Ich verschicke Spam

benjay · 31.12.2015, 13:40

Hi zusammen,
Wie der Titel schon sagt, werden Spam Mails mit meinem Namen im Absender verschickt. Ca. einmal pro Woche kriege ich etwa 50 Meldungen, dass E-Mails nicht zugestellt werden konnten so wie persönliche Rückmeldungen, dass Spam Mails angekommen sind.
Diese sehen dann so aus:

Fw: new message

Hey!

Open message hxxp://flooring-tile.co.uk/took.php

benjay@freakmail.de

Ich nutze drei Mailaccounts. Bzw. nutzte. Der erste, bei dem es aufgetreten ist, ist mittlerweile deaktiviert (freenet/freakmail). Seit gestern ist aber anscheinend auch mein gmail Account kompromittiert. Kann mir da bitte jemand helfen?
Grüße

Addition

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-12-2015
Ran by benjay (2015-12-31 13:20:12)
Running from C:\Users\benjay\Desktop
Windows 7 Professional Service Pack 1 (X64) (2011-11-02 23:20:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1780921663-2346165912-1911888604-500 - Administrator - Disabled)
benjay (S-1-5-21-1780921663-2346165912-1911888604-1000 - Administrator - Enabled) => C:\Users\benjay
Guest (S-1-5-21-1780921663-2346165912-1911888604-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1780921663-2346165912-1911888604-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BioShock (HKLM-x32\...\{E280923D-C5D9-4728-8C79-AC9A0DC75875}) (Version: 2.5.0000 - 2K Games)
BioShock 2 (x32 Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
Dropbox (HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\...\Dropbox) (Version: 2.0.22 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-1780921663-2346165912-1911888604-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 2.0.22 - Dropbox, Inc.)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.143.923 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.1.5.425 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version:  - Arobas Music)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.50.1172 - Intel Corporation)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle)
Live Update 5 (HKLM-x32\...\{36F6E986-D2D1-403C-8BD3-D95EF7BC705D}}_is1) (Version: 5.0.109 - MSI)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Media Player Classic - Home Cinema v1.5.2.3456 x64 (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.5.2.3456 - MPC-HC Team)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2005 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2005) (Version:  - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.0 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Oblivion - Knights of the Nine (HKLM-x32\...\{14C87AA7-08E6-419F-A165-998EBE5023D7}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Mehrunes Razor (HKLM-x32\...\{EF295F5C-7B57-47AA-8889-6B3E8E214E89}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Vile Lair (HKLM-x32\...\{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Wizard's Tower (HKLM-x32\...\{2F2E3D62-8B8C-448F-8900-451325E50948}) (Version: 1.00.0000 - Bethesda Softworks)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PDF24 Creator 7.4.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
ScummVM 1.7.0 (HKLM-x32\...\ScummVM_is1) (Version:  - The ScummVM Team)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-1780921663-2346165912-1911888604-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TL-WN822N/TL-WN821N Driver (HKLM-x32\...\{62FE0726-9652-4CD2-9F09-C769D8699C21}) (Version: 1.0.0 - TP-LINK)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UNi Xonar Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Unity Web Player (HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-1780921663-2346165912-1911888604-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.62  - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1780921663-2346165912-1911888604-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\benjay\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1780921663-2346165912-1911888604-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1780921663-2346165912-1911888604-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1780921663-2346165912-1911888604-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1780921663-2346165912-1911888604-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12A21D38-E243-472B-AAAA-3D54F9FBBDB2} - System32\Tasks\{4DC7E083-C052-4F68-BE68-C0013673421C} => K:\INSTALL.EXE
