioSrv - ok
21:26:54.0476 0x05c0  [ 54FE1CAFA3B3029B282E6A05EA672031, E972B8A22322FF06903A1E3AB20585E02A21C3A6EA9A75C172231494A08D14D1 ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
21:26:54.0507 0x05c0  Avgdiska - ok
21:26:54.0813 0x05c0  [ E2FDE8691C03525F095C8D01F005FA97, B234D8642F528550FB246127CBA24A2A115F8EAF8ED1BC8FD37562AFEBEF4978 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
21:26:55.0079 0x05c0  AVGIDSAgent - ok
21:26:55.0154 0x05c0  [ 079F75EE36CD275620298DA7D7636006, 323BA7B327BBE1FBEED3D16D83C2CF0DE5D0D0B9F38A86E3B93E40547FA742B7 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
21:26:55.0204 0x05c0  AVGIDSDriver - ok
21:26:55.0249 0x05c0  [ 68070AEEE757ACC6EC5BC291B1E8EA1A, 8A4902CE6F4696F33CD6CF98F96FDA7895B99A676916F3137CF34192AF3C25A4 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
21:26:55.0282 0x05c0  AVGIDSHA - ok
21:26:55.0330 0x05c0  [ 7C9E8FD2BFCE60BDF9B5944C0BE47C87, 0F51507BAECDEF7B6F553066621A03832FF070EC6837A8E304AABA1227F779BF ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
21:26:55.0365 0x05c0  Avgldx64 - ok
21:26:55.0409 0x05c0  [ 179835151F9B3FCC2FCB5E633D4F1A2B, 0520CF4C897BD74601CB887E583A7F45AC78B8420293CDE0F8107FB05CD2AA70 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
21:26:55.0460 0x05c0  Avgloga - ok
21:26:55.0491 0x05c0  [ 66B7273493BF49EE6BDECB574BC5B877, 59779808E57DCC3DF70DEC9779D09B7D62137DBBE2B535C51A08BD7A5DF8EA99 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
21:26:55.0528 0x05c0  Avgmfx64 - ok
21:26:55.0554 0x05c0  [ 3CE824D46BA1871713ABF147E6BAD556, B4D8AFC388BE06D6E3C5CDC865F80FF101E731E1D2B221FFC6C1E28487E1B3CD ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
21:26:55.0579 0x05c0  Avgrkx64 - ok
21:26:55.0614 0x05c0  [ C76F53C265E79A2DEFF020E78AF4B6BA, 663A7F8FADB4E5669AD70763CE643AB47D001C7613F2E0F1D611A6E8447CD7B0 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
21:26:55.0663 0x05c0  Avgtdia - ok
21:26:55.0715 0x05c0  [ DCF350D917112A03D3CDC33C8ADEA87A, 78E7B8E6575EEB07C993EA71D699443C428B3258A748236264F75571FE23D796 ] avgwd           C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
21:26:55.0765 0x05c0  avgwd - ok
21:26:55.0801 0x05c0  [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:26:55.0854 0x05c0  AxInstSV - ok
21:26:55.0924 0x05c0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
21:26:55.0997 0x05c0  b06bdrv - ok
21:26:56.0054 0x05c0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:26:56.0108 0x05c0  b57nd60a - ok
21:26:56.0152 0x05c0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:26:56.0192 0x05c0  BDESVC - ok
21:26:56.0204 0x05c0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:26:56.0292 0x05c0  Beep - ok
21:26:56.0370 0x05c0  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE             C:\Windows\System32\bfe.dll
21:26:56.0511 0x05c0  BFE - ok
21:26:56.0657 0x05c0  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS            C:\Windows\System32\qmgr.dll
21:26:56.0830 0x05c0  BITS - ok
21:26:56.0921 0x05c0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:26:56.0956 0x05c0  blbdrive - ok
21:26:57.0055 0x05c0  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:26:57.0107 0x05c0  Bonjour Service - ok
21:26:57.0135 0x05c0  [ 19D20159708E152267E53B66677A4995, 6401FA5C3EFF26BED075FEC68F868CD8D0598FDB45EA9381810615F7252F7A9A ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:26:57.0174 0x05c0  bowser - ok
21:26:57.0200 0x05c0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:26:57.0240 0x05c0  BrFiltLo - ok
21:26:57.0276 0x05c0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:26:57.0315 0x05c0  BrFiltUp - ok
21:26:57.0358 0x05c0  [ 6B054C67AAA87843504E8E3C09102009, 284AA58625FBDBFECB851A35407331B40BAEC141F2DCEDB9F15733BAB22F5C81 ] Browser         C:\Windows\System32\browser.dll
21:26:57.0402 0x05c0  Browser - ok
21:26:57.0445 0x05c0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:26:57.0523 0x05c0  Brserid - ok
21:26:57.0550 0x05c0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:26:57.0598 0x05c0  BrSerWdm - ok
21:26:57.0632 0x05c0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:26:57.0671 0x05c0  BrUsbMdm - ok
21:26:57.0679 0x05c0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:26:57.0714 0x05c0  BrUsbSer - ok
21:26:57.0730 0x05c0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:26:57.0775 0x05c0  BTHMODEM - ok
21:26:57.0816 0x05c0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:26:57.0922 0x05c0  bthserv - ok
21:26:57.0941 0x05c0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:26:58.0047 0x05c0  cdfs - ok
21:26:58.0100 0x05c0  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:26:58.0143 0x05c0  cdrom - ok
21:26:58.0172 0x05c0  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:26:58.0275 0x05c0  CertPropSvc - ok
21:26:58.0306 0x05c0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:26:58.0349 0x05c0  circlass - ok
21:26:58.0396 0x05c0  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
21:26:58.0450 0x05c0  CLFS - ok
21:26:58.0517 0x05c0  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:26:58.0545 0x05c0  clr_optimization_v2.0.50727_32 - ok
21:26:58.0612 0x05c0  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:26:58.0642 0x05c0  clr_optimization_v2.0.50727_64 - ok
21:26:58.0697 0x05c0  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:26:58.0731 0x05c0  clr_optimization_v4.0.30319_32 - ok
21:26:58.0770 0x05c0  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:26:58.0801 0x05c0  clr_optimization_v4.0.30319_64 - ok
21:26:58.0822 0x05c0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:26:58.0856 0x05c0  CmBatt - ok
21:26:58.0882 0x05c0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
21:26:58.0909 0x05c0  cmdide - ok
21:26:58.0977 0x05c0  [ CA7720B73446FDDEC5C69519C1174C98, F24796765587CC1D653A04783B1659564F42E600DA3AFA3DED724592B291D033 ] CNG             C:\Windows\system32\Drivers\cng.sys
21:26:59.0052 0x05c0  CNG - ok
21:26:59.0090 0x05c0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:26:59.0119 0x05c0  Compbatt - ok
21:26:59.0141 0x05c0  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:26:59.0185 0x05c0  CompositeBus - ok
21:26:59.0192 0x05c0  COMSysApp - ok
21:26:59.0214 0x05c0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:26:59.0241 0x05c0  crcdisk - ok
21:26:59.0272 0x05c0  [ BAF19B633933A9FB4883D27D66C39E9A, 2D8ABB5161736CCCADA67B3E6A8D70B0B5E1E3FE6084561891F394DA191B3439 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:26:59.0311 0x05c0  CryptSvc - ok
21:26:59.0370 0x05c0  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:26:59.0507 0x05c0  DcomLaunch - ok
21:26:59.0613 0x05c0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:26:59.0738 0x05c0  defragsvc - ok
21:26:59.0770 0x05c0  [ 9C253CE7311CA60FC11C774692A13208, 23507138576DB75AA8B7415140F7B5D8A90CB2661796223870461C721A36AEBF ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:26:59.0811 0x05c0  DfsC - ok
21:26:59.0858 0x05c0  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:26:59.0926 0x05c0  Dhcp - ok
21:26:59.0956 0x05c0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:27:00.0051 0x05c0  discache - ok
21:27:00.0090 0x05c0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
21:27:00.0120 0x05c0  Disk - ok
21:27:00.0163 0x05c0  [ 85CF424C74A1D5EC33533E1DBFF9920A, 882D5FA0D5EC053D76A0C46A6047A621D607651693CF94E5506219EECCC8D079 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:27:00.0202 0x05c0  Dnscache - ok
21:27:00.0234 0x05c0  [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:27:00.0354 0x05c0  dot3svc - ok
21:27:00.0378 0x05c0  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS             C:\Windows\system32\dps.dll
21:27:00.0492 0x05c0  DPS - ok
21:27:00.0528 0x05c0  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:27:00.0568 0x05c0  drmkaud - ok
21:27:00.0665 0x05c0  [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:27:00.0762 0x05c0  DXGKrnl - ok
21:27:00.0786 0x05c0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:27:00.0884 0x05c0  EapHost - ok
21:27:01.0092 0x05c0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
21:27:01.0384 0x05c0  ebdrv - ok
21:27:01.0427 0x05c0  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] EFS             C:\Windows\System32\lsass.exe
21:27:01.0463 0x05c0  EFS - ok
21:27:01.0552 0x05c0  [ 47C071994C3F649F23D9CD075AC9304A, B7AA2DD6AD14F18A19620F5FB79D50C630D3750E72DD67BF8D105CC4F5CE1D46 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:27:01.0643 0x05c0  ehRecvr - ok
21:27:01.0673 0x05c0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:27:01.0717 0x05c0  ehSched - ok
21:27:01.0784 0x05c0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:27:01.0848 0x05c0  elxstor - ok
21:27:01.0919 0x05c0  [ 1E345F2A2D95DA3190596E691CDE9342, 9D1D48F3B749ADA598D155E11E63CD52A4EEABF9BE92A1D997D25D07CF350084 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
21:27:01.0961 0x05c0  EPSON_PM_RPCV4_01 - ok
21:27:01.0991 0x05c0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
21:27:02.0019 0x05c0  ErrDev - ok
21:27:02.0084 0x05c0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:27:02.0219 0x05c0  EventSystem - ok
21:27:02.0298 0x05c0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:27:02.0411 0x05c0  exfat - ok
21:27:02.0491 0x05c0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:27:02.0606 0x05c0  fastfat - ok
21:27:02.0670 0x05c0  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax             C:\Windows\system32\fxssvc.exe
21:27:02.0751 0x05c0  Fax - ok
21:27:02.0772 0x05c0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:27:02.0801 0x05c0  fdc - ok
21:27:02.0830 0x05c0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:27:02.0917 0x05c0  fdPHost - ok
21:27:02.0932 0x05c0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:27:03.0020 0x05c0  FDResPub - ok
21:27:03.0055 0x05c0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:27:03.0088 0x05c0  FileInfo - ok
21:27:03.0100 0x05c0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:27:03.0188 0x05c0  Filetrace - ok
21:27:03.0212 0x05c0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:27:03.0241 0x05c0  flpydisk - ok
21:27:03.0278 0x05c0  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:27:03.0320 0x05c0  FltMgr - ok
21:27:03.0405 0x05c0  [ CB5E4B9C319E3C6BB363EB7E58A4A051, C9DCF2C2A6AFE0A0F3E23A265843D0C423C08B2E54702C5B389CF293D9A6BAC5 ] FontCache       C:\Windows\system32\FntCache.dll
21:27:03.0533 0x05c0  FontCache - ok
21:27:03.0591 0x05c0  [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:27:03.0616 0x05c0  FontCache3.0.0.0 - ok
21:27:03.0680 0x05c0  [ 565619F1B6DA86E3C7BA75A1E60ECFCD, D2C80881CBDB322C91C010D18E7C0FD85BB0A681608EADB63289C395F896F7A8 ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
21:27:03.0699 0x05c0  Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )
21:27:06.0330 0x05c0  Detect skipped due to KSN trusted
21:27:06.0330 0x05c0  Freemake Improver - ok
21:27:06.0364 0x05c0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:27:06.0395 0x05c0  FsDepends - ok
21:27:06.0415 0x05c0  [ D3E3F93D67821A2DB2B3D9FAC2DC2064, 727FAA7E15A20ED3A37668D294ABDE6EAF1C87C34EE283C99EE3303E85001404 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:27:06.0443 0x05c0  Fs_Rec - ok
21:27:06.0480 0x05c0  [ 1F44F8559E61A8306ECC67BB1E168B7C, 5B7CDD4EDF128B48817145357BB36E2107F0D081C26004B44BFF7C63AD29D99B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:27:06.0532 0x05c0  fvevol - ok
21:27:06.0561 0x05c0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:27:06.0593 0x05c0  gagp30kx - ok
21:27:06.0632 0x05c0  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:27:06.0652 0x05c0  GEARAspiWDM - ok
21:27:06.0688 0x05c0  [ 23DEC7050B21A425562AA207ACB5CCB7, 97BF1EBA3BB30C9364B1CA49A51302E7CEE9CADD14196BF22D8C128CFAB69A73 ] GFNEXSrv        C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
21:27:06.0721 0x05c0  GFNEXSrv - ok
21:27:06.0787 0x05c0  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:27:06.0888 0x05c0  gpsvc - ok
21:27:06.0969 0x05c0  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:27:06.0994 0x05c0  gupdate - ok
21:27:07.0019 0x05c0  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:27:07.0044 0x05c0  gupdatem - ok
21:27:07.0099 0x05c0  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:27:07.0132 0x05c0  gusvc - ok
21:27:07.0161 0x05c0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:27:07.0194 0x05c0  hcw85cir - ok
21:27:07.0257 0x05c0  [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:27:07.0327 0x05c0  HdAudAddService - ok
21:27:07.0357 0x05c0  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:27:07.0408 0x05c0  HDAudBus - ok
21:27:07.0474 0x05c0  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
21:27:07.0500 0x05c0  HECIx64 - ok
21:27:07.0537 0x05c0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:27:07.0570 0x05c0  HidBatt - ok
21:27:07.0625 0x05c0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:27:07.0672 0x05c0  HidBth - ok
21:27:07.0703 0x05c0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:27:07.0746 0x05c0  HidIr - ok
21:27:07.0783 0x05c0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
21:27:07.0879 0x05c0  hidserv - ok
21:27:07.0913 0x05c0  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:27:07.0942 0x05c0  HidUsb - ok
21:27:07.0982 0x05c0  [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:27:08.0075 0x05c0  hkmsvc - ok
21:27:08.0104 0x05c0  [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:27:08.0148 0x05c0  HomeGroupListener - ok
21:27:08.0185 0x05c0  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:27:08.0226 0x05c0  HomeGroupProvider - ok
21:27:08.0260 0x05c0  [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
21:27:08.0288 0x05c0  HpSAMD - ok
21:27:08.0353 0x05c0  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:27:08.0495 0x05c0  HTTP - ok
21:27:08.0575 0x05c0  [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:27:08.0602 0x05c0  hwpolicy - ok
21:27:08.0670 0x05c0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:27:08.0710 0x05c0  i8042prt - ok
