CPU Auslastung sehr hoch

neodace · 11.07.2015, 10:54

Hallo,

Habe seit ungefähr 2 Wochen das problem das meine CPU Auslastung sehr hoch ist wenn ich normal am Pc Arbeite.

Zudem kommt noch das der Pc sich des öfteren einfach abschaltet wenn ihm das zu viel wird.

Habe auch gemerkt das ich beim benutzen vom Ccleaner ( nur Verlauf , keine Registry ) die zu löschenden sachen sich meistens bei 100-300 MB befinden, wo ich sonst nie mehr als 20 MB am ende eines Tages habe.
Bevor ich den CCleaner benutze lösche ich immer den Verlauf in meinem Browser aber dennoch kommen sehr oft die 100-300 MB zusammen.

Das sind die Symtome die mein Pc momentan hat und hoffe ihr könnt mir dabei helfen =)

mfg

M-K-D-B · 11.07.2015, 10:59

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

neodace · 11.07.2015, 11:31

hallo,
danke für die schnelle Hilfe, hier die logdaten.

ADD:
[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x86) Version: 11-07-2015
Ran by Noname at 2015-07-11 12:20:39
Running from C:\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4277079510-974402927-3430589439-500 - Administrator - Disabled)
Gast (S-1-5-21-4277079510-974402927-3430589439-501 - Limited - Disabled)
Noname (S-1-5-21-4277079510-974402927-3430589439-1000 - Administrator - Enabled) => C:\Users\Noname

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIDA64 Extreme Edition v3.00 (HKLM\...\AIDA64 Extreme Edition_is1) (Version: 3.00 - FinalWire Ltd.)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Configuration DivX (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-4277079510-974402927-3430589439-1000\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
devolo dLAN-Konfigurationsassistent (HKLM\...\dlanconf) (Version: 9.0.0.0 - devolo AG)
EPSON BX935FWD Series Printer Uninstall (HKLM\...\EPSON BX935FWD Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
EVEREST Home Edition v2.20 (HKLM\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Mega Codec Pack 11.0.0 (HKLM\...\KLiteCodecPack_is1) (Version: 11.0.0 - )
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Minecraft (HKLM\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 39.0 (x86 de) (HKLM\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Secunia PSI (3.0.0.10004) (HKLM\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.10 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
YGOPro DevPro Version 1.9.6 r0 (HKLM\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.6 r0 - YGOPro DevPro Online)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

27-05-2015 13:45:56 Ende der Bereinigung
04-06-2015 21:45:49 Geplanter Prüfpunkt
10-06-2015 17:28:00 Windows Update
18-06-2015 14:02:28 Geplanter Prüfpunkt
26-06-2015 22:54:49 Geplanter Prüfpunkt
04-07-2015 10:18:06 Geplanter Prüfpunkt
11-07-2015 08:55:45 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {29685E1F-2228-4284-9DC9-FAEFF9BB948A} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {39DDFCC5-E8AC-4F5B-97A1-B24E438B9DC8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {42CFF66B-FAA9-4A2F-835A-E27393A0A8C6} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {58047848-E115-4783-A426-B8BF351EDBF6} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-02-18] ()
Task: {6BD417A8-55DA-4A68-A3F4-18673D05CB17} - System32\Tasks\{7D875AB7-3E75-497C-AB92-4FB7316BA69B} => pcalua.exe -a C:\NVIDIA\SystemTools\6.08\NVMonitor\setup.exe -d C:\NVIDIA\SystemTools\6.08\NVMonitor
Task: {792E9B8B-3FB4-4AB8-911A-D351030994BD} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {E5BD3B27-E2C1-49FF-8741-9E7EF099CA37} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {EC094005-C3EB-4024-9B3F-749E08A80221} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {FA0A119B-0531-4F26-BB07-9319C2D3A3D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Loaded Modules (Whitelisted) ==============

2015-03-08 11:45 - 2015-02-05 20:27 - 00108864 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2015-05-06 20:36 - 2015-05-06 20:36 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-06 20:36 - 2015-05-06 20:36 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-11 11:18 - 2015-07-11 11:18 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15071100\algo.dll
2006-12-04 01:25 - 2006-12-04 01:25 - 00022723 _____ () C:\Windows\System32\sugs2l3.dll
2015-03-08 21:39 - 2015-03-08 21:40 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-08 20:50 - 2015-05-08 20:50 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4277079510-974402927-3430589439-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Noname\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 193.189.244.202

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: Nero BackItUp Scheduler 3 => 2
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: Secunia PSI Agent => 3
MSCONFIG\Services: Secunia Update Agent => 2
MSCONFIG\startupreg: Adobe Speed Launcher => 1429258026

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{715EE703-F93C-4A44-8433-4487EAA472BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0E62E5B5-D95D-4C74-9672-067A8283FB31}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{343CF004-505E-43E0-B5C5-64A5342A5BCE}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [UDP Query User{5882E574-3AB9-4943-9427-290DFD43AE43}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [TCP Query User{8D830128-61A4-4C27-83DC-98C026C9FEAB}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [UDP Query User{9F3417D6-7FBA-4577-869E-CE5F3EF6B507}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [TCP Query User{92CFA8D8-52E0-4E0E-A205-336FA9B4287E}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe
FirewallRules: [UDP Query User{995C1756-466E-4FE5-95FD-F12A5A59A412}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe
FirewallRules: [{AC67BA12-D3E1-46DB-993F-DC19E2F8F34B}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{BFFDA09B-DAF9-4A8B-877B-7E0A8C8018F0}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe
FirewallRules: [UDP Query User{66319B40-A6D3-4DA1-AA0F-C2107234B2BC}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe
FirewallRules: [{96BFA00F-1B66-42E5-A3AF-A50384CB2563}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7144E11B-5FFA-4FF8-B747-B77002728DAF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9795B38A-E7EB-44D8-830E-73B27CA72A50}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9C7E7BD3-D018-495B-BA7E-CCFA05089F0A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0CE973D5-AF1B-40B6-A222-E1C510502349}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8B262E26-295F-4326-AA3A-16FDE0F1BC86}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{D26899A5-6F3E-4DDF-A679-AA009B13BC63}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{4E341B75-8D2A-4D7C-800C-2DF4C81B18FF}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{D483C699-5F8E-466F-B3AA-2EAF0B521B5C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

==================== Faulty Device Manager Devices =============

Name: VIA USB erweiterter Hostcontroller
Description: VIA USB erweiterter Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: VIA Technologies
Service: usbehci
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard PCI-zu-USB universeller Hostcontroller
Description: Standard PCI-zu-USB universeller Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: usbuhci
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard PCI-zu-USB universeller Hostcontroller
Description: Standard PCI-zu-USB universeller Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: usbuhci
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/11/2015 12:07:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 11:41:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 09:05:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:41:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:36:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:28:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 08:03:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 07:54:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 08:49:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 10:04:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/11/2015 12:07:05 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎11.‎07.‎2015 um 12:00:24 unerwartet heruntergefahren.

Error: (07/11/2015 12:00:42 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 86) (User: NT-AUTORITÄT)
Description: Das System wurde aufgrund eines kritischen thermischen Ereignisses heruntergefahren.
            
Zeit für das Herunterfahren = 2015-07-11T10:00:42.465643700Z
            
ACPI-Thermozone = ACPI\ThermalZone\THRM
            
_CRT = 8K

Error: (07/11/2015 11:40:32 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎11.‎07.‎2015 um 11:38:45 unerwartet heruntergefahren.

Error: (07/11/2015 09:00:31 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (07/11/2015 08:40:43 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎11.‎07.‎2015 um 08:38:44 unerwartet heruntergefahren.

Error: (07/11/2015 08:35:51 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎11.‎07.‎2015 um 08:34:10 unerwartet heruntergefahren.

Error: (07/11/2015 01:40:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/10/2015 08:02:56 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎10.‎07.‎2015 um 20:01:47 unerwartet heruntergefahren.

Error: (07/09/2015 11:53:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/09/2015 09:34:26 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎09.‎07.‎2015 um 09:31:18 unerwartet heruntergefahren.


Microsoft Office:
=========================
Error: (07/11/2015 12:07:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 11:41:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 09:05:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:41:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:36:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:28:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 08:03:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 07:54:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 08:49:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 10:04:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz
Percentage of memory in use: 44%
Total physical RAM: 2047.37 MB
Available physical RAM: 1129.98 MB
Total Virtual: 4094.73 MB
Available Virtual: 2849.2 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:184.38 GB) NTFS
Drive e: (Neo`s Daten) (Fixed) (Total:232.88 GB) (Free:225.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 04170417)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 0ACB0595)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of log ============================

--- --- ---

FRST:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-07-2015
Ran by Noname (administrator) on NONAME-PC on 11-07-2015 12:19:51
Running from C:\Desktop
Loaded Profiles: Noname (Available Profiles: Noname)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-23] (Avast Software s.r.o.)
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-06] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://mega.co.nz/#login
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-23] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-23] (Avast Software s.r.o.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-23] (Oracle Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 193.189.244.202 193.189.244.194
Tcpip\..\Interfaces\{34305B66-F253-4571-9EEB-B9B40B89F740}: [DhcpNameServer] 192.168.1.1 193.189.244.202 193.189.244.194
Tcpip\..\Interfaces\{8DE3437E-5FB7-493F-8CF5-EE9202094B83}: [DhcpNameServer] 192.168.1.1 193.189.244.202 193.189.244.194

FireFox:
========
FF ProfilePath: C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587
FF Homepage: hxxp://www.facebook.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-11] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-07-03] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Flash Video Downloader - YouTube HD Downloader [4K] - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\artur.dubovoy@gmail.com [2015-05-30]
FF Extension: WOT - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-10]
FF Extension: MEGA - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\firefox@mega.co.nz.xpi [2014-10-24]
FF Extension: Stylish - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2014-10-24]
FF Extension: Video DownloadHelper - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-07-03]
FF Extension: Adblock Plus - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-24]
FF Extension: Adblock Edge - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-10-24]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-08]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-08]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-06] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-06] (Avast Software)
S4 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S4 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S4 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-06] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-06] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-06] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [428120 2015-06-26] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-06] (Avast Software s.r.o.)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [38472 2013-11-06] (The OpenVPN Project)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-06] ()
S3 eapihdrv; C:\Users\Noname\AppData\Local\Temp\ehdrv.sys [135760 2015-07-11] (ESET)
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R2 PLCNDIS5; C:\Windows\system32\plcndis5.sys [17280 2004-05-17] (Intellon, Inc.) [File not signed]
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2014-11-28] (Secunia)
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-06] (Avast Software)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 Andbus; system32\DRIVERS\lgandbus.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [X]
S3 catchme; \??\C:\Users\Noname\AppData\Local\Temp\catchme.sys [X]
S3 crliycos; \SystemRoot\system32\drivers\ngiodriver_x86 [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-11 12:18 - 2015-07-11 12:19 - 00025199 _____ C:\Users\Noname\Downloads\Addition.txt
2015-07-11 12:17 - 2015-07-11 12:19 - 00016659 _____ C:\Users\Noname\Downloads\FRST.txt
2015-07-11 12:17 - 2015-07-11 12:19 - 00000000 ____D C:\FRST
2015-07-11 11:15 - 2015-07-11 11:15 - 02870984 _____ (ESET) C:\Users\Noname\Downloads\esetsmartinstaller_deu(1).exe
2015-07-11 09:10 - 2015-07-11 09:18 - 161130112 _____ C:\Users\Noname\Downloads\EmsisoftEmergencyKit.exe
2015-07-11 09:02 - 2015-07-11 09:04 - 00002444 _____ C:\Windows\PFRO.log
2015-07-11 08:52 - 2015-07-11 08:52 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-11 08:52 - 2015-07-11 08:52 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-11 08:28 - 2015-07-11 12:07 - 00000336 _____ C:\Windows\setupact.log
2015-07-11 08:28 - 2015-07-11 08:28 - 00000000 _____ C:\Windows\setuperr.log
2015-07-11 01:12 - 2015-07-11 01:22 - 229292641 _____ C:\Users\Noname\Downloads\[clips4sale.com]makayla's throat mp4.mp4
2015-07-03 19:51 - 2015-07-09 09:36 - 00000000 ____D C:\AdwCleaner
2015-07-03 14:15 - 2015-03-07 15:37 - 00000987 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2015-07-02 21:00 - 2015-07-02 21:00 - 00000000 ____D C:\Program Files\ESET
2015-07-02 20:57 - 2015-07-02 20:59 - 02870984 _____ (ESET) C:\Users\Noname\Downloads\esetsmartinstaller_deu.exe
2015-07-02 20:07 - 2015-07-02 20:07 - 647608542 _____ C:\Users\Noname\Downloads\[clips4sale.com]053015fish_WMV V9.wmv
2015-07-02 19:35 - 2015-07-02 19:36 - 525086220 _____ C:\Users\Noname\Downloads\[clips4sale.com]Vac-Vore Garbage and Roommate Recycling - MP4 1280x720.mp4
2015-07-02 19:21 - 2015-07-02 19:22 - 306744878 _____ C:\Users\Noname\Downloads\(Clips4sale) Witch vore .wmv
2015-07-02 19:21 - 2015-07-02 19:21 - 84458329 _____ C:\Users\Noname\Downloads\[clips4sale.com]QD - Devoured By Jasmine Mendez HD.mkv
2015-07-01 23:13 - 2015-07-01 23:13 - 00000000 ____D C:\Users\Noname\Downloads\Neuer Ordner (4)
2015-07-01 23:12 - 2015-07-01 23:13 - 00000000 ____D C:\Users\Noname\Downloads\Neuer Ordner (3)
2015-07-01 17:35 - 2015-07-11 12:10 - 00463253 _____ C:\Windows\WindowsUpdate.log

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-11 12:15 - 2009-07-14 06:34 - 00031104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-11 12:15 - 2009-07-14 06:34 - 00031104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-11 12:13 - 2014-09-03 10:18 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-11 12:07 - 2009-07-14 06:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-11 12:07 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-11 08:56 - 2015-04-04 17:39 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-11 08:51 - 2013-09-06 00:00 - 00000000 ____D C:\Users\Noname\AppData\Local\Adobe
2015-07-08 23:46 - 2010-11-20 23:01 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-03 19:48 - 2015-03-09 00:15 - 00000000 ____D C:\Program Files\SpeedFan
2015-07-03 19:47 - 2015-06-02 19:37 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-01 23:13 - 2014-10-25 16:51 - 00000000 ____D C:\Users\Noname\Downloads\Neuer Ordner
2015-07-01 21:28 - 2015-04-07 23:04 - 00000000 ____D C:\Users\Noname\AppData\Roaming\.minecraft
2015-06-27 14:02 - 2011-01-24 00:21 - 00001126 _____ C:\Users\Noname\AppData\Roaming\neo.ini
2015-06-27 13:56 - 2015-02-10 20:46 - 00000089 _____ C:\Users\Noname\AppData\Roaming\chk.ag
2015-06-27 13:56 - 2014-06-28 19:33 - 00000000 ____D C:\Users\Noname\AppData\Roaming\LiveSnap
2015-06-26 19:21 - 2015-03-08 21:40 - 00428120 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-06-18 20:04 - 2013-09-21 20:48 - 00000000 ____D C:\Program Files\DevPro
2015-06-14 00:45 - 2013-09-05 23:58 - 00000000 ____D C:\Program Files\CCleaner
2015-06-13 18:43 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-06-12 17:11 - 2014-11-12 16:07 - 00000000 __SHD C:\Users\Noname\AppData\Local\EmieBrowserModeList
2015-06-12 17:11 - 2014-04-09 19:10 - 00000000 __SHD C:\Users\Noname\AppData\Local\EmieUserList
2015-06-12 17:11 - 2014-04-09 19:10 - 00000000 __SHD C:\Users\Noname\AppData\Local\EmieSiteList

==================== Files in the root of some directories =======

2013-11-07 10:37 - 2013-11-07 10:37 - 50063360 _____ () C:\Program Files\GUT13CF.tmp
2013-12-22 18:28 - 2013-12-22 18:28 - 0000000 _____ () C:\Program Files\Web Data
2015-02-10 20:46 - 2015-06-27 13:56 - 0000089 _____ () C:\Users\Noname\AppData\Roaming\chk.ag
2010-10-26 23:05 - 2014-05-31 19:25 - 0496128 _____ (cURL, hxxp://curl.haxx.se/) C:\Users\Noname\AppData\Roaming\curlchk.exe
2011-01-24 00:21 - 2015-06-27 14:02 - 0001126 _____ () C:\Users\Noname\AppData\Roaming\neo.ini
2011-01-24 00:21 - 2014-07-26 20:12 - 0001112 _____ () C:\Users\Noname\AppData\Roaming\neo98.ini
2014-07-10 08:56 - 2014-07-10 08:56 - 0000017 _____ () C:\Users\Noname\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-04 09:34

==================== End of log ============================

--- --- ---

neodace · 11.07.2015, 11:34

Muss das log von TDSS halbieren da es zu groß ist auch für code tags.

TDSS: teil 1

Code:

ATTFilter

12:23:21.0103 0x0ff4  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
12:23:44.0433 0x0ff4  ============================================================
12:23:44.0433 0x0ff4  Current date / time: 2015/07/11 12:23:44.0433
12:23:44.0433 0x0ff4  SystemInfo:
12:23:44.0433 0x0ff4  
12:23:44.0433 0x0ff4  OS Version: 6.1.7601 ServicePack: 1.0
12:23:44.0433 0x0ff4  Product type: Workstation
12:23:44.0434 0x0ff4  ComputerName: NONAME-PC
12:23:44.0434 0x0ff4  UserName: Noname
12:23:44.0434 0x0ff4  Windows directory: C:\Windows
12:23:44.0434 0x0ff4  System windows directory: C:\Windows
12:23:44.0434 0x0ff4  Processor architecture: Intel x86
12:23:44.0435 0x0ff4  Number of processors: 2
12:23:44.0435 0x0ff4  Page size: 0x1000
12:23:44.0435 0x0ff4  Boot type: Normal boot
12:23:44.0435 0x0ff4  ============================================================
12:23:46.0112 0x0ff4  KLMD registered as C:\Windows\system32\drivers\46667770.sys
12:23:46.0262 0x0ff4  System UUID: {62A8C2EA-8805-A944-480E-DAAB76E85153}
12:23:46.0860 0x0ff4  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x1C042, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
12:23:46.0882 0x0ff4  Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:23:46.0905 0x0ff4  ============================================================
12:23:46.0906 0x0ff4  \Device\Harddisk0\DR0:
12:23:46.0910 0x0ff4  MBR partitions:
12:23:46.0910 0x0ff4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:23:46.0910 0x0ff4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
12:23:46.0910 0x0ff4  \Device\Harddisk1\DR1:
12:23:46.0932 0x0ff4  MBR partitions:
12:23:46.0932 0x0ff4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
12:23:46.0932 0x0ff4  ============================================================
12:23:46.0957 0x0ff4  C: <-> \Device\Harddisk0\DR0\Partition2
12:23:46.0996 0x0ff4  E: <-> \Device\Harddisk1\DR1\Partition1
12:23:46.0996 0x0ff4  ============================================================
12:23:46.0996 0x0ff4  Initialize success
12:23:46.0996 0x0ff4  ============================================================
12:24:17.0377 0x0bc8  ============================================================
12:24:17.0377 0x0bc8  Scan started
12:24:17.0377 0x0bc8  Mode: Manual; SigCheck; TDLFS; 
12:24:17.0377 0x0bc8  ============================================================
12:24:17.0377 0x0bc8  KSN ping started
12:24:20.0136 0x0bc8  KSN ping finished: true
12:24:21.0259 0x0bc8  ================ Scan system memory ========================
12:24:21.0259 0x0bc8  System memory - ok
12:24:21.0274 0x0bc8  ================ Scan services =============================
12:24:21.0477 0x0bc8  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:24:21.0602 0x0bc8  1394ohci - ok
12:24:21.0649 0x0bc8  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:24:21.0680 0x0bc8  ACPI - ok
12:24:21.0711 0x0bc8  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:24:21.0727 0x0bc8  AcpiPmi - ok
12:24:21.0805 0x0bc8  [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:24:21.0852 0x0bc8  AdobeARMservice - ok
12:24:21.0914 0x0bc8  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:24:21.0976 0x0bc8  adp94xx - ok
12:24:22.0039 0x0bc8  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:24:22.0101 0x0bc8  adpahci - ok
12:24:22.0132 0x0bc8  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:24:22.0164 0x0bc8  adpu320 - ok
12:24:22.0210 0x0bc8  [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:24:22.0257 0x0bc8  AeLookupSvc - ok
12:24:22.0304 0x0bc8  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
12:24:22.0351 0x0bc8  AFD - ok
12:24:22.0382 0x0bc8  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
12:24:22.0398 0x0bc8  agp440 - ok
12:24:22.0429 0x0bc8  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
12:24:22.0460 0x0bc8  aic78xx - ok
12:24:22.0522 0x0bc8  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
12:24:22.0554 0x0bc8  ALG - ok
12:24:22.0600 0x0bc8  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:24:22.0632 0x0bc8  aliide - ok
12:24:22.0678 0x0bc8  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
12:24:22.0725 0x0bc8  amdagp - ok
12:24:22.0756 0x0bc8  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:24:22.0788 0x0bc8  amdide - ok
12:24:22.0819 0x0bc8  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:24:22.0850 0x0bc8  AmdK8 - ok
12:24:22.0866 0x0bc8  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
12:24:22.0881 0x0bc8  AmdPPM - ok
12:24:22.0928 0x0bc8  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:24:22.0959 0x0bc8  amdsata - ok
12:24:22.0975 0x0bc8  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
12:24:23.0006 0x0bc8  amdsbs - ok
12:24:23.0037 0x0bc8  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:24:23.0068 0x0bc8  amdxata - ok
12:24:23.0084 0x0bc8  Andbus - ok
12:24:23.0100 0x0bc8  AndDiag - ok
12:24:23.0115 0x0bc8  AndGps - ok
12:24:23.0115 0x0bc8  ANDModem - ok
12:24:23.0131 0x0bc8  AndNetDiag - ok
12:24:23.0146 0x0bc8  ANDNetModem - ok
12:24:23.0162 0x0bc8  andnetndis - ok
12:24:23.0224 0x0bc8  [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID           C:\Windows\system32\drivers\appid.sys
12:24:23.0240 0x0bc8  AppID - ok
12:24:23.0302 0x0bc8  [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:24:23.0318 0x0bc8  AppIDSvc - ok
12:24:23.0349 0x0bc8  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
12:24:23.0380 0x0bc8  Appinfo - ok
12:24:23.0458 0x0bc8  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:24:23.0474 0x0bc8  Apple Mobile Device - ok
12:24:23.0505 0x0bc8  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
12:24:23.0552 0x0bc8  AppMgmt - ok
12:24:23.0583 0x0bc8  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
12:24:23.0614 0x0bc8  arc - ok
12:24:23.0646 0x0bc8  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
12:24:23.0661 0x0bc8  arcsas - ok
12:24:23.0786 0x0bc8  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:24:23.0864 0x0bc8  aspnet_state - ok
12:24:23.0911 0x0bc8  [ EFDEF61C488A193986D4672658E91532, B2E97542F7C608937005A2ABFA10F7FD8F3E8F1AB3FBE621772E41048BBDDDBE ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
12:24:23.0989 0x0bc8  aswHwid - ok
12:24:24.0020 0x0bc8  [ 91AAF4792987B43C0653D74516F092C8, DFFB5D0BA6537E2B6A45292B8A2B566F848D54A2FB54017711236E2D3BCBEBBE ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
12:24:24.0036 0x0bc8  aswMonFlt - ok
12:24:24.0067 0x0bc8  [ 8C8FEC9F50898BB814BDFB5F5B2D566C, C72472C413550144E10A995A1CF28EB68519B147BD7AE6DF195512014083F9A8 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
12:24:24.0082 0x0bc8  aswRdr - ok
12:24:24.0114 0x0bc8  [ 2DB91CE80C367ACDD1331DE9B1E3EAEF, 7AF35FBA1DB6A44928A6DF554E9428C3E21191B376756718832FCD66F9F9D07C ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
12:24:24.0129 0x0bc8  aswRvrt - ok
12:24:24.0192 0x0bc8  [ 83DF5B3DE1C6527972946CDB328446F7, F4CA80903EE6FCB7E5A7B0E989692B6B5177CE03D3BFFE6A93D53C8B364EE833 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
12:24:24.0238 0x0bc8  aswSnx - ok
12:24:24.0316 0x0bc8  [ 16D269F0EF94DB61FAB6934DEED19C91, EAFCE70C0816EAEA6BB8F41A935AE5EDE389C6832FBD45413893DFC5458E5D3D ] aswSP           C:\Windows\system32\drivers\aswSP.sys
12:24:24.0348 0x0bc8  aswSP - ok
12:24:24.0394 0x0bc8  [ A5F0A2EB182C8A137E2C43CB4109EC1E, 0A95F497FCB51CC1F36D740833FD4766A42C287A34A8E0FA9078F1533AD9D75E ] aswStm          C:\Windows\system32\drivers\aswStm.sys
12:24:24.0410 0x0bc8  aswStm - ok
12:24:24.0457 0x0bc8  [ 1D472E0E2AB962AA7F70B9AF85BF3C72, A428D76C47E354BCF9042A384445BCEE97C46BF9A98A65D9C48117B5FAE56819 ] aswTap          C:\Windows\system32\DRIVERS\aswTap.sys
12:24:24.0472 0x0bc8  aswTap - ok
12:24:24.0519 0x0bc8  [ D45875D018F9FB9BF19B976AD8791DE9, 9AA70417A9AAFF5515C6B1FFADD563FBDC0BC62AA0B9FDA8A771E67203C12270 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
12:24:24.0550 0x0bc8  aswVmm - ok
12:24:24.0582 0x0bc8  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:24:24.0613 0x0bc8  AsyncMac - ok
12:24:24.0644 0x0bc8  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:24:24.0660 0x0bc8  atapi - ok
12:24:24.0738 0x0bc8  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:24:24.0784 0x0bc8  AudioEndpointBuilder - ok
12:24:24.0800 0x0bc8  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
12:24:24.0847 0x0bc8  Audiosrv - ok
12:24:24.0987 0x0bc8  [ 54236E79A44F909612391C8A2D70D512, B0DF5BCC4F90AF087D0306F8D81F90B2CAE0176813E3AA6A7D5460F7878677CD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:24:25.0018 0x0bc8  avast! Antivirus - ok
12:24:25.0206 0x0bc8  [ E5CA07C1A5A4C7095FC8937D84B37243, A881B253767305ED181DB0A270C3D6CFC5FA2293F1BB050793289DD86B1C20BB ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
12:24:25.0330 0x0bc8  AvastVBoxSvc - ok
12:24:25.0393 0x0bc8  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:24:25.0424 0x0bc8  AxInstSV - ok
12:24:25.0486 0x0bc8  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
12:24:25.0518 0x0bc8  b06bdrv - ok
12:24:25.0564 0x0bc8  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
12:24:25.0596 0x0bc8  b57nd60x - ok
12:24:25.0642 0x0bc8  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
12:24:25.0674 0x0bc8  BDESVC - ok
12:24:25.0705 0x0bc8  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:24:25.0736 0x0bc8  Beep - ok
12:24:25.0783 0x0bc8  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
12:24:25.0830 0x0bc8  BFE - ok
12:24:25.0876 0x0bc8  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\system32\qmgr.dll
12:24:25.0923 0x0bc8  BITS - ok
12:24:25.0954 0x0bc8  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:24:25.0986 0x0bc8  blbdrive - ok
12:24:26.0095 0x0bc8  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:24:26.0126 0x0bc8  Bonjour Service - ok
12:24:26.0173 0x0bc8  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:24:26.0220 0x0bc8  bowser - ok
12:24:26.0235 0x0bc8  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
12:24:26.0266 0x0bc8  BrFiltLo - ok
12:24:26.0298 0x0bc8  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
12:24:26.0313 0x0bc8  BrFiltUp - ok
12:24:26.0344 0x0bc8  [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
12:24:26.0391 0x0bc8  BridgeMP - ok
12:24:26.0422 0x0bc8  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
12:24:26.0469 0x0bc8  Browser - ok
12:24:26.0500 0x0bc8  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:24:26.0547 0x0bc8  Brserid - ok
12:24:26.0563 0x0bc8  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:24:26.0610 0x0bc8  BrSerWdm - ok
12:24:26.0625 0x0bc8  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:24:26.0656 0x0bc8  BrUsbMdm - ok
12:24:26.0672 0x0bc8  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:24:26.0703 0x0bc8  BrUsbSer - ok
12:24:26.0719 0x0bc8  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:24:26.0750 0x0bc8  BTHMODEM - ok
12:24:26.0797 0x0bc8  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
12:24:26.0844 0x0bc8  bthserv - ok
12:24:26.0890 0x0bc8  catchme - ok
12:24:26.0937 0x0bc8  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:24:26.0968 0x0bc8  cdfs - ok
12:24:27.0015 0x0bc8  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:24:27.0031 0x0bc8  cdrom - ok
12:24:27.0062 0x0bc8  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:24:27.0109 0x0bc8  CertPropSvc - ok
12:24:27.0140 0x0bc8  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
12:24:27.0171 0x0bc8  circlass - ok
12:24:27.0234 0x0bc8  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\Windows\system32\CLFS.sys
12:24:27.0265 0x0bc8  CLFS - ok
12:24:27.0327 0x0bc8  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:24:27.0358 0x0bc8  clr_optimization_v2.0.50727_32 - ok
12:24:27.0390 0x0bc8  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:24:27.0452 0x0bc8  clr_optimization_v4.0.30319_32 - ok
12:24:27.0483 0x0bc8  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
12:24:27.0514 0x0bc8  CmBatt - ok
12:24:27.0546 0x0bc8  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:24:27.0561 0x0bc8  cmdide - ok
12:24:27.0608 0x0bc8  [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG             C:\Windows\system32\Drivers\cng.sys
12:24:27.0655 0x0bc8  CNG - ok
12:24:27.0670 0x0bc8  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
12:24:27.0686 0x0bc8  Compbatt - ok
12:24:27.0702 0x0bc8  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
12:24:27.0733 0x0bc8  CompositeBus - ok
12:24:27.0748 0x0bc8  COMSysApp - ok
12:24:27.0780 0x0bc8  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:24:27.0795 0x0bc8  crcdisk - ok
12:24:27.0858 0x0bc8  crliycos - ok
12:24:27.0936 0x0bc8  [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:24:27.0998 0x0bc8  CryptSvc - ok
12:24:28.0060 0x0bc8  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
12:24:28.0154 0x0bc8  CSC - ok
12:24:28.0216 0x0bc8  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
12:24:28.0294 0x0bc8  CscService - ok
12:24:28.0357 0x0bc8  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:24:28.0435 0x0bc8  DcomLaunch - ok
12:24:28.0466 0x0bc8  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
12:24:28.0513 0x0bc8  defragsvc - ok
12:24:28.0560 0x0bc8  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:24:28.0591 0x0bc8  DfsC - ok
12:24:28.0653 0x0bc8  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:24:28.0684 0x0bc8  Dhcp - ok
12:24:28.0809 0x0bc8  [ 7AB2DE012C88870C9274E966EC88AB61, CE2098B152B9C039C29C0573C813BFBF13B2D2E6BEE83985374160884A817133 ] DiagTrack       C:\Windows\system32\diagtrack.dll
12:24:28.0950 0x0bc8  DiagTrack - ok
12:24:28.0996 0x0bc8  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
12:24:29.0106 0x0bc8  discache - ok
12:24:29.0168 0x0bc8  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
12:24:29.0199 0x0bc8  Disk - ok
12:24:29.0215 0x0bc8  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
12:24:29.0293 0x0bc8  dmvsc - ok
12:24:29.0324 0x0bc8  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:24:29.0386 0x0bc8  Dnscache - ok
12:24:29.0433 0x0bc8  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:24:29.0480 0x0bc8  dot3svc - ok
12:24:29.0511 0x0bc8  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
12:24:29.0574 0x0bc8  DPS - ok
12:24:29.0605 0x0bc8  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:24:29.0636 0x0bc8  drmkaud - ok
12:24:29.0714 0x0bc8  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:24:29.0776 0x0bc8  DXGKrnl - ok
12:24:29.0808 0x0bc8  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
12:24:29.0886 0x0bc8  EapHost - ok
12:24:29.0979 0x0bc8  [ 560EDC0912BDB68290930E2542823A24, CB9578A19F717FBD388F2BE8179CF2D4755DF11AD246E13AF1D43E25CA026386 ] eapihdrv        C:\Users\Noname\AppData\Local\Temp\ehdrv.sys
12:24:29.0995 0x0bc8  eapihdrv - ok
12:24:30.0182 0x0bc8  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
12:24:30.0307 0x0bc8  ebdrv - ok
12:24:30.0369 0x0bc8  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] EFS             C:\Windows\System32\lsass.exe
12:24:30.0400 0x0bc8  EFS - ok
12:24:30.0463 0x0bc8  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:24:30.0510 0x0bc8  ehRecvr - ok
12:24:30.0572 0x0bc8  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
12:24:30.0634 0x0bc8  ehSched - ok
12:24:30.0681 0x0bc8  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:24:30.0712 0x0bc8  elxstor - ok
12:24:30.0744 0x0bc8  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:24:30.0759 0x0bc8  ErrDev - ok
12:24:30.0806 0x0bc8  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
12:24:30.0868 0x0bc8  EventSystem - ok
12:24:30.0884 0x0bc8  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:24:30.0931 0x0bc8  exfat - ok
12:24:30.0946 0x0bc8  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:24:30.0993 0x0bc8  fastfat - ok
12:24:31.0056 0x0bc8  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
12:24:31.0102 0x0bc8  Fax - ok
12:24:31.0134 0x0bc8  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:24:31.0165 0x0bc8  fdc - ok
12:24:31.0196 0x0bc8  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
12:24:31.0368 0x0bc8  fdPHost - ok
12:24:31.0399 0x0bc8  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:24:31.0477 0x0bc8  FDResPub - ok
12:24:31.0508 0x0bc8  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:24:31.0524 0x0bc8  FileInfo - ok
12:24:31.0555 0x0bc8  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:24:31.0586 0x0bc8  Filetrace - ok
12:24:31.0602 0x0bc8  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:24:31.0633 0x0bc8  flpydisk - ok
12:24:31.0664 0x0bc8  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:24:31.0680 0x0bc8  FltMgr - ok
12:24:31.0773 0x0bc8  [ 6EC244F102C7F129678E5F7309D1366D, C30DA201AC623DA440B0A0716534557C578218C2A591FA8893CCCBD96B4518F9 ] FontCache       C:\Windows\system32\FntCache.dll
12:24:31.0882 0x0bc8  FontCache - ok
12:24:31.0960 0x0bc8  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:24:31.0992 0x0bc8  FontCache3.0.0.0 - ok
12:24:32.0038 0x0bc8  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:24:32.0070 0x0bc8  FsDepends - ok
12:24:32.0116 0x0bc8  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:24:32.0148 0x0bc8  Fs_Rec - ok
12:24:32.0194 0x0bc8  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:24:32.0226 0x0bc8  fvevol - ok
12:24:32.0257 0x0bc8  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:24:32.0288 0x0bc8  gagp30kx - ok
12:24:32.0335 0x0bc8  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:24:32.0350 0x0bc8  GEARAspiWDM - ok
12:24:32.0413 0x0bc8  [ 77EBF3E9386DAA51551AF429052D88D0, 94C3294BB9E14B07448734AE65B37801D3FF15BEC987D182A929A017FEF7B276 ] giveio          C:\Windows\system32\giveio.sys
12:24:32.0413 0x0bc8  giveio - detected UnsignedFile.Multi.Generic ( 1 )
12:24:35.0346 0x0bc8  Detect skipped due to KSN trusted
12:24:35.0346 0x0bc8  giveio - ok
12:24:35.0392 0x0bc8  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:24:35.0439 0x0bc8  gpsvc - ok
12:24:35.0486 0x0bc8  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:24:35.0502 0x0bc8  hcw85cir - ok
12:24:35.0564 0x0bc8  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:24:35.0595 0x0bc8  HdAudAddService - ok
12:24:35.0642 0x0bc8  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:24:35.0673 0x0bc8  HDAudBus - ok
12:24:35.0736 0x0bc8  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
12:24:35.0767 0x0bc8  HidBatt - ok
12:24:35.0798 0x0bc8  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:24:35.0860 0x0bc8  HidBth - ok
12:24:35.0892 0x0bc8  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
12:24:35.0923 0x0bc8  HidIr - ok
12:24:35.0938 0x0bc8  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\System32\hidserv.dll
12:24:35.0985 0x0bc8  hidserv - ok
12:24:36.0016 0x0bc8  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:24:36.0063 0x0bc8  HidUsb - ok
12:24:36.0079 0x0bc8  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:24:36.0126 0x0bc8  hkmsvc - ok
12:24:36.0141 0x0bc8  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:24:36.0188 0x0bc8  HomeGroupListener - ok
12:24:36.0219 0x0bc8  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:24:36.0266 0x0bc8  HomeGroupProvider - ok
12:24:36.0297 0x0bc8  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:24:36.0328 0x0bc8  HpSAMD - ok
12:24:36.0406 0x0bc8  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:24:36.0453 0x0bc8  HTTP - ok
12:24:36.0469 0x0bc8  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:24:36.0484 0x0bc8  hwpolicy - ok
12:24:36.0500 0x0bc8  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:24:36.0531 0x0bc8  i8042prt - ok
12:24:36.0594 0x0bc8  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:24:36.0625 0x0bc8  iaStorV - ok
12:24:36.0734 0x0bc8  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:24:36.0781 0x0bc8  idsvc - ok
12:24:36.0812 0x0bc8  IEEtwCollectorService - ok
12:24:36.0843 0x0bc8  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:24:36.0874 0x0bc8  iirsp - ok
12:24:36.0921 0x0bc8  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
12:24:36.0968 0x0bc8  IKEEXT - ok
12:24:37.0015 0x0bc8  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:24:37.0030 0x0bc8  intelide - ok
12:24:37.0062 0x0bc8  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:24:37.0077 0x0bc8  intelppm - ok
12:24:37.0108 0x0bc8  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:24:37.0155 0x0bc8  IPBusEnum - ok
12:24:37.0171 0x0bc8  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:24:37.0218 0x0bc8  IpFilterDriver - ok
12:24:37.0311 0x0bc8  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:24:37.0358 0x0bc8  iphlpsvc - ok
12:24:37.0405 0x0bc8  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:24:37.0436 0x0bc8  IPMIDRV - ok
12:24:37.0467 0x0bc8  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:24:37.0498 0x0bc8  IPNAT - ok
12:24:37.0576 0x0bc8  [ 4D800977F7EB0C310AF04BF5B517985A, DD4EC347D4759AC401BD08739DE012E5F1903DF2EDEBEA17CCD3C19FF1F6005E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:24:37.0608 0x0bc8  iPod Service - ok
12:24:37.0639 0x0bc8  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:24:37.0670 0x0bc8  IRENUM - ok
12:24:37.0686 0x0bc8  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:24:37.0717 0x0bc8  isapnp - ok
12:24:37.0748 0x0bc8  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:24:37.0779 0x0bc8  iScsiPrt - ok
12:24:37.0826 0x0bc8  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:24:37.0842 0x0bc8  kbdclass - ok
12:24:37.0873 0x0bc8  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:24:37.0904 0x0bc8  kbdhid - ok
12:24:37.0920 0x0bc8  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] KeyIso          C:\Windows\system32\lsass.exe
12:24:37.0935 0x0bc8  KeyIso - ok
12:24:37.0982 0x0bc8  [ 3C9D9DFCF517103677D7B6255C727B48, F03252C1EF131AC4FEB83983B7BB3BAAACE0EEB0B1CFA06D0E04A156D527A0FD ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:24:38.0013 0x0bc8  KSecDD - ok
12:24:38.0029 0x0bc8  [ 0DFC56491C8B56A35AD52EAF770752FE, C887D6A06DD691DB6E6DC73D2ED0072FE5430F46F85111338196CF342C5892D0 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:24:38.0060 0x0bc8  KSecPkg - ok
12:24:38.0107 0x0bc8  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:24:38.0169 0x0bc8  KtmRm - ok
12:24:38.0216 0x0bc8  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\System32\srvsvc.dll
12:24:38.0263 0x0bc8  LanmanServer - ok
12:24:38.0294 0x0bc8  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:24:38.0341 0x0bc8  LanmanWorkstation - ok
12:24:38.0388 0x0bc8  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:24:38.0434 0x0bc8  lltdio - ok
12:24:38.0466 0x0bc8  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:24:38.0512 0x0bc8  lltdsvc - ok
12:24:38.0544 0x0bc8  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:24:38.0590 0x0bc8  lmhosts - ok
12:24:38.0622 0x0bc8  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:24:38.0653 0x0bc8  LSI_FC - ok
12:24:38.0684 0x0bc8  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:24:38.0715 0x0bc8  LSI_SAS - ok
12:24:38.0746 0x0bc8  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
12:24:38.0762 0x0bc8  LSI_SAS2 - ok
12:24:38.0793 0x0bc8  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:24:38.0824 0x0bc8  LSI_SCSI - ok
12:24:38.0840 0x0bc8  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:24:38.0887 0x0bc8  luafv - ok
12:24:38.0949 0x0bc8  [ 3C21F7E95FFCA33EF1A83AA33D9663CF, C843116969E1CDBA45AEF98B33BEDBA9200C62CDB52CD7056CE6768A1EF3A637 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
12:24:38.0965 0x0bc8  MBAMProtector - ok
12:24:39.0043 0x0bc8  [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService     C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
12:24:39.0121 0x0bc8  MBAMService - ok
12:24:39.0183 0x0bc8  [ 167BCE00050B19DA25065335645A3C7A, 5CD3EA3E09B4ED318AB6151F56A17B0E4C8CE32DBB77342A39DEF53908F7D2F0 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
12:24:39.0199 0x0bc8  MBAMWebAccessControl - ok
12:24:39.0230 0x0bc8  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:24:39.0261 0x0bc8  Mcx2Svc - ok
12:24:39.0292 0x0bc8  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
12:24:39.0308 0x0bc8  megasas - ok
12:24:39.0339 0x0bc8  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
12:24:39.0370 0x0bc8  MegaSR - ok
12:24:39.0402 0x0bc8  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
12:24:39.0448 0x0bc8  MMCSS - ok
12:24:39.0464 0x0bc8  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
12:24:39.0495 0x0bc8  Modem - ok
12:24:39.0526 0x0bc8  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:24:39.0558 0x0bc8  monitor - ok
12:24:39.0573 0x0bc8  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:24:39.0604 0x0bc8  mouclass - ok
12:24:39.0636 0x0bc8  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:24:39.0651 0x0bc8  mouhid - ok
12:24:39.0714 0x0bc8  [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:24:39.0729 0x0bc8  mountmgr - ok
12:24:39.0792 0x0bc8  [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:24:39.0823 0x0bc8  MozillaMaintenance - ok
12:24:39.0854 0x0bc8  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:24:39.0870 0x0bc8  mpio - ok
12:24:39.0901 0x0bc8  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:24:39.0948 0x0bc8  mpsdrv - ok
12:24:40.0041 0x0bc8  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:24:40.0119 0x0bc8  MpsSvc - ok
12:24:40.0150 0x0bc8  [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:24:40.0197 0x0bc8  MRxDAV - ok
12:24:40.0228 0x0bc8  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:24:40.0260 0x0bc8  mrxsmb - ok
12:24:40.0291 0x0bc8  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:24:40.0322 0x0bc8  mrxsmb10 - ok
12:24:40.0338 0x0bc8  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:24:40.0369 0x0bc8  mrxsmb20 - ok
12:24:40.0384 0x0bc8  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:24:40.0416 0x0bc8  msahci - ok
12:24:40.0447 0x0bc8  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:24:40.0478 0x0bc8  msdsm - ok
12:24:40.0494 0x0bc8  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
12:24:40.0525 0x0bc8  MSDTC - ok
12:24:40.0556 0x0bc8  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:24:40.0618 0x0bc8  Msfs - ok
12:24:40.0650 0x0bc8  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:24:40.0696 0x0bc8  mshidkmdf - ok
12:24:40.0712 0x0bc8  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:24:40.0728 0x0bc8  msisadrv - ok
12:24:40.0774 0x0bc8  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:24:40.0821 0x0bc8  MSiSCSI - ok
12:24:40.0821 0x0bc8  msiserver - ok
12:24:40.0868 0x0bc8  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:24:40.0899 0x0bc8  MSKSSRV - ok
12:24:40.0930 0x0bc8  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:24:40.0962 0x0bc8  MSPCLOCK - ok
12:24:40.0977 0x0bc8  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:24:41.0024 0x0bc8  MSPQM - ok
12:24:41.0040 0x0bc8  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:24:41.0071 0x0bc8  MsRPC - ok
12:24:41.0086 0x0bc8  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:24:41.0118 0x0bc8  mssmbios - ok
12:24:41.0118 0x0bc8  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:24:41.0180 0x0bc8  MSTEE - ok
12:24:41.0211 0x0bc8  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
12:24:41.0227 0x0bc8  MTConfig - ok
12:24:41.0258 0x0bc8  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
12:24:41.0274 0x0bc8  Mup - ok
12:24:41.0320 0x0bc8  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
12:24:41.0367 0x0bc8  napagent - ok
12:24:41.0430 0x0bc8  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:24:41.0492 0x0bc8  NativeWifiP - ok
12:24:41.0554 0x0bc8  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:24:41.0601 0x0bc8  NDIS - ok
12:24:41.0617 0x0bc8  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:24:41.0664 0x0bc8  NdisCap - ok
12:24:41.0679 0x0bc8  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:24:41.0726 0x0bc8  NdisTapi - ok
12:24:41.0742 0x0bc8  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:24:41.0773 0x0bc8  Ndisuio - ok
12:24:41.0804 0x0bc8  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:24:41.0851 0x0bc8  NdisWan - ok
12:24:41.0882 0x0bc8  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:24:41.0913 0x0bc8  NDProxy - ok
12:24:41.0944 0x0bc8  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:24:41.0976 0x0bc8  NetBIOS - ok
12:24:42.0007 0x0bc8  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:24:42.0054 0x0bc8  NetBT - ok
12:24:42.0069 0x0bc8  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] Netlogon        C:\Windows\system32\lsass.exe
12:24:42.0100 0x0bc8  Netlogon - ok
12:24:42.0132 0x0bc8  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
12:24:42.0194 0x0bc8  Netman - ok
12:24:42.0241 0x0bc8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:24:42.0256 0x0bc8  NetMsmqActivator - ok
12:24:42.0272 0x0bc8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:24:42.0303 0x0bc8  NetPipeActivator - ok
12:24:42.0334 0x0bc8  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
12:24:42.0397 0x0bc8  netprofm - ok
12:24:42.0444 0x0bc8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:24:42.0490 0x0bc8  NetTcpActivator - ok
12:24:42.0522 0x0bc8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:24:42.0584 0x0bc8  NetTcpPortSharing - ok
12:24:42.0631 0x0bc8  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:24:42.0662 0x0bc8  nfrd960 - ok
12:24:42.0709 0x0bc8  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:24:42.0756 0x0bc8  NlaSvc - ok
12:24:42.0818 0x0bc8  [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf             C:\Windows\system32\drivers\npf.sys
12:24:42.0834 0x0bc8  npf - ok
12:24:42.0849 0x0bc8  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:24:42.0896 0x0bc8  Npfs - ok
12:24:42.0927 0x0bc8  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
12:24:42.0974 0x0bc8  nsi - ok
12:24:43.0005 0x0bc8  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:24:43.0036 0x0bc8  nsiproxy - ok