Task: {12CF6B43-1715-4AD4-8844-D99D053BDA4D} - System32\Tasks\AdobeAAMUpdater-1.0-benjay-PC-benjay => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {2061113B-6101-49F1-ABE2-1CEA0E410B3E} - System32\Tasks\{BC482785-3E2F-40AC-AE4F-E1E7E50637BE} => J:\install.exe
Task: {2A569622-B446-4CD3-BA2D-62278738BB0B} - System32\Tasks\{5A684C7D-9519-4705-9E1B-FB11053117DA} => C:\Program Files (x86)\Atari\Desperados 2\Desperados2.exe
Task: {352485ED-ED40-4E44-AAF0-DBE87CE6C833} - System32\Tasks\{FFA36975-C895-4B07-A20F-D60C14C1A3BE} => K:\INSTALL.EXE
Task: {39BA6308-1331-4544-8C6B-A8544F2BA9CE} - System32\Tasks\{23BC10D8-8D1F-424E-97BC-F07142F25C5D} => J:\install.exe
Task: {3AEDCEF3-24CF-466C-B436-163BB6C95447} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-21] (Google Inc.)
Task: {3B7DEA0C-ABF1-4508-A9BF-0023A8E8D300} - System32\Tasks\{AA4FE6BD-B397-4668-93EB-D03E71BEFBE7} => J:\install.exe
Task: {4080960D-B993-4F5F-807C-3EEDB0105985} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29] (Adobe Systems Incorporated)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {62AD0709-1C33-4F4C-AB53-0E6938FC4BF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-21] (Google Inc.)
Task: {AD9FA85A-80BE-446A-9F5B-9B0CD2319E91} - System32\Tasks\{A8C03F36-13A2-4E4D-A512-9049A27573F6} => K:\INSTALL.EXE
Task: {BA7B668C-54F5-4D08-ADC1-828418329C1B} - System32\Tasks\{E99F55D7-FAE6-4D3D-A89C-0303810AEFB9} => K:\INSTALL.EXE
Task: {C434A2B8-A478-4876-9FCA-A7E2894D5CD2} - System32\Tasks\{FDCAB79B-0C3E-4704-A7A1-B6993F219C05} => J:\install.exe
Task: {CC562DC9-AE0C-4B9F-8B34-7756FC87EF84} - System32\Tasks\{1590464B-1892-4A4D-9F97-B5EF5826FE1A} => pcalua.exe -a K:\German\setup.exe -d K:\German
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {DDBAD45E-4BAB-43D8-80E5-F41B86E6AD12} - System32\Tasks\{4105F22C-5814-41DE-9DA1-A44D7F7FAE34} => K:\INSTALL.EXE
Task: {FD6CCED3-2124-480C-B09F-78613D428D81} - System32\Tasks\{3A9ED561-51AE-4442-85B8-84CD49F4E3C0} => J:\install.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-01-26 22:30 - 2015-03-13 17:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-06-08 22:29 - 2008-07-11 14:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2015-06-08 22:29 - 2008-07-11 14:03 - 00282112 ____N () C:\Windows\system\HsMgr64.exe
2015-12-16 23:05 - 2015-12-11 13:34 - 01971528 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-16 23:05 - 2015-12-11 13:34 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2015-11-10 11:12 - 2015-11-10 11:41 - 00348160 _____ () C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\GFSDK_GodraysLib.x64.dll
2015-05-27 23:26 - 2015-05-23 02:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-06-08 22:29 - 2012-06-06 08:56 - 00143360 ____N () C:\Program Files\UNi Xonar Audio\Customapp\VmixP8.dll
2015-12-08 11:35 - 2015-11-18 13:04 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll
2015-12-08 11:35 - 2015-11-18 13:04 - 00052256 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll
2015-03-09 21:37 - 2015-11-10 20:55 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-12-01 15:29 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-12-01 15:29 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2014-12-01 15:29 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-03-23 19:22 - 2015-12-14 21:01 - 02547280 _____ () C:\Program Files (x86)\Steam\video.dll
2014-12-01 12:31 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-12-01 12:31 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-12-01 12:31 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-12-01 12:31 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-12-01 12:31 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-03-23 19:22 - 2015-12-14 21:01 - 00804432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-11-13 19:36 - 2015-11-03 23:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-02-24 16:58 - 2015-11-17 01:31 - 47846176 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-12-31 13:05 - 2015-12-31 13:05 - 00153768 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-12-31 13:05 - 2015-12-31 13:05 - 00023208 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2013-10-20 17:45 - 00000027 ___RA C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\benjay\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1780921663-2346165912-1911888604-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\benjay\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^benjay^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.Startup