21:27:08.0766 0x05c0  [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
21:27:08.0820 0x05c0  iaStor - ok
21:27:08.0881 0x05c0  [ B75E45C564E944A2657167D197AB29DA, 622EA73F4D9CAE17628C18148FB241817A0AE6D80A74B099204ED27C1A750B24 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:27:08.0934 0x05c0  iaStorV - ok
21:27:09.0038 0x05c0  [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:27:09.0122 0x05c0  idsvc - ok
21:27:09.0930 0x05c0  [ F4F91789C7C7A159CE8215C1F69F2A85, E60155402FB647B55EAD6B090204A1AA497294D473A7CCF850BB21C0DCCCB49C ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:27:10.0762 0x05c0  igfx - ok
21:27:10.0839 0x05c0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:27:10.0862 0x05c0  iirsp - ok
21:27:10.0926 0x05c0  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT          C:\Windows\System32\ikeext.dll
21:27:11.0072 0x05c0  IKEEXT - ok
21:27:11.0110 0x05c0  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
21:27:11.0148 0x05c0  Impcd - ok
21:27:11.0343 0x05c0  [ 2FAAEA2DC2719E67FD7C0D51F9E743F7, 4F56CB5A0309607EC7DC466E6DC7425DAB34D7194F64C4C258BAEC429A7DB303 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:27:11.0536 0x05c0  IntcAzAudAddService - ok
21:27:11.0575 0x05c0  [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
21:27:11.0622 0x05c0  IntcDAud - ok
21:27:11.0652 0x05c0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
21:27:11.0678 0x05c0  intelide - ok
21:27:11.0705 0x05c0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:27:11.0737 0x05c0  intelppm - ok
21:27:11.0778 0x05c0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:27:11.0881 0x05c0  IPBusEnum - ok
21:27:11.0918 0x05c0  [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:27:12.0023 0x05c0  IpFilterDriver - ok
21:27:12.0076 0x05c0  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:27:12.0225 0x05c0  iphlpsvc - ok
21:27:12.0252 0x05c0  [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
21:27:12.0289 0x05c0  IPMIDRV - ok
21:27:12.0301 0x05c0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:27:12.0405 0x05c0  IPNAT - ok
21:27:12.0517 0x05c0  [ 0F261EC4F514926177C70C1832374231, 7E61B89FE2651C0C7951E10454267174550677DEAB1C497571A9B0B583687304 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:27:12.0572 0x05c0  iPod Service - ok
21:27:12.0604 0x05c0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:27:12.0645 0x05c0  IRENUM - ok
21:27:12.0659 0x05c0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
21:27:12.0688 0x05c0  isapnp - ok
21:27:12.0726 0x05c0  [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
21:27:12.0768 0x05c0  iScsiPrt - ok
21:27:12.0810 0x05c0  [ BD5BF20EC242E003A2F570B8754A56D1, B4B3492222E98BF8E6EC453E727187FF4AA50A508D1E88A0CBBD5C46355AE492 ] ivusb           C:\Windows\system32\DRIVERS\ivusb.sys
21:27:12.0834 0x05c0  ivusb - ok
21:27:12.0867 0x05c0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:27:12.0898 0x05c0  kbdclass - ok
21:27:12.0934 0x05c0  [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:27:12.0967 0x05c0  kbdhid - ok
21:27:12.0986 0x05c0  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] KeyIso          C:\Windows\system32\lsass.exe
21:27:13.0020 0x05c0  KeyIso - ok
21:27:13.0048 0x05c0  [ 4F4B5FDE429416877DE7143044582EB5, A28FFEA078DBD91F3CC28088810EEEB727107B3F0F48370B44D87DC8F8C55B99 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:27:13.0088 0x05c0  KSecDD - ok
21:27:13.0114 0x05c0  [ 6F40465A44ECDC1731BEFAFEC5BDD03C, 317334D414D0AF73CB4D9CA11EA80C641E786760B8800F2795D0CB38378DBB80 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:27:13.0151 0x05c0  KSecPkg - ok
21:27:13.0167 0x05c0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:27:13.0262 0x05c0  ksthunk - ok
21:27:13.0311 0x05c0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:27:13.0423 0x05c0  KtmRm - ok
21:27:13.0459 0x05c0  [ 55480B9C63F3F91A8EBBADCBF28FE581, 5B4BC3F0307B0697DD08DD8AAD4B9EAE99EDD3B33B85D9293D183684D5057293 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
21:27:13.0482 0x05c0  L1C - ok
21:27:13.0526 0x05c0  [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:27:13.0572 0x05c0  LanmanServer - ok
21:27:13.0600 0x05c0  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:27:13.0708 0x05c0  LanmanWorkstation - ok
21:27:13.0744 0x05c0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:27:13.0848 0x05c0  lltdio - ok
21:27:13.0888 0x05c0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:27:14.0014 0x05c0  lltdsvc - ok
21:27:14.0033 0x05c0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:27:14.0137 0x05c0  lmhosts - ok
21:27:14.0220 0x05c0  [ 6D515466AB8BFE61184092B635AE6EB4, 86CEF8700AF4D848DCF5DF217A7588C04F7F0BCEEB10B971E7C0368D8F8E1FAC ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:27:14.0256 0x05c0  LMS - ok
21:27:14.0290 0x05c0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:27:14.0319 0x05c0  LSI_FC - ok
21:27:14.0348 0x05c0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:27:14.0378 0x05c0  LSI_SAS - ok
21:27:14.0400 0x05c0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:27:14.0428 0x05c0  LSI_SAS2 - ok
21:27:14.0465 0x05c0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:27:14.0503 0x05c0  LSI_SCSI - ok
21:27:14.0528 0x05c0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:27:14.0643 0x05c0  luafv - ok
21:27:14.0674 0x05c0  [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:27:14.0716 0x05c0  Mcx2Svc - ok
21:27:14.0736 0x05c0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:27:14.0769 0x05c0  megasas - ok
21:27:14.0815 0x05c0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:27:14.0859 0x05c0  MegaSR - ok
21:27:14.0882 0x05c0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:27:14.0983 0x05c0  MMCSS - ok
21:27:15.0009 0x05c0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:27:15.0098 0x05c0  Modem - ok
21:27:15.0122 0x05c0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:27:15.0158 0x05c0  monitor - ok
21:27:15.0181 0x05c0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:27:15.0208 0x05c0  mouclass - ok
21:27:15.0237 0x05c0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:27:15.0266 0x05c0  mouhid - ok
21:27:15.0305 0x05c0  [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:27:15.0336 0x05c0  mountmgr - ok
21:27:15.0399 0x05c0  [ A35576A433F4AEB0D48976A004657CB6, F820A759119785C3FB10B0EDCF8EF9985886A9B0767ABD45B2ACAC03498B321E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:27:15.0429 0x05c0  MozillaMaintenance - ok
21:27:15.0459 0x05c0  [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
21:27:15.0495 0x05c0  mpio - ok
21:27:15.0527 0x05c0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:27:15.0632 0x05c0  mpsdrv - ok
21:27:15.0714 0x05c0  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:27:15.0883 0x05c0  MpsSvc - ok
21:27:15.0971 0x05c0  [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:27:16.0027 0x05c0  MRxDAV - ok
21:27:16.0066 0x05c0  [ 040D62A9D8AD28922632137ACDD984F2, D9457BDA88C2E3AA4E716C0657B77A4A3E212328CDABD5C18279B6440E1C1594 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:27:16.0111 0x05c0  mrxsmb - ok
21:27:16.0150 0x05c0  [ F0067552F8F9B33D7C59403AB808A3CB, 698B63528E1943BB4253BF7578DC128AA824C71BD04FF0521277E68B20656C02 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:27:16.0205 0x05c0  mrxsmb10 - ok
21:27:16.0234 0x05c0  [ 3C142D31DE9F2F193218A53FE2632051, 026B3A932A95D5160B64E470FC414F3D388D429317D5EAEA2D476F715C4CAE75 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:27:16.0276 0x05c0  mrxsmb20 - ok
21:27:16.0314 0x05c0  [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
21:27:16.0343 0x05c0  msahci - ok
21:27:16.0385 0x05c0  [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
21:27:16.0420 0x05c0  msdsm - ok
21:27:16.0459 0x05c0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:27:16.0504 0x05c0  MSDTC - ok
21:27:16.0532 0x05c0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:27:16.0632 0x05c0  Msfs - ok
21:27:16.0651 0x05c0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:27:16.0737 0x05c0  mshidkmdf - ok
21:27:16.0748 0x05c0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
21:27:16.0771 0x05c0  msisadrv - ok
21:27:16.0805 0x05c0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:27:16.0903 0x05c0  MSiSCSI - ok
21:27:16.0909 0x05c0  msiserver - ok
21:27:16.0944 0x05c0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:27:17.0032 0x05c0  MSKSSRV - ok
21:27:17.0050 0x05c0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:27:17.0138 0x05c0  MSPCLOCK - ok
21:27:17.0151 0x05c0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:27:17.0234 0x05c0  MSPQM - ok
21:27:17.0264 0x05c0  [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:27:17.0308 0x05c0  MsRPC - ok
21:27:17.0338 0x05c0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:27:17.0361 0x05c0  mssmbios - ok
21:27:17.0374 0x05c0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:27:17.0453 0x05c0  MSTEE - ok
21:27:17.0480 0x05c0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:27:17.0505 0x05c0  MTConfig - ok
21:27:17.0529 0x05c0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:27:17.0555 0x05c0  Mup - ok
21:27:17.0603 0x05c0  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent        C:\Windows\system32\qagentRT.dll
21:27:17.0716 0x05c0  napagent - ok
21:27:17.0771 0x05c0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:27:17.0825 0x05c0  NativeWifiP - ok
21:27:17.0894 0x05c0  [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:27:17.0963 0x05c0  NDIS - ok
21:27:17.0988 0x05c0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:27:18.0079 0x05c0  NdisCap - ok
21:27:18.0109 0x05c0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:27:18.0205 0x05c0  NdisTapi - ok
21:27:18.0218 0x05c0  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:27:18.0318 0x05c0  Ndisuio - ok
21:27:18.0337 0x05c0  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:27:18.0448 0x05c0  NdisWan - ok
21:27:18.0476 0x05c0  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:27:18.0579 0x05c0  NDProxy - ok
21:27:18.0604 0x05c0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:27:18.0695 0x05c0  NetBIOS - ok
21:27:18.0729 0x05c0  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:27:18.0831 0x05c0  NetBT - ok
21:27:18.0845 0x05c0  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] Netlogon        C:\Windows\system32\lsass.exe
21:27:18.0874 0x05c0  Netlogon - ok
21:27:18.0912 0x05c0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:27:19.0026 0x05c0  Netman - ok
21:27:19.0082 0x05c0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:27:19.0203 0x05c0  netprofm - ok
21:27:19.0239 0x05c0  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:27:19.0268 0x05c0  NetTcpPortSharing - ok
21:27:19.0306 0x05c0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:27:19.0336 0x05c0  nfrd960 - ok
21:27:19.0384 0x05c0  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:27:19.0513 0x05c0  NlaSvc - ok
21:27:19.0526 0x05c0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:27:19.0627 0x05c0  Npfs - ok
21:27:19.0642 0x05c0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
21:27:19.0743 0x05c0  nsi - ok
21:27:19.0755 0x05c0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:27:19.0850 0x05c0  nsiproxy - ok
21:27:19.0975 0x05c0  [ 9A6089B056EA1B83B36424FC9D0A300E, EA60282C5A32B497921B568C1FE735F5BDB9D954DDC4E609F7F3CAE5ED823CEC ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:27:20.0105 0x05c0  Ntfs - ok
21:27:20.0134 0x05c0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:27:20.0220 0x05c0  Null - ok
21:27:20.0260 0x05c0  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
21:27:20.0286 0x05c0  nusb3hub - ok
21:27:20.0329 0x05c0  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
21:27:20.0363 0x05c0  nusb3xhc - ok
21:27:21.0175 0x05c0  [ F6168EDF9794B7A8D6D030CBA5F6BF68, 7DA45BC540BC4A8014C44F865BE81D025EFBD80672230CA01790DAB963A25C61 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:27:21.0949 0x05c0  nvlddmkm - ok
21:27:22.0028 0x05c0  [ FD61DF62375C92B700F34E375796BBAB, 675281E46B2D14D95B5A094BC9DC7ECD823224F6EEE8DD99E1CD2C9A7776D69C ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
21:27:22.0046 0x05c0  nvpciflt - ok
21:27:22.0078 0x05c0  [ A4D9C9A608A97F59307C2F2600EDC6A4, D786F4CA2D10BAC31CE14A338C442F7027D4BB2E955AB99BC44C2F241D383BBE ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:27:22.0110 0x05c0  nvraid - ok
21:27:22.0134 0x05c0  [ 6C1D5F70E7A6A3FD1C90D840EDC048B9, 8D5337742A0F5B04D636C163CE77D4A9B3684CF81170026912A402513B44BA77 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:27:22.0166 0x05c0  nvstor - ok
21:27:22.0205 0x05c0  [ EA94A1F7DA5CF16D28E50511D010CD97, 04562FBD6112042DD000833F345F0C5F542AD9DA107DDEF093D00558477D4789 ] nvsvc           C:\Windows\system32\nvvsvc.exe
21:27:22.0234 0x05c0  nvsvc - ok
21:27:22.0342 0x05c0  [ 2F498CD539B8E522EEF8A568A9EE4E80, 8C21728C9173DD318C411002033642174DB1D6CD79144D14923650E0B203D94A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
21:27:22.0459 0x05c0  nvUpdatusService - ok
21:27:22.0499 0x05c0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
21:27:22.0534 0x05c0  nv_agp - ok
21:27:22.0561 0x05c0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
21:27:22.0597 0x05c0  ohci1394 - ok
21:27:22.0637 0x05c0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:27:22.0695 0x05c0  p2pimsvc - ok
21:27:22.0745 0x05c0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:27:22.0817 0x05c0  p2psvc - ok
21:27:22.0837 0x05c0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:27:22.0875 0x05c0  Parport - ok
21:27:22.0912 0x05c0  [ 90061B1ACFE8CCAA5345750FFE08D8B8, 76309683FFDF380AF9C6E1D9A52E46B011A0BF1026D747181D01F3312B7541C7 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:27:22.0945 0x05c0  partmgr - ok
21:27:22.0965 0x05c0  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:27:23.0027 0x05c0  PcaSvc - ok
21:27:23.0067 0x05c0  [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci             C:\Windows\system32\DRIVERS\pci.sys