12:24:43.0114 0x0bc8  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:24:43.0192 0x0bc8  Ntfs - ok
12:24:43.0208 0x0bc8  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
12:24:43.0255 0x0bc8  Null - ok
12:24:43.0302 0x0bc8  [ B5E37E31C053BC9950455A257526514B, 16E2880621F3AA12BDADE71CD7682CA79E2A199D3C9E3E5927C49DCEF0F6183B ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x32.sys
12:24:43.0333 0x0bc8  NVENETFD - ok
12:24:43.0364 0x0bc8  [ 9F8EE4948B7ADD9D12F778F61A2758A4, 9848C7D97AC000BF7A00BAE12593E48E14D36D7FFFCF25A163FAAB446691032F ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
12:24:43.0395 0x0bc8  NVHDA - ok
12:24:43.0770 0x0bc8  [ FCEA6786A7222DF6C26B008279139952, 9E96776417B45DC1ABDA5DE0CD36913FC6E6A38486D470BCBE01D09CE7388C4A ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:24:44.0144 0x0bc8  nvlddmkm - ok
12:24:44.0238 0x0bc8  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:24:44.0269 0x0bc8  nvraid - ok
12:24:44.0284 0x0bc8  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:24:44.0316 0x0bc8  nvstor - ok
12:24:44.0394 0x0bc8  [ F4B2AAFDB72CC6A54A14A0D6DC82657A, CBC6F3E8BEE4920886A4A3F3269132719E520898590104BCD3391D77F435FD13 ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:24:44.0440 0x0bc8  nvsvc - ok
12:24:44.0456 0x0bc8  nvvad_WaveExtensible - ok
12:24:44.0487 0x0bc8  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:24:44.0518 0x0bc8  nv_agp - ok
12:24:44.0534 0x0bc8  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:24:44.0565 0x0bc8  ohci1394 - ok
12:24:44.0596 0x0bc8  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:24:44.0643 0x0bc8  p2pimsvc - ok
12:24:44.0659 0x0bc8  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
12:24:44.0706 0x0bc8  p2psvc - ok
12:24:44.0752 0x0bc8  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:24:44.0784 0x0bc8  Parport - ok
12:24:44.0799 0x0bc8  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:24:44.0830 0x0bc8  partmgr - ok
12:24:44.0846 0x0bc8  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
12:24:44.0877 0x0bc8  Parvdm - ok
12:24:44.0908 0x0bc8  [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:24:44.0955 0x0bc8  PcaSvc - ok
12:24:44.0986 0x0bc8  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
12:24:45.0018 0x0bc8  pci - ok
12:24:45.0049 0x0bc8  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:24:45.0064 0x0bc8  pciide - ok
12:24:45.0096 0x0bc8  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:24:45.0127 0x0bc8  pcmcia - ok
12:24:45.0142 0x0bc8  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:24:45.0158 0x0bc8  pcw - ok
12:24:45.0236 0x0bc8  [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:24:45.0283 0x0bc8  PEAUTH - ok
12:24:45.0345 0x0bc8  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
12:24:45.0408 0x0bc8  PeerDistSvc - ok
12:24:45.0532 0x0bc8  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
12:24:45.0626 0x0bc8  pla - ok
12:24:45.0688 0x0bc8  [ 2ABA2F545B35F9C6CC2CFC4E1D539A80, 4771ED8E1FE3F9F2B999BDC8D5D8D437615117E5150E1677811954C6C802850F ] PLCNDIS5        C:\Windows\system32\plcndis5.sys
12:24:45.0704 0x0bc8  PLCNDIS5 - detected UnsignedFile.Multi.Generic ( 1 )
12:24:48.0559 0x0bc8  Detect skipped due to KSN trusted
12:24:48.0559 0x0bc8  PLCNDIS5 - ok
12:24:48.0606 0x0bc8  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:24:48.0637 0x0bc8  PlugPlay - ok
12:24:48.0668 0x0bc8  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:24:48.0699 0x0bc8  PNRPAutoReg - ok
12:24:48.0715 0x0bc8  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:24:48.0762 0x0bc8  PNRPsvc - ok
12:24:48.0808 0x0bc8  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:24:48.0886 0x0bc8  PolicyAgent - ok
12:24:48.0949 0x0bc8  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
12:24:49.0042 0x0bc8  Power - ok
12:24:49.0089 0x0bc8  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:24:49.0152 0x0bc8  PptpMiniport - ok
12:24:49.0167 0x0bc8  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
12:24:49.0198 0x0bc8  Processor - ok
12:24:49.0245 0x0bc8  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:24:49.0276 0x0bc8  ProfSvc - ok
12:24:49.0292 0x0bc8  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:24:49.0323 0x0bc8  ProtectedStorage - ok
12:24:49.0354 0x0bc8  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:24:49.0386 0x0bc8  Psched - ok
12:24:49.0464 0x0bc8  [ 68B57D7C11277EA89F78255480376B4D, 5530B58126BF33E6BCDED99C73C41B90BA148587BDA3866FD4DAD12035B302B5 ] PSI             C:\Windows\system32\DRIVERS\psi_mf_x86.sys
12:24:49.0479 0x0bc8  PSI - ok
12:24:49.0557 0x0bc8  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:24:49.0635 0x0bc8  ql2300 - ok
12:24:49.0666 0x0bc8  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:24:49.0682 0x0bc8  ql40xx - ok
12:24:49.0713 0x0bc8  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
12:24:49.0760 0x0bc8  QWAVE - ok
12:24:49.0776 0x0bc8  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:24:49.0807 0x0bc8  QWAVEdrv - ok
12:24:49.0822 0x0bc8  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:24:49.0854 0x0bc8  RasAcd - ok
12:24:49.0900 0x0bc8  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:24:49.0932 0x0bc8  RasAgileVpn - ok
12:24:49.0947 0x0bc8  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
12:24:50.0010 0x0bc8  RasAuto - ok
12:24:50.0056 0x0bc8  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:24:50.0103 0x0bc8  Rasl2tp - ok
12:24:50.0134 0x0bc8  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
12:24:50.0228 0x0bc8  RasMan - ok
12:24:50.0275 0x0bc8  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:24:50.0384 0x0bc8  RasPppoe - ok
12:24:50.0462 0x0bc8  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:24:50.0509 0x0bc8  RasSstp - ok
12:24:50.0540 0x0bc8  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:24:50.0587 0x0bc8  rdbss - ok
12:24:50.0602 0x0bc8  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:24:50.0634 0x0bc8  rdpbus - ok
12:24:50.0665 0x0bc8  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:24:50.0696 0x0bc8  RDPCDD - ok
12:24:50.0743 0x0bc8  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
12:24:50.0758 0x0bc8  RDPDR - ok
12:24:50.0774 0x0bc8  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:24:50.0868 0x0bc8  RDPENCDD - ok
12:24:50.0914 0x0bc8  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:24:51.0008 0x0bc8  RDPREFMP - ok
12:24:51.0086 0x0bc8  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:24:51.0133 0x0bc8  RdpVideoMiniport - ok
12:24:51.0195 0x0bc8  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:24:51.0226 0x0bc8  RDPWD - ok
12:24:51.0273 0x0bc8  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:24:51.0320 0x0bc8  rdyboost - ok
12:24:51.0351 0x0bc8  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:24:51.0429 0x0bc8  RemoteAccess - ok
12:24:51.0445 0x0bc8  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:24:51.0523 0x0bc8  RemoteRegistry - ok
12:24:51.0570 0x0bc8  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:24:51.0648 0x0bc8  RpcEptMapper - ok
12:24:51.0679 0x0bc8  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
12:24:51.0788 0x0bc8  RpcLocator - ok
12:24:51.0882 0x0bc8  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
12:24:51.0928 0x0bc8  RpcSs - ok
12:24:51.0991 0x0bc8  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:24:52.0022 0x0bc8  rspndr - ok
12:24:52.0053 0x0bc8  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
12:24:52.0069 0x0bc8  s3cap - ok
12:24:52.0100 0x0bc8  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] SamSs           C:\Windows\system32\lsass.exe
12:24:52.0116 0x0bc8  SamSs - ok
12:24:52.0147 0x0bc8  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:24:52.0178 0x0bc8  sbp2port - ok
12:24:52.0209 0x0bc8  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:24:52.0256 0x0bc8  SCardSvr - ok
12:24:52.0272 0x0bc8  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:24:52.0318 0x0bc8  scfilter - ok
12:24:52.0365 0x0bc8  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
12:24:52.0428 0x0bc8  Schedule - ok
12:24:52.0459 0x0bc8  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:24:52.0506 0x0bc8  SCPolicySvc - ok
12:24:52.0552 0x0bc8  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:24:52.0584 0x0bc8  SDRSVC - ok
12:24:52.0615 0x0bc8  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:24:52.0662 0x0bc8  secdrv - ok
12:24:52.0677 0x0bc8  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
12:24:52.0724 0x0bc8  seclogon - ok
12:24:52.0849 0x0bc8  [ 5E0E975998BF1612E18B898E5D17838B, 76C11C62DB8055F03F868685E8E2016D99D3FC48313CB51C69E7CEA589D80890 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
12:24:52.0911 0x0bc8  Secunia PSI Agent - ok
12:24:52.0989 0x0bc8  [ 508DD2E1D5F272B2D3196335DEA2BC26, 2BDC828DB9D9766445C345E82751FA7EF94A089EC84565675EDADE3EC7EB5748 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
12:24:53.0052 0x0bc8  Secunia Update Agent - ok
12:24:53.0083 0x0bc8  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\system32\sens.dll
12:24:53.0130 0x0bc8  SENS - ok
12:24:53.0161 0x0bc8  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:24:53.0192 0x0bc8  SensrSvc - ok
12:24:53.0239 0x0bc8  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:24:53.0270 0x0bc8  Serenum - ok
12:24:53.0317 0x0bc8  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:24:53.0348 0x0bc8  Serial - ok
12:24:53.0379 0x0bc8  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:24:53.0410 0x0bc8  sermouse - ok
12:24:53.0457 0x0bc8  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:24:53.0535 0x0bc8  SessionEnv - ok
12:24:53.0551 0x0bc8  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:24:53.0598 0x0bc8  sffdisk - ok
12:24:53.0613 0x0bc8  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:24:53.0660 0x0bc8  sffp_mmc - ok
12:24:53.0676 0x0bc8  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:24:53.0722 0x0bc8  sffp_sd - ok
12:24:53.0722 0x0bc8  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:24:53.0769 0x0bc8  sfloppy - ok
12:24:53.0816 0x0bc8  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:24:53.0878 0x0bc8  SharedAccess - ok
12:24:53.0910 0x0bc8  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:24:53.0972 0x0bc8  ShellHWDetection - ok
12:24:53.0988 0x0bc8  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
12:24:54.0003 0x0bc8  sisagp - ok
12:24:54.0050 0x0bc8  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
12:24:54.0066 0x0bc8  SiSRaid2 - ok
12:24:54.0097 0x0bc8  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:24:54.0128 0x0bc8  SiSRaid4 - ok
12:24:54.0159 0x0bc8  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:24:54.0206 0x0bc8  Smb - ok
12:24:54.0253 0x0bc8  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:24:54.0284 0x0bc8  SNMPTRAP - ok
12:24:54.0331 0x0bc8  [ DC8D2952FB6FFBAEC67BD1B93A34DF11, 0BD1523A68900B80ED1BCCB967643525CCA55D4FF4622D0128913690E6BB619E ] speedfan        C:\Windows\system32\speedfan.sys
12:24:54.0362 0x0bc8  speedfan - ok
12:24:54.0393 0x0bc8  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:24:54.0424 0x0bc8  spldr - ok
12:24:54.0471 0x0bc8  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
12:24:54.0518 0x0bc8  Spooler - ok
12:24:54.0674 0x0bc8  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
12:24:54.0814 0x0bc8  sppsvc - ok
12:24:54.0861 0x0bc8  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:24:54.0908 0x0bc8  sppuinotify - ok
12:24:54.0955 0x0bc8  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:24:54.0986 0x0bc8  srv - ok
12:24:55.0033 0x0bc8  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:24:55.0064 0x0bc8  srv2 - ok
12:24:55.0095 0x0bc8  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:24:55.0111 0x0bc8  srvnet - ok
12:24:55.0158 0x0bc8  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:24:55.0220 0x0bc8  SSDPSRV - ok
12:24:55.0267 0x0bc8  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:24:55.0329 0x0bc8  SstpSvc - ok
12:24:55.0360 0x0bc8  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
12:24:55.0376 0x0bc8  stexstor - ok
12:24:55.0423 0x0bc8  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
12:24:55.0470 0x0bc8  StiSvc - ok
12:24:55.0501 0x0bc8  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
12:24:55.0516 0x0bc8  storflt - ok
12:24:55.0548 0x0bc8  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
12:24:55.0594 0x0bc8  StorSvc - ok
12:24:55.0626 0x0bc8  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
12:24:55.0657 0x0bc8  storvsc - ok
12:24:55.0672 0x0bc8  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:24:55.0688 0x0bc8  swenum - ok
12:24:55.0735 0x0bc8  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
12:24:55.0782 0x0bc8  swprv - ok
12:24:55.0844 0x0bc8  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
12:24:55.0906 0x0bc8  SysMain - ok
12:24:55.0938 0x0bc8  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
12:24:55.0984 0x0bc8  TabletInputService - ok
12:24:56.0016 0x0bc8  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:24:56.0062 0x0bc8  TapiSrv - ok
12:24:56.0078 0x0bc8  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
12:24:56.0125 0x0bc8  TBS - ok
12:24:56.0218 0x0bc8  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:24:56.0296 0x0bc8  Tcpip - ok
12:24:56.0359 0x0bc8  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:24:56.0421 0x0bc8  TCPIP6 - ok
12:24:56.0468 0x0bc8  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:24:56.0499 0x0bc8  tcpipreg - ok
12:24:56.0530 0x0bc8  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:24:56.0562 0x0bc8  TDPIPE - ok
12:24:56.0577 0x0bc8  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:24:56.0608 0x0bc8  TDTCP - ok
12:24:56.0655 0x0bc8  [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:24:56.0702 0x0bc8  tdx - ok
12:24:56.0718 0x0bc8  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:24:56.0733 0x0bc8  TermDD - ok
12:24:56.0796 0x0bc8  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
12:24:56.0858 0x0bc8  TermService - ok
12:24:56.0905 0x0bc8  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
12:24:56.0952 0x0bc8  Themes - ok
12:24:56.0967 0x0bc8  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
12:24:57.0014 0x0bc8  THREADORDER - ok
12:24:57.0045 0x0bc8  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
12:24:57.0092 0x0bc8  TrkWks - ok
12:24:57.0154 0x0bc8  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:24:57.0201 0x0bc8  TrustedInstaller - ok
12:24:57.0248 0x0bc8  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:24:57.0279 0x0bc8  tssecsrv - ok
12:24:57.0326 0x0bc8  [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:24:57.0357 0x0bc8  TsUsbFlt - ok
12:24:57.0388 0x0bc8  [ 57C527AF84748B5C2F5178C499C0B81F, 2FF1F25BA16F8984E9F2CE4DE663F261BAF267EDF10D466A52BB211C567F763C ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
12:24:57.0420 0x0bc8  TsUsbGD - ok
12:24:57.0466 0x0bc8  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:24:57.0498 0x0bc8  tunnel - ok
12:24:57.0529 0x0bc8  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:24:57.0544 0x0bc8  uagp35 - ok
12:24:57.0591 0x0bc8  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:24:57.0622 0x0bc8  udfs - ok
12:24:57.0685 0x0bc8  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:24:57.0700 0x0bc8  UI0Detect - ok
12:24:57.0732 0x0bc8  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:24:57.0763 0x0bc8  uliagpkx - ok
12:24:57.0794 0x0bc8  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:24:57.0810 0x0bc8  umbus - ok
12:24:57.0841 0x0bc8  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
12:24:57.0872 0x0bc8  UmPass - ok
12:24:57.0903 0x0bc8  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
12:24:57.0934 0x0bc8  UmRdpService - ok
12:24:57.0981 0x0bc8  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
12:24:58.0044 0x0bc8  upnphost - ok
12:24:58.0090 0x0bc8  [ EC1C23779BB41A8B2AB2AA6FCE308BDE, D027A2B472CAE97AECB16F69BE52E06CB61E1C61AE196C22662050B711C1C72D ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
12:24:58.0122 0x0bc8  USBAAPL - ok
12:24:58.0168 0x0bc8  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:24:58.0200 0x0bc8  usbccgp - ok
12:24:58.0246 0x0bc8  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:24:58.0278 0x0bc8  usbcir - ok
12:24:58.0324 0x0bc8  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:24:58.0356 0x0bc8  usbehci - ok
12:24:58.0418 0x0bc8  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:24:58.0449 0x0bc8  usbhub - ok
12:24:58.0465 0x0bc8  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
12:24:58.0496 0x0bc8  usbohci - ok
12:24:58.0543 0x0bc8  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:24:58.0558 0x0bc8  usbprint - ok
12:24:58.0605 0x0bc8  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
12:24:58.0636 0x0bc8  usbscan - ok
12:24:58.0668 0x0bc8  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:24:58.0699 0x0bc8  USBSTOR - ok
12:24:58.0746 0x0bc8  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
12:24:58.0777 0x0bc8  usbuhci - ok
12:24:58.0792 0x0bc8  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
12:24:58.0839 0x0bc8  UxSms - ok
12:24:58.0855 0x0bc8  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] VaultSvc        C:\Windows\system32\lsass.exe
12:24:58.0886 0x0bc8  VaultSvc - ok
12:24:58.0964 0x0bc8  [ ACC8107C8CA822972D3E70550DCBF07B, 1FFC80E5FA9B971DF6499ACCC57DB6C07D24991101FE663AFB58A6C07FEFB305 ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
12:24:58.0995 0x0bc8  VBoxAswDrv - ok
12:24:59.0042 0x0bc8  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:24:59.0058 0x0bc8  vdrvroot - ok
12:24:59.0104 0x0bc8  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
12:24:59.0167 0x0bc8  vds - ok
12:24:59.0182 0x0bc8  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:24:59.0214 0x0bc8  vga - ok
12:24:59.0229 0x0bc8  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:24:59.0276 0x0bc8  VgaSave - ok
12:24:59.0307 0x0bc8  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:24:59.0338 0x0bc8  vhdmp - ok
12:24:59.0370 0x0bc8  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
12:24:59.0385 0x0bc8  viaagp - ok
12:24:59.0416 0x0bc8  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
12:24:59.0432 0x0bc8  ViaC7 - ok
12:24:59.0463 0x0bc8  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:24:59.0479 0x0bc8  viaide - ok
12:24:59.0526 0x0bc8  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
12:24:59.0541 0x0bc8  vmbus - ok
12:24:59.0572 0x0bc8  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
12:24:59.0588 0x0bc8  VMBusHID - ok
12:24:59.0604 0x0bc8  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:24:59.0635 0x0bc8  volmgr - ok
12:24:59.0666 0x0bc8  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:24:59.0697 0x0bc8  volmgrx - ok
12:24:59.0760 0x0bc8  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:24:59.0775 0x0bc8  volsnap - ok
12:24:59.0822 0x0bc8  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:24:59.0853 0x0bc8  vsmraid - ok
12:24:59.0916 0x0bc8  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
12:24:59.0994 0x0bc8  VSS - ok
12:25:00.0025 0x0bc8  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
12:25:00.0056 0x0bc8  vwifibus - ok
12:25:00.0118 0x0bc8  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
12:25:00.0165 0x0bc8  W32Time - ok
12:25:00.0196 0x0bc8  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:25:00.0228 0x0bc8  WacomPen - ok
12:25:00.0259 0x0bc8  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:25:00.0306 0x0bc8  WANARP - ok
12:25:00.0321 0x0bc8  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:25:00.0368 0x0bc8  Wanarpv6 - ok
12:25:00.0446 0x0bc8  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:25:00.0524 0x0bc8  WatAdminSvc - ok
12:25:00.0602 0x0bc8  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
12:25:00.0664 0x0bc8  wbengine - ok
12:25:00.0696 0x0bc8  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:25:00.0742 0x0bc8  WbioSrvc - ok
12:25:00.0774 0x0bc8  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:25:00.0805 0x0bc8  wcncsvc - ok
12:25:00.0836 0x0bc8  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:25:00.0867 0x0bc8  WcsPlugInService - ok
12:25:00.0883 0x0bc8  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
12:25:00.0914 0x0bc8  Wd - ok
12:25:00.0961 0x0bc8  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:25:01.0008 0x0bc8  Wdf01000 - ok
12:25:01.0070 0x0bc8  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:25:01.0101 0x0bc8  WdiServiceHost - ok
12:25:01.0117 0x0bc8  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:25:01.0148 0x0bc8  WdiSystemHost - ok
12:25:01.0195 0x0bc8  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
12:25:01.0273 0x0bc8  WebClient - ok
12:25:01.0304 0x0bc8  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:25:01.0351 0x0bc8  Wecsvc - ok
12:25:01.0382 0x0bc8  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:25:01.0413 0x0bc8  wercplsupport - ok
12:25:01.0444 0x0bc8  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
12:25:01.0491 0x0bc8  WerSvc - ok
12:25:01.0538 0x0bc8  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:25:01.0585 0x0bc8  WfpLwf - ok
12:25:01.0616 0x0bc8  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:25:01.0647 0x0bc8  WIMMount - ok
12:25:01.0725 0x0bc8  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
12:25:01.0819 0x0bc8  WinDefend - ok
12:25:01.0897 0x0bc8  WinHttpAutoProxySvc - ok
12:25:01.0959 0x0bc8  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:25:02.0053 0x0bc8  Winmgmt - ok
12:25:02.0146 0x0bc8  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:25:02.0209 0x0bc8  WinRM - ok
12:25:02.0287 0x0bc8  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
12:25:02.0318 0x0bc8  WinUsb - ok
12:25:02.0380 0x0bc8  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:25:02.0443 0x0bc8  Wlansvc - ok
12:25:02.0474 0x0bc8  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
12:25:02.0505 0x0bc8  WmiAcpi - ok
12:25:02.0536 0x0bc8  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:25:02.0568 0x0bc8  wmiApSrv - ok
12:25:02.0646 0x0bc8  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
12:25:02.0708 0x0bc8  WMPNetworkSvc - ok
12:25:02.0755 0x0bc8  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:25:02.0786 0x0bc8  WPCSvc - ok
12:25:02.0802 0x0bc8  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:25:02.0833 0x0bc8  WPDBusEnum - ok
12:25:02.0864 0x0bc8  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:25:02.0911 0x0bc8  ws2ifsl - ok
12:25:02.0926 0x0bc8  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\system32\wscsvc.dll
12:25:02.0958 0x0bc8  wscsvc - ok
12:25:02.0973 0x0bc8  WSearch - ok
12:25:03.0098 0x0bc8  [ B5202CD63C502A16F6C94186089CF602, 0C4B3F92318D81B67820524D71618333539FEAD2877D8ABA5D7D82E66A9A6417 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:25:03.0207 0x0bc8  wuauserv - ok
12:25:03.0238 0x0bc8  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:25:03.0285 0x0bc8  WudfPf - ok
12:25:03.0316 0x0bc8  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:25:03.0348 0x0bc8  WUDFRd - ok
12:25:03.0379 0x0bc8  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:25:03.0410 0x0bc8  wudfsvc - ok
12:25:03.0457 0x0bc8  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:25:03.0519 0x0bc8  WwanSvc - ok
12:25:03.0566 0x0bc8  [ 30B73EB97218A16CBC6DE535782A1B35, 5B034F39FA5B902BD6899717F7696871CDAFB8698B48BB0E95DAE51234715A28 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x86.sys
12:25:03.0628 0x0bc8  yukonw7 - ok
12:25:03.0644 0x0bc8  ================ Scan global ===============================
12:25:03.0675 0x0bc8  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
12:25:03.0722 0x0bc8  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
12:25:03.0753 0x0bc8  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
12:25:03.0784 0x0bc8  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
12:25:03.0831 0x0bc8  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
12:25:03.0847 0x0bc8  [ Global ] - ok
12:25:03.0847 0x0bc8  ================ Scan MBR ==================================
12:25:03.0847 0x0bc8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:25:04.0096 0x0bc8  \Device\Harddisk0\DR0 - ok
12:25:04.0128 0x0bc8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
12:25:04.0252 0x0bc8  \Device\Harddisk1\DR1 - ok
12:25:04.0252 0x0bc8  ================ Scan VBR ==================================
12:25:04.0268 0x0bc8  [ EE7AAF883CFA828A0BCE690433698A05 ] \Device\Harddisk0\DR0\Partition1
12:25:04.0284 0x0bc8  \Device\Harddisk0\DR0\Partition1 - ok
12:25:04.0284 0x0bc8  [ 0195E116EA2037FB531BF43F8D183A6A ] \Device\Harddisk0\DR0\Partition2
12:25:04.0299 0x0bc8  \Device\Harddisk0\DR0\Partition2 - ok
12:25:04.0315 0x0bc8  [ 5EDB229FC627BFF5BE9268D0C0E713F6 ] \Device\Harddisk1\DR1\Partition1
12:25:04.0346 0x0bc8  \Device\Harddisk1\DR1\Partition1 - ok
12:25:04.0346 0x0bc8  ================ Scan generic autorun ======================
12:25:04.0642 0x0bc8  [ 65C6AA484AD2287D20541C7735989437, 1842787640391F4A4CD9ED0A531298A61F4B2FB09BEC98FEE256313AFB458EDB ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
12:25:04.0814 0x0bc8  AvastUI.exe - ok
12:25:04.0923 0x0bc8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\sidebar.exe
12:25:05.0001 0x0bc8  Sidebar - ok
12:25:05.0344 0x0bc8  [ EE526B0428581B57FFC571FF57309E28, 1CF4DD251E78F2B67C4B1973E3378D6B87C5698EEC398CA4043621842ACC426C ] C:\Program Files\CCleaner\CCleaner.exe
12:25:05.0547 0x0bc8  CCleaner Monitoring - ok
12:25:05.0578 0x0bc8  Waiting for KSN requests completion. In queue: 173
12:25:06.0592 0x0bc8  Waiting for KSN requests completion. In queue: 173
12:25:07.0606 0x0bc8  Waiting for KSN requests completion. In queue: 173
12:25:08.0620 0x0bc8  Waiting for KSN requests completion. In queue: 20
12:25:09.0681 0x0bc8  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x42000 ( disabled : updated )
12:25:09.0681 0x0bc8  Win FW state via NFP2: enabled
12:25:12.0520 0x0bc8  ============================================================
12:25:12.0520 0x0bc8  Scan finished
12:25:12.0520 0x0bc8  ============================================================
12:25:12.0536 0x0fc8  Detected object count: 0
12:25:12.0536 0x0fc8  Actual detected object count: 0
12:25:38.0884 0x0b24  ============================================================
12:25:38.0884 0x0b24  Scan started
12:25:38.0884 0x0b24  Mode: Manual; SigCheck; TDLFS; 
12:25:38.0884 0x0b24  ============================================================
12:25:38.0884 0x0b24  KSN ping started
12:25:41.0708 0x0b24  KSN ping finished: true
12:25:42.0488 0x0b24  ================ Scan system memory ========================
12:25:42.0488 0x0b24  System memory - ok
12:25:42.0488 0x0b24  ================ Scan services =============================
12:25:42.0628 0x0b24  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:25:42.0753 0x0b24  1394ohci - ok
12:25:42.0784 0x0b24  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:25:42.0800 0x0b24  ACPI - ok
12:25:42.0831 0x0b24  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:25:42.0862 0x0b24  AcpiPmi - ok
12:25:42.0925 0x0b24  [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:25:42.0956 0x0b24  AdobeARMservice - ok
12:25:42.0987 0x0b24  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
12:25:43.0034 0x0b24  adp94xx - ok
12:25:43.0065 0x0b24  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
12:25:43.0096 0x0b24  adpahci - ok
12:25:43.0128 0x0b24  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
12:25:43.0143 0x0b24  adpu320 - ok
12:25:43.0190 0x0b24  [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:25:43.0221 0x0b24  AeLookupSvc - ok
12:25:43.0268 0x0b24  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
12:25:43.0315 0x0b24  AFD - ok
12:25:43.0346 0x0b24  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
12:25:43.0362 0x0b24  agp440 - ok
12:25:43.0393 0x0b24  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
12:25:43.0408 0x0b24  aic78xx - ok
12:25:43.0440 0x0b24  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
12:25:43.0471 0x0b24  ALG - ok
12:25:43.0486 0x0b24  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:25:43.0518 0x0b24  aliide - ok
12:25:43.0533 0x0b24  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
12:25:43.0549 0x0b24  amdagp - ok
12:25:43.0564 0x0b24  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:25:43.0596 0x0b24  amdide - ok
12:25:43.0611 0x0b24  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:25:43.0642 0x0b24  AmdK8 - ok
12:25:43.0658 0x0b24  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
12:25:43.0689 0x0b24  AmdPPM - ok
12:25:43.0720 0x0b24  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:25:43.0736 0x0b24  amdsata - ok
12:25:43.0767 0x0b24  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
12:25:43.0783 0x0b24  amdsbs - ok
12:25:43.0814 0x0b24  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:25:43.0845 0x0b24  amdxata - ok
12:25:43.0845 0x0b24  Andbus - ok
12:25:43.0861 0x0b24  AndDiag - ok
12:25:43.0876 0x0b24  AndGps - ok
12:25:43.0892 0x0b24  ANDModem - ok
12:25:43.0892 0x0b24  AndNetDiag - ok
12:25:43.0908 0x0b24  ANDNetModem - ok
12:25:43.0923 0x0b24  andnetndis - ok
12:25:43.0970 0x0b24  [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID           C:\Windows\system32\drivers\appid.sys
12:25:44.0001 0x0b24  AppID - ok
12:25:44.0032 0x0b24  [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:25:44.0064 0x0b24  AppIDSvc - ok
12:25:44.0079 0x0b24  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
12:25:44.0110 0x0b24  Appinfo - ok
12:25:44.0173 0x0b24  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:25:44.0204 0x0b24  Apple Mobile Device - ok
12:25:44.0220 0x0b24  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
12:25:44.0251 0x0b24  AppMgmt - ok
12:25:44.0282 0x0b24  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
12:25:44.0298 0x0b24  arc - ok
12:25:44.0329 0x0b24  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ]