MSCONFIG\startupfolder: C:^Users^benjay^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EvolveClient => "C:\Program Files\Echobit\Evolve\EvolveClient.exe" -autorun
MSCONFIG\startupreg: Live Update 5 => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{0F6DFCC7-4D47-4924-B569-5C5755C48973}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{C295E058-2FA5-4B68-B678-B16B8BB29D1F}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{1A5CD637-824E-4DAA-8FF9-FFC9AD8826BA}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{809A0247-19A7-4B5A-BE62-900769916E8D}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [{39F87BDE-E5BB-47EA-A5C3-2CB3E387721F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BB5F0DD7-35EF-441F-982C-56FD6A010B83}] => (Allow) C:\Users\benjay\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1238E446-DAD4-45FF-A2E0-9D676E7788CE}] => (Allow) C:\Users\benjay\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{1FBE5297-64A6-4534-AA37-EB5B0C54038C}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{9B9C20B5-40F5-4A1C-997B-2035E72156A5}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{01A0A08D-C688-406A-A0C3-59D069B7172F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{D0B543E3-5689-4079-B35C-05DB03942B43}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{6C182283-B207-4B36-A722-58F64512C243}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.515\Agent.exe
FirewallRules: [{3B9D77E6-DC50-4777-8829-3B978F3AABAA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.515\Agent.exe
FirewallRules: [{C0608C4A-07E6-4384-9553-78C9A244D0A6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.649\Agent.exe
FirewallRules: [{8456CCC6-30AF-4E97-88EA-7D8E57F0C563}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.649\Agent.exe
FirewallRules: [{66B8F3C1-E30B-4B64-9AB9-EDB29BFF6078}] => (Allow) C:\Program Files (x86)\Diablo III Beta\Diablo III.exe
FirewallRules: [{E9DF8FEF-C65E-42AA-BE51-39786C617FB6}] => (Allow) C:\Program Files (x86)\Diablo III Beta\Diablo III.exe
FirewallRules: [TCP Query User{6AF58584-35A9-4C58-B40A-DABC2154EEF6}C:\programdata\battle.net\agent\agent.749\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.749\agent.exe
FirewallRules: [UDP Query User{CD55E8A7-8561-4AB2-A3BA-7FFFDC2854C6}C:\programdata\battle.net\agent\agent.749\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.749\agent.exe
FirewallRules: [TCP Query User{E71EDC47-AE54-47AA-8311-204B3F25EF4E}C:\programdata\battle.net\agent\agent.954\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.954\agent.exe
FirewallRules: [UDP Query User{F9996362-C16A-4FD9-A405-BCF88D3BF7CD}C:\programdata\battle.net\agent\agent.954\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.954\agent.exe
FirewallRules: [TCP Query User{80B1205D-75D4-4EBF-B7E2-59707ACB7B0F}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{AFE46DA5-5B41-4CB8-9A47-9AAE330D54E7}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{D0FC0044-A78A-4293-8AB4-EA58B6EB8F94}C:\programdata\battle.net\agent\agent.976\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.976\agent.exe
FirewallRules: [UDP Query User{5ACE821D-1517-4FFF-92D8-AF1377A98D81}C:\programdata\battle.net\agent\agent.976\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.976\agent.exe
FirewallRules: [TCP Query User{90E609CA-1A7D-4AF3-92DD-C89A8E464238}C:\programdata\battle.net\agent\agent.998\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.998\agent.exe
FirewallRules: [UDP Query User{95AFA473-F5E1-4FE7-8CC4-265843ADBDB5}C:\programdata\battle.net\agent\agent.998\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.998\agent.exe
FirewallRules: [TCP Query User{83766DDC-ACAD-429D-B16C-315454178B3A}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [UDP Query User{EF9D19CD-EABF-4582-9426-5C45B8434839}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [{3BEC5EC9-9E50-40EC-940C-342EC5A29B4B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1199\Agent.exe
FirewallRules: [{FB57C8AE-661F-46B0-B20C-5850B5A1A027}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1199\Agent.exe