21:27:23.0100 0x05c0  pci - ok
21:27:23.0131 0x05c0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
21:27:23.0155 0x05c0  pciide - ok
21:27:23.0197 0x05c0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:27:23.0233 0x05c0  pcmcia - ok
21:27:23.0261 0x05c0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:27:23.0288 0x05c0  pcw - ok
21:27:23.0339 0x05c0  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:27:23.0470 0x05c0  PEAUTH - ok
21:27:23.0547 0x05c0  [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN         C:\Program Files (x86)\PHotkey\PEGAGFN.sys
21:27:23.0565 0x05c0  PEGAGFN - ok
21:27:23.0648 0x05c0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:27:23.0684 0x05c0  PerfHost - ok
21:27:23.0809 0x05c0  [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla             C:\Windows\system32\pla.dll
21:27:24.0027 0x05c0  pla - ok
21:27:24.0107 0x05c0  [ 98B1721B8718164293B9701B98C52D77, 27F5F00D4AA394D4D8D0A0062EDC3F944B603E07CAAEDC5CC959BA1E8C208C2A ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:27:24.0175 0x05c0  PlugPlay - ok
21:27:24.0188 0x05c0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:27:24.0221 0x05c0  PNRPAutoReg - ok
21:27:24.0251 0x05c0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:27:24.0301 0x05c0  PNRPsvc - ok
21:27:24.0358 0x05c0  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:27:24.0483 0x05c0  PolicyAgent - ok
21:27:24.0524 0x05c0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
21:27:24.0625 0x05c0  Power - ok
21:27:24.0653 0x05c0  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:27:24.0746 0x05c0  PptpMiniport - ok
21:27:24.0782 0x05c0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:27:24.0815 0x05c0  Processor - ok
21:27:24.0853 0x05c0  [ 97293447431311C06703368AD0F6C4BE, 302A3CA8F6961717D95469B20A8A71954D4ECFCDF4638238D3D44AAE5A8D9B8B ] ProfSvc         C:\Windows\system32\profsvc.dll
21:27:24.0891 0x05c0  ProfSvc - ok
21:27:24.0903 0x05c0  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:27:24.0930 0x05c0  ProtectedStorage - ok
21:27:24.0960 0x05c0  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:27:25.0044 0x05c0  Psched - ok
21:27:25.0137 0x05c0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:27:25.0246 0x05c0  ql2300 - ok
21:27:25.0278 0x05c0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:27:25.0305 0x05c0  ql40xx - ok
21:27:25.0342 0x05c0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:27:25.0395 0x05c0  QWAVE - ok
21:27:25.0413 0x05c0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:27:25.0459 0x05c0  QWAVEdrv - ok
21:27:25.0490 0x05c0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:27:25.0588 0x05c0  RasAcd - ok
21:27:25.0615 0x05c0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:27:25.0719 0x05c0  RasAgileVpn - ok
21:27:25.0740 0x05c0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:27:25.0851 0x05c0  RasAuto - ok
21:27:25.0872 0x05c0  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:27:25.0981 0x05c0  Rasl2tp - ok
21:27:26.0016 0x05c0  [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan          C:\Windows\System32\rasmans.dll
21:27:26.0131 0x05c0  RasMan - ok
21:27:26.0148 0x05c0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:27:26.0241 0x05c0  RasPppoe - ok
21:27:26.0268 0x05c0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:27:26.0360 0x05c0  RasSstp - ok
21:27:26.0389 0x05c0  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:27:26.0496 0x05c0  rdbss - ok
21:27:26.0525 0x05c0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:27:26.0560 0x05c0  rdpbus - ok
21:27:26.0582 0x05c0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:27:26.0667 0x05c0  RDPCDD - ok
21:27:26.0683 0x05c0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:27:26.0769 0x05c0  RDPENCDD - ok
21:27:26.0787 0x05c0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:27:26.0869 0x05c0  RDPREFMP - ok
21:27:26.0908 0x05c0  [ 447DE7E3DEA39D422C1504F245B668B1, C54D90D2F9405E011E490D3C2F0F64488B87B969C95E367C076BBFCFD8654909 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:27:26.0953 0x05c0  RDPWD - ok
21:27:26.0983 0x05c0  [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:27:27.0016 0x05c0  rdyboost - ok
21:27:27.0048 0x05c0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:27:27.0141 0x05c0  RemoteAccess - ok
21:27:27.0180 0x05c0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:27:27.0274 0x05c0  RemoteRegistry - ok
21:27:27.0288 0x05c0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:27:27.0373 0x05c0  RpcEptMapper - ok
21:27:27.0382 0x05c0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:27:27.0411 0x05c0  RpcLocator - ok
21:27:27.0451 0x05c0  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs           C:\Windows\system32\rpcss.dll
21:27:27.0563 0x05c0  RpcSs - ok
21:27:27.0672 0x05c0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:27:27.0779 0x05c0  rspndr - ok
21:27:27.0880 0x05c0  [ A5986B46C4348CB35EBB98F220948DF7, 8E8F2180735D982F3D8278441D1430E6789926983AE737546F473CB1E843B3F5 ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys
21:27:27.0974 0x05c0  rtl8192se - ok
21:27:28.0044 0x05c0  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] SamSs           C:\Windows\system32\lsass.exe
21:27:28.0077 0x05c0  SamSs - ok
21:27:28.0116 0x05c0  [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
21:27:28.0151 0x05c0  sbp2port - ok
21:27:28.0199 0x05c0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:27:28.0318 0x05c0  SCardSvr - ok
21:27:28.0347 0x05c0  [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:27:28.0446 0x05c0  scfilter - ok
21:27:28.0540 0x05c0  [ 624D0F5FF99428BB90A5B8A4123E918E, 90A43E6F09B56CB86A3E3851F8E5ABB74905AEB70296F4B87BEDBC3027E65E86 ] Schedule        C:\Windows\system32\schedsvc.dll
21:27:28.0652 0x05c0  Schedule - ok
21:27:28.0681 0x05c0  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:27:28.0776 0x05c0  SCPolicySvc - ok
21:27:28.0802 0x05c0  [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:27:28.0844 0x05c0  SDRSVC - ok
21:27:28.0869 0x05c0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:27:28.0958 0x05c0  secdrv - ok
21:27:28.0969 0x05c0  [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon        C:\Windows\system32\seclogon.dll
21:27:29.0059 0x05c0  seclogon - ok
21:27:29.0073 0x05c0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
21:27:29.0176 0x05c0  SENS - ok
21:27:29.0193 0x05c0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:27:29.0245 0x05c0  SensrSvc - ok
21:27:29.0272 0x05c0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:27:29.0298 0x05c0  Serenum - ok
21:27:29.0335 0x05c0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:27:29.0368 0x05c0  Serial - ok
21:27:29.0406 0x05c0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:27:29.0437 0x05c0  sermouse - ok
21:27:29.0531 0x05c0  [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:27:29.0645 0x05c0  SessionEnv - ok
21:27:29.0684 0x05c0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
21:27:29.0715 0x05c0  sffdisk - ok
21:27:29.0751 0x05c0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
21:27:29.0780 0x05c0  sffp_mmc - ok
21:27:29.0793 0x05c0  [ 178298F767FE638C9FEDCBDEF58BB5E4, 053D12CFEE5C54EA7D06F9C9CAE93544FE258A4825CDE2A14090BC81A96E1CF7 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
21:27:29.0823 0x05c0  sffp_sd - ok
21:27:29.0831 0x05c0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:27:29.0864 0x05c0  sfloppy - ok
21:27:29.0905 0x05c0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:27:30.0034 0x05c0  SharedAccess - ok
21:27:30.0066 0x05c0  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:27:30.0138 0x05c0  ShellHWDetection - ok
21:27:30.0168 0x05c0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:27:30.0194 0x05c0  SiSRaid2 - ok
21:27:30.0223 0x05c0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:27:30.0251 0x05c0  SiSRaid4 - ok
21:27:30.0322 0x05c0  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:27:30.0362 0x05c0  SkypeUpdate - ok
21:27:30.0398 0x05c0  [ 0DFAA06B71FC75D0878907A7D18F5240, 57C48A3FFAFC11E70085F246E582EAC5A68F0EAEE4C450125E54C837968EFEA7 ] SLEE_16_DRIVER  C:\Windows\Sleen1664.sys
21:27:30.0425 0x05c0  SLEE_16_DRIVER - ok
21:27:30.0474 0x05c0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:27:30.0583 0x05c0  Smb - ok
21:27:30.0621 0x05c0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:27:30.0657 0x05c0  SNMPTRAP - ok
21:27:30.0749 0x05c0  [ F9FDE7DFDEA905859F54B23EA62352EC, 5F5C3C81C342114EE0A51C4F78CF9FF2113DB7814A459372A4B6D4D34FB9D2AD ] Soda 3D PDF Reader Helper Service C:\Program Files (x86)\Soda 3D PDF Reader\HelperService.exe
21:27:30.0826 0x05c0  Soda 3D PDF Reader Helper Service - ok
21:27:30.0914 0x05c0  [ 050323983CF4A056E649179058236796, C259412C7F782A0D226322CC812FA585C0DE606302C88E6EF2362D06D95AE2D6 ] Soda 3D PDF Reader Service C:\Program Files (x86)\Soda 3D PDF Reader\ConversionService.exe
21:27:30.0991 0x05c0  Soda 3D PDF Reader Service - ok
21:27:31.0019 0x05c0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:27:31.0044 0x05c0  spldr - ok
21:27:31.0100 0x05c0  [ 567977DC43CC13C4C35ED7084C0B84D5, 93EEC3ABA66DA83157F49F056EF1CB3355122204F2BB0F8B618064AF47D59A61 ] Spooler         C:\Windows\System32\spoolsv.exe
21:27:31.0174 0x05c0  Spooler - ok
21:27:31.0405 0x05c0  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc          C:\Windows\system32\sppsvc.exe
21:27:31.0675 0x05c0  sppsvc - ok
21:27:31.0710 0x05c0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:27:31.0796 0x05c0  sppuinotify - ok
21:27:31.0840 0x05c0  [ 2408C0366D96BCDF63E8F1C78E4A29C5, 66F646890695B5D80536E88B1566C8765D89CFE25954ED650F6D773EFF045016 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:27:31.0895 0x05c0  srv - ok
21:27:31.0932 0x05c0  [ 76548F7B818881B47D8D1AE1BE9C11F8, 8F1356B07A6A55746FC71B6DB0322128941AE890850196F2B19BC01E6FC9B41C ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:27:31.0983 0x05c0  srv2 - ok
21:27:32.0025 0x05c0  [ 0AF6E19D39C70844C5CAA8FB0183C36E, 4494EEFDEA7198888D32E74727E5BC0AC628FFA70B1FE7EB59DBEEDC1A95D0DD ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:27:32.0060 0x05c0  srvnet - ok
21:27:32.0112 0x05c0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:27:32.0205 0x05c0  SSDPSRV - ok
21:27:32.0224 0x05c0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:27:32.0310 0x05c0  SstpSvc - ok
21:27:32.0367 0x05c0  [ BA696186045E49A7276B2282AFE5E1C8, 94CD2DDF0B055AEBC4BEC0EA45F2BC42E004D52953A7C78847B2CBAC5F73B73F ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:27:32.0395 0x05c0  Stereo Service - ok
21:27:32.0424 0x05c0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:27:32.0447 0x05c0  stexstor - ok
21:27:32.0501 0x05c0  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc          C:\Windows\System32\wiaservc.dll
21:27:32.0579 0x05c0  stisvc - ok
21:27:32.0607 0x05c0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:27:32.0630 0x05c0  swenum - ok
21:27:32.0687 0x05c0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:27:32.0806 0x05c0  swprv - ok
21:27:32.0855 0x05c0  [ BE2B928DE9AF2848289DB7A54C7E2398, A3B07D0CCE0CE228FF62757EBA90E189438C4FA82BE4B5B8FFAED6DB25F06107 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
21:27:32.0887 0x05c0  SynTP - ok
21:27:32.0998 0x05c0  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain         C:\Windows\system32\sysmain.dll
21:27:33.0157 0x05c0  SysMain - ok
21:27:33.0249 0x05c0  [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:27:33.0294 0x05c0  TabletInputService - ok
21:27:33.0321 0x05c0  [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:27:33.0425 0x05c0  TapiSrv - ok
21:27:33.0437 0x05c0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
21:27:33.0523 0x05c0  TBS - ok
21:27:33.0649 0x05c0  [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:27:33.0783 0x05c0  Tcpip - ok
21:27:33.0898 0x05c0  [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:27:34.0018 0x05c0  TCPIP6 - ok
21:27:34.0059 0x05c0  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:27:34.0132 0x05c0  tcpipreg - ok
21:27:34.0154 0x05c0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:27:34.0178 0x05c0  TDPIPE - ok
21:27:34.0211 0x05c0  [ 7518F7BCFD4B308ABC9192BACAF6C970, CF08E547EF4059DA3F5A2FCBA98939E84092BB6E0E37F9BBCD1E4D9EBB8A58BB ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:27:34.0235 0x05c0  TDTCP - ok
21:27:34.0255 0x05c0  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:27:34.0332 0x05c0  tdx - ok
21:27:34.0350 0x05c0  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:27:34.0375 0x05c0  TermDD - ok
21:27:34.0434 0x05c0  [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService     C:\Windows\System32\termsrv.dll
21:27:34.0553 0x05c0  TermService - ok
21:27:34.0635 0x05c0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:27:34.0685 0x05c0  Themes - ok
21:27:34.0699 0x05c0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:27:34.0805 0x05c0  THREADORDER - ok
21:27:34.0828 0x05c0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:27:34.0942 0x05c0  TrkWks - ok
21:27:35.0006 0x05c0  [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:27:35.0055 0x05c0  TrustedInstaller - ok
21:27:35.0077 0x05c0  [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:27:35.0179 0x05c0  tssecsrv - ok
21:27:35.0225 0x05c0  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:27:35.0320 0x05c0  tunnel - ok
21:27:35.0338 0x05c0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:27:35.0368 0x05c0  uagp35 - ok
21:27:35.0403 0x05c0  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:27:35.0517 0x05c0  udfs - ok
21:27:35.0552 0x05c0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:27:35.0588 0x05c0  UI0Detect - ok
21:27:35.0614 0x05c0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
21:27:35.0645 0x05c0  uliagpkx - ok
21:27:35.0698 0x05c0  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:27:35.0730 0x05c0  umbus - ok
21:27:35.0757 0x05c0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:27:35.0787 0x05c0  UmPass - ok