neodace · 11.07.2015, 11:35

TDSS Teil 2

Code:

ATTFilter

arcsas          C:\Windows\system32\drivers\arcsas.sys
12:25:44.0344 0x0b24  arcsas - ok
12:25:44.0438 0x0b24  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:25:44.0469 0x0b24  aspnet_state - ok
12:25:44.0485 0x0b24  [ EFDEF61C488A193986D4672658E91532, B2E97542F7C608937005A2ABFA10F7FD8F3E8F1AB3FBE621772E41048BBDDDBE ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
12:25:44.0516 0x0b24  aswHwid - ok
12:25:44.0532 0x0b24  [ 91AAF4792987B43C0653D74516F092C8, DFFB5D0BA6537E2B6A45292B8A2B566F848D54A2FB54017711236E2D3BCBEBBE ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
12:25:44.0547 0x0b24  aswMonFlt - ok
12:25:44.0563 0x0b24  [ 8C8FEC9F50898BB814BDFB5F5B2D566C, C72472C413550144E10A995A1CF28EB68519B147BD7AE6DF195512014083F9A8 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
12:25:44.0594 0x0b24  aswRdr - ok
12:25:44.0610 0x0b24  [ 2DB91CE80C367ACDD1331DE9B1E3EAEF, 7AF35FBA1DB6A44928A6DF554E9428C3E21191B376756718832FCD66F9F9D07C ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
12:25:44.0625 0x0b24  aswRvrt - ok
12:25:44.0688 0x0b24  [ 83DF5B3DE1C6527972946CDB328446F7, F4CA80903EE6FCB7E5A7B0E989692B6B5177CE03D3BFFE6A93D53C8B364EE833 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
12:25:44.0734 0x0b24  aswSnx - ok
12:25:44.0797 0x0b24  [ 16D269F0EF94DB61FAB6934DEED19C91, EAFCE70C0816EAEA6BB8F41A935AE5EDE389C6832FBD45413893DFC5458E5D3D ] aswSP           C:\Windows\system32\drivers\aswSP.sys
12:25:44.0828 0x0b24  aswSP - ok
12:25:44.0859 0x0b24  [ A5F0A2EB182C8A137E2C43CB4109EC1E, 0A95F497FCB51CC1F36D740833FD4766A42C287A34A8E0FA9078F1533AD9D75E ] aswStm          C:\Windows\system32\drivers\aswStm.sys
12:25:44.0890 0x0b24  aswStm - ok
12:25:44.0922 0x0b24  [ 1D472E0E2AB962AA7F70B9AF85BF3C72, A428D76C47E354BCF9042A384445BCEE97C46BF9A98A65D9C48117B5FAE56819 ] aswTap          C:\Windows\system32\DRIVERS\aswTap.sys
12:25:44.0953 0x0b24  aswTap - ok
12:25:44.0968 0x0b24  [ D45875D018F9FB9BF19B976AD8791DE9, 9AA70417A9AAFF5515C6B1FFADD563FBDC0BC62AA0B9FDA8A771E67203C12270 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
12:25:45.0000 0x0b24  aswVmm - ok
12:25:45.0031 0x0b24  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:25:45.0078 0x0b24  AsyncMac - ok
12:25:45.0093 0x0b24  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:25:45.0124 0x0b24  atapi - ok
12:25:45.0171 0x0b24  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:25:45.0218 0x0b24  AudioEndpointBuilder - ok
12:25:45.0249 0x0b24  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
12:25:45.0296 0x0b24  Audiosrv - ok
12:25:45.0358 0x0b24  [ 54236E79A44F909612391C8A2D70D512, B0DF5BCC4F90AF087D0306F8D81F90B2CAE0176813E3AA6A7D5460F7878677CD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:25:45.0390 0x0b24  avast! Antivirus - ok
12:25:45.0592 0x0b24  [ E5CA07C1A5A4C7095FC8937D84B37243, A881B253767305ED181DB0A270C3D6CFC5FA2293F1BB050793289DD86B1C20BB ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
12:25:45.0733 0x0b24  AvastVBoxSvc - ok
12:25:45.0795 0x0b24  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:25:45.0826 0x0b24  AxInstSV - ok
12:25:45.0873 0x0b24  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
12:25:45.0904 0x0b24  b06bdrv - ok
12:25:45.0936 0x0b24  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
12:25:45.0967 0x0b24  b57nd60x - ok
12:25:45.0998 0x0b24  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
12:25:46.0029 0x0b24  BDESVC - ok
12:25:46.0060 0x0b24  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:25:46.0092 0x0b24  Beep - ok
12:25:46.0138 0x0b24  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
12:25:46.0201 0x0b24  BFE - ok
12:25:46.0248 0x0b24  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\system32\qmgr.dll
12:25:46.0310 0x0b24  BITS - ok
12:25:46.0341 0x0b24  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:25:46.0372 0x0b24  blbdrive - ok
12:25:46.0450 0x0b24  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:25:46.0482 0x0b24  Bonjour Service - ok
12:25:46.0513 0x0b24  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:25:46.0544 0x0b24  bowser - ok
12:25:46.0560 0x0b24  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
12:25:46.0622 0x0b24  BrFiltLo - ok
12:25:46.0638 0x0b24  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
12:25:46.0669 0x0b24  BrFiltUp - ok
12:25:46.0684 0x0b24  [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
12:25:46.0731 0x0b24  BridgeMP - ok
12:25:46.0778 0x0b24  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
12:25:46.0809 0x0b24  Browser - ok
12:25:46.0840 0x0b24  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:25:46.0872 0x0b24  Brserid - ok
12:25:46.0887 0x0b24  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:25:46.0981 0x0b24  BrSerWdm - ok
12:25:47.0012 0x0b24  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:25:47.0059 0x0b24  BrUsbMdm - ok
12:25:47.0074 0x0b24  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:25:47.0090 0x0b24  BrUsbSer - ok
12:25:47.0106 0x0b24  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
12:25:47.0137 0x0b24  BTHMODEM - ok
12:25:47.0184 0x0b24  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
12:25:47.0246 0x0b24  bthserv - ok
12:25:47.0308 0x0b24  catchme - ok
12:25:47.0340 0x0b24  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:25:47.0386 0x0b24  cdfs - ok
12:25:47.0402 0x0b24  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:25:47.0433 0x0b24  cdrom - ok
12:25:47.0464 0x0b24  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:25:47.0511 0x0b24  CertPropSvc - ok
12:25:47.0527 0x0b24  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
12:25:47.0558 0x0b24  circlass - ok
12:25:47.0605 0x0b24  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\Windows\system32\CLFS.sys
12:25:47.0636 0x0b24  CLFS - ok
12:25:47.0698 0x0b24  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:25:47.0714 0x0b24  clr_optimization_v2.0.50727_32 - ok
12:25:47.0745 0x0b24  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:25:47.0792 0x0b24  clr_optimization_v4.0.30319_32 - ok
12:25:47.0823 0x0b24  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
12:25:47.0854 0x0b24  CmBatt - ok
12:25:47.0886 0x0b24  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:25:47.0917 0x0b24  cmdide - ok
12:25:47.0964 0x0b24  [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG             C:\Windows\system32\Drivers\cng.sys
12:25:48.0010 0x0b24  CNG - ok
12:25:48.0026 0x0b24  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
12:25:48.0057 0x0b24  Compbatt - ok
12:25:48.0073 0x0b24  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
12:25:48.0104 0x0b24  CompositeBus - ok
12:25:48.0104 0x0b24  COMSysApp - ok
12:25:48.0120 0x0b24  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
12:25:48.0151 0x0b24  crcdisk - ok
12:25:48.0151 0x0b24  crliycos - ok
12:25:48.0213 0x0b24  [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:25:48.0244 0x0b24  CryptSvc - ok
12:25:48.0276 0x0b24  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
12:25:48.0307 0x0b24  CSC - ok
12:25:48.0354 0x0b24  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
12:25:48.0400 0x0b24  CscService - ok
12:25:48.0447 0x0b24  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:25:48.0510 0x0b24  DcomLaunch - ok
12:25:48.0541 0x0b24  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
12:25:48.0588 0x0b24  defragsvc - ok
12:25:48.0619 0x0b24  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:25:48.0650 0x0b24  DfsC - ok
12:25:48.0681 0x0b24  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:25:48.0744 0x0b24  Dhcp - ok
12:25:48.0806 0x0b24  [ 7AB2DE012C88870C9274E966EC88AB61, CE2098B152B9C039C29C0573C813BFBF13B2D2E6BEE83985374160884A817133 ] DiagTrack       C:\Windows\system32\diagtrack.dll
12:25:48.0853 0x0b24  DiagTrack - ok
12:25:48.0884 0x0b24  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
12:25:48.0931 0x0b24  discache - ok
12:25:48.0962 0x0b24  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
12:25:48.0993 0x0b24  Disk - ok
12:25:49.0009 0x0b24  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
12:25:49.0040 0x0b24  dmvsc - ok
12:25:49.0071 0x0b24  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:25:49.0102 0x0b24  Dnscache - ok
12:25:49.0134 0x0b24  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:25:49.0180 0x0b24  dot3svc - ok
12:25:49.0212 0x0b24  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
12:25:49.0274 0x0b24  DPS - ok
12:25:49.0290 0x0b24  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:25:49.0321 0x0b24  drmkaud - ok
12:25:49.0383 0x0b24  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:25:49.0430 0x0b24  DXGKrnl - ok
12:25:49.0446 0x0b24  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
12:25:49.0492 0x0b24  EapHost - ok
12:25:49.0524 0x0b24  [ 560EDC0912BDB68290930E2542823A24, CB9578A19F717FBD388F2BE8179CF2D4755DF11AD246E13AF1D43E25CA026386 ] eapihdrv        C:\Users\Noname\AppData\Local\Temp\ehdrv.sys
12:25:49.0555 0x0b24  eapihdrv - ok
12:25:49.0695 0x0b24  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
12:25:49.0820 0x0b24  ebdrv - ok
12:25:49.0882 0x0b24  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] EFS             C:\Windows\System32\lsass.exe
12:25:49.0914 0x0b24  EFS - ok
12:25:49.0976 0x0b24  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:25:50.0023 0x0b24  ehRecvr - ok
12:25:50.0054 0x0b24  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
12:25:50.0070 0x0b24  ehSched - ok
12:25:50.0116 0x0b24  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
12:25:50.0148 0x0b24  elxstor - ok
12:25:50.0163 0x0b24  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:25:50.0194 0x0b24  ErrDev - ok
12:25:50.0241 0x0b24  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
12:25:50.0304 0x0b24  EventSystem - ok
12:25:50.0335 0x0b24  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:25:50.0382 0x0b24  exfat - ok
12:25:50.0413 0x0b24  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:25:50.0460 0x0b24  fastfat - ok
12:25:50.0522 0x0b24  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
12:25:50.0553 0x0b24  Fax - ok
12:25:50.0584 0x0b24  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:25:50.0600 0x0b24  fdc - ok
12:25:50.0616 0x0b24  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
12:25:50.0662 0x0b24  fdPHost - ok
12:25:50.0694 0x0b24  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:25:50.0725 0x0b24  FDResPub - ok
12:25:50.0756 0x0b24  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:25:50.0772 0x0b24  FileInfo - ok
12:25:50.0803 0x0b24  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:25:50.0834 0x0b24  Filetrace - ok
12:25:50.0865 0x0b24  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:25:50.0881 0x0b24  flpydisk - ok
12:25:50.0912 0x0b24  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:25:50.0943 0x0b24  FltMgr - ok
12:25:51.0006 0x0b24  [ 6EC244F102C7F129678E5F7309D1366D, C30DA201AC623DA440B0A0716534557C578218C2A591FA8893CCCBD96B4518F9 ] FontCache       C:\Windows\system32\FntCache.dll
12:25:51.0068 0x0b24  FontCache - ok
12:25:51.0115 0x0b24  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:25:51.0130 0x0b24  FontCache3.0.0.0 - ok
12:25:51.0162 0x0b24  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:25:51.0177 0x0b24  FsDepends - ok
12:25:51.0224 0x0b24  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:25:51.0240 0x0b24  Fs_Rec - ok
12:25:51.0271 0x0b24  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:25:51.0302 0x0b24  fvevol - ok
12:25:51.0333 0x0b24  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
12:25:51.0349 0x0b24  gagp30kx - ok
12:25:51.0396 0x0b24  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:25:51.0411 0x0b24  GEARAspiWDM - ok
12:25:51.0442 0x0b24  [ 77EBF3E9386DAA51551AF429052D88D0, 94C3294BB9E14B07448734AE65B37801D3FF15BEC987D182A929A017FEF7B276 ] giveio          C:\Windows\system32\giveio.sys
12:25:51.0458 0x0b24  giveio - detected UnsignedFile.Multi.Generic ( 1 )
12:25:51.0458 0x0b24  Detect skipped due to KSN trusted
12:25:51.0458 0x0b24  giveio - ok
12:25:51.0505 0x0b24  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:25:51.0567 0x0b24  gpsvc - ok
12:25:51.0614 0x0b24  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:25:51.0630 0x0b24  hcw85cir - ok
12:25:51.0676 0x0b24  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:25:51.0723 0x0b24  HdAudAddService - ok
12:25:51.0739 0x0b24  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:25:51.0770 0x0b24  HDAudBus - ok
12:25:51.0786 0x0b24  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
12:25:51.0801 0x0b24  HidBatt - ok
12:25:51.0832 0x0b24  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
12:25:51.0864 0x0b24  HidBth - ok
12:25:51.0879 0x0b24  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
12:25:51.0910 0x0b24  HidIr - ok
12:25:51.0942 0x0b24  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\System32\hidserv.dll
12:25:51.0988 0x0b24  hidserv - ok
12:25:52.0020 0x0b24  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:25:52.0051 0x0b24  HidUsb - ok
12:25:52.0066 0x0b24  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:25:52.0113 0x0b24  hkmsvc - ok
12:25:52.0144 0x0b24  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:25:52.0176 0x0b24  HomeGroupListener - ok
12:25:52.0207 0x0b24  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:25:52.0238 0x0b24  HomeGroupProvider - ok
12:25:52.0269 0x0b24  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:25:52.0300 0x0b24  HpSAMD - ok
12:25:52.0347 0x0b24  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:25:52.0394 0x0b24  HTTP - ok
12:25:52.0410 0x0b24  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:25:52.0441 0x0b24  hwpolicy - ok
12:25:52.0456 0x0b24  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:25:52.0488 0x0b24  i8042prt - ok
12:25:52.0519 0x0b24  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:25:52.0550 0x0b24  iaStorV - ok
12:25:52.0644 0x0b24  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:25:52.0706 0x0b24  idsvc - ok
12:25:52.0722 0x0b24  IEEtwCollectorService - ok
12:25:52.0753 0x0b24  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
12:25:52.0768 0x0b24  iirsp - ok
12:25:52.0815 0x0b24  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
12:25:52.0878 0x0b24  IKEEXT - ok
12:25:52.0909 0x0b24  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:25:52.0940 0x0b24  intelide - ok
12:25:52.0971 0x0b24  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:25:53.0002 0x0b24  intelppm - ok
12:25:53.0034 0x0b24  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:25:53.0080 0x0b24  IPBusEnum - ok
12:25:53.0096 0x0b24  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:25:53.0143 0x0b24  IpFilterDriver - ok
12:25:53.0190 0x0b24  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:25:53.0236 0x0b24  iphlpsvc - ok
12:25:53.0268 0x0b24  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:25:53.0299 0x0b24  IPMIDRV - ok
12:25:53.0314 0x0b24  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:25:53.0361 0x0b24  IPNAT - ok
12:25:53.0408 0x0b24  [ 4D800977F7EB0C310AF04BF5B517985A, DD4EC347D4759AC401BD08739DE012E5F1903DF2EDEBEA17CCD3C19FF1F6005E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
12:25:53.0439 0x0b24  iPod Service - ok
12:25:53.0470 0x0b24  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:25:53.0517 0x0b24  IRENUM - ok
12:25:53.0533 0x0b24  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:25:53.0548 0x0b24  isapnp - ok
12:25:53.0611 0x0b24  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:25:53.0626 0x0b24  iScsiPrt - ok
12:25:53.0658 0x0b24  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:25:53.0673 0x0b24  kbdclass - ok
12:25:53.0704 0x0b24  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:25:53.0720 0x0b24  kbdhid - ok
12:25:53.0736 0x0b24  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] KeyIso          C:\Windows\system32\lsass.exe
12:25:53.0767 0x0b24  KeyIso - ok
12:25:53.0814 0x0b24  [ 3C9D9DFCF517103677D7B6255C727B48, F03252C1EF131AC4FEB83983B7BB3BAAACE0EEB0B1CFA06D0E04A156D527A0FD ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:25:53.0845 0x0b24  KSecDD - ok
12:25:53.0860 0x0b24  [ 0DFC56491C8B56A35AD52EAF770752FE, C887D6A06DD691DB6E6DC73D2ED0072FE5430F46F85111338196CF342C5892D0 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:25:53.0876 0x0b24  KSecPkg - ok
12:25:53.0923 0x0b24  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:25:53.0970 0x0b24  KtmRm - ok
12:25:54.0016 0x0b24  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\System32\srvsvc.dll
12:25:54.0063 0x0b24  LanmanServer - ok
12:25:54.0094 0x0b24  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:25:54.0141 0x0b24  LanmanWorkstation - ok
12:25:54.0172 0x0b24  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:25:54.0204 0x0b24  lltdio - ok
12:25:54.0235 0x0b24  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:25:54.0297 0x0b24  lltdsvc - ok
12:25:54.0313 0x0b24  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:25:54.0360 0x0b24  lmhosts - ok
12:25:54.0375 0x0b24  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
12:25:54.0406 0x0b24  LSI_FC - ok
12:25:54.0438 0x0b24  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
12:25:54.0453 0x0b24  LSI_SAS - ok
12:25:54.0484 0x0b24  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
12:25:54.0516 0x0b24  LSI_SAS2 - ok
12:25:54.0531 0x0b24  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
12:25:54.0562 0x0b24  LSI_SCSI - ok
12:25:54.0578 0x0b24  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:25:54.0625 0x0b24  luafv - ok
12:25:54.0672 0x0b24  [ 3C21F7E95FFCA33EF1A83AA33D9663CF, C843116969E1CDBA45AEF98B33BEDBA9200C62CDB52CD7056CE6768A1EF3A637 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
12:25:54.0687 0x0b24  MBAMProtector - ok
12:25:54.0765 0x0b24  [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService     C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
12:25:54.0828 0x0b24  MBAMService - ok
12:25:54.0874 0x0b24  [ 167BCE00050B19DA25065335645A3C7A, 5CD3EA3E09B4ED318AB6151F56A17B0E4C8CE32DBB77342A39DEF53908F7D2F0 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
12:25:54.0921 0x0b24  MBAMWebAccessControl - ok
12:25:54.0968 0x0b24  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:25:55.0030 0x0b24  Mcx2Svc - ok
12:25:55.0062 0x0b24  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
12:25:55.0077 0x0b24  megasas - ok
12:25:55.0108 0x0b24  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
12:25:55.0140 0x0b24  MegaSR - ok
12:25:55.0171 0x0b24  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
12:25:55.0218 0x0b24  MMCSS - ok
12:25:55.0249 0x0b24  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
12:25:55.0296 0x0b24  Modem - ok
12:25:55.0327 0x0b24  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:25:55.0358 0x0b24  monitor - ok
12:25:55.0405 0x0b24  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:25:55.0420 0x0b24  mouclass - ok
12:25:55.0436 0x0b24  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:25:55.0467 0x0b24  mouhid - ok
12:25:55.0514 0x0b24  [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:25:55.0545 0x0b24  mountmgr - ok
12:25:55.0576 0x0b24  [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
12:25:55.0608 0x0b24  MozillaMaintenance - ok
12:25:55.0639 0x0b24  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:25:55.0670 0x0b24  mpio - ok
12:25:55.0686 0x0b24  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:25:55.0732 0x0b24  mpsdrv - ok
12:25:55.0779 0x0b24  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:25:55.0842 0x0b24  MpsSvc - ok
12:25:55.0873 0x0b24  [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:25:55.0904 0x0b24  MRxDAV - ok
12:25:55.0935 0x0b24  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:25:55.0966 0x0b24  mrxsmb - ok
12:25:55.0998 0x0b24  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:25:56.0029 0x0b24  mrxsmb10 - ok
12:25:56.0044 0x0b24  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:25:56.0076 0x0b24  mrxsmb20 - ok
12:25:56.0107 0x0b24  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:25:56.0122 0x0b24  msahci - ok
12:25:56.0154 0x0b24  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:25:56.0185 0x0b24  msdsm - ok
12:25:56.0200 0x0b24  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
12:25:56.0232 0x0b24  MSDTC - ok
12:25:56.0263 0x0b24  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:25:56.0310 0x0b24  Msfs - ok
12:25:56.0325 0x0b24  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:25:56.0372 0x0b24  mshidkmdf - ok
12:25:56.0388 0x0b24  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:25:56.0419 0x0b24  msisadrv - ok
12:25:56.0450 0x0b24  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:25:56.0497 0x0b24  MSiSCSI - ok
12:25:56.0512 0x0b24  msiserver - ok
12:25:56.0544 0x0b24  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:25:56.0590 0x0b24  MSKSSRV - ok
12:25:56.0606 0x0b24  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:25:56.0653 0x0b24  MSPCLOCK - ok
12:25:56.0684 0x0b24  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:25:56.0715 0x0b24  MSPQM - ok
12:25:56.0746 0x0b24  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:25:56.0762 0x0b24  MsRPC - ok
12:25:56.0793 0x0b24  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:25:56.0809 0x0b24  mssmbios - ok
12:25:56.0824 0x0b24  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:25:56.0871 0x0b24  MSTEE - ok
12:25:56.0887 0x0b24  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
12:25:56.0902 0x0b24  MTConfig - ok
12:25:56.0934 0x0b24  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
12:25:56.0949 0x0b24  Mup - ok
12:25:56.0996 0x0b24  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
12:25:57.0043 0x0b24  napagent - ok
12:25:57.0074 0x0b24  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:25:57.0121 0x0b24  NativeWifiP - ok
12:25:57.0168 0x0b24  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:25:57.0214 0x0b24  NDIS - ok
12:25:57.0246 0x0b24  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:25:57.0277 0x0b24  NdisCap - ok
12:25:57.0308 0x0b24  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:25:57.0339 0x0b24  NdisTapi - ok
12:25:57.0370 0x0b24  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:25:57.0402 0x0b24  Ndisuio - ok
12:25:57.0433 0x0b24  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:25:57.0480 0x0b24  NdisWan - ok
12:25:57.0495 0x0b24  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:25:57.0542 0x0b24  NDProxy - ok
12:25:57.0558 0x0b24  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:25:57.0589 0x0b24  NetBIOS - ok
12:25:57.0620 0x0b24  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:25:57.0667 0x0b24  NetBT - ok
12:25:57.0682 0x0b24  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] Netlogon        C:\Windows\system32\lsass.exe
12:25:57.0714 0x0b24  Netlogon - ok
12:25:57.0760 0x0b24  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
12:25:57.0823 0x0b24  Netman - ok
12:25:57.0854 0x0b24  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:25:57.0885 0x0b24  NetMsmqActivator - ok
12:25:57.0901 0x0b24  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:25:57.0932 0x0b24  NetPipeActivator - ok
12:25:57.0948 0x0b24  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
12:25:58.0026 0x0b24  netprofm - ok
12:25:58.0057 0x0b24  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:25:58.0088 0x0b24  NetTcpActivator - ok
12:25:58.0104 0x0b24  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
12:25:58.0150 0x0b24  NetTcpPortSharing - ok
12:25:58.0182 0x0b24  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
12:25:58.0197 0x0b24  nfrd960 - ok
12:25:58.0260 0x0b24  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:25:58.0291 0x0b24  NlaSvc - ok
12:25:58.0338 0x0b24  [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf             C:\Windows\system32\drivers\npf.sys
12:25:58.0353 0x0b24  npf - ok
12:25:58.0384 0x0b24  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:25:58.0431 0x0b24  Npfs - ok
12:25:58.0462 0x0b24  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
12:25:58.0509 0x0b24  nsi - ok
12:25:58.0525 0x0b24  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:25:58.0556 0x0b24  nsiproxy - ok
12:25:58.0634 0x0b24  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:25:58.0712 0x0b24  Ntfs - ok
12:25:58.0759 0x0b24  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
12:25:58.0790 0x0b24  Null - ok
12:25:58.0837 0x0b24  [ B5E37E31C053BC9950455A257526514B, 16E2880621F3AA12BDADE71CD7682CA79E2A199D3C9E3E5927C49DCEF0F6183B ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x32.sys
12:25:58.0868 0x0b24  NVENETFD - ok
12:25:58.0915 0x0b24  [ 9F8EE4948B7ADD9D12F778F61A2758A4, 9848C7D97AC000BF7A00BAE12593E48E14D36D7FFFCF25A163FAAB446691032F ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
12:25:58.0930 0x0b24  NVHDA - ok
12:25:59.0289 0x0b24  [ FCEA6786A7222DF6C26B008279139952, 9E96776417B45DC1ABDA5DE0CD36913FC6E6A38486D470BCBE01D09CE7388C4A ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:25:59.0586 0x0b24  nvlddmkm - ok
12:25:59.0695 0x0b24  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:25:59.0726 0x0b24  nvraid - ok
12:25:59.0757 0x0b24  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:25:59.0773 0x0b24  nvstor - ok
12:25:59.0835 0x0b24  [ F4B2AAFDB72CC6A54A14A0D6DC82657A, CBC6F3E8BEE4920886A4A3F3269132719E520898590104BCD3391D77F435FD13 ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:25:59.0882 0x0b24  nvsvc - ok
12:25:59.0898 0x0b24  nvvad_WaveExtensible - ok
12:25:59.0929 0x0b24  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:25:59.0960 0x0b24  nv_agp - ok
12:25:59.0976 0x0b24  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:26:00.0007 0x0b24  ohci1394 - ok
12:26:00.0038 0x0b24  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:26:00.0085 0x0b24  p2pimsvc - ok
12:26:00.0116 0x0b24  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
12:26:00.0163 0x0b24  p2psvc - ok
12:26:00.0179 0x0b24  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:26:00.0210 0x0b24  Parport - ok
12:26:00.0241 0x0b24  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:26:00.0257 0x0b24  partmgr - ok
12:26:00.0288 0x0b24  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
12:26:00.0319 0x0b24  Parvdm - ok
12:26:00.0366 0x0b24  [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:26:00.0413 0x0b24  PcaSvc - ok
12:26:00.0444 0x0b24  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
12:26:00.0475 0x0b24  pci - ok
12:26:00.0491 0x0b24  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:26:00.0522 0x0b24  pciide - ok
12:26:00.0553 0x0b24  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
12:26:00.0569 0x0b24  pcmcia - ok
12:26:00.0600 0x0b24  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:26:00.0615 0x0b24  pcw - ok
12:26:00.0678 0x0b24  [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:26:00.0709 0x0b24  PEAUTH - ok
12:26:00.0787 0x0b24  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
12:26:00.0849 0x0b24  PeerDistSvc - ok
12:26:00.0959 0x0b24  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
12:26:01.0052 0x0b24  pla - ok
12:26:01.0099 0x0b24  [ 2ABA2F545B35F9C6CC2CFC4E1D539A80, 4771ED8E1FE3F9F2B999BDC8D5D8D437615117E5150E1677811954C6C802850F ] PLCNDIS5        C:\Windows\system32\plcndis5.sys
12:26:01.0099 0x0b24  PLCNDIS5 - detected UnsignedFile.Multi.Generic ( 1 )
12:26:01.0099 0x0b24  Detect skipped due to KSN trusted
12:26:01.0099 0x0b24  PLCNDIS5 - ok
12:26:01.0146 0x0b24  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:26:01.0177 0x0b24  PlugPlay - ok
12:26:01.0193 0x0b24  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:26:01.0239 0x0b24  PNRPAutoReg - ok
12:26:01.0255 0x0b24  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:26:01.0302 0x0b24  PNRPsvc - ok
12:26:01.0333 0x0b24  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:26:01.0395 0x0b24  PolicyAgent - ok
12:26:01.0427 0x0b24  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
12:26:01.0473 0x0b24  Power - ok
12:26:01.0505 0x0b24  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:26:01.0536 0x0b24  PptpMiniport - ok
12:26:01.0567 0x0b24  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
12:26:01.0583 0x0b24  Processor - ok
12:26:01.0629 0x0b24  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:26:01.0661 0x0b24  ProfSvc - ok
12:26:01.0676 0x0b24  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:26:01.0707 0x0b24  ProtectedStorage - ok
12:26:01.0739 0x0b24  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:26:01.0770 0x0b24  Psched - ok
12:26:01.0817 0x0b24  [ 68B57D7C11277EA89F78255480376B4D, 5530B58126BF33E6BCDED99C73C41B90BA148587BDA3866FD4DAD12035B302B5 ] PSI             C:\Windows\system32\DRIVERS\psi_mf_x86.sys
12:26:01.0832 0x0b24  PSI - ok
12:26:01.0910 0x0b24  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
12:26:01.0973 0x0b24  ql2300 - ok
12:26:02.0019 0x0b24  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
12:26:02.0035 0x0b24  ql40xx - ok
12:26:02.0066 0x0b24  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
12:26:02.0097 0x0b24  QWAVE - ok
12:26:02.0144 0x0b24  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:26:02.0160 0x0b24  QWAVEdrv - ok
12:26:02.0175 0x0b24  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:26:02.0222 0x0b24  RasAcd - ok
12:26:02.0238 0x0b24  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:26:02.0285 0x0b24  RasAgileVpn - ok
12:26:02.0300 0x0b24  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
12:26:02.0347 0x0b24  RasAuto - ok
12:26:02.0378 0x0b24  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:26:02.0409 0x0b24  Rasl2tp - ok
12:26:02.0441 0x0b24  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
12:26:02.0503 0x0b24  RasMan - ok
12:26:02.0519 0x0b24  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:26:02.0565 0x0b24  RasPppoe - ok
12:26:02.0581 0x0b24  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:26:02.0628 0x0b24  RasSstp - ok
12:26:02.0659 0x0b24  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:26:02.0706 0x0b24  rdbss - ok
12:26:02.0737 0x0b24  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:26:02.0753 0x0b24  rdpbus - ok
12:26:02.0768 0x0b24  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:26:02.0815 0x0b24  RDPCDD - ok
12:26:02.0846 0x0b24  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
12:26:02.0877 0x0b24  RDPDR - ok
12:26:02.0893 0x0b24  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:26:02.0940 0x0b24  RDPENCDD - ok
12:26:02.0955 0x0b24  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:26:03.0002 0x0b24  RDPREFMP - ok
12:26:03.0080 0x0b24  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:26:03.0111 0x0b24  RdpVideoMiniport - ok
12:26:03.0158 0x0b24  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:26:03.0205 0x0b24  RDPWD - ok
12:26:03.0252 0x0b24  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:26:03.0283 0x0b24  rdyboost - ok
12:26:03.0314 0x0b24  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:26:03.0361 0x0b24  RemoteAccess - ok
12:26:03.0392 0x0b24  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:26:03.0439 0x0b24  RemoteRegistry - ok
12:26:03.0455 0x0b24  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:26:03.0517 0x0b24  RpcEptMapper - ok
12:26:03.0533 0x0b24  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
12:26:03.0564 0x0b24  RpcLocator - ok
12:26:03.0595 0x0b24  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
12:26:03.0642 0x0b24  RpcSs - ok
12:26:03.0689 0x0b24  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:26:03.0720 0x0b24  rspndr - ok
12:26:03.0751 0x0b24  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
12:26:03.0782 0x0b24  s3cap - ok
12:26:03.0798 0x0b24  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] SamSs           C:\Windows\system32\lsass.exe
12:26:03.0829 0x0b24  SamSs - ok
12:26:03.0845 0x0b24  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:26:03.0860 0x0b24  sbp2port - ok
12:26:03.0891 0x0b24  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:26:03.0938 0x0b24  SCardSvr - ok
12:26:03.0969 0x0b24  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:26:04.0016 0x0b24  scfilter - ok
12:26:04.0047 0x0b24  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
12:26:04.0125 0x0b24  Schedule - ok
12:26:04.0141 0x0b24  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:26:04.0188 0x0b24  SCPolicySvc - ok
12:26:04.0219 0x0b24  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:26:04.0250 0x0b24  SDRSVC - ok
12:26:04.0281 0x0b24  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:26:04.0313 0x0b24  secdrv - ok
12:26:04.0344 0x0b24  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
12:26:04.0406 0x0b24  seclogon - ok
12:26:04.0500 0x0b24  [ 5E0E975998BF1612E18B898E5D17838B, 76C11C62DB8055F03F868685E8E2016D99D3FC48313CB51C69E7CEA589D80890 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
12:26:04.0562 0x0b24  Secunia PSI Agent - ok
12:26:04.0640 0x0b24  [ 508DD2E1D5F272B2D3196335DEA2BC26, 2BDC828DB9D9766445C345E82751FA7EF94A089EC84565675EDADE3EC7EB5748 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
12:26:04.0671 0x0b24  Secunia Update Agent - ok
12:26:04.0718 0x0b24  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\system32\sens.dll
12:26:04.0765 0x0b24  SENS - ok
12:26:04.0796 0x0b24  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:26:04.0827 0x0b24  SensrSvc - ok
12:26:04.0843 0x0b24  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:26:04.0859 0x0b24  Serenum - ok
12:26:04.0890 0x0b24  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:26:04.0921 0x0b24  Serial - ok
12:26:04.0937 0x0b24  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
12:26:04.0968 0x0b24  sermouse - ok
12:26:04.0999 0x0b24  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:26:05.0061 0x0b24  SessionEnv - ok
12:26:05.0077 0x0b24  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:26:05.0108 0x0b24  sffdisk - ok
12:26:05.0124 0x0b24  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:26:05.0155 0x0b24  sffp_mmc - ok
12:26:05.0171 0x0b24  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:26:05.0202 0x0b24  sffp_sd - ok
12:26:05.0217 0x0b24  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
12:26:05.0249 0x0b24  sfloppy - ok
12:26:05.0280 0x0b24  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:26:05.0327 0x0b24  SharedAccess - ok
12:26:05.0451 0x0b24  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:26:05.0498 0x0b24  ShellHWDetection - ok
12:26:05.0592 0x0b24  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
12:26:05.0607 0x0b24  sisagp - ok
12:26:05.0623 0x0b24  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
12:26:05.0654 0x0b24  SiSRaid2 - ok
12:26:05.0685 0x0b24  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
12:26:05.0717 0x0b24  SiSRaid4 - ok
12:26:05.0732 0x0b24  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:26:05.0779 0x0b24  Smb - ok
12:26:05.0810 0x0b24  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:26:05.0841 0x0b24  SNMPTRAP - ok
12:26:05.0888 0x0b24  [ DC8D2952FB6FFBAEC67BD1B93A34DF11, 0BD1523A68900B80ED1BCCB967643525CCA55D4FF4622D0128913690E6BB619E ] speedfan        C:\Windows\system32\speedfan.sys
12:26:05.0919 0x0b24  speedfan - ok
12:26:05.0935 0x0b24  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:26:05.0951 0x0b24  spldr - ok
12:26:05.0997 0x0b24  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
12:26:06.0029 0x0b24  Spooler - ok
12:26:06.0185 0x0b24  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
12:26:06.0325 0x0b24  sppsvc - ok
12:26:06.0372 0x0b24  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:26:06.0419 0x0b24  sppuinotify - ok
12:26:06.0450 0x0b24  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:26:06.0497 0x0b24  srv - ok
12:26:06.0528 0x0b24  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:26:06.0559 0x0b24  srv2 - ok
12:26:06.0575 0x0b24  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:26:06.0606 0x0b24  srvnet - ok
12:26:06.0637 0x0b24  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:26:06.0699 0x0b24  SSDPSRV - ok
12:26:06.0715 0x0b24  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:26:06.0777 0x0b24  SstpSvc - ok
12:26:06.0809 0x0b24  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
12:26:06.0824 0x0b24  stexstor - ok
12:26:06.0871 0x0b24  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
12:26:06.0918 0x0b24  StiSvc - ok
12:26:06.0949 0x0b24  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
12:26:06.0980 0x0b24  storflt - ok
12:26:06.0996 0x0b24  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
12:26:07.0027 0x0b24  StorSvc - ok
12:26:07.0058 0x0b24  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
12:26:07.0089 0x0b24  storvsc - ok
12:26:07.0089 0x0b24  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:26:07.0121 0x0b24  swenum - ok
12:26:07.0152 0x0b24  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
12:26:07.0214 0x0b24  swprv - ok
12:26:07.0292 0x0b24  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
12:26:07.0355 0x0b24  SysMain - ok
12:26:07.0386 0x0b24  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
12:26:07.0433 0x0b24  TabletInputService - ok
12:26:07.0448 0x0b24  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:26:07.0495 0x0b24  TapiSrv - ok
12:26:07.0526 0x0b24  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
12:26:07.0573 0x0b24  TBS - ok
12:26:07.0667 0x0b24  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:26:07.0729 0x0b24  Tcpip - ok
12:26:07.0791 0x0b24  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:26:07.0854 0x0b24  TCPIP6 - ok
12:26:07.0901 0x0b24  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:26:07.0916 0x0b24  tcpipreg - ok
12:26:07.0963 0x0b24  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:26:07.0994 0x0b24  TDPIPE - ok
12:26:08.0010 0x0b24  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:26:08.0025 0x0b24  TDTCP - ok
12:26:08.0088 0x0b24  [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:26:08.0119 0x0b24  tdx - ok
12:26:08.0135 0x0b24  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:26:08.0150 0x0b24  TermDD - ok
12:26:08.0213 0x0b24  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
12:26:08.0259 0x0b24  TermService - ok
12:26:08.0322 0x0b24  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
12:26:08.0369 0x0b24  Themes - ok
12:26:08.0400 0x0b24  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
12:26:08.0431 0x0b24  THREADORDER - ok
12:26:08.0462 0x0b24  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
12:26:08.0509 0x0b24  TrkWks - ok
12:26:08.0571 0x0b24  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:26:08.0618 0x0b24  TrustedInstaller - ok
12:26:08.0681 0x0b24  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:26:08.0712 0x0b24  tssecsrv - ok
12:26:08.0743 0x0b24  [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:26:08.0774 0x0b24  TsUsbFlt - ok
12:26:08.0790 0x0b24  [ 57C527AF84748B5C2F5178C499C0B81F, 2FF1F25BA16F8984E9F2CE4DE663F261BAF267EDF10D466A52BB211C567F763C ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
12:26:08.0821 0x0b24  TsUsbGD - ok
12:26:08.0852 0x0b24  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:26:08.0899 0x0b24  tunnel - ok
12:26:08.0915 0x0b24  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
12:26:08.0946 0x0b24  uagp35 - ok
12:26:08.0961 0x0b24  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:26:09.0008 0x0b24  udfs - ok
12:26:09.0055 0x0b24  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:26:09.0086 0x0b24  UI0Detect - ok
12:26:09.0117 0x0b24  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:26:09.0133 0x0b24  uliagpkx - ok
12:26:09.0164 0x0b24  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:26:09.0195 0x0b24  umbus - ok
12:26:09.0211 0x0b24  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
12:26:09.0242 0x0b24  UmPass - ok
12:26:09.0258 0x0b24  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
12:26:09.0305 0x0b24  UmRdpService - ok
12:26:09.0336 0x0b24  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
12:26:09.0383 0x0b24  upnphost - ok
12:26:09.0414 0x0b24  [ EC1C23779BB41A8B2AB2AA6FCE308BDE, D027A2B472CAE97AECB16F69BE52E06CB61E1C61AE196C22662050B711C1C72D ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
12:26:09.0445 0x0b24  USBAAPL - ok
12:26:09.0492 0x0b24  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:26:09.0507 0x0b24  usbccgp - ok
12:26:09.0554 0x0b24  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:26:09.0585 0x0b24  usbcir - ok
12:26:09.0632 0x0b24  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:26:09.0663 0x0b24  usbehci - ok
12:26:09.0710 0x0b24  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:26:09.0741 0x0b24  usbhub - ok
12:26:09.0757 0x0b24  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
12:26:09.0788 0x0b24  usbohci - ok
12:26:09.0819 0x0b24  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:26:09.0851 0x0b24  usbprint - ok
12:26:09.0897 0x0b24  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
12:26:09.0913 0x0b24  usbscan - ok
12:26:09.0929 0x0b24  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:26:09.0960 0x0b24  USBSTOR - ok
12:26:09.0991 0x0b24  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
12:26:10.0007 0x0b24  usbuhci - ok
12:26:10.0038 0x0b24  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
12:26:10.0085 0x0b24  UxSms - ok
12:26:10.0100 0x0b24  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] VaultSvc        C:\Windows\system32\lsass.exe
12:26:10.0131 0x0b24  VaultSvc - ok
12:26:10.0209 0x0b24  [ ACC8107C8CA822972D3E70550DCBF07B, 1FFC80E5FA9B971DF6499ACCC57DB6C07D24991101FE663AFB58A6C07FEFB305 ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
12:26:10.0225 0x0b24  VBoxAswDrv - ok
12:26:10.0272 0x0b24  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:26:10.0303 0x0b24  vdrvroot - ok
12:26:10.0334 0x0b24  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
12:26:10.0397 0x0b24  vds - ok
12:26:10.0428 0x0b24  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:26:10.0459 0x0b24  vga - ok
12:26:10.0490 0x0b24  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:26:10.0521 0x0b24  VgaSave - ok
12:26:10.0553 0x0b24  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:26:10.0568 0x0b24  vhdmp - ok
12:26:10.0599 0x0b24  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
12:26:10.0615 0x0b24  viaagp - ok
12:26:10.0646 0x0b24  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
12:26:10.0677 0x0b24  ViaC7 - ok
12:26:10.0693 0x0b24  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:26:10.0724 0x0b24  viaide - ok
12:26:10.0755 0x0b24  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
12:26:10.0787 0x0b24  vmbus - ok
12:26:10.0802 0x0b24  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
12:26:10.0833 0x0b24  VMBusHID - ok
12:26:10.0865 0x0b24  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:26:10.0880 0x0b24  volmgr - ok
12:26:10.0927 0x0b24  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:26:10.0943 0x0b24  volmgrx - ok
12:26:11.0005 0x0b24  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:26:11.0036 0x0b24  volsnap - ok
12:26:11.0067 0x0b24  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
12:26:11.0083 0x0b24  vsmraid - ok
12:26:11.0145 0x0b24  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
12:26:11.0223 0x0b24  VSS - ok
12:26:11.0255 0x0b24  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
12:26:11.0286 0x0b24  vwifibus - ok
12:26:11.0317 0x0b24  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
12:26:11.0379 0x0b24  W32Time - ok
12:26:11.0411 0x0b24  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
12:26:11.0442 0x0b24  WacomPen - ok
12:26:11.0473 0x0b24  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:26:11.0504 0x0b24  WANARP - ok
12:26:11.0520 0x0b24  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:26:11.0582 0x0b24  Wanarpv6 - ok
12:26:11.0660 0x0b24  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:26:11.0723 0x0b24  WatAdminSvc - ok
12:26:11.0801 0x0b24  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
12:26:11.0863 0x0b24  wbengine - ok
12:26:11.0894 0x0b24  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:26:11.0941 0x0b24  WbioSrvc - ok
12:26:11.0957 0x0b24  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:26:12.0003 0x0b24  wcncsvc - ok
12:26:12.0019 0x0b24  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:26:12.0066 0x0b24  WcsPlugInService - ok
12:26:12.0081 0x0b24  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
12:26:12.0097 0x0b24  Wd - ok
12:26:12.0144 0x0b24  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:26:12.0191 0x0b24  Wdf01000 - ok
12:26:12.0253 0x0b24  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:26:12.0284 0x0b24  WdiServiceHost - ok
12:26:12.0284 0x0b24  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:26:12.0331 0x0b24  WdiSystemHost - ok
12:26:12.0378 0x0b24  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
12:26:12.0409 0x0b24  WebClient - ok
12:26:12.0456 0x0b24  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:26:12.0503 0x0b24  Wecsvc - ok
12:26:12.0518 0x0b24  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:26:12.0565 0x0b24  wercplsupport - ok
12:26:12.0596 0x0b24  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
12:26:12.0659 0x0b24  WerSvc - ok
12:26:12.0674 0x0b24  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:26:12.0721 0x0b24  WfpLwf - ok
12:26:12.0737 0x0b24  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:26:12.0768 0x0b24  WIMMount - ok
12:26:12.0830 0x0b24  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
12:26:12.0877 0x0b24  WinDefend - ok
12:26:12.0908 0x0b24  WinHttpAutoProxySvc - ok
12:26:12.0971 0x0b24  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:26:13.0017 0x0b24  Winmgmt - ok
12:26:13.0095 0x0b24  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:26:13.0173 0x0b24  WinRM - ok
12:26:13.0220 0x0b24  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
12:26:13.0251 0x0b24  WinUsb - ok
12:26:13.0314 0x0b24  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:26:13.0376 0x0b24  Wlansvc - ok
12:26:13.0392 0x0b24  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
12:26:13.0439 0x0b24  WmiAcpi - ok
12:26:13.0501 0x0b24  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:26:13.0532 0x0b24  wmiApSrv - ok
12:26:13.0626 0x0b24  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
12:26:13.0688 0x0b24  WMPNetworkSvc - ok
12:26:13.0719 0x0b24  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:26:13.0751 0x0b24  WPCSvc - ok
12:26:13.0782 0x0b24  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:26:13.0813 0x0b24  WPDBusEnum - ok
12:26:13.0844 0x0b24  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:26:13.0891 0x0b24  ws2ifsl - ok
12:26:13.0907 0x0b24  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\system32\wscsvc.dll
12:26:13.0953 0x0b24  wscsvc - ok
12:26:13.0953 0x0b24  WSearch - ok
12:26:14.0094 0x0b24  [ B5202CD63C502A16F6C94186089CF602, 0C4B3F92318D81B67820524D71618333539FEAD2877D8ABA5D7D82E66A9A6417 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:26:14.0187 0x0b24  wuauserv - ok
12:26:14.0234 0x0b24  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:26:14.0265 0x0b24  WudfPf - ok
12:26:14.0281 0x0b24  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:26:14.0312 0x0b24  WUDFRd - ok
12:26:14.0343 0x0b24  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:26:14.0375 0x0b24  wudfsvc - ok
12:26:14.0406 0x0b24  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:26:14.0453 0x0b24  WwanSvc - ok
12:26:14.0499 0x0b24  [ 30B73EB97218A16CBC6DE535782A1B35, 5B034F39FA5B902BD6899717F7696871CDAFB8698B48BB0E95DAE51234715A28 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x86.sys
12:26:14.0546 0x0b24  yukonw7 - ok
12:26:14.0562 0x0b24  ================ Scan global ===============================
12:26:14.0593 0x0b24  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
12:26:14.0655 0x0b24  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
12:26:14.0671 0x0b24  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
12:26:14.0718 0x0b24  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
12:26:14.0749 0x0b24  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
12:26:14.0765 0x0b24  [ Global ] - ok
12:26:14.0765 0x0b24  ================ Scan MBR ==================================
12:26:14.0780 0x0b24  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:26:15.0014 0x0b24  \Device\Harddisk0\DR0 - ok
12:26:15.0030 0x0b24  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
12:26:15.0092 0x0b24  \Device\Harddisk1\DR1 - ok
12:26:15.0108 0x0b24  ================ Scan VBR ==================================
12:26:15.0108 0x0b24  [ EE7AAF883CFA828A0BCE690433698A05 ] \Device\Harddisk0\DR0\Partition1
12:26:15.0108 0x0b24  \Device\Harddisk0\DR0\Partition1 - ok
12:26:15.0123 0x0b24  [ 0195E116EA2037FB531BF43F8D183A6A ] \Device\Harddisk0\DR0\Partition2
12:26:15.0123 0x0b24  \Device\Harddisk0\DR0\Partition2 - ok
12:26:15.0123 0x0b24  [ 5EDB229FC627BFF5BE9268D0C0E713F6 ] \Device\Harddisk1\DR1\Partition1
12:26:15.0139 0x0b24  \Device\Harddisk1\DR1\Partition1 - ok
12:26:15.0139 0x0b24  ================ Scan generic autorun ======================
12:26:15.0404 0x0b24  [ 65C6AA484AD2287D20541C7735989437, 1842787640391F4A4CD9ED0A531298A61F4B2FB09BEC98FEE256313AFB458EDB ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
12:26:15.0685 0x0b24  AvastUI.exe - ok
12:26:15.0779 0x0b24  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\sidebar.exe
12:26:15.0841 0x0b24  Sidebar - ok
12:26:16.0106 0x0b24  [ EE526B0428581B57FFC571FF57309E28, 1CF4DD251E78F2B67C4B1973E3378D6B87C5698EEC398CA4043621842ACC426C ] C:\Program Files\CCleaner\CCleaner.exe
12:26:16.0325 0x0b24  CCleaner Monitoring - ok
12:26:16.0356 0x0b24  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x42000 ( disabled : updated )
12:26:16.0356 0x0b24  Win FW state via NFP2: enabled
12:26:19.0179 0x0b24  ============================================================
12:26:19.0179 0x0b24  Scan finished
12:26:19.0179 0x0b24  ============================================================
12:26:19.0179 0x0728  Detected object count: 0
12:26:19.0179 0x0728  Actual detected object count: 0