21:27:35.0989 0x05c0  [ 0FADD949576A164B4E51E716F46B6C33, 34B33EC767FFCF58647090F5293DD1942BA9CDC5AB9976528DE3793EF327D48E ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:27:36.0190 0x05c0  UNS - ok
21:27:36.0258 0x05c0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:27:36.0392 0x05c0  upnphost - ok
21:27:36.0430 0x05c0  [ 43228F8EDD1B0BCDD3145AD246E63D39, 108D8793E9F94C0A0E895398599B359121751F2E7BAA8B7BD24838AEF646726D ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
21:27:36.0461 0x05c0  USBAAPL64 - ok
21:27:36.0491 0x05c0  [ 7B6A127C93EE590E4D79A5F2A76FE46F, 6F178916EF6D58D1E5B26C0D9D95C276B776505BFC9F716BB1E3ABD3B2B72FCE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:27:36.0527 0x05c0  usbccgp - ok
21:27:36.0561 0x05c0  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
21:27:36.0603 0x05c0  usbcir - ok
21:27:36.0631 0x05c0  [ 92969BA5AC44E229C55A332864F79677, 4ED1E1049E7641D3FFF5D296F2D59060225CE52AB9F7B5CA618898B46A772F98 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:27:36.0662 0x05c0  usbehci - ok
21:27:36.0718 0x05c0  [ E7DF1CFD28CA86B35EF5ADD0735CEEF3, AA751288EC34D61D934D7E8C036B60BBCEDC2A746815623478BB015D87D6A998 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:27:36.0770 0x05c0  usbhub - ok
21:27:36.0790 0x05c0  [ F1BB1E55F1E7A65C5839CCC7B36D773E, 4F517F81FA5688D78D3627EA7D2EA16AD4EB410D7624FE483C7AF26951E579A9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:27:36.0823 0x05c0  usbohci - ok
21:27:36.0845 0x05c0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:27:36.0882 0x05c0  usbprint - ok
21:27:36.0900 0x05c0  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:27:36.0938 0x05c0  usbscan - ok
21:27:36.0967 0x05c0  [ F39983647BC1F3E6100778DDFE9DCE29, 3BD36594F7C753680DB5A4354B1D6A33FC3011631D2D56DD4B2464AA99C85F7B ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:27:37.0001 0x05c0  USBSTOR - ok
21:27:37.0017 0x05c0  [ BC3070350A491D84B518D7CCA9ABD36F, 96FFF9F76A93CF4806297AE7C11A5C6D1E7A9980260E6CFC960F8247D5032161 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:27:37.0044 0x05c0  usbuhci - ok
21:27:37.0086 0x05c0  [ 7CB8C573C6E4A2714402CC0A36EAB4FE, FCD65AA3723617F58F77C4DA93CE910C712B8AA9411B5C4A60DC6C684EA53C1B ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
21:27:37.0122 0x05c0  usbvideo - ok
21:27:37.0148 0x05c0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:27:37.0233 0x05c0  UxSms - ok
21:27:37.0245 0x05c0  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] VaultSvc        C:\Windows\system32\lsass.exe
21:27:37.0272 0x05c0  VaultSvc - ok
21:27:37.0298 0x05c0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
21:27:37.0323 0x05c0  vdrvroot - ok
21:27:37.0358 0x05c0  [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds             C:\Windows\System32\vds.exe
21:27:37.0419 0x05c0  vds - ok
21:27:37.0449 0x05c0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:27:37.0485 0x05c0  vga - ok
21:27:37.0502 0x05c0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:27:37.0582 0x05c0  VgaSave - ok
21:27:37.0619 0x05c0  [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
21:27:37.0654 0x05c0  vhdmp - ok
21:27:37.0686 0x05c0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
21:27:37.0710 0x05c0  viaide - ok
21:27:37.0740 0x05c0  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
21:27:37.0768 0x05c0  volmgr - ok
21:27:37.0799 0x05c0  [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:27:37.0844 0x05c0  volmgrx - ok
21:27:37.0884 0x05c0  [ 9E425AC5C9A5A973273D169F43B4F5E1, 64C9A9D4A39865E56F01B4FDE1B56034C4B2A2AEF2ABE15EC1C37911C59595B0 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:27:37.0924 0x05c0  volsnap - ok
21:27:37.0961 0x05c0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:27:38.0025 0x05c0  vsmraid - ok
21:27:38.0137 0x05c0  [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS             C:\Windows\system32\vssvc.exe
21:27:38.0264 0x05c0  VSS - ok
21:27:38.0327 0x05c0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:27:38.0361 0x05c0  vwifibus - ok
21:27:38.0392 0x05c0  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:27:38.0432 0x05c0  vwififlt - ok
21:27:38.0482 0x05c0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:27:38.0596 0x05c0  W32Time - ok
21:27:38.0627 0x05c0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:27:38.0656 0x05c0  WacomPen - ok
21:27:38.0692 0x05c0  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:27:38.0768 0x05c0  WANARP - ok
21:27:38.0786 0x05c0  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:27:38.0864 0x05c0  Wanarpv6 - ok
21:27:38.0958 0x05c0  [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine        C:\Windows\system32\wbengine.exe
21:27:39.0071 0x05c0  wbengine - ok
21:27:39.0129 0x05c0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:27:39.0175 0x05c0  WbioSrvc - ok
21:27:39.0230 0x05c0  [ DD1BAE8EBFC653824D29CCF8C9054D68, 81D6640222FE276D721168745F6BB905D4E756909A9B2C706AF25465D748772D ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:27:39.0278 0x05c0  wcncsvc - ok
21:27:39.0291 0x05c0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:27:39.0321 0x05c0  WcsPlugInService - ok
21:27:39.0347 0x05c0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:27:39.0368 0x05c0  Wd - ok
21:27:39.0494 0x05c0  [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:27:39.0587 0x05c0  Wdf01000 - ok
21:27:39.0627 0x05c0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:27:39.0685 0x05c0  WdiServiceHost - ok
21:27:39.0695 0x05c0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:27:39.0752 0x05c0  WdiSystemHost - ok
21:27:39.0812 0x05c0  [ 733006127F235BE7C35354EBEE7B9A7B, 2C7E7030D586C36261F33F29883337695493D48CEA415D6DBA7C5635845A5B32 ] WebClient       C:\Windows\System32\webclnt.dll
21:27:39.0873 0x05c0  WebClient - ok
21:27:39.0902 0x05c0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:27:40.0028 0x05c0  Wecsvc - ok
21:27:40.0127 0x05c0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:27:40.0245 0x05c0  wercplsupport - ok
21:27:40.0276 0x05c0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:27:40.0385 0x05c0  WerSvc - ok
21:27:40.0427 0x05c0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:27:40.0525 0x05c0  WfpLwf - ok
21:27:40.0546 0x05c0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:27:40.0588 0x05c0  WIMMount - ok
21:27:40.0621 0x05c0  WinDefend - ok
21:27:40.0631 0x05c0  WinHttpAutoProxySvc - ok
21:27:40.0690 0x05c0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:27:40.0808 0x05c0  Winmgmt - ok
21:27:40.0944 0x05c0  [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:27:41.0186 0x05c0  WinRM - ok
21:27:41.0251 0x05c0  [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:27:41.0289 0x05c0  WinUsb - ok
21:27:41.0356 0x05c0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:27:41.0466 0x05c0  Wlansvc - ok
21:27:41.0529 0x05c0  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
21:27:41.0553 0x05c0  wlcrasvc - ok
21:27:41.0749 0x05c0  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:27:41.0935 0x05c0  wlidsvc - ok
21:27:42.0043 0x05c0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
21:27:42.0076 0x05c0  WmiAcpi - ok
21:27:42.0121 0x05c0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:27:42.0170 0x05c0  wmiApSrv - ok
21:27:42.0197 0x05c0  WMPNetworkSvc - ok
21:27:42.0222 0x05c0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:27:42.0253 0x05c0  WPCSvc - ok
21:27:42.0270 0x05c0  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:27:42.0310 0x05c0  WPDBusEnum - ok
21:27:42.0343 0x05c0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:27:42.0431 0x05c0  ws2ifsl - ok
21:27:42.0473 0x05c0  [ 8F9F3969933C02DA96EB0F84576DB43E, C424D7B881A4DCC348433CF02044383013E32DB94CC66D1D20E1866CB3B0F952 ] wscsvc          C:\Windows\System32\wscsvc.dll
21:27:42.0509 0x05c0  wscsvc - ok
21:27:42.0514 0x05c0  WSearch - ok
21:27:42.0689 0x05c0  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:27:42.0903 0x05c0  wuauserv - ok
21:27:42.0930 0x05c0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:27:42.0968 0x05c0  WudfPf - ok
21:27:43.0014 0x05c0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:27:43.0059 0x05c0  WUDFRd - ok
21:27:43.0097 0x05c0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:27:43.0137 0x05c0  wudfsvc - ok
21:27:43.0176 0x05c0  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:27:43.0239 0x05c0  WwanSvc - ok
21:27:43.0271 0x05c0  ================ Scan global ===============================
21:27:43.0297 0x05c0  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:27:43.0321 0x05c0  [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll
21:27:43.0348 0x05c0  [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll
21:27:43.0383 0x05c0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:27:43.0422 0x05c0  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:27:43.0447 0x05c0  [ Global ] - ok
21:27:43.0448 0x05c0  ================ Scan MBR ==================================
21:27:43.0476 0x05c0  [ 2E0FE7FC299470E30383716B164CF901 ] \Device\Harddisk0\DR0
21:27:48.0378 0x05c0  \Device\Harddisk0\DR0 - ok
21:27:48.0379 0x05c0  ================ Scan VBR ==================================
21:27:48.0382 0x05c0  [ AFBCF946E9BB90B4C852AD98B6145737 ] \Device\Harddisk0\DR0\Partition1
21:27:48.0384 0x05c0  \Device\Harddisk0\DR0\Partition1 - ok
21:27:48.0388 0x05c0  [ 5DD399644F6D76F889250E73A4901C00 ] \Device\Harddisk0\DR0\Partition2
21:27:48.0391 0x05c0  \Device\Harddisk0\DR0\Partition2 - ok
21:27:48.0394 0x05c0  [ 3DF8CA21913705B725AC71032CE77577 ] \Device\Harddisk0\DR0\Partition3
21:27:48.0396 0x05c0  \Device\Harddisk0\DR0\Partition3 - ok
21:27:48.0397 0x05c0  ================ Scan generic autorun ======================
21:27:49.0141 0x05c0  [ BF657386FF476CE3630F693182E37800, 03A444880214BD61EBBC80BE8298358CF4F3425C675FF6851923071FC9E2C997 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:27:50.0027 0x05c0  RtHDVCpl - ok
21:27:50.0191 0x05c0  [ 5E8015140DF120DDBF4C957B8DF8CDED, 6F16D471527DD718B856117FDD3DB7FC8C1FA071B75BFB6F4A39B0E648E12960 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
21:27:50.0351 0x05c0  RtHDVBg - ok
21:27:50.0438 0x05c0  [ 42EB7A79867ED8AD99349FF0F0A7F39A, AF289350D625123BB697532B53A35B48D574ADB9861A288DA68F8EC2AB6F2E3A ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
21:27:50.0474 0x05c0  AmIcoSinglun64 - detected UnsignedFile.Multi.Generic ( 1 )
21:27:53.0360 0x05c0  Detect skipped due to KSN trusted
21:27:53.0360 0x05c0  AmIcoSinglun64 - ok
21:27:53.0361 0x05c0  SynTPEnh - ok
21:27:53.0410 0x05c0  [ 810A5F70CEB063CEC85360394BEC2C56, FCC289B23B2347AD7C34B48E6EFB1914B5ED8D9DD397B0816D94747B168DFD64 ] C:\Windows\system32\igfxtray.exe
21:27:53.0447 0x05c0  IgfxTray - ok
21:27:53.0493 0x05c0  [ 2FE8F6A30802B69A3F501607F346DEEA, CD603DB6055861E9EAD397234120FBE0D3CACEFADB0D6001099CF0DA9DF1CC34 ] C:\Windows\system32\hkcmd.exe
21:27:53.0545 0x05c0  HotKeysCmds - ok
21:27:53.0580 0x05c0  [ CA1941B93BA45B7EA4D7D9F451B25C84, B0648762862931CB12004C92CD7A7EF8E3B1C14DD33C980A490D8AA56F7AA723 ] C:\Windows\system32\igfxpers.exe
21:27:53.0630 0x05c0  Persistence - ok
21:27:53.0667 0x05c0  [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
21:27:53.0693 0x05c0  NUSB3MON - ok
21:27:53.0755 0x05c0  [ 57B4D34232852BFE4453BE571DF90D21, 3D329499D7BCACAE5F6377F988B90714F5A8301784CDB22D5B54A2266AC50D79 ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
21:27:53.0779 0x05c0  CLMLServer - ok
21:27:53.0822 0x05c0  [ 441AEAA45A35495644CC6530AC5BD725, 6E971A7D58A5FDDE3673CDD0A866B1C12B396633B3AA98D1278D487210D06245 ] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
21:27:53.0852 0x05c0  YouCam Mirror Tray icon - detected UnsignedFile.Multi.Generic ( 1 )
21:27:56.0488 0x05c0  Detect skipped due to KSN trusted
21:27:56.0488 0x05c0  YouCam Mirror Tray icon - ok
21:27:56.0489 0x05c0  HF_G_Jul - ok
21:27:56.0492 0x05c0  ROC_ROC_JULY_P1 - ok
21:27:56.0496 0x05c0  ROC_ROC_NT - ok
21:27:56.0825 0x05c0  [ 9F22AF691BB098BA98951BC3DFDD779A, E52F319D82A40A3A016C9A3624B940B97FF15C6A26229B69645C279704DDD0C9 ] C:\Program Files (x86)\AVG\AVG2015\avgui.exe
21:27:57.0082 0x05c0  AVG_UI - ok
21:27:57.0214 0x05c0  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:27:57.0339 0x05c0  Sidebar - ok
21:27:57.0414 0x05c0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:27:57.0467 0x05c0  mctadmin - ok
21:27:57.0563 0x05c0  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:27:57.0695 0x05c0  Sidebar - ok
21:27:57.0708 0x05c0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:27:57.0762 0x05c0  mctadmin - ok
21:27:57.0836 0x05c0  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:27:57.0963 0x05c0  Sidebar - ok
21:27:57.0978 0x05c0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:27:58.0030 0x05c0  mctadmin - ok
21:27:58.0031 0x05c0  spchecker - ok
21:27:58.0110 0x05c0  [ 78CB1D49A6367FE5C382B853006100E3, 6540F2A8413248D59B0A665A511AB7FD43F21610A052712D5345FBBA0078B3A5 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICLE.EXE
21:27:58.0148 0x05c0  EPSON Stylus Photo RX585 Series - ok
21:27:58.0196 0x05c0  MobileDocuments - ok
21:27:58.0647 0x05c0  [ 674C18BDC0EABE1C9FD363459759CA5B, BB34F0E9D8E2C5CF0CCB9E55D47C984F9F516671A15A124CC9763E6F26E15175 ] C:\Users\Mari\AppData\Local\Amazon Music\Amazon Music Helper.exe
21:27:59.0059 0x05c0  Amazon Music - ok
21:27:59.0070 0x05c0  Waiting for KSN requests completion. In queue: 9
21:28:00.0071 0x05c0  Waiting for KSN requests completion. In queue: 9
21:28:01.0071 0x05c0  Waiting for KSN requests completion. In queue: 9
21:28:02.0101 0x05c0  AV detected via SS2: AVG AntiVirus Free Edition 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.5863 ), 0x41000 ( enabled : updated )
21:28:02.0110 0x05c0  Win FW state via NFP2: enabled
21:28:04.0749 0x05c0  ============================================================
21:28:04.0749 0x05c0  Scan finished
21:28:04.0749 0x05c0  ============================================================
21:28:04.0770 0x1554  Detected object count: 0
21:28:04.0770 0x1554  Actual detected object count: 0


Alt 10.04.2015, 11:32   #6
schrauber
/// the machine
/// TB-Ausbilder
 
Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert - Standard

Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert


hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert

Alt 10.04.2015, 15:48   #7
Ellaspirella
 
Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert - Standard

Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert


vielen Dank für Deine Antwort

hier das Ergebnis
Code:
ATTFilter
ComboFix 15-04-09.01 - Mari 10.04.2015  16:29:15.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.3893.2217 [GMT 2:00]
ausgeführt von:: c:\users\Mari\Documents\Downloads\ComboFix.exe
AV: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-03-10 bis 2015-04-10  ))))))))))))))))))))))))))))))
.
.
2015-04-10 14:40 . 2015-04-10 14:40	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2015-04-10 14:40 . 2015-04-10 14:40	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-04-09 21:19 . 2015-04-09 21:19	--------	d-----w-	c:\users\Mari\AppData\Roaming\QuickScan
2015-04-09 17:32 . 2015-04-09 17:32	--------	d-----w-	c:\programdata\Malwarebytes
2015-04-09 17:32 . 2015-04-10 14:08	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-04-09 17:32 . 2015-04-09 18:00	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-09 17:29 . 2015-04-09 17:59	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-04-09 16:47 . 2015-04-09 16:52	--------	d-----w-	C:\FRST
2015-03-25 09:21 . 2015-03-25 09:21	281056	----a-w-	c:\windows\system32\drivers\avgidsdrivera.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-02-25 15:37 . 2015-02-25 15:37	284128	----a-w-	c:\windows\system32\drivers\avgtdia.sys
2015-02-07 20:29 . 2012-06-05 09:14	701616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-07 20:29 . 2011-05-20 09:22	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-02-05 08:27 . 2015-02-05 08:27	133088	----a-w-	c:\windows\system32\drivers\avgmfx64.sys
2015-02-03 09:47 . 2015-02-03 09:47	341472	----a-w-	c:\windows\system32\drivers\avgloga.sys
2015-01-28 09:30 . 2010-06-24 19:33	23256	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-20 04:01	131248	----a-w-	c:\users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-20 04:01	131248	----a-w-	c:\users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-20 04:01	131248	----a-w-	c:\users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Amazon Music"="c:\users\Mari\AppData\Local\Amazon Music\Amazon Music Helper.exe" [2014-10-15 6281024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"YouCam Mirror Tray icon"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" [2010-03-03 171104]
"AVG_UI"="c:\program files (x86)\AVG\AVG2015\avgui.exe" [2015-03-25 3723728]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys;c:\windows\SYSNATIVE\DRIVERS\ivusb.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R4 Soda 3D PDF Reader Helper Service;Soda 3D PDF Reader Helper Service;c:\program files (x86)\Soda 3D PDF Reader\HelperService.exe;c:\program files (x86)\Soda 3D PDF Reader\HelperService.exe [x]
R4 Soda 3D PDF Reader Service;Soda 3D PDF Reader Service;c:\program files (x86)\Soda 3D PDF Reader\ConversionService.exe;c:\program files (x86)\Soda 3D PDF Reader\ConversionService.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 SLEE_16_DRIVER;Steganos Live Encryption Engine 16 [Driver];c:\windows\Sleen1664.sys;c:\windows\Sleen1664.sys [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe [x]
S2 GFNEXSrv;GFNEX Service;c:\program files (x86)\PHotkey\GFNEXSrv.exe;c:\program files (x86)\PHotkey\GFNEXSrv.exe [x]
S2 PEGAGFN;PEGAGFN;c:\program files (x86)\PHotkey\PEGAGFN.sys;c:\program files (x86)\PHotkey\PEGAGFN.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-03 22:32	1061704	----a-w-	c:\program files (x86)\Google\Chrome\Application\41.0.2272.118\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-04-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-05 20:29]
.
2015-02-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-12 21:25]
.
2015-04-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-12 21:25]
.
2013-02-04 c:\windows\Tasks\ROC_REG_JAN_DELETE.job
- c:\programdata\AVG January 2013 Campaign\ROC.exe [2013-01-28 21:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-20 04:01	164016	----a-w-	c:\users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-20 04:01	164016	----a-w-	c:\users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-20 04:01	164016	----a-w-	c:\users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-20 04:01	164016	----a-w-	c:\users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-02-19 13:24	774472	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-02-19 13:24	774472	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-02-19 13:24	774472	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2015-02-19 13:24	774472	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-02-19 13:24	774472	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-02-19 13:24	774472	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-14 10918504]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-06-14 2092648]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-08-01 323072]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-10 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-10 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-10 417560]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Mari\AppData\Roaming\Mozilla\Firefox\Profiles\byp7pn5n.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.farmerama.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe
Wow6432Node-HKLM-Run-HF_G_Jul - c:\program files (x86)\AVG Secure Search\HF_G_Jul.exe
Wow6432Node-HKLM-Run-ROC_ROC_JULY_P1 - c:\program files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe
Wow6432Node-HKLM-Run-ROC_ROC_NT - c:\program files (x86)\AVG Secure Search\ROC_ROC_NT.exe
SafeBoot-BsScanner
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-04-10  16:44:51
ComboFix-quarantined-files.txt  2015-04-10 14:44
.
Vor Suchlauf: 8 Verzeichnis(se), 201.717.161.984 Bytes frei
Nach Suchlauf: 13 Verzeichnis(se), 201.684.885.504 Bytes frei
.
- - End Of File - - 16909D217BE81B478EAF8D25380A0A20
liebe Grüße
Ellaspirella

Alt 11.04.2015, 07:19   #8
schrauber
/// the machine
/// TB-Ausbilder
 
Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert - Standard

Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.04.2015, 09:46   #9
Ellaspirella
 
Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert - Standard

Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert


Vielen Dank für Deine Antwort - hier die Ergebnisse

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 11.04.2015
Suchlauf-Zeit: 09:41:14
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.4.1018
Malware Datenbank: v2015.04.11.01
Rootkit Datenbank: v2015.03.31.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7
CPU: x64
Dateisystem: NTFS
Benutzer: Mari

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 407430
Verstrichene Zeit: 22 Min, 17 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 2
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1022922106-43553289-3458902837-1001\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [51fcf873d1b9f44208487b93a55f60a0], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1022922106-43553289-3458902837-1001\SOFTWARE\INSTALLCORE, In Quarantäne, [af9e0764d6b457df839f0420b74ef10f], 

Registrierungswerte: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1022922106-43553289-3458902837-1001\SOFTWARE\INSTALLCORE|tb, 0N2X1N, In Quarantäne, [af9e0764d6b457df839f0420b74ef10f]

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 2
PUP.Optional.OpenCandy, C:\Users\Mari\AppData\Roaming\OpenCandy, In Quarantäne, [37161358c4c6ed4997e6d6b10ff4ad53], 
PUP.Optional.OpenCandy, C:\Users\Mari\AppData\Roaming\OpenCandy\FBF7ABDBC0EF444DB93CABE3AAD1DF0C, In Quarantäne, [37161358c4c6ed4997e6d6b10ff4ad53], 

Dateien: 1
PUP.Optional.OpenCandy, C:\Users\Mari\AppData\Roaming\OpenCandy\FBF7ABDBC0EF444DB93CABE3AAD1DF0C\TuneUp_PC_2.4.6.4_CPMID_347.exe, In Quarantäne, [37161358c4c6ed4997e6d6b10ff4ad53], 

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
Code:
ATTFilter
# AdwCleaner v4.201 - Bericht erstellt 11/04/2015 um 10:19:21
# Aktualisiert 08/04/2015 von Xplode
# Datenbank : 2015-04-08.1 [Lokal]
# Betriebssystem : Windows 7 Home Premium  (x64)
# Benutzername : Mari - MARINIX
# Gestarted von : C:\Users\Mari\Documents\Downloads\AdwCleaner_4.201.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\AVG Security Toolbar
Ordner Gelöscht : C:\ProgramData\Partner

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gelöscht : HKCU\Software\IGearSettings
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\AVG SafeGuard toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\AVG Secure Search
Schlüssel Gelöscht : HKU\.DEFAULT\Software\AVG Secure Search
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Internetbrowser ] *****

-\\ Internet Explorer v8.0.7600.17267


-\\ Mozilla Firefox v23.0.1 (de)