M-K-D-B · 11.07.2015, 11:38

Zukünftig bitte beachten:

Zitat:

Running from C:\Desktop

Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop (C:\users\<benutzername>\Desktop) downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.

neodace · 11.07.2015, 12:23

oh sry, dachte wenn ich diese von meinen downloads auf den desktop ziehe ist das richtig so.
habe jetzt alle sachen in den besagten ordner bei dem pfad gelegt.
hier nochmal die Logs

ADD
[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x86) Version: 11-07-2015
Ran by Noname at 2015-07-11 13:18:55
Running from C:\Users\Noname\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4277079510-974402927-3430589439-500 - Administrator - Disabled)
Gast (S-1-5-21-4277079510-974402927-3430589439-501 - Limited - Disabled)
Noname (S-1-5-21-4277079510-974402927-3430589439-1000 - Administrator - Enabled) => C:\Users\Noname

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIDA64 Extreme Edition v3.00 (HKLM\...\AIDA64 Extreme Edition_is1) (Version: 3.00 - FinalWire Ltd.)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Configuration DivX (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-4277079510-974402927-3430589439-1000\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
devolo dLAN-Konfigurationsassistent (HKLM\...\dlanconf) (Version: 9.0.0.0 - devolo AG)
EPSON BX935FWD Series Printer Uninstall (HKLM\...\EPSON BX935FWD Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
EVEREST Home Edition v2.20 (HKLM\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Mega Codec Pack 11.0.0 (HKLM\...\KLiteCodecPack_is1) (Version: 11.0.0 - )
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Minecraft (HKLM\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 39.0 (x86 de) (HKLM\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Secunia PSI (3.0.0.10004) (HKLM\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.10 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
YGOPro DevPro Version 1.9.6 r0 (HKLM\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.6 r0 - YGOPro DevPro Online)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

27-05-2015 13:45:56 Ende der Bereinigung
04-06-2015 21:45:49 Geplanter Prüfpunkt
10-06-2015 17:28:00 Windows Update
18-06-2015 14:02:28 Geplanter Prüfpunkt
26-06-2015 22:54:49 Geplanter Prüfpunkt
04-07-2015 10:18:06 Geplanter Prüfpunkt
11-07-2015 08:55:45 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {29685E1F-2228-4284-9DC9-FAEFF9BB948A} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {39DDFCC5-E8AC-4F5B-97A1-B24E438B9DC8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {42CFF66B-FAA9-4A2F-835A-E27393A0A8C6} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {58047848-E115-4783-A426-B8BF351EDBF6} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-02-18] ()
Task: {6BD417A8-55DA-4A68-A3F4-18673D05CB17} - System32\Tasks\{7D875AB7-3E75-497C-AB92-4FB7316BA69B} => pcalua.exe -a C:\NVIDIA\SystemTools\6.08\NVMonitor\setup.exe -d C:\NVIDIA\SystemTools\6.08\NVMonitor
Task: {792E9B8B-3FB4-4AB8-911A-D351030994BD} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {E5BD3B27-E2C1-49FF-8741-9E7EF099CA37} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {EC094005-C3EB-4024-9B3F-749E08A80221} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {FA0A119B-0531-4F26-BB07-9319C2D3A3D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Loaded Modules (Whitelisted) ==============

2015-03-08 11:45 - 2015-02-05 20:27 - 00108864 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2015-05-06 20:36 - 2015-05-06 20:36 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-06 20:36 - 2015-05-06 20:36 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-11 11:18 - 2015-07-11 11:18 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15071100\algo.dll
2006-12-04 01:25 - 2006-12-04 01:25 - 00022723 _____ () C:\Windows\System32\sugs2l3.dll
2015-03-08 21:39 - 2015-03-08 21:40 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-08 20:50 - 2015-05-08 20:50 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4277079510-974402927-3430589439-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Noname\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 193.189.244.202

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: Nero BackItUp Scheduler 3 => 2
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: Secunia PSI Agent => 3
MSCONFIG\Services: Secunia Update Agent => 2
MSCONFIG\startupreg: Adobe Speed Launcher => 1429258026

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{715EE703-F93C-4A44-8433-4487EAA472BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0E62E5B5-D95D-4C74-9672-067A8283FB31}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{343CF004-505E-43E0-B5C5-64A5342A5BCE}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [UDP Query User{5882E574-3AB9-4943-9427-290DFD43AE43}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [TCP Query User{8D830128-61A4-4C27-83DC-98C026C9FEAB}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [UDP Query User{9F3417D6-7FBA-4577-869E-CE5F3EF6B507}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [TCP Query User{92CFA8D8-52E0-4E0E-A205-336FA9B4287E}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe
FirewallRules: [UDP Query User{995C1756-466E-4FE5-95FD-F12A5A59A412}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe
FirewallRules: [{AC67BA12-D3E1-46DB-993F-DC19E2F8F34B}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{BFFDA09B-DAF9-4A8B-877B-7E0A8C8018F0}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe
FirewallRules: [UDP Query User{66319B40-A6D3-4DA1-AA0F-C2107234B2BC}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe
FirewallRules: [{96BFA00F-1B66-42E5-A3AF-A50384CB2563}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7144E11B-5FFA-4FF8-B747-B77002728DAF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9795B38A-E7EB-44D8-830E-73B27CA72A50}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9C7E7BD3-D018-495B-BA7E-CCFA05089F0A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0CE973D5-AF1B-40B6-A222-E1C510502349}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8B262E26-295F-4326-AA3A-16FDE0F1BC86}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{D26899A5-6F3E-4DDF-A679-AA009B13BC63}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{4E341B75-8D2A-4D7C-800C-2DF4C81B18FF}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{D483C699-5F8E-466F-B3AA-2EAF0B521B5C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

==================== Faulty Device Manager Devices =============

Name: VIA USB erweiterter Hostcontroller
Description: VIA USB erweiterter Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: VIA Technologies
Service: usbehci
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard PCI-zu-USB universeller Hostcontroller
Description: Standard PCI-zu-USB universeller Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: usbuhci
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard PCI-zu-USB universeller Hostcontroller
Description: Standard PCI-zu-USB universeller Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: usbuhci
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/11/2015 12:07:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 11:41:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 09:05:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:41:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:36:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:28:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 08:03:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 07:54:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 08:49:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 10:04:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/11/2015 12:07:05 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎11.‎07.‎2015 um 12:00:24 unerwartet heruntergefahren.

Error: (07/11/2015 12:00:42 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 86) (User: NT-AUTORITÄT)
Description: Das System wurde aufgrund eines kritischen thermischen Ereignisses heruntergefahren.
            
Zeit für das Herunterfahren = 2015-07-11T10:00:42.465643700Z
            
ACPI-Thermozone = ACPI\ThermalZone\THRM
            
_CRT = 8K

Error: (07/11/2015 11:40:32 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎11.‎07.‎2015 um 11:38:45 unerwartet heruntergefahren.

Error: (07/11/2015 09:00:31 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (07/11/2015 08:40:43 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎11.‎07.‎2015 um 08:38:44 unerwartet heruntergefahren.

Error: (07/11/2015 08:35:51 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎11.‎07.‎2015 um 08:34:10 unerwartet heruntergefahren.

Error: (07/11/2015 01:40:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/10/2015 08:02:56 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎10.‎07.‎2015 um 20:01:47 unerwartet heruntergefahren.

Error: (07/09/2015 11:53:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/09/2015 09:34:26 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎09.‎07.‎2015 um 09:31:18 unerwartet heruntergefahren.


Microsoft Office:
=========================
Error: (07/11/2015 12:07:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 11:41:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 09:05:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:41:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:36:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:28:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 08:03:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 07:54:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/10/2015 08:49:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/09/2015 10:04:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz
Percentage of memory in use: 51%
Total physical RAM: 2047.37 MB
Available physical RAM: 982.75 MB
Total Virtual: 4094.73 MB
Available Virtual: 2693.39 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:183.88 GB) NTFS
Drive e: (Neo`s Daten) (Fixed) (Total:232.88 GB) (Free:225.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 04170417)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 0ACB0595)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of log ============================

--- --- ---

TRST

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-07-2015
Ran by Noname (administrator) on NONAME-PC on 11-07-2015 13:18:01
Running from C:\Users\Noname\Desktop
Loaded Profiles: Noname (Available Profiles: Noname)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-23] (Avast Software s.r.o.)
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-06] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://mega.co.nz/#login
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-23] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-23] (Avast Software s.r.o.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-23] (Oracle Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 193.189.244.202 193.189.244.194
Tcpip\..\Interfaces\{34305B66-F253-4571-9EEB-B9B40B89F740}: [DhcpNameServer] 192.168.1.1 193.189.244.202 193.189.244.194
Tcpip\..\Interfaces\{8DE3437E-5FB7-493F-8CF5-EE9202094B83}: [DhcpNameServer] 192.168.1.1 193.189.244.202 193.189.244.194

FireFox:
========
FF ProfilePath: C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587
FF Homepage: hxxp://www.facebook.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-11] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-07-03] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Flash Video Downloader - YouTube HD Downloader [4K] - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\artur.dubovoy@gmail.com [2015-05-30]
FF Extension: WOT - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-10]
FF Extension: MEGA - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\firefox@mega.co.nz.xpi [2014-10-24]
FF Extension: Stylish - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2014-10-24]
FF Extension: Video DownloadHelper - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-07-03]
FF Extension: Adblock Plus - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-24]
FF Extension: Adblock Edge - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-10-24]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-08]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-08]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-06] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-06] (Avast Software)
S4 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S4 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S4 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-06] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-06] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-06] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [428120 2015-06-26] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-06] (Avast Software s.r.o.)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [38472 2013-11-06] (The OpenVPN Project)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-06] ()
S3 eapihdrv; C:\Users\Noname\AppData\Local\Temp\ehdrv.sys [135760 2015-07-11] (ESET)
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R2 PLCNDIS5; C:\Windows\system32\plcndis5.sys [17280 2004-05-17] (Intellon, Inc.) [File not signed]
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2014-11-28] (Secunia)
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-06] (Avast Software)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 Andbus; system32\DRIVERS\lgandbus.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [X]
S3 catchme; \??\C:\Users\Noname\AppData\Local\Temp\catchme.sys [X]
S3 crliycos; \SystemRoot\system32\drivers\ngiodriver_x86 [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-11 13:17 - 2015-07-11 13:17 - 01634816 _____ (Farbar) C:\Users\Noname\Downloads\FRST.exe
2015-07-11 12:17 - 2015-07-11 13:18 - 00000000 ____D C:\FRST
2015-07-11 11:15 - 2015-07-11 11:15 - 02870984 _____ (ESET) C:\Users\Noname\Downloads\esetsmartinstaller_deu(1).exe
2015-07-11 09:10 - 2015-07-11 09:18 - 161130112 _____ C:\Users\Noname\Downloads\EmsisoftEmergencyKit.exe
2015-07-11 09:02 - 2015-07-11 09:04 - 00002444 _____ C:\Windows\PFRO.log
2015-07-11 08:52 - 2015-07-11 08:52 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-11 08:52 - 2015-07-11 08:52 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-11 08:28 - 2015-07-11 12:07 - 00000336 _____ C:\Windows\setupact.log
2015-07-11 08:28 - 2015-07-11 08:28 - 00000000 _____ C:\Windows\setuperr.log
2015-07-11 01:12 - 2015-07-11 01:22 - 229292641 _____ C:\Users\Noname\Downloads\[clips4sale.com]makayla's throat mp4.mp4
2015-07-03 19:51 - 2015-07-09 09:36 - 00000000 ____D C:\AdwCleaner
2015-07-03 14:15 - 2015-03-07 15:37 - 00000987 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2015-07-02 21:00 - 2015-07-02 21:00 - 00000000 ____D C:\Program Files\ESET
2015-07-02 20:57 - 2015-07-02 20:59 - 02870984 _____ (ESET) C:\Users\Noname\Downloads\esetsmartinstaller_deu.exe
2015-07-02 20:07 - 2015-07-02 20:07 - 647608542 _____ C:\Users\Noname\Downloads\[clips4sale.com]053015fish_WMV V9.wmv
2015-07-02 19:35 - 2015-07-02 19:36 - 525086220 _____ C:\Users\Noname\Downloads\[clips4sale.com]Vac-Vore Garbage and Roommate Recycling - MP4 1280x720.mp4
2015-07-02 19:21 - 2015-07-02 19:22 - 306744878 _____ C:\Users\Noname\Downloads\(Clips4sale) Witch vore .wmv
2015-07-02 19:21 - 2015-07-02 19:21 - 84458329 _____ C:\Users\Noname\Downloads\[clips4sale.com]QD - Devoured By Jasmine Mendez HD.mkv
2015-07-01 23:13 - 2015-07-01 23:13 - 00000000 ____D C:\Users\Noname\Downloads\Neuer Ordner (4)
2015-07-01 23:12 - 2015-07-01 23:13 - 00000000 ____D C:\Users\Noname\Downloads\Neuer Ordner (3)
2015-07-01 17:35 - 2015-07-11 12:10 - 00463253 _____ C:\Windows\WindowsUpdate.log

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-11 12:15 - 2009-07-14 06:34 - 00031104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-11 12:15 - 2009-07-14 06:34 - 00031104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-11 12:13 - 2014-09-03 10:18 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-11 12:07 - 2009-07-14 06:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-11 12:07 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-11 08:56 - 2015-04-04 17:39 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-11 08:51 - 2013-09-06 00:00 - 00000000 ____D C:\Users\Noname\AppData\Local\Adobe
2015-07-08 23:46 - 2010-11-20 23:01 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-03 19:48 - 2015-03-09 00:15 - 00000000 ____D C:\Program Files\SpeedFan
2015-07-03 19:47 - 2015-06-02 19:37 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-01 23:13 - 2014-10-25 16:51 - 00000000 ____D C:\Users\Noname\Downloads\Neuer Ordner
2015-07-01 21:28 - 2015-04-07 23:04 - 00000000 ____D C:\Users\Noname\AppData\Roaming\.minecraft
2015-06-27 14:02 - 2011-01-24 00:21 - 00001126 _____ C:\Users\Noname\AppData\Roaming\neo.ini
2015-06-27 13:56 - 2015-02-10 20:46 - 00000089 _____ C:\Users\Noname\AppData\Roaming\chk.ag
2015-06-27 13:56 - 2014-06-28 19:33 - 00000000 ____D C:\Users\Noname\AppData\Roaming\LiveSnap
2015-06-26 19:21 - 2015-03-08 21:40 - 00428120 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-06-18 20:04 - 2013-09-21 20:48 - 00000000 ____D C:\Program Files\DevPro
2015-06-14 00:45 - 2013-09-05 23:58 - 00000000 ____D C:\Program Files\CCleaner
2015-06-13 18:43 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-06-12 17:11 - 2014-11-12 16:07 - 00000000 __SHD C:\Users\Noname\AppData\Local\EmieBrowserModeList
2015-06-12 17:11 - 2014-04-09 19:10 - 00000000 __SHD C:\Users\Noname\AppData\Local\EmieUserList
2015-06-12 17:11 - 2014-04-09 19:10 - 00000000 __SHD C:\Users\Noname\AppData\Local\EmieSiteList

==================== Files in the root of some directories =======

2013-11-07 10:37 - 2013-11-07 10:37 - 50063360 _____ () C:\Program Files\GUT13CF.tmp
2013-12-22 18:28 - 2013-12-22 18:28 - 0000000 _____ () C:\Program Files\Web Data
2015-02-10 20:46 - 2015-06-27 13:56 - 0000089 _____ () C:\Users\Noname\AppData\Roaming\chk.ag
2010-10-26 23:05 - 2014-05-31 19:25 - 0496128 _____ (cURL, hxxp://curl.haxx.se/) C:\Users\Noname\AppData\Roaming\curlchk.exe
2011-01-24 00:21 - 2015-06-27 14:02 - 0001126 _____ () C:\Users\Noname\AppData\Roaming\neo.ini
2011-01-24 00:21 - 2014-07-26 20:12 - 0001112 _____ () C:\Users\Noname\AppData\Roaming\neo98.ini
2014-07-10 08:56 - 2014-07-10 08:56 - 0000017 _____ () C:\Users\Noname\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-04 09:34

==================== End of log ============================

--- --- ---

TDSS teil 1

Code:

ATTFilter

13:20:21.0157 0x0fac  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
13:20:23.0758 0x0fac  ============================================================
13:20:23.0758 0x0fac  Current date / time: 2015/07/11 13:20:23.0758
13:20:23.0758 0x0fac  SystemInfo:
13:20:23.0758 0x0fac  
13:20:23.0758 0x0fac  OS Version: 6.1.7601 ServicePack: 1.0
13:20:23.0758 0x0fac  Product type: Workstation
13:20:23.0759 0x0fac  ComputerName: NONAME-PC
13:20:23.0760 0x0fac  UserName: Noname
13:20:23.0760 0x0fac  Windows directory: C:\Windows
13:20:23.0760 0x0fac  System windows directory: C:\Windows
13:20:23.0760 0x0fac  Processor architecture: Intel x86
13:20:23.0760 0x0fac  Number of processors: 2
13:20:23.0760 0x0fac  Page size: 0x1000
13:20:23.0760 0x0fac  Boot type: Normal boot
13:20:23.0760 0x0fac  ============================================================
13:20:25.0174 0x0fac  KLMD registered as C:\Windows\system32\drivers\17890172.sys
13:20:25.0389 0x0fac  System UUID: {62A8C2EA-8805-A944-480E-DAAB76E85153}
13:20:25.0989 0x0fac  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x1C042, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
13:20:25.0998 0x0fac  Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:20:26.0021 0x0fac  ============================================================
13:20:26.0021 0x0fac  \Device\Harddisk0\DR0:
13:20:26.0022 0x0fac  MBR partitions:
13:20:26.0022 0x0fac  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:20:26.0022 0x0fac  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
13:20:26.0022 0x0fac  \Device\Harddisk1\DR1:
13:20:26.0023 0x0fac  MBR partitions:
13:20:26.0023 0x0fac  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
13:20:26.0023 0x0fac  ============================================================
13:20:26.0052 0x0fac  C: <-> \Device\Harddisk0\DR0\Partition2
13:20:26.0087 0x0fac  E: <-> \Device\Harddisk1\DR1\Partition1
13:20:26.0087 0x0fac  ============================================================
13:20:26.0088 0x0fac  Initialize success
13:20:26.0088 0x0fac  ============================================================
13:20:35.0737 0x0324  ============================================================
13:20:35.0737 0x0324  Scan started
13:20:35.0737 0x0324  Mode: Manual; SigCheck; TDLFS; 
13:20:35.0737 0x0324  ============================================================
13:20:35.0737 0x0324  KSN ping started
13:20:38.0497 0x0324  KSN ping finished: true
13:20:39.0277 0x0324  ================ Scan system memory ========================
13:20:39.0277 0x0324  System memory - ok
13:20:39.0278 0x0324  ================ Scan services =============================
13:20:39.0419 0x0324  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:20:39.0529 0x0324  1394ohci - ok
13:20:39.0578 0x0324  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:20:39.0607 0x0324  ACPI - ok
13:20:39.0635 0x0324  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:20:39.0663 0x0324  AcpiPmi - ok
13:20:39.0739 0x0324  [ 4C72FDD915D62EAEF149BD9C73AB9CF4, 8EA45A1B88DFD819F0ADA3AF36D464E1BF52574269592370E0CC8D0490680E1F ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
13:20:39.0764 0x0324  AdobeARMservice - ok
13:20:39.0826 0x0324  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:20:39.0860 0x0324  adp94xx - ok
13:20:39.0899 0x0324  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:20:39.0927 0x0324  adpahci - ok
13:20:39.0951 0x0324  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:20:39.0977 0x0324  adpu320 - ok
13:20:40.0026 0x0324  [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:20:40.0053 0x0324  AeLookupSvc - ok
13:20:40.0114 0x0324  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
13:20:40.0149 0x0324  AFD - ok
13:20:40.0177 0x0324  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
13:20:40.0198 0x0324  agp440 - ok
13:20:40.0227 0x0324  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
13:20:40.0250 0x0324  aic78xx - ok
13:20:40.0290 0x0324  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
13:20:40.0326 0x0324  ALG - ok
13:20:40.0356 0x0324  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:20:40.0377 0x0324  aliide - ok
13:20:40.0401 0x0324  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
13:20:40.0422 0x0324  amdagp - ok
13:20:40.0439 0x0324  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
13:20:40.0462 0x0324  amdide - ok
13:20:40.0489 0x0324  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
13:20:40.0522 0x0324  AmdK8 - ok
13:20:40.0542 0x0324  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
13:20:40.0569 0x0324  AmdPPM - ok
13:20:40.0620 0x0324  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:20:40.0643 0x0324  amdsata - ok
13:20:40.0670 0x0324  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:20:40.0698 0x0324  amdsbs - ok
13:20:40.0716 0x0324  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:20:40.0738 0x0324  amdxata - ok
13:20:40.0749 0x0324  Andbus - ok
13:20:40.0763 0x0324  AndDiag - ok
13:20:40.0779 0x0324  AndGps - ok
13:20:40.0793 0x0324  ANDModem - ok
13:20:40.0808 0x0324  AndNetDiag - ok
13:20:40.0822 0x0324  ANDNetModem - ok
13:20:40.0836 0x0324  andnetndis - ok
13:20:40.0888 0x0324  [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID           C:\Windows\system32\drivers\appid.sys
13:20:40.0914 0x0324  AppID - ok
13:20:40.0962 0x0324  [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:20:40.0987 0x0324  AppIDSvc - ok
13:20:41.0015 0x0324  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
13:20:41.0050 0x0324  Appinfo - ok
13:20:41.0124 0x0324  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:20:41.0142 0x0324  Apple Mobile Device - ok
13:20:41.0178 0x0324  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
13:20:41.0206 0x0324  AppMgmt - ok
13:20:41.0251 0x0324  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
13:20:41.0273 0x0324  arc - ok
13:20:41.0298 0x0324  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:20:41.0323 0x0324  arcsas - ok
13:20:41.0405 0x0324  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
13:20:41.0429 0x0324  aspnet_state - ok
13:20:41.0465 0x0324  [ EFDEF61C488A193986D4672658E91532, B2E97542F7C608937005A2ABFA10F7FD8F3E8F1AB3FBE621772E41048BBDDDBE ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
13:20:41.0497 0x0324  aswHwid - ok
13:20:41.0519 0x0324  [ 91AAF4792987B43C0653D74516F092C8, DFFB5D0BA6537E2B6A45292B8A2B566F848D54A2FB54017711236E2D3BCBEBBE ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
13:20:41.0567 0x0324  aswMonFlt - ok
13:20:41.0602 0x0324  [ 8C8FEC9F50898BB814BDFB5F5B2D566C, C72472C413550144E10A995A1CF28EB68519B147BD7AE6DF195512014083F9A8 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
13:20:41.0635 0x0324  aswRdr - ok
13:20:41.0668 0x0324  [ 2DB91CE80C367ACDD1331DE9B1E3EAEF, 7AF35FBA1DB6A44928A6DF554E9428C3E21191B376756718832FCD66F9F9D07C ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
13:20:41.0691 0x0324  aswRvrt - ok
13:20:41.0760 0x0324  [ 83DF5B3DE1C6527972946CDB328446F7, F4CA80903EE6FCB7E5A7B0E989692B6B5177CE03D3BFFE6A93D53C8B364EE833 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
13:20:41.0812 0x0324  aswSnx - ok
13:20:41.0890 0x0324  [ 16D269F0EF94DB61FAB6934DEED19C91, EAFCE70C0816EAEA6BB8F41A935AE5EDE389C6832FBD45413893DFC5458E5D3D ] aswSP           C:\Windows\system32\drivers\aswSP.sys
13:20:41.0923 0x0324  aswSP - ok
13:20:41.0978 0x0324  [ A5F0A2EB182C8A137E2C43CB4109EC1E, 0A95F497FCB51CC1F36D740833FD4766A42C287A34A8E0FA9078F1533AD9D75E ] aswStm          C:\Windows\system32\drivers\aswStm.sys
13:20:42.0001 0x0324  aswStm - ok
13:20:42.0048 0x0324  [ 1D472E0E2AB962AA7F70B9AF85BF3C72, A428D76C47E354BCF9042A384445BCEE97C46BF9A98A65D9C48117B5FAE56819 ] aswTap          C:\Windows\system32\DRIVERS\aswTap.sys
13:20:42.0073 0x0324  aswTap - ok
13:20:42.0121 0x0324  [ D45875D018F9FB9BF19B976AD8791DE9, 9AA70417A9AAFF5515C6B1FFADD563FBDC0BC62AA0B9FDA8A771E67203C12270 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
13:20:42.0146 0x0324  aswVmm - ok
13:20:42.0184 0x0324  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:20:42.0228 0x0324  AsyncMac - ok
13:20:42.0252 0x0324  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:20:42.0275 0x0324  atapi - ok
13:20:42.0339 0x0324  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:20:42.0382 0x0324  AudioEndpointBuilder - ok
13:20:42.0410 0x0324  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
13:20:42.0451 0x0324  Audiosrv - ok
13:20:42.0522 0x0324  [ 54236E79A44F909612391C8A2D70D512, B0DF5BCC4F90AF087D0306F8D81F90B2CAE0176813E3AA6A7D5460F7878677CD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:20:42.0550 0x0324  avast! Antivirus - ok
13:20:42.0742 0x0324  [ E5CA07C1A5A4C7095FC8937D84B37243, A881B253767305ED181DB0A270C3D6CFC5FA2293F1BB050793289DD86B1C20BB ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
13:20:42.0877 0x0324  AvastVBoxSvc - ok
13:20:42.0928 0x0324  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:20:42.0959 0x0324  AxInstSV - ok
13:20:43.0001 0x0324  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
13:20:43.0050 0x0324  b06bdrv - ok
13:20:43.0089 0x0324  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
13:20:43.0120 0x0324  b57nd60x - ok
13:20:43.0162 0x0324  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
13:20:43.0191 0x0324  BDESVC - ok
13:20:43.0212 0x0324  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:20:43.0252 0x0324  Beep - ok
13:20:43.0300 0x0324  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
13:20:43.0344 0x0324  BFE - ok
13:20:43.0392 0x0324  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\system32\qmgr.dll
13:20:43.0469 0x0324  BITS - ok
13:20:43.0503 0x0324  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:20:43.0538 0x0324  blbdrive - ok
13:20:43.0679 0x0324  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:20:43.0708 0x0324  Bonjour Service - ok
13:20:43.0751 0x0324  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:20:43.0776 0x0324  bowser - ok
13:20:43.0792 0x0324  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
13:20:43.0820 0x0324  BrFiltLo - ok
13:20:43.0848 0x0324  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
13:20:43.0875 0x0324  BrFiltUp - ok
13:20:43.0908 0x0324  [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
13:20:43.0952 0x0324  BridgeMP - ok
13:20:43.0993 0x0324  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
13:20:44.0035 0x0324  Browser - ok
13:20:44.0065 0x0324  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:20:44.0102 0x0324  Brserid - ok
13:20:44.0121 0x0324  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:20:44.0152 0x0324  BrSerWdm - ok
13:20:44.0185 0x0324  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:20:44.0218 0x0324  BrUsbMdm - ok
13:20:44.0231 0x0324  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:20:44.0258 0x0324  BrUsbSer - ok
13:20:44.0275 0x0324  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:20:44.0304 0x0324  BTHMODEM - ok
13:20:44.0350 0x0324  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
13:20:44.0393 0x0324  bthserv - ok
13:20:44.0461 0x0324  catchme - ok
13:20:44.0496 0x0324  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:20:44.0538 0x0324  cdfs - ok
13:20:44.0581 0x0324  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:20:44.0614 0x0324  cdrom - ok
13:20:44.0646 0x0324  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:20:44.0687 0x0324  CertPropSvc - ok
13:20:44.0706 0x0324  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
13:20:44.0739 0x0324  circlass - ok
13:20:44.0790 0x0324  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\Windows\system32\CLFS.sys
13:20:44.0818 0x0324  CLFS - ok
13:20:44.0876 0x0324  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:20:44.0898 0x0324  clr_optimization_v2.0.50727_32 - ok
13:20:44.0938 0x0324  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:20:44.0964 0x0324  clr_optimization_v4.0.30319_32 - ok
13:20:44.0994 0x0324  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
13:20:45.0018 0x0324  CmBatt - ok
13:20:45.0044 0x0324  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:20:45.0064 0x0324  cmdide - ok
13:20:45.0125 0x0324  [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG             C:\Windows\system32\Drivers\cng.sys
13:20:45.0162 0x0324  CNG - ok
13:20:45.0180 0x0324  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
13:20:45.0201 0x0324  Compbatt - ok
13:20:45.0264 0x0324  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:20:45.0290 0x0324  CompositeBus - ok
13:20:45.0311 0x0324  COMSysApp - ok
13:20:45.0333 0x0324  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:20:45.0412 0x0324  crcdisk - ok
13:20:45.0465 0x0324  crliycos - ok
13:20:45.0539 0x0324  [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:20:45.0571 0x0324  CryptSvc - ok
13:20:45.0614 0x0324  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
13:20:45.0659 0x0324  CSC - ok
13:20:45.0701 0x0324  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
13:20:45.0743 0x0324  CscService - ok
13:20:45.0794 0x0324  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:20:45.0849 0x0324  DcomLaunch - ok
13:20:45.0892 0x0324  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
13:20:45.0941 0x0324  defragsvc - ok
13:20:45.0983 0x0324  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:20:46.0055 0x0324  DfsC - ok
13:20:46.0107 0x0324  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:20:46.0148 0x0324  Dhcp - ok
13:20:46.0291 0x0324  [ 7AB2DE012C88870C9274E966EC88AB61, CE2098B152B9C039C29C0573C813BFBF13B2D2E6BEE83985374160884A817133 ] DiagTrack       C:\Windows\system32\diagtrack.dll
13:20:46.0344 0x0324  DiagTrack - ok
13:20:46.0373 0x0324  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
13:20:46.0419 0x0324  discache - ok
13:20:46.0476 0x0324  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
13:20:46.0500 0x0324  Disk - ok
13:20:46.0527 0x0324  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
13:20:46.0565 0x0324  dmvsc - ok
13:20:46.0601 0x0324  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:20:46.0646 0x0324  Dnscache - ok
13:20:46.0702 0x0324  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:20:46.0813 0x0324  dot3svc - ok
13:20:46.0877 0x0324  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
13:20:46.0925 0x0324  DPS - ok
13:20:46.0967 0x0324  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:20:46.0999 0x0324  drmkaud - ok
13:20:47.0071 0x0324  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:20:47.0122 0x0324  DXGKrnl - ok
13:20:47.0166 0x0324  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
13:20:47.0228 0x0324  EapHost - ok
13:20:47.0294 0x0324  [ 560EDC0912BDB68290930E2542823A24, CB9578A19F717FBD388F2BE8179CF2D4755DF11AD246E13AF1D43E25CA026386 ] eapihdrv        C:\Users\Noname\AppData\Local\Temp\ehdrv.sys
13:20:47.0328 0x0324  eapihdrv - ok
13:20:47.0504 0x0324  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
13:20:47.0666 0x0324  ebdrv - ok
13:20:47.0729 0x0324  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] EFS             C:\Windows\System32\lsass.exe
13:20:47.0774 0x0324  EFS - ok
13:20:47.0976 0x0324  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:20:48.0057 0x0324  ehRecvr - ok
13:20:48.0082 0x0324  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
13:20:48.0136 0x0324  ehSched - ok
13:20:48.0275 0x0324  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:20:48.0344 0x0324  elxstor - ok
13:20:48.0389 0x0324  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:20:48.0452 0x0324  ErrDev - ok
13:20:48.0535 0x0324  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
13:20:48.0689 0x0324  EventSystem - ok
13:20:48.0827 0x0324  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:20:48.0920 0x0324  exfat - ok
13:20:48.0975 0x0324  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:20:49.0052 0x0324  fastfat - ok
13:20:49.0101 0x0324  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
13:20:49.0178 0x0324  Fax - ok
13:20:49.0236 0x0324  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:20:49.0273 0x0324  fdc - ok
13:20:49.0329 0x0324  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
13:20:49.0399 0x0324  fdPHost - ok
13:20:49.0427 0x0324  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:20:49.0506 0x0324  FDResPub - ok
13:20:49.0529 0x0324  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:20:49.0560 0x0324  FileInfo - ok
13:20:49.0595 0x0324  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:20:49.0664 0x0324  Filetrace - ok
13:20:49.0677 0x0324  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:20:49.0724 0x0324  flpydisk - ok
13:20:49.0768 0x0324  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:20:49.0817 0x0324  FltMgr - ok
13:20:49.0915 0x0324  [ 6EC244F102C7F129678E5F7309D1366D, C30DA201AC623DA440B0A0716534557C578218C2A591FA8893CCCBD96B4518F9 ] FontCache       C:\Windows\system32\FntCache.dll
13:20:50.0018 0x0324  FontCache - ok
13:20:50.0062 0x0324  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
13:20:50.0093 0x0324  FontCache3.0.0.0 - ok
13:20:50.0128 0x0324  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:20:50.0162 0x0324  FsDepends - ok
13:20:50.0201 0x0324  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:20:50.0239 0x0324  Fs_Rec - ok
13:20:50.0330 0x0324  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:20:50.0392 0x0324  fvevol - ok
13:20:50.0496 0x0324  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:20:50.0534 0x0324  gagp30kx - ok
13:20:50.0584 0x0324  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:20:50.0614 0x0324  GEARAspiWDM - ok
13:20:50.0688 0x0324  [ 77EBF3E9386DAA51551AF429052D88D0, 94C3294BB9E14B07448734AE65B37801D3FF15BEC987D182A929A017FEF7B276 ] giveio          C:\Windows\system32\giveio.sys
13:20:50.0699 0x0324  giveio - detected UnsignedFile.Multi.Generic ( 1 )
13:20:53.0486 0x0324  Detect skipped due to KSN trusted
13:20:53.0486 0x0324  giveio - ok
13:20:53.0579 0x0324  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:20:53.0711 0x0324  gpsvc - ok
13:20:53.0758 0x0324  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:20:53.0801 0x0324  hcw85cir - ok
13:20:53.0876 0x0324  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:20:53.0950 0x0324  HdAudAddService - ok
13:20:54.0002 0x0324  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:20:54.0058 0x0324  HDAudBus - ok
13:20:54.0107 0x0324  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
13:20:54.0154 0x0324  HidBatt - ok
13:20:54.0198 0x0324  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:20:54.0243 0x0324  HidBth - ok
13:20:54.0291 0x0324  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:20:54.0349 0x0324  HidIr - ok
13:20:54.0388 0x0324  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\System32\hidserv.dll
13:20:54.0473 0x0324  hidserv - ok
13:20:54.0538 0x0324  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:20:54.0582 0x0324  HidUsb - ok
13:20:54.0643 0x0324  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:20:54.0722 0x0324  hkmsvc - ok
13:20:54.0766 0x0324  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:20:54.0841 0x0324  HomeGroupListener - ok
13:20:54.0897 0x0324  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:20:54.0951 0x0324  HomeGroupProvider - ok
13:20:55.0003 0x0324  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:20:55.0043 0x0324  HpSAMD - ok
13:20:55.0126 0x0324  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:20:55.0215 0x0324  HTTP - ok
13:20:55.0250 0x0324  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:20:55.0316 0x0324  hwpolicy - ok
13:20:55.0373 0x0324  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:20:55.0419 0x0324  i8042prt - ok
13:20:55.0498 0x0324  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:20:55.0549 0x0324  iaStorV - ok
13:20:55.0697 0x0324  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:20:55.0759 0x0324  idsvc - ok
13:20:55.0809 0x0324  IEEtwCollectorService - ok
13:20:55.0855 0x0324  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:20:55.0892 0x0324  iirsp - ok
13:20:55.0987 0x0324  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
13:20:56.0081 0x0324  IKEEXT - ok
13:20:56.0144 0x0324  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:20:56.0188 0x0324  intelide - ok
13:20:56.0251 0x0324  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:20:56.0310 0x0324  intelppm - ok
13:20:56.0365 0x0324  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:20:56.0462 0x0324  IPBusEnum - ok
13:20:56.0494 0x0324  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:20:56.0585 0x0324  IpFilterDriver - ok
13:20:56.0667 0x0324  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:20:56.0800 0x0324  iphlpsvc - ok
13:20:56.0845 0x0324  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:20:56.0894 0x0324  IPMIDRV - ok
13:20:56.0934 0x0324  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:20:57.0017 0x0324  IPNAT - ok
13:20:57.0216 0x0324  [ 4D800977F7EB0C310AF04BF5B517985A, DD4EC347D4759AC401BD08739DE012E5F1903DF2EDEBEA17CCD3C19FF1F6005E ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:20:57.0274 0x0324  iPod Service - ok
13:20:57.0320 0x0324  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:20:57.0368 0x0324  IRENUM - ok
13:20:57.0415 0x0324  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:20:57.0456 0x0324  isapnp - ok
13:20:57.0531 0x0324  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:20:57.0575 0x0324  iScsiPrt - ok
13:20:57.0633 0x0324  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:20:57.0668 0x0324  kbdclass - ok
13:20:57.0713 0x0324  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:20:57.0763 0x0324  kbdhid - ok
13:20:57.0797 0x0324  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] KeyIso          C:\Windows\system32\lsass.exe
13:20:57.0843 0x0324  KeyIso - ok
13:20:57.0911 0x0324  [ 3C9D9DFCF517103677D7B6255C727B48, F03252C1EF131AC4FEB83983B7BB3BAAACE0EEB0B1CFA06D0E04A156D527A0FD ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:20:57.0947 0x0324  KSecDD - ok
13:20:57.0994 0x0324  [ 0DFC56491C8B56A35AD52EAF770752FE, C887D6A06DD691DB6E6DC73D2ED0072FE5430F46F85111338196CF342C5892D0 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:20:58.0035 0x0324  KSecPkg - ok
13:20:58.0102 0x0324  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:20:58.0198 0x0324  KtmRm - ok
13:20:58.0272 0x0324  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\System32\srvsvc.dll
13:20:58.0361 0x0324  LanmanServer - ok
13:20:58.0410 0x0324  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:20:58.0512 0x0324  LanmanWorkstation - ok
13:20:58.0583 0x0324  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:20:58.0660 0x0324  lltdio - ok
13:20:58.0716 0x0324  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:20:58.0815 0x0324  lltdsvc - ok
13:20:58.0854 0x0324  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:20:58.0937 0x0324  lmhosts - ok
13:20:58.0991 0x0324  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:20:59.0038 0x0324  LSI_FC - ok
13:20:59.0087 0x0324  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:20:59.0123 0x0324  LSI_SAS - ok
13:20:59.0162 0x0324  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:20:59.0198 0x0324  LSI_SAS2 - ok
13:20:59.0270 0x0324  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:20:59.0318 0x0324  LSI_SCSI - ok
13:20:59.0362 0x0324  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:20:59.0436 0x0324  luafv - ok
13:20:59.0505 0x0324  [ 3C21F7E95FFCA33EF1A83AA33D9663CF, C843116969E1CDBA45AEF98B33BEDBA9200C62CDB52CD7056CE6768A1EF3A637 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
13:20:59.0536 0x0324  MBAMProtector - ok
13:20:59.0703 0x0324  [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService     C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
13:20:59.0787 0x0324  MBAMService - ok
13:20:59.0892 0x0324  [ 167BCE00050B19DA25065335645A3C7A, 5CD3EA3E09B4ED318AB6151F56A17B0E4C8CE32DBB77342A39DEF53908F7D2F0 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
13:20:59.0924 0x0324  MBAMWebAccessControl - ok
13:20:59.0976 0x0324  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:21:00.0027 0x0324  Mcx2Svc - ok
13:21:00.0088 0x0324  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:21:00.0112 0x0324  megasas - ok
13:21:00.0157 0x0324  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:21:00.0201 0x0324  MegaSR - ok
13:21:00.0234 0x0324  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
13:21:00.0325 0x0324  MMCSS - ok
13:21:00.0363 0x0324  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
13:21:00.0437 0x0324  Modem - ok
13:21:00.0480 0x0324  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:21:00.0511 0x0324  monitor - ok
13:21:00.0561 0x0324  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:21:00.0599 0x0324  mouclass - ok
13:21:00.0656 0x0324  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:21:00.0699 0x0324  mouhid - ok
13:21:00.0756 0x0324  [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:21:00.0794 0x0324  mountmgr - ok
13:21:00.0885 0x0324  [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:21:00.0925 0x0324  MozillaMaintenance - ok
13:21:00.0973 0x0324  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:21:01.0016 0x0324  mpio - ok
13:21:01.0065 0x0324  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:21:01.0148 0x0324  mpsdrv - ok
13:21:01.0232 0x0324  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:21:01.0336 0x0324  MpsSvc - ok
13:21:01.0394 0x0324  [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:21:01.0425 0x0324  MRxDAV - ok
13:21:01.0504 0x0324  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:21:01.0550 0x0324  mrxsmb - ok
13:21:01.0611 0x0324  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:21:01.0667 0x0324  mrxsmb10 - ok
13:21:01.0702 0x0324  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:21:01.0732 0x0324  mrxsmb20 - ok
13:21:01.0782 0x0324  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:21:01.0837 0x0324  msahci - ok
13:21:01.0882 0x0324  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:21:01.0933 0x0324  msdsm - ok
13:21:01.0980 0x0324  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
13:21:02.0024 0x0324  MSDTC - ok
13:21:02.0075 0x0324  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:21:02.0179 0x0324  Msfs - ok
13:21:02.0222 0x0324  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:21:02.0304 0x0324  mshidkmdf - ok
13:21:02.0343 0x0324  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:21:02.0377 0x0324  msisadrv - ok
13:21:02.0448 0x0324  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:21:02.0602 0x0324  MSiSCSI - ok
13:21:02.0629 0x0324  msiserver - ok
13:21:02.0663 0x0324  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:21:02.0744 0x0324  MSKSSRV - ok
13:21:02.0770 0x0324  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:21:02.0855 0x0324  MSPCLOCK - ok
13:21:02.0876 0x0324  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:21:02.0951 0x0324  MSPQM - ok
13:21:02.0986 0x0324  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:21:03.0030 0x0324  MsRPC - ok
13:21:03.0073 0x0324  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:21:03.0119 0x0324  mssmbios - ok
13:21:03.0138 0x0324  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:21:03.0218 0x0324  MSTEE - ok
13:21:03.0263 0x0324  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
13:21:03.0304 0x0324  MTConfig - ok
13:21:03.0348 0x0324  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:21:03.0388 0x0324  Mup - ok
13:21:03.0455 0x0324  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
13:21:03.0559 0x0324  napagent - ok
13:21:03.0651 0x0324  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:21:03.0705 0x0324  NativeWifiP - ok
13:21:03.0812 0x0324  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:21:03.0890 0x0324  NDIS - ok

neodace · 11.07.2015, 12:24

TDSS Teil 2

Code:

ATTFilter

13:21:03.0946 0x0324  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:21:04.0040 0x0324  NdisCap - ok
13:21:04.0086 0x0324  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:21:04.0169 0x0324  NdisTapi - ok
13:21:04.0218 0x0324  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:21:04.0303 0x0324  Ndisuio - ok
13:21:04.0342 0x0324  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:21:04.0414 0x0324  NdisWan - ok
13:21:04.0442 0x0324  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:21:04.0519 0x0324  NDProxy - ok
13:21:04.0553 0x0324  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:21:04.0617 0x0324  NetBIOS - ok
13:21:04.0656 0x0324  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:21:04.0712 0x0324  NetBT - ok
13:21:04.0744 0x0324  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] Netlogon        C:\Windows\system32\lsass.exe
13:21:04.0789 0x0324  Netlogon - ok
13:21:04.0845 0x0324  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
13:21:04.0946 0x0324  Netman - ok
13:21:05.0011 0x0324  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:21:05.0055 0x0324  NetMsmqActivator - ok
13:21:05.0079 0x0324  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:21:05.0122 0x0324  NetPipeActivator - ok
13:21:05.0174 0x0324  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
13:21:05.0256 0x0324  netprofm - ok
13:21:05.0313 0x0324  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:21:05.0359 0x0324  NetTcpActivator - ok
13:21:05.0399 0x0324  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:21:05.0454 0x0324  NetTcpPortSharing - ok
13:21:05.0520 0x0324  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:21:05.0553 0x0324  nfrd960 - ok
13:21:05.0603 0x0324  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:21:05.0644 0x0324  NlaSvc - ok
13:21:05.0722 0x0324  [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf             C:\Windows\system32\drivers\npf.sys
13:21:05.0753 0x0324  npf - ok
13:21:05.0792 0x0324  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:21:05.0887 0x0324  Npfs - ok
13:21:05.0938 0x0324  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
13:21:06.0017 0x0324  nsi - ok
13:21:06.0066 0x0324  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:21:06.0144 0x0324  nsiproxy - ok
13:21:06.0253 0x0324  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:21:06.0359 0x0324  Ntfs - ok
13:21:06.0383 0x0324  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
13:21:06.0468 0x0324  Null - ok
13:21:06.0526 0x0324  [ B5E37E31C053BC9950455A257526514B, 16E2880621F3AA12BDADE71CD7682CA79E2A199D3C9E3E5927C49DCEF0F6183B ] NVENETFD        C:\Windows\system32\DRIVERS\nvm62x32.sys
13:21:06.0583 0x0324  NVENETFD - ok
13:21:06.0654 0x0324  [ 9F8EE4948B7ADD9D12F778F61A2758A4, 9848C7D97AC000BF7A00BAE12593E48E14D36D7FFFCF25A163FAAB446691032F ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
13:21:06.0708 0x0324  NVHDA - ok
13:21:07.0275 0x0324  [ FCEA6786A7222DF6C26B008279139952, 9E96776417B45DC1ABDA5DE0CD36913FC6E6A38486D470BCBE01D09CE7388C4A ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:21:07.0895 0x0324  nvlddmkm - ok
13:21:08.0068 0x0324  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:21:08.0108 0x0324  nvraid - ok
13:21:08.0163 0x0324  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:21:08.0264 0x0324  nvstor - ok
13:21:08.0408 0x0324  [ F4B2AAFDB72CC6A54A14A0D6DC82657A, CBC6F3E8BEE4920886A4A3F3269132719E520898590104BCD3391D77F435FD13 ] nvsvc           C:\Windows\system32\nvvsvc.exe
13:21:08.0482 0x0324  nvsvc - ok
13:21:08.0503 0x0324  nvvad_WaveExtensible - ok
13:21:08.0552 0x0324  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:21:08.0592 0x0324  nv_agp - ok
13:21:08.0631 0x0324  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:21:08.0678 0x0324  ohci1394 - ok
13:21:08.0737 0x0324  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:21:08.0821 0x0324  p2pimsvc - ok
13:21:08.0866 0x0324  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:21:08.0931 0x0324  p2psvc - ok
13:21:08.0981 0x0324  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
13:21:09.0027 0x0324  Parport - ok
13:21:09.0062 0x0324  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:21:09.0106 0x0324  partmgr - ok
13:21:09.0159 0x0324  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
13:21:09.0201 0x0324  Parvdm - ok
13:21:09.0278 0x0324  [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:21:09.0335 0x0324  PcaSvc - ok
13:21:09.0382 0x0324  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
13:21:09.0423 0x0324  pci - ok
13:21:09.0470 0x0324  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:21:09.0504 0x0324  pciide - ok
13:21:09.0539 0x0324  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:21:09.0582 0x0324  pcmcia - ok
13:21:09.0607 0x0324  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:21:09.0636 0x0324  pcw - ok
13:21:09.0714 0x0324  [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:21:09.0800 0x0324  PEAUTH - ok
13:21:09.0911 0x0324  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
13:21:10.0013 0x0324  PeerDistSvc - ok
13:21:10.0220 0x0324  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
13:21:10.0392 0x0324  pla - ok
13:21:10.0482 0x0324  [ 2ABA2F545B35F9C6CC2CFC4E1D539A80, 4771ED8E1FE3F9F2B999BDC8D5D8D437615117E5150E1677811954C6C802850F ] PLCNDIS5        C:\Windows\system32\plcndis5.sys
13:21:10.0505 0x0324  PLCNDIS5 - detected UnsignedFile.Multi.Generic ( 1 )
13:21:13.0403 0x0324  Detect skipped due to KSN trusted
13:21:13.0403 0x0324  PLCNDIS5 - ok
13:21:13.0515 0x0324  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:21:13.0581 0x0324  PlugPlay - ok
13:21:13.0614 0x0324  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:21:13.0660 0x0324  PNRPAutoReg - ok
13:21:13.0695 0x0324  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:21:13.0757 0x0324  PNRPsvc - ok
13:21:13.0831 0x0324  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:21:13.0933 0x0324  PolicyAgent - ok
13:21:13.0990 0x0324  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
13:21:14.0065 0x0324  Power - ok
13:21:14.0136 0x0324  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:21:14.0214 0x0324  PptpMiniport - ok
13:21:14.0236 0x0324  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
13:21:14.0278 0x0324  Processor - ok
13:21:14.0355 0x0324  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:21:14.0429 0x0324  ProfSvc - ok
13:21:14.0486 0x0324  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:21:14.0527 0x0324  ProtectedStorage - ok
13:21:14.0579 0x0324  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:21:14.0669 0x0324  Psched - ok
13:21:14.0745 0x0324  [ 68B57D7C11277EA89F78255480376B4D, 5530B58126BF33E6BCDED99C73C41B90BA148587BDA3866FD4DAD12035B302B5 ] PSI             C:\Windows\system32\DRIVERS\psi_mf_x86.sys
13:21:14.0775 0x0324  PSI - ok
13:21:14.0905 0x0324  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:21:15.0007 0x0324  ql2300 - ok
13:21:15.0054 0x0324  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:21:15.0092 0x0324  ql40xx - ok
13:21:15.0139 0x0324  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
13:21:15.0217 0x0324  QWAVE - ok
13:21:15.0265 0x0324  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:21:15.0310 0x0324  QWAVEdrv - ok
13:21:15.0346 0x0324  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:21:15.0407 0x0324  RasAcd - ok
13:21:15.0450 0x0324  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:21:15.0531 0x0324  RasAgileVpn - ok
13:21:15.0576 0x0324  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
13:21:15.0645 0x0324  RasAuto - ok
13:21:15.0688 0x0324  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:21:15.0740 0x0324  Rasl2tp - ok
13:21:15.0796 0x0324  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
13:21:15.0890 0x0324  RasMan - ok
13:21:15.0924 0x0324  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:21:16.0012 0x0324  RasPppoe - ok
13:21:16.0070 0x0324  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:21:16.0142 0x0324  RasSstp - ok
13:21:16.0193 0x0324  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:21:16.0297 0x0324  rdbss - ok
13:21:16.0334 0x0324  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:21:16.0380 0x0324  rdpbus - ok
13:21:16.0412 0x0324  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:21:16.0526 0x0324  RDPCDD - ok
13:21:16.0576 0x0324  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
13:21:16.0613 0x0324  RDPDR - ok
13:21:16.0661 0x0324  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:21:16.0738 0x0324  RDPENCDD - ok
13:21:16.0791 0x0324  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:21:16.0854 0x0324  RDPREFMP - ok
13:21:16.0942 0x0324  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:21:17.0000 0x0324  RdpVideoMiniport - ok
13:21:17.0084 0x0324  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:21:17.0145 0x0324  RDPWD - ok
13:21:17.0199 0x0324  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:21:17.0255 0x0324  rdyboost - ok
13:21:17.0301 0x0324  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:21:17.0366 0x0324  RemoteAccess - ok
13:21:17.0407 0x0324  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:21:17.0556 0x0324  RemoteRegistry - ok
13:21:17.0610 0x0324  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:21:17.0706 0x0324  RpcEptMapper - ok
13:21:17.0751 0x0324  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
13:21:17.0817 0x0324  RpcLocator - ok
13:21:17.0866 0x0324  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
13:21:17.0955 0x0324  RpcSs - ok
13:21:18.0022 0x0324  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:21:18.0098 0x0324  rspndr - ok
13:21:18.0148 0x0324  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
13:21:18.0189 0x0324  s3cap - ok
13:21:18.0229 0x0324  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] SamSs           C:\Windows\system32\lsass.exe
13:21:18.0290 0x0324  SamSs - ok
13:21:18.0341 0x0324  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:21:18.0379 0x0324  sbp2port - ok
13:21:18.0429 0x0324  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:21:18.0528 0x0324  SCardSvr - ok
13:21:18.0592 0x0324  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:21:18.0666 0x0324  scfilter - ok
13:21:18.0759 0x0324  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
13:21:18.0888 0x0324  Schedule - ok
13:21:18.0936 0x0324  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:21:19.0006 0x0324  SCPolicySvc - ok
13:21:19.0035 0x0324  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:21:19.0091 0x0324  SDRSVC - ok
13:21:19.0147 0x0324  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:21:19.0230 0x0324  secdrv - ok
13:21:19.0280 0x0324  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
13:21:19.0365 0x0324  seclogon - ok
13:21:19.0533 0x0324  [ 5E0E975998BF1612E18B898E5D17838B, 76C11C62DB8055F03F868685E8E2016D99D3FC48313CB51C69E7CEA589D80890 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
13:21:19.0644 0x0324  Secunia PSI Agent - ok
13:21:19.0752 0x0324  [ 508DD2E1D5F272B2D3196335DEA2BC26, 2BDC828DB9D9766445C345E82751FA7EF94A089EC84565675EDADE3EC7EB5748 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
13:21:19.0839 0x0324  Secunia Update Agent - ok
13:21:19.0882 0x0324  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\system32\sens.dll
13:21:19.0967 0x0324  SENS - ok
13:21:20.0011 0x0324  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:21:20.0069 0x0324  SensrSvc - ok
13:21:20.0110 0x0324  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:21:20.0151 0x0324  Serenum - ok
13:21:20.0200 0x0324  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:21:20.0247 0x0324  Serial - ok
13:21:20.0294 0x0324  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:21:20.0335 0x0324  sermouse - ok
13:21:20.0449 0x0324  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:21:20.0536 0x0324  SessionEnv - ok
13:21:20.0573 0x0324  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:21:20.0613 0x0324  sffdisk - ok
13:21:20.0630 0x0324  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:21:20.0684 0x0324  sffp_mmc - ok
13:21:20.0720 0x0324  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:21:20.0800 0x0324  sffp_sd - ok
13:21:20.0812 0x0324  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:21:20.0855 0x0324  sfloppy - ok
13:21:20.0926 0x0324  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:21:21.0040 0x0324  SharedAccess - ok
13:21:21.0108 0x0324  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:21:21.0194 0x0324  ShellHWDetection - ok
13:21:21.0245 0x0324  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
13:21:21.0291 0x0324  sisagp - ok
13:21:21.0342 0x0324  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:21:21.0377 0x0324  SiSRaid2 - ok
13:21:21.0407 0x0324  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:21:21.0448 0x0324  SiSRaid4 - ok
13:21:21.0522 0x0324  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:21:21.0602 0x0324  Smb - ok
13:21:21.0685 0x0324  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:21:21.0746 0x0324  SNMPTRAP - ok
13:21:21.0820 0x0324  [ DC8D2952FB6FFBAEC67BD1B93A34DF11, 0BD1523A68900B80ED1BCCB967643525CCA55D4FF4622D0128913690E6BB619E ] speedfan        C:\Windows\system32\speedfan.sys
13:21:21.0866 0x0324  speedfan - ok
13:21:21.0908 0x0324  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:21:21.0945 0x0324  spldr - ok
13:21:22.0026 0x0324  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
13:21:22.0109 0x0324  Spooler - ok
13:21:22.0360 0x0324  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
13:21:22.0605 0x0324  sppsvc - ok
13:21:22.0671 0x0324  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:21:22.0753 0x0324  sppuinotify - ok
13:21:22.0816 0x0324  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:21:22.0871 0x0324  srv - ok
13:21:22.0925 0x0324  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:21:22.0981 0x0324  srv2 - ok
13:21:23.0029 0x0324  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:21:23.0085 0x0324  srvnet - ok
13:21:23.0159 0x0324  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:21:23.0264 0x0324  SSDPSRV - ok
13:21:23.0308 0x0324  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:21:23.0394 0x0324  SstpSvc - ok
13:21:23.0433 0x0324  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:21:23.0491 0x0324  stexstor - ok
13:21:23.0569 0x0324  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
13:21:23.0657 0x0324  StiSvc - ok
13:21:23.0708 0x0324  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
13:21:23.0746 0x0324  storflt - ok
13:21:23.0786 0x0324  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
13:21:23.0829 0x0324  StorSvc - ok
13:21:23.0900 0x0324  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
13:21:23.0933 0x0324  storvsc - ok
13:21:23.0958 0x0324  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:21:24.0008 0x0324  swenum - ok
13:21:24.0047 0x0324  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
13:21:24.0217 0x0324  swprv - ok
13:21:24.0299 0x0324  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
13:21:24.0440 0x0324  SysMain - ok
13:21:24.0479 0x0324  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
13:21:24.0541 0x0324  TabletInputService - ok
13:21:24.0602 0x0324  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:21:24.0699 0x0324  TapiSrv - ok
13:21:24.0734 0x0324  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
13:21:24.0830 0x0324  TBS - ok
13:21:24.0971 0x0324  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:21:25.0068 0x0324  Tcpip - ok
13:21:25.0174 0x0324  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:21:25.0303 0x0324  TCPIP6 - ok
13:21:25.0361 0x0324  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:21:25.0401 0x0324  tcpipreg - ok
13:21:25.0441 0x0324  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:21:25.0483 0x0324  TDPIPE - ok
13:21:25.0513 0x0324  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:21:25.0550 0x0324  TDTCP - ok
13:21:25.0617 0x0324  [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:21:25.0664 0x0324  tdx - ok
13:21:25.0686 0x0324  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:21:25.0726 0x0324  TermDD - ok
13:21:25.0804 0x0324  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
13:21:25.0899 0x0324  TermService - ok
13:21:25.0958 0x0324  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
13:21:26.0027 0x0324  Themes - ok
13:21:26.0065 0x0324  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
13:21:26.0167 0x0324  THREADORDER - ok
13:21:26.0202 0x0324  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
13:21:26.0275 0x0324  TrkWks - ok
13:21:26.0359 0x0324  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:21:26.0436 0x0324  TrustedInstaller - ok
13:21:26.0502 0x0324  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:21:26.0542 0x0324  tssecsrv - ok
13:21:26.0587 0x0324  [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:21:26.0679 0x0324  TsUsbFlt - ok
13:21:26.0708 0x0324  [ 57C527AF84748B5C2F5178C499C0B81F, 2FF1F25BA16F8984E9F2CE4DE663F261BAF267EDF10D466A52BB211C567F763C ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:21:26.0747 0x0324  TsUsbGD - ok
13:21:26.0802 0x0324  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:21:26.0875 0x0324  tunnel - ok
13:21:26.0924 0x0324  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:21:26.0962 0x0324  uagp35 - ok
13:21:27.0010 0x0324  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:21:27.0097 0x0324  udfs - ok
13:21:27.0182 0x0324  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:21:27.0238 0x0324  UI0Detect - ok
13:21:27.0285 0x0324  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:21:27.0322 0x0324  uliagpkx - ok
13:21:27.0368 0x0324  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:21:27.0433 0x0324  umbus - ok
13:21:27.0525 0x0324  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
13:21:27.0574 0x0324  UmPass - ok
13:21:27.0631 0x0324  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
13:21:27.0699 0x0324  UmRdpService - ok
13:21:27.0746 0x0324  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
13:21:27.0852 0x0324  upnphost - ok
13:21:27.0905 0x0324  [ EC1C23779BB41A8B2AB2AA6FCE308BDE, D027A2B472CAE97AECB16F69BE52E06CB61E1C61AE196C22662050B711C1C72D ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
13:21:27.0947 0x0324  USBAAPL - ok
13:21:28.0000 0x0324  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:21:28.0031 0x0324  usbccgp - ok
13:21:28.0106 0x0324  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:21:28.0144 0x0324  usbcir - ok
13:21:28.0210 0x0324  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:21:28.0242 0x0324  usbehci - ok
13:21:28.0328 0x0324  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:21:28.0385 0x0324  usbhub - ok
13:21:28.0424 0x0324  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
13:21:28.0464 0x0324  usbohci - ok
13:21:28.0519 0x0324  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:21:28.0561 0x0324  usbprint - ok
13:21:28.0611 0x0324  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:21:28.0650 0x0324  usbscan - ok
13:21:28.0696 0x0324  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:21:28.0748 0x0324  USBSTOR - ok
13:21:28.0800 0x0324  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:21:28.0828 0x0324  usbuhci - ok
13:21:28.0868 0x0324  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
13:21:28.0926 0x0324  UxSms - ok
13:21:28.0950 0x0324  [ D2967F6D4205A227AAA7D094C12F7141, 4E0D48F07F230D5D5DFC2CDCA4467C54DF6EEA6B7C6ABC355E9986C73203E104 ] VaultSvc        C:\Windows\system32\lsass.exe
13:21:29.0007 0x0324  VaultSvc - ok
13:21:29.0099 0x0324  [ ACC8107C8CA822972D3E70550DCBF07B, 1FFC80E5FA9B971DF6499ACCC57DB6C07D24991101FE663AFB58A6C07FEFB305 ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
13:21:29.0145 0x0324  VBoxAswDrv - ok
13:21:29.0195 0x0324  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:21:29.0248 0x0324  vdrvroot - ok
13:21:29.0306 0x0324  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
13:21:29.0463 0x0324  vds - ok
13:21:29.0554 0x0324  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:21:29.0597 0x0324  vga - ok
13:21:29.0635 0x0324  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:21:29.0710 0x0324  VgaSave - ok
13:21:29.0765 0x0324  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:21:29.0802 0x0324  vhdmp - ok
13:21:29.0847 0x0324  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
13:21:29.0884 0x0324  viaagp - ok
13:21:29.0922 0x0324  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
13:21:29.0964 0x0324  ViaC7 - ok
13:21:30.0019 0x0324  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:21:30.0055 0x0324  viaide - ok
13:21:30.0107 0x0324  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
13:21:30.0142 0x0324  vmbus - ok
13:21:30.0180 0x0324  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
13:21:30.0215 0x0324  VMBusHID - ok
13:21:30.0246 0x0324  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:21:30.0291 0x0324  volmgr - ok
13:21:30.0339 0x0324  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:21:30.0387 0x0324  volmgrx - ok
13:21:30.0487 0x0324  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:21:30.0546 0x0324  volsnap - ok
13:21:30.0611 0x0324  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:21:30.0652 0x0324  vsmraid - ok
13:21:30.0763 0x0324  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
13:21:30.0908 0x0324  VSS - ok
13:21:30.0958 0x0324  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
13:21:31.0006 0x0324  vwifibus - ok
13:21:31.0056 0x0324  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
13:21:31.0134 0x0324  W32Time - ok
13:21:31.0189 0x0324  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:21:31.0235 0x0324  WacomPen - ok
13:21:31.0296 0x0324  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:21:31.0419 0x0324  WANARP - ok
13:21:31.0449 0x0324  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:21:31.0534 0x0324  Wanarpv6 - ok
13:21:31.0673 0x0324  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:21:31.0767 0x0324  WatAdminSvc - ok
13:21:31.0908 0x0324  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
13:21:32.0001 0x0324  wbengine - ok
13:21:32.0067 0x0324  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:21:32.0132 0x0324  WbioSrvc - ok
13:21:32.0185 0x0324  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:21:32.0232 0x0324  wcncsvc - ok
13:21:32.0278 0x0324  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:21:32.0340 0x0324  WcsPlugInService - ok
13:21:32.0377 0x0324  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
13:21:32.0413 0x0324  Wd - ok
13:21:32.0480 0x0324  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:21:32.0558 0x0324  Wdf01000 - ok
13:21:32.0694 0x0324  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:21:32.0748 0x0324  WdiServiceHost - ok
13:21:32.0776 0x0324  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:21:32.0831 0x0324  WdiSystemHost - ok
13:21:32.0899 0x0324  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
13:21:32.0942 0x0324  WebClient - ok
13:21:32.0997 0x0324  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:21:33.0082 0x0324  Wecsvc - ok
13:21:33.0121 0x0324  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:21:33.0192 0x0324  wercplsupport - ok
13:21:33.0240 0x0324  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
13:21:33.0337 0x0324  WerSvc - ok
13:21:33.0410 0x0324  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:21:33.0487 0x0324  WfpLwf - ok
13:21:33.0529 0x0324  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:21:33.0572 0x0324  WIMMount - ok
13:21:33.0672 0x0324  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
13:21:33.0752 0x0324  WinDefend - ok
13:21:33.0819 0x0324  WinHttpAutoProxySvc - ok
13:21:33.0908 0x0324  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:21:33.0997 0x0324  Winmgmt - ok
13:21:34.0128 0x0324  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:21:34.0256 0x0324  WinRM - ok
13:21:34.0381 0x0324  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
13:21:34.0438 0x0324  WinUsb - ok
13:21:34.0523 0x0324  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:21:34.0731 0x0324  Wlansvc - ok
13:21:34.0825 0x0324  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:21:34.0879 0x0324  WmiAcpi - ok
13:21:34.0947 0x0324  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:21:34.0995 0x0324  wmiApSrv - ok
13:21:35.0116 0x0324  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
13:21:35.0194 0x0324  WMPNetworkSvc - ok
13:21:35.0253 0x0324  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:21:35.0307 0x0324  WPCSvc - ok
13:21:35.0350 0x0324  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:21:35.0424 0x0324  WPDBusEnum - ok
13:21:35.0481 0x0324  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:21:35.0584 0x0324  ws2ifsl - ok
13:21:35.0635 0x0324  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\system32\wscsvc.dll
13:21:35.0695 0x0324  wscsvc - ok
13:21:35.0721 0x0324  WSearch - ok
13:21:35.0893 0x0324  [ B5202CD63C502A16F6C94186089CF602, 0C4B3F92318D81B67820524D71618333539FEAD2877D8ABA5D7D82E66A9A6417 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:21:36.0053 0x0324  wuauserv - ok
13:21:36.0115 0x0324  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:21:36.0155 0x0324  WudfPf - ok
13:21:36.0202 0x0324  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:21:36.0250 0x0324  WUDFRd - ok
13:21:36.0311 0x0324  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:21:36.0374 0x0324  wudfsvc - ok
13:21:36.0439 0x0324  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:21:36.0501 0x0324  WwanSvc - ok
13:21:36.0574 0x0324  [ 30B73EB97218A16CBC6DE535782A1B35, 5B034F39FA5B902BD6899717F7696871CDAFB8698B48BB0E95DAE51234715A28 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x86.sys
13:21:36.0630 0x0324  yukonw7 - ok
13:21:36.0697 0x0324  ================ Scan global ===============================
13:21:36.0735 0x0324  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
13:21:36.0803 0x0324  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
13:21:36.0836 0x0324  [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
13:21:36.0889 0x0324  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
13:21:36.0953 0x0324  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
13:21:36.0977 0x0324  [ Global ] - ok
13:21:36.0978 0x0324  ================ Scan MBR ==================================
13:21:36.0998 0x0324  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:21:37.0308 0x0324  \Device\Harddisk0\DR0 - ok
13:21:37.0335 0x0324  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
13:21:37.0426 0x0324  \Device\Harddisk1\DR1 - ok
13:21:37.0436 0x0324  ================ Scan VBR ==================================
13:21:37.0444 0x0324  [ EE7AAF883CFA828A0BCE690433698A05 ] \Device\Harddisk0\DR0\Partition1
13:21:37.0448 0x0324  \Device\Harddisk0\DR0\Partition1 - ok
13:21:37.0457 0x0324  [ 0195E116EA2037FB531BF43F8D183A6A ] \Device\Harddisk0\DR0\Partition2
13:21:37.0462 0x0324  \Device\Harddisk0\DR0\Partition2 - ok
13:21:37.0477 0x0324  [ 5EDB229FC627BFF5BE9268D0C0E713F6 ] \Device\Harddisk1\DR1\Partition1
13:21:37.0484 0x0324  \Device\Harddisk1\DR1\Partition1 - ok
13:21:37.0487 0x0324  ================ Scan generic autorun ======================
13:21:37.0880 0x0324  [ 65C6AA484AD2287D20541C7735989437, 1842787640391F4A4CD9ED0A531298A61F4B2FB09BEC98FEE256313AFB458EDB ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
13:21:38.0335 0x0324  AvastUI.exe - ok
13:21:38.0494 0x0324  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\sidebar.exe
13:21:38.0669 0x0324  Sidebar - ok
13:21:39.0109 0x0324  [ EE526B0428581B57FFC571FF57309E28, 1CF4DD251E78F2B67C4B1973E3378D6B87C5698EEC398CA4043621842ACC426C ] C:\Program Files\CCleaner\CCleaner.exe
13:21:39.0560 0x0324  CCleaner Monitoring - ok
13:21:39.0602 0x0324  Waiting for KSN requests completion. In queue: 301
13:21:40.0602 0x0324  Waiting for KSN requests completion. In queue: 301
13:21:41.0602 0x0324  Waiting for KSN requests completion. In queue: 301
13:21:42.0602 0x0324  Waiting for KSN requests completion. In queue: 301
13:21:43.0696 0x0324  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x42000 ( disabled : updated )
13:21:43.0747 0x0324  Win FW state via NFP2: enabled
13:21:46.0583 0x0324  ============================================================
13:21:46.0583 0x0324  Scan finished
13:21:46.0583 0x0324  ============================================================
13:21:46.0619 0x0290  Detected object count: 0
13:21:46.0619 0x0290  Actual detected object count: 0
13:21:50.0485 0x034c  Deinitialize success

M-K-D-B · 11.07.2015, 15:45

Servus,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

neodace · 11.07.2015, 17:19

servus,

Code:

ATTFilter

ComboFix 15-07-10.01 - Noname 11.07.2015  18:03:46.1.2 - x86
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.2047.870 [GMT 2:00]
ausgeführt von:: c:\users\Noname\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-06-11 bis 2015-07-11  ))))))))))))))))))))))))))))))
.
.
2015-07-11 16:14 . 2015-07-11 16:14	--------	d-----w-	c:\users\Public\AppData\Local\temp
2015-07-11 16:14 . 2015-07-11 16:14	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-07-11 10:17 . 2015-07-11 11:19	--------	d-----w-	C:\FRST
2015-07-11 06:52 . 2015-07-11 06:52	778416	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2015-07-11 06:52 . 2015-07-11 06:52	142512	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2015-07-03 17:51 . 2015-07-09 07:36	--------	d-----w-	C:\AdwCleaner
2015-07-03 11:51 . 2015-07-03 11:51	--------	d-----w-	c:\windows\system32\Wat
2015-07-02 19:00 . 2015-07-02 19:00	--------	d-----w-	c:\program files\ESET
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-11 10:13 . 2014-09-03 08:18	119512	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-06-26 17:21 . 2015-03-08 19:40	428120	----a-w-	c:\windows\system32\drivers\aswsp.sys
2015-05-25 18:07 . 2015-06-10 15:27	3989440	----a-w-	c:\windows\system32\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-10 15:27	3934144	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-05-25 18:07 . 2015-06-10 15:27	67520	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2015-05-25 18:07 . 2015-06-10 15:27	137664	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2015-05-25 18:04 . 2015-06-10 15:27	1307648	----a-w-	c:\windows\system32\ntdll.dll
2015-05-25 18:01 . 2015-06-10 15:27	172032	----a-w-	c:\windows\system32\wdigest.dll
2015-05-25 18:01 . 2015-06-10 15:27	853504	----a-w-	c:\windows\system32\diagtrack.dll
2015-05-25 18:01 . 2015-06-10 15:27	65536	----a-w-	c:\windows\system32\TSpkg.dll
2015-05-25 18:01 . 2015-06-10 15:27	635392	----a-w-	c:\windows\system32\tdh.dll
2015-05-25 18:01 . 2015-06-10 15:27	400896	----a-w-	c:\windows\system32\srcore.dll
2015-05-25 18:01 . 2015-06-10 15:26	43008	----a-w-	c:\windows\system32\srclient.dll
2015-05-25 18:01 . 2015-06-10 15:26	15872	----a-w-	c:\windows\system32\sspisrv.dll
2015-05-25 18:01 . 2015-06-10 15:26	100352	----a-w-	c:\windows\system32\sspicli.dll
2015-05-25 18:01 . 2015-06-10 15:27	248832	----a-w-	c:\windows\system32\schannel.dll
2015-05-25 18:01 . 2015-06-10 15:27	92160	----a-w-	c:\windows\system32\sechost.dll
2015-05-25 18:01 . 2015-06-10 15:26	22016	----a-w-	c:\windows\system32\secur32.dll
2015-05-25 18:01 . 2015-06-10 15:27	221184	----a-w-	c:\windows\system32\ncrypt.dll
2015-05-25 18:01 . 2015-06-10 15:27	259584	----a-w-	c:\windows\system32\msv1_0.dll
2015-05-25 18:01 . 2015-06-10 15:27	1061376	----a-w-	c:\windows\system32\lsasrv.dll
2015-05-25 18:01 . 2015-06-10 15:27	551424	----a-w-	c:\windows\system32\kerberos.dll
2015-05-25 18:01 . 2015-06-10 15:26	38912	----a-w-	c:\windows\system32\csrsrv.dll
2015-05-25 18:01 . 2015-06-10 15:26	17408	----a-w-	c:\windows\system32\credssp.dll
2015-05-25 18:01 . 2015-06-10 15:27	641536	----a-w-	c:\windows\system32\advapi32.dll
2015-05-25 18:00 . 2015-06-10 15:26	40448	----a-w-	c:\windows\system32\typeperf.exe
2015-05-25 18:00 . 2015-06-10 15:27	364544	----a-w-	c:\windows\system32\tracerpt.exe
2015-05-25 18:00 . 2015-06-10 15:27	69632	----a-w-	c:\windows\system32\smss.exe
2015-05-25 18:00 . 2015-06-10 15:27	262656	----a-w-	c:\windows\system32\rstrui.exe
2015-05-25 18:00 . 2015-06-10 15:26	37888	----a-w-	c:\windows\system32\relog.exe
2015-05-25 18:00 . 2015-06-10 15:27	82944	----a-w-	c:\windows\system32\logman.exe
2015-05-25 18:00 . 2015-06-10 15:26	22528	----a-w-	c:\windows\system32\lsass.exe
2015-05-25 18:00 . 2015-06-10 15:26	17408	----a-w-	c:\windows\system32\diskperf.exe
2015-05-25 18:00 . 2015-06-10 15:26	50176	----a-w-	c:\windows\system32\auditpol.exe
2015-05-25 17:57 . 2015-06-10 15:26	60416	----a-w-	c:\windows\system32\msobjs.dll
2015-05-25 17:57 . 2015-06-10 15:26	146432	----a-w-	c:\windows\system32\msaudite.dll
2015-05-25 17:55 . 2015-06-10 15:26	6656	----a-w-	c:\windows\system32\apisetschema.dll
2015-05-25 17:55 . 2015-06-10 15:26	686080	----a-w-	c:\windows\system32\adtschema.dll
2015-05-25 17:00 . 2015-06-10 15:26	2384384	----a-w-	c:\windows\system32\win32k.sys
2015-05-25 16:53 . 2015-06-10 15:26	36864	----a-w-	c:\windows\system32\UtcResources.dll
2015-05-23 17:49 . 2015-05-23 17:50	96680	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2015-05-23 03:28 . 2015-06-10 15:27	2724864	----a-w-	c:\windows\system32\mshtml.tlb
2015-05-23 03:28 . 2015-06-10 15:27	4096	----a-w-	c:\windows\system32\ieetwcollectorres.dll
2015-05-23 03:15 . 2015-06-10 15:27	503808	----a-w-	c:\windows\system32\vbscript.dll
2015-05-23 03:15 . 2015-06-10 15:27	62464	----a-w-	c:\windows\system32\iesetup.dll
2015-05-23 03:15 . 2015-06-10 15:27	47616	----a-w-	c:\windows\system32\ieetwproxystub.dll
2015-05-23 03:14 . 2015-06-10 15:27	341504	----a-w-	c:\windows\system32\html.iec
2015-05-23 03:13 . 2015-06-10 15:27	64000	----a-w-	c:\windows\system32\MshtmlDac.dll
2015-05-23 03:05 . 2015-06-10 15:27	115712	----a-w-	c:\windows\system32\ieUnatt.exe
2015-05-23 03:05 . 2015-06-10 15:27	102912	----a-w-	c:\windows\system32\ieetwcollector.exe
2015-05-23 03:04 . 2015-06-10 15:27	620032	----a-w-	c:\windows\system32\jscript9diag.dll
2015-05-23 03:00 . 2015-06-10 15:27	667648	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2015-05-23 02:52 . 2015-06-10 15:27	60416	----a-w-	c:\windows\system32\JavaScriptCollectionAgent.dll
2015-05-23 02:47 . 2015-06-10 15:27	4305920	----a-w-	c:\windows\system32\jscript9.dll
2015-05-23 02:37 . 2015-06-10 15:27	2052608	----a-w-	c:\windows\system32\inetcpl.cpl
2015-05-23 02:37 . 2015-06-10 15:27	1155072	----a-w-	c:\windows\system32\mshtmlmedia.dll
2015-05-23 02:20 . 2015-06-10 15:27	1950720	----a-w-	c:\windows\system32\wininet.dll
2015-05-22 18:03 . 2015-06-10 15:23	571392	----a-w-	c:\windows\system32\generaltel.dll
2015-05-22 18:02 . 2015-06-10 15:23	621568	----a-w-	c:\windows\system32\invagent.dll
2015-05-22 18:02 . 2015-06-10 15:23	333824	----a-w-	c:\windows\system32\devinv.dll
2015-05-22 18:02 . 2015-06-10 15:23	879104	----a-w-	c:\windows\system32\appraiser.dll
2015-05-22 18:02 . 2015-06-10 15:23	37888	----a-w-	c:\windows\system32\acmigration.dll
2015-05-22 18:02 . 2015-06-10 15:23	202752	----a-w-	c:\windows\system32\aepdu.dll
2015-05-22 17:58 . 2015-06-10 15:23	901120	----a-w-	c:\windows\system32\aeinv.dll
2015-05-21 13:20 . 2015-06-10 15:23	163840	----a-w-	c:\windows\system32\aepic.dll
2015-05-09 03:14 . 2015-06-10 15:27	2937344	----a-w-	c:\windows\system32\wucltux.dll
2015-05-09 03:14 . 2015-06-10 15:27	2045952	----a-w-	c:\windows\system32\wuaueng.dll
2015-05-09 03:14 . 2015-06-10 15:27	92672	----a-w-	c:\windows\system32\wudriver.dll
2015-05-09 03:14 . 2015-06-10 15:27	35840	----a-w-	c:\windows\system32\wups2.dll
2015-05-09 03:14 . 2015-06-10 15:27	30208	----a-w-	c:\windows\system32\wups.dll
2015-05-09 03:14 . 2015-06-10 15:27	173056	----a-w-	c:\windows\system32\wuwebv.dll
2015-05-09 03:14 . 2015-06-10 15:27	566784	----a-w-	c:\windows\system32\wuapi.dll
2015-05-09 03:14 . 2015-06-10 15:26	169984	----a-w-	c:\windows\system32\winsrv.dll
2015-05-09 03:13 . 2015-06-10 15:27	69632	----a-w-	c:\windows\system32\WinSetupUI.dll
2015-05-09 03:13 . 2015-06-10 15:26	293376	----a-w-	c:\windows\system32\KernelBase.dll
2015-05-09 03:13 . 2015-06-10 15:27	11776	----a-w-	c:\windows\system32\wu.upgrade.ps.dll
2015-05-09 03:13 . 2015-06-10 15:27	33792	----a-w-	c:\windows\system32\wuapp.exe
2015-05-09 03:13 . 2015-06-10 15:27	131584	----a-w-	c:\windows\system32\wuauclt.exe
2015-05-09 03:12 . 2015-06-10 15:26	271360	----a-w-	c:\windows\system32\conhost.exe
2015-05-09 03:08 . 2015-06-10 15:26	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 15:26	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 15:26	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 15:26	4096	---ha-w-	c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 15:26	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 15:26	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 15:26	3072	---ha-w-	c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 15:26	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 15:26	3072	---ha-w-	c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 15:26	5120	---ha-w-	c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 15:26	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 15:26	3584	---ha-w-	c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 15:26	3584	---ha-w-	c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 15:26	3584	---ha-w-	c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 15:26	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 15:26	3584	---ha-w-	c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 15:26	3584	---ha-w-	c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 15:26	3072	---ha-w-	c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 15:26	3072	---ha-w-	c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 15:26	3072	---ha-w-	c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-09 03:08 . 2015-06-10 15:26	3072	---ha-w-	c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-05-06 18:36	645144	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-05-08 6369048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-05-22 5515496]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer8"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Speed Launcher]
1429258026 [X]
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2015-05-06 106912]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem.sys [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem.sys [x]
R3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;c:\windows\system32\DRIVERS\lgandnetndis.sys [x]
R3 aswTap;avast! SecureLine TAP Adapter v3;c:\windows\system32\DRIVERS\aswTap.sys [2013-11-06 38472]
R3 crliycos;crliycos;c:\windows\system32\drivers\ngiodriver_x86 [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]
R3 eapihdrv;eapihdrv;c:\users\Noname\AppData\Local\Temp\ehdrv.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-05-23 102912]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-04-14 23256]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-04-14 51928]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_x86.sys [2014-11-28 16024]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2015-07-03 1343400]
R4 MBAMService;MBAMService;c:\program files\ Malwarebytes Anti-Malware \mbamservice.exe [2015-04-14 1080120]
R4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [x]
R4 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\PSIA.exe [2014-11-28 1363160]
R4 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [2014-11-28 765144]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2015-05-06 787760]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2015-06-26 428120]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2015-05-06 24144]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2015-05-06 74976]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe [2009-07-14 20992]
S2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2011-02-11 35088]
S2 PLCNDIS5;PLCNDIS5 NDIS Protocol Driver;c:\windows\system32\plcndis5.sys [2004-05-17 17280]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-05-06 220752]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-05-06 3207800]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 31633756
*NewlyCreated* - 81901969
*Deregistered* - 31633756
*Deregistered* - 81901969
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
utcsvc	REG_MULTI_SZ   	DiagTrack
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = https://mega.co.nz/#login
TCP: DhcpNameServer = 192.168.1.1 193.189.244.202 193.189.244.194
FF - ProfilePath - c:\users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\crliycos]
"ImagePath"="\SystemRoot\system32\drivers\ngiodriver_x86"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-07-11  18:17:48
ComboFix-quarantined-files.txt  2015-07-11 16:17
.
Vor Suchlauf: 11 Verzeichnis(se), 197.594.742.784 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 197.495.287.808 Bytes frei
.
- - End Of File - - E399AAF183E264623A7838D2B3AC6314
A36C5E4F47E84449FF07ED3517B43A31