-\\ Google Chrome v41.0.2272.118

[C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxps://isearch.avg.com/search?cid={6AE43C27-878C-4486-AD94-F0A23B80D0B6}&mid=f766e4a65b5847d6857e3120d3f42952-3e085b5f672f9a2f42b4e205c183e2801ec02607&lang=de&ds=AVG&pr=fr&d=2012-07-13 10:14:04&v=12.2.5.32&sap=dsp&q={searchTerms}
[C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.search.ask.com/web?p2=%5EBBK%5EOSJ000%5EYY%5EDE&gct=&o=APN11412&tpid=ORJ-V7C&itbv=12.7.0.15&doi=2013-11-29&apn_uid=8F2EF7BB-7C38-4DF9-9A52-8074125A9F9F&apn_ptnrs=BBK&apn_dtid=%5EOSJ000%5EYY%5EDE&apn_dbr=cr_31.0.1650.57&psv=&trgb=CR&q={searchTerms}
[C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : pljcgbedjplidkdjahbaalanadmjfgop

*************************

AdwCleaner[R0].txt - [4642 Bytes] - [11/04/2015 10:16:15]
AdwCleaner[S0].txt - [4382 Bytes] - [11/04/2015 10:19:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4441  Bytes] ##########
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.3 (04.07.2015:1)
OS: Windows 7 Home Premium x64
Ran by Mari on 11.04.2015 at 10:27:02,79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2FE0F895-6D1D-4c80-A20D-18E42DE9B631}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{2FE0F895-6D1D-4c80-A20D-18E42DE9B631}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{2FE0F895-6D1D-4c80-A20D-18E42DE9B631}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Mari\appdata\local\{61BCAB55-8F27-43DB-989B-59CFE4A279C7}
Successfully deleted: [Empty Folder] C:\Users\Mari\appdata\local\{9452C652-1E22-4CFA-AAE9-91E584A2CF14}
Successfully deleted: [Empty Folder] C:\Users\Mari\appdata\local\{CBDD1342-9BC8-4C77-8990-B406C0001112}



~~~ FireFox

Emptied folder: C:\Users\Mari\AppData\Roaming\mozilla\firefox\profiles\byp7pn5n.default\minidumps [162 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.04.2015 at 10:32:02,21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
und das FRST.txt

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Mari (administrator) on MARINIX on 11-04-2015 10:37:16
Running from C:\Users\Mari\Documents\Downloads
Loaded Profiles: Mari (Available profiles: UpdatusUser & Mari)
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10918504 2010-06-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2092648 2010-06-14] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323072 2009-08-01] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2028328 2010-01-22] (Synaptics Incorporated)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-03] (CyberLink)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] => C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [171104 2010-03-03] (CyberLink Corp.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1022922106-43553289-3458902837-1001\...\Run: [Amazon Music] => C:\Users\Mari\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281024 2014-10-15] ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1022922106-43553289-3458902837-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1022922106-43553289-3458902837-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1022922106-43553289-3458902837-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1022922106-43553289-3458902837-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-12-27] (Sun Microsystems, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation)
Toolbar: HKLM-x32 - Soda 3D PDF Reader Toolbar - {64C9D46E-8F8B-4158-9780-A6581C7439B1} - C:\Program Files (x86)\Soda 3D PDF Reader\PDFIEPlugin.dll [2011-12-23] (LULU Software)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Mari\AppData\Roaming\Mozilla\Firefox\Profiles\byp7pn5n.default
FF Homepage: hxxp://www.farmerama.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-07] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2010-12-27] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-07] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-10-31] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2013-03-25] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2010-09-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2010-09-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1022922106-43553289-3458902837-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mari\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2011-03-02] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1022922106-43553289-3458902837-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll [2012-07-25] (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2011-12-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2011-12-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2011-12-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2011-12-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2011-12-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2011-12-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2011-12-17] (Apple Inc.)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Mari\AppData\Roaming\Mozilla\Firefox\Profiles\byp7pn5n.default\Extensions\adblockpopups@jessehakanen.net.xpi [2012-03-21]
FF Extension: OpenFarm Beta - C:\Users\Mari\AppData\Roaming\Mozilla\Firefox\Profiles\byp7pn5n.default\Extensions\jid0-LNZz8gri2ybpbeKiJ0pKzBEqjFM@jetpack.xpi [2013-08-18]
FF Extension: Adblock Plus - C:\Users\Mari\AppData\Roaming\Mozilla\Firefox\Profiles\byp7pn5n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-08-25]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-08-25]
FF HKLM-x32\...\Thunderbird\Extensions: [avgthb@avg.com] - C:\Program Files (x86)\AVG\AVG2012\Thunderbird

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=MDNB&bmod=MDNB
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2011-07-03]
CHR Extension: (Google News) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2013-10-09]
CHR Extension: (Trusted Shops-Erweiterung für Google Chrome) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcpnemckonbbmnoakbjgjkgokkbaeo [2015-03-13]
CHR Extension: (CHIP Online) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhjmdobefakhdbfdpnnopoaldabldbgd [2013-08-24]
CHR Extension: (AdBlock) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-06-05]
CHR Extension: (Inoreader - RSS, News and Social Reader) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhglljfmpijadbpkalkclnhlncncdono [2013-10-09]
CHR Extension: (Isoball 3) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj [2011-10-29]
CHR Extension: (Northern Lights) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbnkklencjcmkepldaineciclcheaoef [2013-11-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [96768 2012-07-13] (Freemake) [File not signed]
S2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [159752 2010-04-24] ()
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S4 Soda 3D PDF Reader Helper Service; C:\Program Files (x86)\Soda 3D PDF Reader\HelperService.exe [821592 2011-12-23] (LULU Software)
S4 Soda 3D PDF Reader Service; C:\Program Files (x86)\Soda 3D PDF Reader\ConversionService.exe [892760 2011-12-23] (LULU Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [281056 2015-03-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [341472 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [133088 2015-02-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [284128 2015-02-25] (AVG Technologies CZ, s.r.o.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-12] (PEGATRON)
R1 SLEE_16_DRIVER; C:\Windows\Sleen1664.sys [85952 2008-10-01] (Softwareentwicklung Remus - ArchiCrypt )
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\DRIVERS\1394ohci.sys 969C91060CBB5D17CB8440B5F78B4C51
C:\Windows\System32\DRIVERS\ACPI.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys DB9D6C6B2CD95A9CA414D045B627422E
C:\Windows\system32\DRIVERS\agp440.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\aliide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys ==> MD5 is legit
C:\Windows\System32\drivers\AmUStor.SYS 37EA167782AF19301AF9C05804948BB2
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\avgdiska.sys 54FE1CAFA3B3029B282E6A05EA672031
C:\Windows\System32\DRIVERS\avgidsdrivera.sys 079F75EE36CD275620298DA7D7636006
C:\Windows\System32\DRIVERS\avgidsha.sys 68070AEEE757ACC6EC5BC291B1E8EA1A
C:\Windows\System32\DRIVERS\avgldx64.sys 7C9E8FD2BFCE60BDF9B5944C0BE47C87
C:\Windows\System32\DRIVERS\avgloga.sys 179835151F9B3FCC2FCB5E633D4F1A2B
C:\Windows\System32\DRIVERS\avgmfx64.sys 66B7273493BF49EE6BDECB574BC5B877
C:\Windows\System32\DRIVERS\avgrkx64.sys 3CE824D46BA1871713ABF147E6BAD556
C:\Windows\System32\DRIVERS\avgtdia.sys C76F53C265E79A2DEFF020E78AF4B6BA
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys CA7720B73446FDDEC5C69519C1174C98
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys D3E3F93D67821A2DB2B3D9FAC2DC2064
C:\Windows\System32\DRIVERS\fvevol.sys 1F44F8559E61A8306ECC67BB1E168B7C
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HECIx64.sys B6AC71AAA2B10848F57FC49D55A651AF
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys ABBF174CB394F5C437410A788B7E404A
C:\Windows\system32\drivers\iaStorV.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\igdkmd64.sys F4F91789C7C7A159CE8215C1F69F2A85
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\Impcd.sys DD587A55390ED2295BCE6D36AD567DA9
C:\Windows\System32\drivers\RTKVHD64.sys 2FAAEA2DC2719E67FD7C0D51F9E743F7
C:\Windows\System32\DRIVERS\IntcDAud.sys 58CF58DEE26C909BD6F977B61D246295
C:\Windows\system32\DRIVERS\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\isapnp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msiscsi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ivusb.sys BD5BF20EC242E003A2F570B8754A56D1
C:\Windows\system32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 4F4B5FDE429416877DE7143044582EB5
C:\Windows\System32\Drivers\ksecpkg.sys 6F40465A44ECDC1731BEFAFEC5BDD03C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\L1C62x64.sys 55480B9C63F3F91A8EBBADCBF28FE581
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbam.sys CF12E148C6FC151335B7D7FE03F1C7A2
C:\Windows\system32\drivers\mwac.sys 0CE2F3E26C770CBAEB50787A2C1FD09E
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mrxsmb10.sys F0067552F8F9B33D7C59403AB808A3CB
C:\Windows\System32\DRIVERS\mrxsmb20.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 9A6089B056EA1B83B36424FC9D0A300E
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nusb3hub.sys 786DB821BFD57C0551DBBE4F75384A7D
C:\Windows\system32\DRIVERS\nusb3xhc.sys DAA8005CAF745042BB427A1ED7433354
C:\Windows\System32\DRIVERS\nvlddmkm.sys F6168EDF9794B7A8D6D030CBA5F6BF68
C:\Windows\System32\DRIVERS\nvpciflt.sys FD61DF62375C92B700F34E375796BBAB
C:\Windows\system32\drivers\nvraid.sys ==> MD5 is legit
C:\Windows\system32\drivers\nvstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys 90061B1ACFE8CCAA5345750FFE08D8B8
C:\Windows\System32\DRIVERS\pci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Program Files (x86)\PHotkey\PEGAGFN.sys EE926C59CBD4DC4DC9FBB85014A2F1A5
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys 447DE7E3DEA39D422C1504F245B668B1
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rtl8192se.sys A5986B46C4348CB35EBB98F220948DF7
C:\Windows\system32\DRIVERS\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\Sleen1664.sys 0DFAA06B71FC75D0878907A7D18F5240
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv2.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srvnet.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SynTP.sys BE2B928DE9AF2848289DB7A54C7E2398
C:\Windows\System32\drivers\tcpip.sys 5CFB7AB8F9524D1A1E14369DE63B83CC
C:\Windows\System32\DRIVERS\tcpip.sys 5CFB7AB8F9524D1A1E14369DE63B83CC
C:\Windows\System32\drivers\tcpipreg.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 7518F7BCFD4B308ABC9192BACAF6C970
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbaapl64.sys 43228F8EDD1B0BCDD3145AD246E63D39
C:\Windows\System32\DRIVERS\usbccgp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\usbcir.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbehci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbhub.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbohci.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS ==> MD5 is legit
C:\Windows\system32\drivers\usbuhci.sys ==> MD5 is legit
C:\Windows\System32\Drivers\usbvideo.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\viaide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys 9E425AC5C9A5A973273D169F43B4F5E1
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys 442783E2CB0DA19873B7A63833FF4CB4
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== Three Months Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-11 10:32 - 2015-04-11 10:32 - 00001528 _____ () C:\Users\Mari\Desktop\JRT1.txt
2015-04-11 10:32 - 2015-04-11 10:32 - 00001528 _____ () C:\Users\Mari\Desktop\JRT.txt
2015-04-11 10:27 - 2015-04-11 10:27 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-MARINIX-Windows-7-Home-Premium-(64-bit).dat
2015-04-11 10:27 - 2015-04-11 10:27 - 00000000 ____D () C:\RegBackup
2015-04-11 10:24 - 2015-04-11 10:24 - 00004537 _____ () C:\Users\Mari\Desktop\AdwCleaner[S0].txt
2015-04-11 10:15 - 2015-04-11 10:19 - 00000000 ____D () C:\AdwCleaner
2015-04-11 10:13 - 2015-04-11 10:13 - 00001969 _____ () C:\Users\Mari\Desktop\mbam.txt
2015-04-11 10:12 - 2015-04-11 10:12 - 00000000 ____D () C:\Neuer Ordner
2015-04-11 09:39 - 2015-04-11 09:39 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-11 09:39 - 2015-04-11 09:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-11 09:39 - 2015-04-11 09:39 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-11 09:39 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-11 09:39 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-10 16:44 - 2015-04-10 16:44 - 00021463 _____ () C:\ComboFix.txt
2015-04-10 16:26 - 2015-04-10 16:44 - 00000000 ____D () C:\Qoobox
2015-04-10 16:26 - 2015-04-10 16:41 - 00000000 ____D () C:\Windows\erdnt
2015-04-10 16:26 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-04-10 16:26 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-04-10 16:26 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-04-10 16:26 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-04-10 16:26 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-04-10 16:26 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-04-10 16:26 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-04-10 16:26 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-04-09 23:26 - 2015-04-09 23:26 - 00000000 ____D () C:\Users\Mari\Desktop\Sicherheit
2015-04-09 23:19 - 2015-04-09 23:19 - 00000000 ____D () C:\Users\Mari\AppData\Roaming\QuickScan
2015-04-09 19:32 - 2015-04-11 10:11 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-09 19:32 - 2015-04-11 09:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-09 19:32 - 2015-04-10 16:08 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-09 19:29 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-09 19:27 - 2015-04-09 20:27 - 00000000 ____D () C:\Users\Mari\Desktop\mbar
2015-04-09 18:47 - 2015-04-11 10:37 - 00000000 ____D () C:\FRST
2015-03-25 11:21 - 2015-03-25 11:21 - 00281056 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-03-11 11:35 - 2015-03-11 11:35 - 00001402 _____ () C:\Users\Mari\Desktop\Nostale.exe - Verknüpfung.lnk
2015-03-11 11:32 - 2015-03-15 01:13 - 00000000 ____D () C:\Program Files (x86)\NosTale
2015-03-10 12:19 - 2015-04-11 10:20 - 00003074 _____ () C:\Windows\PFRO.log
2015-02-25 17:37 - 2015-02-25 17:37 - 00284128 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2015-02-20 02:04 - 2015-02-20 02:04 - 00000985 _____ () C:\Users\Public\Desktop\Last.fm Scrobbler.lnk
2015-02-20 02:04 - 2015-02-20 02:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Last.fm
2015-02-20 02:03 - 2015-02-20 02:04 - 00000000 ____D () C:\Users\Mari\AppData\Local\Last.fm
2015-02-20 02:03 - 2015-02-20 02:04 - 00000000 ____D () C:\Program Files (x86)\Last.fm
2015-02-19 00:28 - 2015-02-19 00:45 - 00000000 ____D () C:\Users\Mari\Desktop\NosTale
2015-02-17 23:34 - 2015-03-09 23:33 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2015-02-05 10:27 - 2015-02-05 10:27 - 00133088 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2015-02-03 11:47 - 2015-02-03 11:47 - 00341472 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-11 10:34 - 2009-07-14 06:45 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-11 10:34 - 2009-07-14 06:45 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-11 10:29 - 2013-05-22 13:20 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-11 10:28 - 2013-10-08 12:25 - 01883888 _____ () C:\Windows\WindowsUpdate.log
2015-04-11 10:21 - 2010-12-27 21:38 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-11 10:20 - 2015-01-03 22:08 - 00002645 _____ () C:\Windows\setupact.log
2015-04-11 10:20 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-11 10:15 - 2011-04-12 22:31 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-11 09:46 - 2011-04-12 23:07 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-10 16:44 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-04-10 16:40 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-04-09 20:03 - 2010-05-12 11:33 - 00610436 _____ () C:\Windows\system32\perfh01F.dat
2015-04-09 20:03 - 2010-05-12 11:33 - 00121760 _____ () C:\Windows\system32\perfc01F.dat
2015-04-09 20:03 - 2010-05-12 11:21 - 00679576 _____ () C:\Windows\system32\prfh0816.dat
2015-04-09 20:03 - 2010-05-12 11:21 - 00133986 _____ () C:\Windows\system32\prfc0816.dat
2015-04-09 20:03 - 2010-05-12 11:13 - 00689960 _____ () C:\Windows\system32\perfh015.dat
2015-04-09 20:03 - 2010-05-12 11:13 - 00135074 _____ () C:\Windows\system32\perfc015.dat
2015-04-09 20:03 - 2010-05-12 11:05 - 00691426 _____ () C:\Windows\system32\perfh013.dat
2015-04-09 20:03 - 2010-05-12 11:05 - 00133174 _____ () C:\Windows\system32\perfc013.dat
2015-04-09 20:03 - 2010-05-12 10:57 - 00689342 _____ () C:\Windows\system32\perfh010.dat
2015-04-09 20:03 - 2010-05-12 10:57 - 00127378 _____ () C:\Windows\system32\perfc010.dat
2015-04-09 20:03 - 2010-05-12 10:51 - 00632414 _____ () C:\Windows\system32\perfh00E.dat
2015-04-09 20:03 - 2010-05-12 10:51 - 00148544 _____ () C:\Windows\system32\perfc00E.dat
2015-04-09 20:03 - 2010-05-12 10:44 - 00694664 _____ () C:\Windows\system32\perfh00C.dat
2015-04-09 20:03 - 2010-05-12 10:44 - 00130374 _____ () C:\Windows\system32\perfc00C.dat
2015-04-09 20:03 - 2010-05-12 10:36 - 00693688 _____ () C:\Windows\system32\perfh00A.dat
2015-04-09 20:03 - 2010-05-12 10:36 - 00137296 _____ () C:\Windows\system32\perfc00A.dat
2015-04-09 20:03 - 2010-05-12 10:30 - 00552004 _____ () C:\Windows\system32\perfh008.dat
2015-04-09 20:03 - 2010-05-12 10:30 - 00089670 _____ () C:\Windows\system32\perfc008.dat
2015-04-09 20:03 - 2010-05-12 10:18 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2015-04-09 20:03 - 2010-05-12 10:18 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2015-04-09 20:03 - 2009-07-14 07:13 - 08573400 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-09 19:54 - 2013-01-20 12:08 - 00000000 ____D () C:\Program Files (x86)\Steganos Safe OEM
2015-04-01 14:04 - 2014-10-21 11:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

==================== Files in the root of some directories =======

2013-08-20 22:52 - 2014-11-19 00:39 - 0007597 _____ () C:\Users\Mari\AppData\Local\Resmon.ResmonCfg
2011-04-17 00:54 - 2011-04-17 00:54 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Some content of TEMP:
====================
C:\Users\Mari\AppData\Local\Temp\Quarantine.exe
C:\Users\Mari\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Windows-Start-Manager
---------------------
Bezeichner              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  de-DE
inherit                 {globalsettings}
default                 {current}
resumeobject            {80cb2afe-11e9-11e0-87e0-f39194990381}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30

Windows-Startladeprogramm
-------------------------
Bezeichner              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {80cb2b00-11e9-11e0-87e0-f39194990381}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {80cb2afe-11e9-11e0-87e0-f39194990381}
nx                      OptIn

Windows-Startladeprogramm
-------------------------
Bezeichner              {80cb2b00-11e9-11e0-87e0-f39194990381}
device                  ramdisk=[C:]\Recovery\80cb2b00-11e9-11e0-87e0-f39194990381\Winre.wim,{80cb2b01-11e9-11e0-87e0-f39194990381}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\80cb2b00-11e9-11e0-87e0-f39194990381\Winre.wim,{80cb2b01-11e9-11e0-87e0-f39194990381}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {80cb2afe-11e9-11e0-87e0-f39194990381}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows-Speichertestprogramm
----------------------------
Bezeichner              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  de-DE
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS-Einstellungen
-----------------
Bezeichner              {emssettings}
bootems                 Yes

Debuggereinstellungen
---------------------
Bezeichner              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM-Defekte
-----------
Bezeichner              {badmemory}

Globale Einstellungen
---------------------
Bezeichner              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Startladeprogramm-Einstellungen
-------------------------------
Bezeichner              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisoreinstellungen
-------------------
Bezeichner              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner              {resumeloadersettings}
inherit                 {globalsettings}

Ger„teoptionen
--------------
Bezeichner              {80cb2b01-11e9-11e0-87e0-f39194990381}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\80cb2b00-11e9-11e0-87e0-f39194990381\boot.sdi



LastRegBack: 2015-02-07 16:50

==================== End Of Log ============================
--- --- ---

--- --- ---


möchtest Du das Additional auch?

vielen Dank und liebe Grüße
Ellaspirella

Alt 11.04.2015, 18:18   #10
schrauber
/// the machine
/// TB-Ausbilder
 
Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert - Standard

Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert


Nö passt



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.04.2015, 22:40   #11
Ellaspirella
 
Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert - Standard

Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert


So, jetzt hab ich's geschafft ;-) der Online Scan lief über 2 Stunden...
ESET log
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=8ba5b4b539512340a6af4903e9ec000c
# engine=23334
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-04-11 09:09:49
# local_time=2015-04-11 11:09:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7600 NT 
# compatibility_mode_1='AVG AntiVirus Free Edition 2015'
# compatibility_mode=1055 16777213 100 100 48638 115920573 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 120570896 180416439 0 0
# scanned=198322
# found=1
# cleaned=0
# scan_time=9146
sh=C70872D7B4F48D529A179C0FA54AB65FB1B982F4 ft=1 fh=f2e2b15faf5e28f3 vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Windows\Installer\MSIA42E.tmp"
checkup
Code:
ATTFilter
 Results of screen317's Security Check version 1.00  
 Windows 7  x64 (UAC is enabled)  
 Out of date service pack!! 
``````````````Antivirus/Firewall Check:`````````````` 
AVG AntiVirus Free Edition 2015   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java(TM) 6 Update 31  
 Java 7 Update 51  
 Java version 32-bit out of Date! 
  Adobe Flash Player 16.0.0.305 Flash Player out of Date!  
 Adobe Reader 10.1.10 Adobe Reader out of Date!  
 Mozilla Firefox 23.0.1 Firefox out of Date!  
 Mozilla Thunderbird 11.0.1 Thunderbird out of Date!  
 Google Chrome (41.0.2272.101) 
 Google Chrome (41.0.2272.118) 
````````Process Check: objlist.exe by Laurent````````  
 AVG avgwdsvc.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
und das FRST Log

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Mari (administrator) on MARINIX on 11-04-2015 23:28:38
Running from C:\Users\Mari\Desktop\Sicherheit
Loaded Profiles: UpdatusUser & Mari (Available profiles: UpdatusUser & Mari)
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Pegatron Corporation) C:\Program Files (x86)\PHotkey\PHotkey.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
() C:\Users\Mari\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
(Pegatron Corporation) C:\Program Files (x86)\PHotkey\POsd.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10918504 2010-06-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2092648 2010-06-14] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323072 2009-08-01] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2028328 2010-01-22] (Synaptics Incorporated)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-11-03] (CyberLink)
HKLM-x32\...\Run: [YouCam Mirror Tray icon] => C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [171104 2010-03-03] (CyberLink Corp.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3723728 2015-03-25] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1022922106-43553289-3458902837-1000\...\RunOnce: [spchecker] => "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe"
HKU\S-1-5-21-1022922106-43553289-3458902837-1001\...\Run: [Amazon Music] => C:\Users\Mari\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281024 2014-10-15] ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Mari\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1022922106-43553289-3458902837-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1022922106-43553289-3458902837-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1022922106-43553289-3458902837-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1022922106-43553289-3458902837-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-12-27] (Sun Microsystems, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation)
Toolbar: HKLM-x32 - Soda 3D PDF Reader Toolbar - {64C9D46E-8F8B-4158-9780-A6581C7439B1} - C:\Program Files (x86)\Soda 3D PDF Reader\PDFIEPlugin.dll [2011-12-23] (LULU Software)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-10-10] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Mari\AppData\Roaming\Mozilla\Firefox\Profiles\byp7pn5n.default
FF Homepage: hxxp://www.farmerama.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-07] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2010-12-27] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-07] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-10-31] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2013-03-25] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2010-09-02] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2010-09-02] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1022922106-43553289-3458902837-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Mari\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2011-03-02] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1022922106-43553289-3458902837-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll [2012-07-25] (Amazon.com, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2011-12-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2011-12-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2011-12-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2011-12-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2011-12-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2011-12-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2011-12-17] (Apple Inc.)
FF Extension: Adblock Plus Pop-up Addon - C:\Users\Mari\AppData\Roaming\Mozilla\Firefox\Profiles\byp7pn5n.default\Extensions\adblockpopups@jessehakanen.net.xpi [2012-03-21]
FF Extension: OpenFarm Beta - C:\Users\Mari\AppData\Roaming\Mozilla\Firefox\Profiles\byp7pn5n.default\Extensions\jid0-LNZz8gri2ybpbeKiJ0pKzBEqjFM@jetpack.xpi [2013-08-18]
FF Extension: Adblock Plus - C:\Users\Mari\AppData\Roaming\Mozilla\Firefox\Profiles\byp7pn5n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-08-25]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-08-25]
FF HKLM-x32\...\Thunderbird\Extensions: [avgthb@avg.com] - C:\Program Files (x86)\AVG\AVG2012\Thunderbird

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=MDNB&bmod=MDNB
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2011-07-03]
CHR Extension: (Google News) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2013-10-09]
CHR Extension: (Trusted Shops-Erweiterung für Google Chrome) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcpnemckonbbmnoakbjgjkgokkbaeo [2015-03-13]
CHR Extension: (CHIP Online) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhjmdobefakhdbfdpnnopoaldabldbgd [2013-08-24]
CHR Extension: (AdBlock) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-06-05]
CHR Extension: (Inoreader - RSS, News and Social Reader) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhglljfmpijadbpkalkclnhlncncdono [2013-10-09]
CHR Extension: (Isoball 3) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj [2011-10-29]