M-K-D-B · 11.07.2015, 22:10

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

neodace · 12.07.2015, 08:29

Code:

ATTFilter

# AdwCleaner v4.208 - Bericht erstellt 12/07/2015 um 08:54:50
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-11.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x86)
# Benutzername : Noname - NONAME-PC
# Gestarted von : C:\Users\Noname\Desktop\AdwCleaner_4.208.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Noname\AppData\Local\slimware utilities inc

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v39.0 (x86 de)


-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [328 Bytes] - [03/07/2015 19:51:17]
AdwCleaner[R1].txt - [1093 Bytes] - [03/07/2015 19:53:59]
AdwCleaner[R2].txt - [980 Bytes] - [05/07/2015 21:42:49]
AdwCleaner[R3].txt - [1038 Bytes] - [09/07/2015 09:35:30]
AdwCleaner[R4].txt - [353 Bytes] - [12/07/2015 08:50:31]
AdwCleaner[R5].txt - [1242 Bytes] - [12/07/2015 08:53:26]
AdwCleaner[S0].txt - [1153 Bytes] - [03/07/2015 19:56:52]
AdwCleaner[S1].txt - [1162 Bytes] - [12/07/2015 08:54:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1221  Bytes] ##########

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 12.07.2015
Suchlauf-Zeit: 09:02:54
Logdatei: anti male.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.07.12.01
Rootkit Datenbank: v2015.07.10.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Noname

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 319868
Verstrichene Zeit: 14 Min, 57 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.4.4 (07.11.2015:2)
OS: Windows 7 Professional x86
Ran by Noname on 12.07.2015 at  9:19:53,22
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Program Files\GUT13CF.tmp



~~~ Folders

Successfully deleted: [Folder] C:\users\public\documents\downloaded installers



~~~ FireFox

Successfully deleted: [File] C:\Users\Noname\AppData\Roaming\mozilla\firefox\profiles\auweyeh8.default-1414175550587\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
Emptied folder: C:\Users\Noname\AppData\Roaming\mozilla\firefox\profiles\auweyeh8.default-1414175550587\minidumps [5 files]



~~~ Chrome


[C:\Users\Noname\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Noname\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Noname\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Noname\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.07.2015 at  9:23:11,05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x86) Version: 11-07-2015
Ran by Noname at 2015-07-12 09:26:25
Running from C:\Users\Noname\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4277079510-974402927-3430589439-500 - Administrator - Disabled)
Gast (S-1-5-21-4277079510-974402927-3430589439-501 - Limited - Disabled)
Noname (S-1-5-21-4277079510-974402927-3430589439-1000 - Administrator - Enabled) => C:\Users\Noname

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AIDA64 Extreme Edition v3.00 (HKLM\...\AIDA64 Extreme Edition_is1) (Version: 3.00 - FinalWire Ltd.)
Apple Application Support (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Configuration DivX (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
CopyTrans Control Center deinstallieren (HKU\S-1-5-21-4277079510-974402927-3430589439-1000\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
devolo dLAN-Konfigurationsassistent (HKLM\...\dlanconf) (Version: 9.0.0.0 - devolo AG)
EPSON BX935FWD Series Printer Uninstall (HKLM\...\EPSON BX935FWD Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
EVEREST Home Edition v2.20 (HKLM\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Mega Codec Pack 11.0.0 (HKLM\...\KLiteCodecPack_is1) (Version: 11.0.0 - )
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Minecraft (HKLM\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 39.0 (x86 de) (HKLM\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Secunia PSI (3.0.0.10004) (HKLM\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.10 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
YGOPro DevPro Version 1.9.6 r0 (HKLM\...\{3CF2634F-3F38-4DD3-9201-CB2FE6B5FF23}_is1) (Version: 1.9.6 r0 - YGOPro DevPro Online)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

27-05-2015 13:45:56 Ende der Bereinigung
04-06-2015 21:45:49 Geplanter Prüfpunkt
10-06-2015 17:28:00 Windows Update
18-06-2015 14:02:28 Geplanter Prüfpunkt
26-06-2015 22:54:49 Geplanter Prüfpunkt
04-07-2015 10:18:06 Geplanter Prüfpunkt
11-07-2015 08:55:45 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {29685E1F-2228-4284-9DC9-FAEFF9BB948A} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {39DDFCC5-E8AC-4F5B-97A1-B24E438B9DC8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {42CFF66B-FAA9-4A2F-835A-E27393A0A8C6} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {58047848-E115-4783-A426-B8BF351EDBF6} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-02-18] ()
Task: {6BD417A8-55DA-4A68-A3F4-18673D05CB17} - System32\Tasks\{7D875AB7-3E75-497C-AB92-4FB7316BA69B} => pcalua.exe -a C:\NVIDIA\SystemTools\6.08\NVMonitor\setup.exe -d C:\NVIDIA\SystemTools\6.08\NVMonitor
Task: {792E9B8B-3FB4-4AB8-911A-D351030994BD} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {E5BD3B27-E2C1-49FF-8741-9E7EF099CA37} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)
Task: {EC094005-C3EB-4024-9B3F-749E08A80221} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {FA0A119B-0531-4F26-BB07-9319C2D3A3D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Loaded Modules (Whitelisted) ==============

2015-05-06 20:36 - 2015-05-06 20:36 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-06 20:36 - 2015-05-06 20:36 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-11 19:21 - 2015-07-11 19:21 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15071101\algo.dll
2006-12-04 01:25 - 2006-12-04 01:25 - 00022723 _____ () C:\Windows\System32\sugs2l3.dll
2015-03-08 21:39 - 2015-03-08 21:40 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-08 20:50 - 2015-05-08 20:50 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4277079510-974402927-3430589439-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Noname\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 193.189.244.202

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: Nero BackItUp Scheduler 3 => 2
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: Secunia PSI Agent => 3
MSCONFIG\Services: Secunia Update Agent => 2
MSCONFIG\startupreg: Adobe Speed Launcher => 1429258026

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{715EE703-F93C-4A44-8433-4487EAA472BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0E62E5B5-D95D-4C74-9672-067A8283FB31}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{343CF004-505E-43E0-B5C5-64A5342A5BCE}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [UDP Query User{5882E574-3AB9-4943-9427-290DFD43AE43}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [TCP Query User{8D830128-61A4-4C27-83DC-98C026C9FEAB}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [UDP Query User{9F3417D6-7FBA-4577-869E-CE5F3EF6B507}C:\program files\devpro\devpro.dll] => (Allow) C:\program files\devpro\devpro.dll
FirewallRules: [TCP Query User{92CFA8D8-52E0-4E0E-A205-336FA9B4287E}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe
FirewallRules: [UDP Query User{995C1756-466E-4FE5-95FD-F12A5A59A412}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\launcher.exe
FirewallRules: [{AC67BA12-D3E1-46DB-993F-DC19E2F8F34B}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{BFFDA09B-DAF9-4A8B-877B-7E0A8C8018F0}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe
FirewallRules: [UDP Query User{66319B40-A6D3-4DA1-AA0F-C2107234B2BC}C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe] => (Allow) C:\users\noname\appdata\roaming\ubisoft\mmdoc-pdclive\gamedata\game.exe
FirewallRules: [{96BFA00F-1B66-42E5-A3AF-A50384CB2563}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7144E11B-5FFA-4FF8-B747-B77002728DAF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9795B38A-E7EB-44D8-830E-73B27CA72A50}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9C7E7BD3-D018-495B-BA7E-CCFA05089F0A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0CE973D5-AF1B-40B6-A222-E1C510502349}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8B262E26-295F-4326-AA3A-16FDE0F1BC86}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{D26899A5-6F3E-4DDF-A679-AA009B13BC63}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{4E341B75-8D2A-4D7C-800C-2DF4C81B18FF}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{D483C699-5F8E-466F-B3AA-2EAF0B521B5C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe

==================== Faulty Device Manager Devices =============

Name: VIA USB erweiterter Hostcontroller
Description: VIA USB erweiterter Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: VIA Technologies
Service: usbehci
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard PCI-zu-USB universeller Hostcontroller
Description: Standard PCI-zu-USB universeller Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: usbuhci
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard PCI-zu-USB universeller Hostcontroller
Description: Standard PCI-zu-USB universeller Hostcontroller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: usbuhci
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/12/2015 08:56:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/12/2015 08:52:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/12/2015 08:49:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/12/2015 08:43:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 12:07:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 11:41:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 09:05:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:41:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:36:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:28:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/12/2015 09:20:25 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/12/2015 09:20:25 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/12/2015 09:20:22 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/12/2015 08:54:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/12/2015 08:54:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Volumeschattenkopie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/12/2015 08:54:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/12/2015 08:54:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/12/2015 08:54:50 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/12/2015 08:54:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/12/2015 08:54:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (07/12/2015 08:56:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/12/2015 08:52:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/12/2015 08:49:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/12/2015 08:43:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 12:07:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 11:41:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 09:05:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:41:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:36:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/11/2015 08:28:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz
Percentage of memory in use: 44%
Total physical RAM: 2047.37 MB
Available physical RAM: 1140.22 MB
Total Virtual: 4094.73 MB
Available Virtual: 2935.55 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:183.87 GB) NTFS
Drive e: (Neo`s Daten) (Fixed) (Total:232.88 GB) (Free:225.82 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 04170417)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 0ACB0595)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of log ============================

--- --- ---

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-07-2015
Ran by Noname (administrator) on NONAME-PC on 12-07-2015 09:25:30
Running from C:\Users\Noname\Desktop
Loaded Profiles: Noname (Available Profiles: Noname)
Platform: Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Noname\Desktop\FRST(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-23] (Avast Software s.r.o.)
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6369048 2015-05-08] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-05-06] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4277079510-974402927-3430589439-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://mega.co.nz/#login
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-05-23] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-23] (Avast Software s.r.o.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-23] (Oracle Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 193.189.244.202 193.189.244.194
Tcpip\..\Interfaces\{34305B66-F253-4571-9EEB-B9B40B89F740}: [DhcpNameServer] 192.168.1.1 193.189.244.202 193.189.244.194
Tcpip\..\Interfaces\{8DE3437E-5FB7-493F-8CF5-EE9202094B83}: [DhcpNameServer] 192.168.1.1 193.189.244.202 193.189.244.194

FireFox:
========
FF ProfilePath: C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587
FF Homepage: hxxp://www.facebook.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-11] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-23] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-07-03] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Flash Video Downloader - YouTube HD Downloader [4K] - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\artur.dubovoy@gmail.com [2015-05-30]
FF Extension: WOT - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-07-10]
FF Extension: MEGA - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\firefox@mega.co.nz.xpi [2014-10-24]
FF Extension: Stylish - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2014-10-24]
FF Extension: Adblock Plus - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-24]
FF Extension: Adblock Edge - C:\Users\Noname\AppData\Roaming\Mozilla\Firefox\Profiles\auweyeh8.default-1414175550587\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-10-24]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-08]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-08]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-06] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [3207800 2015-05-06] (Avast Software)
S4 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S4 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
S4 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24144 2015-05-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [74976 2015-05-06] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81728 2015-05-06] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49904 2015-05-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [787760 2015-05-06] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [428120 2015-06-26] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [106912 2015-05-06] (Avast Software s.r.o.)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [38472 2013-11-06] (The OpenVPN Project)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209048 2015-05-06] ()
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-11] (CACE Technologies, Inc.)
R2 PLCNDIS5; C:\Windows\system32\plcndis5.sys [17280 2004-05-17] (Intellon, Inc.) [File not signed]
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2014-11-28] (Secunia)
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [220752 2015-05-06] (Avast Software)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x86.sys [315392 2009-09-28] ()
S3 Andbus; system32\DRIVERS\lgandbus.sys [X]
S3 AndDiag; system32\DRIVERS\lganddiag.sys [X]
S3 AndGps; system32\DRIVERS\lgandgps.sys [X]
S3 ANDModem; system32\DRIVERS\lgandmodem.sys [X]
S3 AndNetDiag; system32\DRIVERS\lgandnetdiag.sys [X]
S3 ANDNetModem; system32\DRIVERS\lgandnetmodem.sys [X]
S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [X]
S3 catchme; \??\C:\Users\Noname\AppData\Local\Temp\catchme.sys [X]
S3 crliycos; \SystemRoot\system32\drivers\ngiodriver_x86 [X]
S3 eapihdrv; \??\C:\Users\Noname\AppData\Local\Temp\ehdrv.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-12 09:19 - 2015-07-12 09:19 - 03034123 _____ (Malwarebytes Corporation) C:\Users\Noname\Downloads\JRT.exe
2015-07-12 09:19 - 2015-07-12 09:19 - 00000000 ____D C:\RegBackup
2015-07-12 08:47 - 2015-07-12 08:47 - 02248704 _____ C:\Users\Noname\Downloads\AdwCleaner_4.208.exe
2015-07-11 18:17 - 2015-07-11 18:17 - 00016381 _____ C:\ComboFix.txt
2015-07-11 18:01 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-11 18:01 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-11 18:01 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-11 18:01 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-11 18:01 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-11 18:01 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-11 18:01 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-11 18:01 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-11 18:00 - 2015-07-11 18:17 - 00000000 ____D C:\Qoobox
2015-07-11 17:58 - 2015-07-11 17:59 - 05633250 _____ (Swearware) C:\Users\Noname\Downloads\ComboFix.exe
2015-07-11 13:17 - 2015-07-11 13:17 - 01634816 _____ (Farbar) C:\Users\Noname\Downloads\FRST.exe
2015-07-11 12:17 - 2015-07-12 09:25 - 00000000 ____D C:\FRST
2015-07-11 11:15 - 2015-07-11 11:15 - 02870984 _____ (ESET) C:\Users\Noname\Downloads\esetsmartinstaller_deu(1).exe
2015-07-11 09:10 - 2015-07-11 09:18 - 161130112 _____ C:\Users\Noname\Downloads\EmsisoftEmergencyKit.exe
2015-07-11 09:02 - 2015-07-12 08:42 - 00002990 _____ C:\Windows\PFRO.log
2015-07-11 08:52 - 2015-07-11 08:52 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-11 08:52 - 2015-07-11 08:52 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-11 08:28 - 2015-07-12 08:55 - 00000560 _____ C:\Windows\setupact.log
2015-07-11 08:28 - 2015-07-11 08:28 - 00000000 _____ C:\Windows\setuperr.log
2015-07-11 01:12 - 2015-07-11 01:22 - 229292641 _____ C:\Users\Noname\Downloads\[clips4sale.com]makayla's throat mp4.mp4
2015-07-03 19:51 - 2015-07-12 09:00 - 00000000 ____D C:\AdwCleaner
2015-07-03 14:15 - 2015-03-07 15:37 - 00000987 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2015-07-02 21:00 - 2015-07-02 21:00 - 00000000 ____D C:\Program Files\ESET
2015-07-02 20:57 - 2015-07-02 20:59 - 02870984 _____ (ESET) C:\Users\Noname\Downloads\esetsmartinstaller_deu.exe
2015-07-02 20:07 - 2015-07-02 20:07 - 647608542 _____ C:\Users\Noname\Downloads\[clips4sale.com]053015fish_WMV V9.wmv
2015-07-02 19:35 - 2015-07-02 19:36 - 525086220 _____ C:\Users\Noname\Downloads\[clips4sale.com]Vac-Vore Garbage and Roommate Recycling - MP4 1280x720.mp4
2015-07-02 19:21 - 2015-07-02 19:22 - 306744878 _____ C:\Users\Noname\Downloads\(Clips4sale) Witch vore .wmv
2015-07-02 19:21 - 2015-07-02 19:21 - 84458329 _____ C:\Users\Noname\Downloads\[clips4sale.com]QD - Devoured By Jasmine Mendez HD.mkv
2015-07-01 23:13 - 2015-07-01 23:13 - 00000000 ____D C:\Users\Noname\Downloads\Neuer Ordner (4)
2015-07-01 23:12 - 2015-07-01 23:13 - 00000000 ____D C:\Users\Noname\Downloads\Neuer Ordner (3)
2015-07-01 17:35 - 2015-07-12 09:00 - 00497214 _____ C:\Windows\WindowsUpdate.log

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-12 09:04 - 2009-07-14 06:34 - 00031104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-12 09:04 - 2009-07-14 06:34 - 00031104 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-12 09:02 - 2014-09-03 10:18 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-12 08:56 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-11 18:14 - 2009-07-14 04:04 - 00000215 _____ C:\Windows\system.ini
2015-07-11 12:07 - 2009-07-14 06:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-11 08:56 - 2015-04-04 17:39 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-11 08:51 - 2013-09-06 00:00 - 00000000 ____D C:\Users\Noname\AppData\Local\Adobe
2015-07-08 23:46 - 2010-11-20 23:01 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-03 19:48 - 2015-03-09 00:15 - 00000000 ____D C:\Program Files\SpeedFan
2015-07-03 19:47 - 2015-06-02 19:37 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-01 23:13 - 2014-10-25 16:51 - 00000000 ____D C:\Users\Noname\Downloads\Neuer Ordner
2015-07-01 21:28 - 2015-04-07 23:04 - 00000000 ____D C:\Users\Noname\AppData\Roaming\.minecraft
2015-06-27 14:02 - 2011-01-24 00:21 - 00001126 _____ C:\Users\Noname\AppData\Roaming\neo.ini
2015-06-27 13:56 - 2015-02-10 20:46 - 00000089 _____ C:\Users\Noname\AppData\Roaming\chk.ag
2015-06-27 13:56 - 2014-06-28 19:33 - 00000000 ____D C:\Users\Noname\AppData\Roaming\LiveSnap
2015-06-26 19:21 - 2015-03-08 21:40 - 00428120 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-06-18 20:04 - 2013-09-21 20:48 - 00000000 ____D C:\Program Files\DevPro
2015-06-14 00:45 - 2013-09-05 23:58 - 00000000 ____D C:\Program Files\CCleaner
2015-06-13 18:43 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-06-12 17:11 - 2014-11-12 16:07 - 00000000 __SHD C:\Users\Noname\AppData\Local\EmieBrowserModeList
2015-06-12 17:11 - 2014-04-09 19:10 - 00000000 __SHD C:\Users\Noname\AppData\Local\EmieUserList
2015-06-12 17:11 - 2014-04-09 19:10 - 00000000 __SHD C:\Users\Noname\AppData\Local\EmieSiteList

==================== Files in the root of some directories =======

2013-12-22 18:28 - 2013-12-22 18:28 - 0000000 _____ () C:\Program Files\Web Data
2015-02-10 20:46 - 2015-06-27 13:56 - 0000089 _____ () C:\Users\Noname\AppData\Roaming\chk.ag
2010-10-26 23:05 - 2014-05-31 19:25 - 0496128 _____ (cURL, hxxp://curl.haxx.se/) C:\Users\Noname\AppData\Roaming\curlchk.exe
2011-01-24 00:21 - 2015-06-27 14:02 - 0001126 _____ () C:\Users\Noname\AppData\Roaming\neo.ini
2011-01-24 00:21 - 2014-07-26 20:12 - 0001112 _____ () C:\Users\Noname\AppData\Roaming\neo98.ini
2014-07-10 08:56 - 2014-07-10 08:56 - 0000017 _____ () C:\Users\Noname\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-04 09:34

==================== End of log ============================

M-K-D-B · 12.07.2015, 11:22

Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern.
Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
RemoveProxy:
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3
Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von ESET,
die Logdatei von SecurityCheck.

neodace · 12.07.2015, 17:42

Code:

ATTFilter

Fix result of Farbar Recovery Scan Tool (x86) Version: 11-07-2015
Ran by Noname at 2015-07-12 15:38:35 Run:2
Running from C:\Users\Noname\Desktop
Loaded Profiles: Noname (Available Profiles: Noname)
Boot Mode: Normal

==============================================

fixlist content:
*****************
start
CloseProcesses:
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
RemoveProxy:
EmptyTemp:
end
*****************

Processes closed successfully.
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\SOFTWARE\Policies\Microsoft\Internet Explorer => key not found. 
"C:\ProgramData\TEMP" => ":5C321E34" ADS not found.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\S-1-5-21-4277079510-974402927-3430589439-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.


========= End of RemoveProxy: =========

EmptyTemp: => 444.7 MB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 15:39:00 ====

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f0b488d164a1e041adf82bfb97c50b25
# end=init
# utc_time=2015-07-02 07:02:08
# local_time=2015-07-02 09:02:08 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24614
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f0b488d164a1e041adf82bfb97c50b25
# end=updated
# utc_time=2015-07-02 07:19:56
# local_time=2015-07-02 09:19:56 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=f0b488d164a1e041adf82bfb97c50b25
# engine=24614
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-02 08:39:31
# local_time=2015-07-02 10:39:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 91 1176746 10029606 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 10029864 187500762 0 0
# scanned=128615
# found=0
# cleaned=0
# scan_time=4774
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f0b488d164a1e041adf82bfb97c50b25
# end=init
# utc_time=2015-07-11 09:16:26
# local_time=2015-07-11 11:16:26 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24749
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f0b488d164a1e041adf82bfb97c50b25
# end=updated
# utc_time=2015-07-11 09:20:44
# local_time=2015-07-11 11:20:44 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f0b488d164a1e041adf82bfb97c50b25
# end=init
# utc_time=2015-07-11 09:42:24
# local_time=2015-07-11 11:42:24 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 24749
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f0b488d164a1e041adf82bfb97c50b25
# end=updated
# utc_time=2015-07-11 09:42:49
# local_time=2015-07-11 11:42:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f0b488d164a1e041adf82bfb97c50b25
# end=init
# utc_time=2015-07-12 11:28:02
# local_time=2015-07-12 01:28:02 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24758
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f0b488d164a1e041adf82bfb97c50b25
# end=updated
# utc_time=2015-07-12 11:28:58
# local_time=2015-07-12 01:28:58 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f0b488d164a1e041adf82bfb97c50b25
# end=init
# utc_time=2015-07-12 11:53:04
# local_time=2015-07-12 01:53:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 24758
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f0b488d164a1e041adf82bfb97c50b25
# end=updated
# utc_time=2015-07-12 11:53:19
# local_time=2015-07-12 01:53:19 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f0b488d164a1e041adf82bfb97c50b25
# end=init
# utc_time=2015-07-12 02:58:19
# local_time=2015-07-12 04:58:19 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24761
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f0b488d164a1e041adf82bfb97c50b25
# end=updated
# utc_time=2015-07-12 03:00:32
# local_time=2015-07-12 05:00:32 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=f0b488d164a1e041adf82bfb97c50b25
# engine=24761
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-12 04:29:01
# local_time=2015-07-12 06:29:01 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 91 10115 10878576 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 10878834 188349732 0 0
# scanned=133745
# found=0
# cleaned=0
# scan_time=5309

Code:

ATTFilter

 Results of screen317's Security Check version 1.004  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Secunia PSI (3.0.0.10004)   
 CCleaner     
 Java 8 Update 45  
  Adobe Flash Player 	17.0.0.169 Flash Player out of Date!  
 Adobe Reader XI  
 Mozilla Firefox (38.0.1) 
 Google Chrome 34.0.1847.131  Google Chrome out of date!  
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast ng vbox\AvastVBoxSVC.exe 
 AVAST Software Avast avastui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

habe eine blöde aktion gemacht =(

nach dem fixlog habe ich eset gestartet und 2x ist der pc bei etwa 24% ausgegangen.
daraufhin wollte mein pc wiederholt das ich das system mit dem windows starthelfer starte , diese hat einen wiederherstellungspunkt genommen und ich hoffe das diese aktion keine auswirkung auf unsere aktionen hatte.
habe leider zu spät verstanden das ein systemwiederherstellungspunkt unsere aktionen beinträchtigen könnte.

danach habe ich im bios die temperatur notabschaltung aus gemacht um eset durchlaufen lassen zu können, hat dann auch geklappt.

M-K-D-B · 13.07.2015, 12:52

Servus,

ok, dann bitte nochmal FRST zur Kontrolle:

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

13.07.2015, 12:52	#15
M-K-D-B /// TB-Ausbilder	CPU Auslastung sehr hoch Servus, ok, dann bitte nochmal FRST zur Kontrolle: Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan. FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt). Poste mir beide Logdateien mit deiner nächsten Antwort.

CPU Auslastung sehr hoch

Plagegeister aller Art und deren Bekämpfung: CPU Auslastung sehr hoch