CHR Extension: (Northern Lights) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbnkklencjcmkepldaineciclcheaoef [2013-11-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\Mari\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2011-10-10]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3416016 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [309232 2015-03-25] (AVG Technologies CZ, s.r.o.)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [96768 2012-07-13] (Freemake) [File not signed]
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [159752 2010-04-24] ()
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S4 Soda 3D PDF Reader Helper Service; C:\Program Files (x86)\Soda 3D PDF Reader\HelperService.exe [821592 2011-12-23] (LULU Software)
S4 Soda 3D PDF Reader Service; C:\Program Files (x86)\Soda 3D PDF Reader\ConversionService.exe [892760 2011-12-23] (LULU Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [281056 2015-03-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [341472 2015-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [133088 2015-02-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [284128 2015-02-25] (AVG Technologies CZ, s.r.o.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-12] (PEGATRON)
R1 SLEE_16_DRIVER; C:\Windows\Sleen1664.sys [85952 2008-10-01] (Softwareentwicklung Remus - ArchiCrypt )
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-11 23:25 - 2015-04-11 23:25 - 00001198 _____ () C:\Users\Mari\Desktop\checkup.txt
2015-04-11 23:20 - 2015-04-11 23:17 - 00852616 _____ () C:\Users\Mari\Desktop\SecurityCheck.exe
2015-04-11 10:40 - 2015-04-11 10:40 - 00024504 _____ () C:\Users\Mari\Desktop\Addition.txt
2015-04-11 10:39 - 2015-04-11 10:39 - 00043300 _____ () C:\Users\Mari\Desktop\Shortcut.txt
2015-04-11 10:32 - 2015-04-11 10:32 - 00001528 _____ () C:\Users\Mari\Desktop\JRT1.txt
2015-04-11 10:32 - 2015-04-11 10:32 - 00001528 _____ () C:\Users\Mari\Desktop\JRT.txt
2015-04-11 10:27 - 2015-04-11 10:27 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-MARINIX-Windows-7-Home-Premium-(64-bit).dat
2015-04-11 10:27 - 2015-04-11 10:27 - 00000000 ____D () C:\RegBackup
2015-04-11 10:24 - 2015-04-11 10:24 - 00004537 _____ () C:\Users\Mari\Desktop\AdwCleaner[S0].txt
2015-04-11 10:15 - 2015-04-11 10:19 - 00000000 ____D () C:\AdwCleaner
2015-04-11 10:13 - 2015-04-11 10:13 - 00001969 _____ () C:\Users\Mari\Desktop\mbam.txt
2015-04-11 10:12 - 2015-04-11 10:12 - 00000000 ____D () C:\Neuer Ordner
2015-04-11 09:39 - 2015-04-11 09:39 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-11 09:39 - 2015-04-11 09:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-11 09:39 - 2015-04-11 09:39 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-11 09:39 - 2015-03-17 06:15 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-11 09:39 - 2015-03-17 06:15 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-10 16:44 - 2015-04-10 16:44 - 00021463 _____ () C:\ComboFix.txt
2015-04-10 16:26 - 2015-04-10 16:44 - 00000000 ____D () C:\Qoobox
2015-04-10 16:26 - 2015-04-10 16:41 - 00000000 ____D () C:\Windows\erdnt
2015-04-10 16:26 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-04-10 16:26 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-04-10 16:26 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-04-10 16:26 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-04-10 16:26 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-04-10 16:26 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-04-10 16:26 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-04-10 16:26 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-04-09 23:26 - 2015-04-11 23:28 - 00000000 ____D () C:\Users\Mari\Desktop\Sicherheit
2015-04-09 23:19 - 2015-04-09 23:19 - 00000000 ____D () C:\Users\Mari\AppData\Roaming\QuickScan
2015-04-09 19:32 - 2015-04-11 10:11 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-09 19:32 - 2015-04-11 09:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-09 19:32 - 2015-04-10 16:08 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-09 19:29 - 2015-03-17 06:15 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-09 19:27 - 2015-04-09 20:27 - 00000000 ____D () C:\Users\Mari\Desktop\mbar
2015-04-09 18:47 - 2015-04-11 23:28 - 00000000 ____D () C:\FRST
2015-03-25 11:21 - 2015-03-25 11:21 - 00281056 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-11 23:29 - 2013-05-22 13:20 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-11 23:15 - 2011-04-12 22:31 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-11 22:49 - 2013-10-08 12:25 - 01900910 _____ () C:\Windows\WindowsUpdate.log
2015-04-11 20:29 - 2009-07-14 06:45 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-11 20:29 - 2009-07-14 06:45 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-11 20:22 - 2010-12-27 21:38 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-11 20:21 - 2015-01-03 22:08 - 00002701 _____ () C:\Windows\setupact.log
2015-04-11 20:21 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-11 20:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-11 10:20 - 2015-03-10 12:19 - 00003074 _____ () C:\Windows\PFRO.log
2015-04-11 09:46 - 2011-04-12 23:07 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-10 16:44 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-04-10 16:40 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-04-09 20:03 - 2010-05-12 11:33 - 00610436 _____ () C:\Windows\system32\perfh01F.dat
2015-04-09 20:03 - 2010-05-12 11:33 - 00121760 _____ () C:\Windows\system32\perfc01F.dat
2015-04-09 20:03 - 2010-05-12 11:21 - 00679576 _____ () C:\Windows\system32\prfh0816.dat
2015-04-09 20:03 - 2010-05-12 11:21 - 00133986 _____ () C:\Windows\system32\prfc0816.dat
2015-04-09 20:03 - 2010-05-12 11:13 - 00689960 _____ () C:\Windows\system32\perfh015.dat
2015-04-09 20:03 - 2010-05-12 11:13 - 00135074 _____ () C:\Windows\system32\perfc015.dat
2015-04-09 20:03 - 2010-05-12 11:05 - 00691426 _____ () C:\Windows\system32\perfh013.dat
2015-04-09 20:03 - 2010-05-12 11:05 - 00133174 _____ () C:\Windows\system32\perfc013.dat
2015-04-09 20:03 - 2010-05-12 10:57 - 00689342 _____ () C:\Windows\system32\perfh010.dat
2015-04-09 20:03 - 2010-05-12 10:57 - 00127378 _____ () C:\Windows\system32\perfc010.dat
2015-04-09 20:03 - 2010-05-12 10:51 - 00632414 _____ () C:\Windows\system32\perfh00E.dat
2015-04-09 20:03 - 2010-05-12 10:51 - 00148544 _____ () C:\Windows\system32\perfc00E.dat
2015-04-09 20:03 - 2010-05-12 10:44 - 00694664 _____ () C:\Windows\system32\perfh00C.dat
2015-04-09 20:03 - 2010-05-12 10:44 - 00130374 _____ () C:\Windows\system32\perfc00C.dat
2015-04-09 20:03 - 2010-05-12 10:36 - 00693688 _____ () C:\Windows\system32\perfh00A.dat
2015-04-09 20:03 - 2010-05-12 10:36 - 00137296 _____ () C:\Windows\system32\perfc00A.dat
2015-04-09 20:03 - 2010-05-12 10:30 - 00552004 _____ () C:\Windows\system32\perfh008.dat
2015-04-09 20:03 - 2010-05-12 10:30 - 00089670 _____ () C:\Windows\system32\perfc008.dat
2015-04-09 20:03 - 2010-05-12 10:18 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2015-04-09 20:03 - 2010-05-12 10:18 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2015-04-09 20:03 - 2009-07-14 07:13 - 08573400 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-09 19:54 - 2013-01-20 12:08 - 00000000 ____D () C:\Program Files (x86)\Steganos Safe OEM
2015-04-01 14:04 - 2014-10-21 11:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-03-15 01:13 - 2015-03-11 11:32 - 00000000 ____D () C:\Program Files (x86)\NosTale

==================== Files in the root of some directories =======

2013-08-20 22:52 - 2014-11-19 00:39 - 0007597 _____ () C:\Users\Mari\AppData\Local\Resmon.ResmonCfg
2011-04-17 00:54 - 2011-04-17 00:54 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Some content of TEMP:
====================
C:\Users\Mari\AppData\Local\Temp\Quarantine.exe
C:\Users\Mari\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-07 16:50

==================== End Of Log ============================
--- --- ---


wenn ich den security check richtig interpretiere, sind bei mir allerhand Programme nicht auf dem neuesten Stand :-( beim Windows Service Pack habe ich das Problem, dass der nie korrekt installiert wird, es kommt immer eine Fehlermeldung - irgendwo hatte ich mal gelesen, dass das mit dem CC Cleaner zusammenhängt, da ist was zuviel gelöscht worden, kann man das wieder reparieren?

Nochmals vielen Dank für Deine Hilfe :-)
liebe Grüße
Ellaspirella

Alt 12.04.2015, 08:04   #12
schrauber
/// the machine
/// TB-Ausbilder
 
Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert - Standard

Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert


Alle Programme updaten.

Windows Repair Tool laufen lassen:
Windows reparieren - so geht's - Anleitungen



Jetzt nochmal das SP versuchen. Versuch auch mal den Offline Installer.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.04.2015, 08:24   #13
Ellaspirella
 
Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert - Standard

Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert


Vielen Dank für Deine schnelle Antwort - mach ich

Alt 12.04.2015, 10:19   #14
schrauber
/// the machine
/// TB-Ausbilder
 
Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert - Standard

Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert


ok
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.04.2015, 23:28   #15
Ellaspirella
 
Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert - Standard

Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert


nun melde ich mich endlich wieder nachdem ich meinen ganzen Sonntag mit dem SP1 verbracht habe...
ich habe Windows Repair laufen lassen, das war auch ganz fleißig, trotzdem konnte ich das SP1 nicht über das Win Update installieren. Also habe ich es von der Microsoft Seite versucht, leider hab ich hier ein ziemlich langsames INET - das Herunterladen hat ewig gedauert. Am Ende kam die Mitteilung - Installation war nicht erfolgreich. die referenzierte Assembly konnte nicht gefunden werden.
Details
Fehler: ERROR_SXS_ASSEMBLY_MISSING(0x80073701)
Ich habe auch den Virenscanner deaktiviert (wurde als Hilfsmaßnahme von Microsoft vorgeschlagen) der Fehler blieb gleich... Kann ich da noch irgendwas tun?

Auch mit den anderen Programmen war ich nur mäßig erfolgreich

Code:
ATTFilter
 Results of screen317's Security Check version 1.00  
 Windows 7  x64 (UAC is enabled)  
 Out of date service pack!! 
``````````````Antivirus/Firewall Check:`````````````` 
AVG AntiVirus Free Edition 2015   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java(TM) 6 Update 31  
 Java 7 Update 51  
 Java 8 Update 40  
  Adobe Flash Player 16.0.0.305 Flash Player out of Date!  
 Adobe Reader 10.1.13 Adobe Reader out of Date!  
 Mozilla Firefox (37.0.1) 
 Mozilla Thunderbird (31.6.0) 
 Google Chrome (41.0.2272.101) 
 Google Chrome (41.0.2272.118) 
````````Process Check: objlist.exe by Laurent````````  
 AVG avgwdsvc.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
Auch wenn beim Sicherheitscheck steht, dass der Adobe Reader out of Date ist, bekomme ich folgende Meldung, sobald ich beim Reader auf Update suchen klicke...

Adobe Reader (installiert 10.1.13) – keine Updates verfügbar

Beim Flashplayer geht es mir nicht anders... Gehe ich auf die Adobe Seite, bekomme ich die Meldung: You have version 17,0,0,134 installed ... und das ist die aktuellste Version für Windows.

Was läuft da falsch?

Einen schönen Start in die neue Woche wünsch ich

liebe Grüße
Ellaspirella

Antwort
Seite 1 von 2 1 2

Themen zu Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert
adware, antivir, antivirus, avg, bonjour, browser, chromium, converter, cpu, device driver, flash player, google, home, homepage, installation, mozilla, realtek, registry, scan, secure search, security, services.exe, software, svchost.exe, system, trojaner, usb, windows


« Windows 7 - Evtl. Highjacking/ Trojaner-Infektion nach unvorsichtigem Download | HPNotify.exe lässt sich nicht entfernen »


Ähnliche Themen: Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert


  1. Telekom Abuse Team - generic Trojaner/Virus
    Log-Analyse und Auswertung - 03.06.2015 (37)
  2. Telekom Abuse Team, Infektion: generic
    Plagegeister aller Art und deren Bekämpfung - 01.03.2015 (13)
  3. Telekom Abuse Team - generic Trojaner/Virus
    Alles rund um Windows - 25.02.2015 (27)
  4. Telekom Abuse Team - generic Trojaner/Virus
    Alles rund um Mac OSX & Linux - 20.02.2015 (9)
  5. Telekom Abuse Team E-Mail - generic Trojaner
    Plagegeister aller Art und deren Bekämpfung - 18.02.2015 (9)
  6. Telekom Abuse E-Mail Rechner mit Virus/Trojaner infiziert
    Log-Analyse und Auswertung - 10.02.2015 (9)
  7. Sicherheitswarnung Telekom Abuse Team
    Log-Analyse und Auswertung - 10.02.2015 (13)
  8. Sicherheitswarnung zu meinem Internetzugang durch die Telekom
    Log-Analyse und Auswertung - 23.01.2015 (30)
  9. Mail von der Telekom/Abuse Team erhalten, dass mein PC mit einem Virus/Trojaner infiziert ist
    Log-Analyse und Auswertung - 14.01.2015 (24)
  10. Telekom Abuse Team Sicherheitswarnung: Spam-Mails
    Plagegeister aller Art und deren Bekämpfung - 09.01.2015 (23)
  11. Sicherheitswarnung zum Internetzugang Abuse Team
    Plagegeister aller Art und deren Bekämpfung - 28.10.2014 (1)
  12. Windows 7: Sicherheitswarnung vom Telekom-Abuse-Team und Malwarebyte-Funde
    Log-Analyse und Auswertung - 18.09.2013 (35)
  13. Windows 7; Brief Telekom: Sicherheitswarnung Internetzugang; 3 Trojaner ; mehrer Emails "Mail Delivery System" auch nach Passwordänderung
    Plagegeister aller Art und deren Bekämpfung - 04.09.2013 (28)
  14. Telekom - Sicherheitswarnung Internetzugang Massen-E-Mails
    Plagegeister aller Art und deren Bekämpfung - 18.02.2013 (50)
  15. Erneute sicherheitswarnung zu ihrem internetzugang von telekom
    Log-Analyse und Auswertung - 29.11.2012 (15)
  16. Mail vom Telekom Abuse-Team / Wichtige Sicherheitswarnung zu ihrem Internetzugang
    Log-Analyse und Auswertung - 22.11.2012 (3)
  17. [Abuse-ID:72018271] Wichtige Sicherheitswarnung zu Ihrem Internetzugang; Zugangsnummer: 32xxxxxxxxxxx
    Plagegeister aller Art und deren Bekämpfung - 03.10.2012 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert - Hallo zusammen, Anfang März habe ich bereits einen Brief der Telekom bekommen, dass ein PC mit einem Trojaner infiziert ist - Antivir hat am 9.3. den Trojaner generic gefunden und - Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert...
Archiv
Du betrachtest: Abuse@Telekom.de - Sicherheitswarnung zum Internetzugang 1 PC mit Trojaner generic infiziert auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129