FirewallRules: [{9B135F9A-03BB-44C3-A51B-53530255836E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [{4036EAF4-0CB2-49E3-9ACE-1460C956D632}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [{F1A66AE7-9472-41FF-A70A-DCB8333463BE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{35C95002-4008-4D01-A4B4-662A70DB443C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{5C65D816-2D0B-4BDD-BAD3-EDA0A5A6E325}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{A07F7F2F-7189-4680-9E3C-B6F8A8610233}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{9FAF5BF7-6579-46CC-AD87-7A2AB1EA98C3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{DC49891D-A36F-4179-A1EF-A18444CE7FDF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [TCP Query User{D1C8E81E-DC8A-4B5C-84F3-5FC7019D889A}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe] => (Allow) C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [UDP Query User{6067107C-A2FE-4D23-9B6E-89D19884809F}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe] => (Allow) C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [{0B9B4838-1C2E-4E12-B2FC-6AD1A2761A98}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{9448DCCF-D1A1-434C-95D2-D1C4A7DA101F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [TCP Query User{A61D4624-AA40-4850-B410-6726ED199DFB}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{28FBB594-EF61-4A1E-A8A7-39BEB7AE8528}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{8E277956-A6AC-4602-96FE-6E59A1BF8F6A}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe] => (Block) C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [UDP Query User{657707A6-368C-4A83-A8F7-31009B949C6C}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe] => (Block) C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [TCP Query User{301A99A4-2A0C-42C4-B85C-929FA3DC578A}C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [UDP Query User{21E65557-DFDD-4924-85E2-392A8D5AF82C}C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [TCP Query User{59727D75-5F3B-4B99-8AB6-EFB80CE6E454}C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [UDP Query User{B7AA76D9-3D59-4799-A7E2-354D4375DB70}C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [{C6BAC3BA-0D22-4049-A7FE-BB103C34A86E}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
FirewallRules: [{85D1E51E-B08E-4069-AF44-3FCE52AD05CC}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
FirewallRules: [TCP Query User{E9EA77EC-002A-4C4E-8E58-249E9A51DC1D}C:\program files (x86)\sid meier's civilization v\civilizationv.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv.exe
FirewallRules: [UDP Query User{3584F9BD-8B3F-4146-8DF2-2D2D42189E64}C:\program files (x86)\sid meier's civilization v\civilizationv.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv.exe
FirewallRules: [{0FE34B5D-2679-4043-9C2E-351E36961F0B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{4D832D93-9917-4763-834D-916AD6E8A2CC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{16F224C7-0D96-4C95-AE8F-3851E1D403A1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{87D35EAE-E971-4486-A17F-621552028416}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{1360E61F-2488-4D29-8AB8-E2D746ADCF02}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{17A605CE-48BE-42D0-9DFA-78A8C86E90C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [TCP Query User{A5993935-A1A8-4C9A-B58D-F62858C74B7D}C:\program files (x86)\ea sports\fifa 11\game\fifa.exe] => (Block) C:\program files (x86)\ea sports\fifa 11\game\fifa.exe
FirewallRules: [UDP Query User{B1280C40-46B6-43E0-9207-1D7B761D4681}C:\program files (x86)\ea sports\fifa 11\game\fifa.exe] => (Block) C:\program files (x86)\ea sports\fifa 11\game\fifa.exe
FirewallRules: [{8FA81560-293C-4A58-9B62-D196921D8673}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{E767DB21-500B-4EF0-8E09-C8BD8D1FD97A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [TCP Query User{B5215464-8812-4390-9713-B0095039EC2E}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{B9E11CB2-7A3D-480A-A687-A8CC622B7544}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{055BA207-12A0-485B-8716-DE81F204FFE1}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{2E7329A4-9B19-4505-BD94-FC97BB794378}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{709E6C82-5293-46EB-A680-79439667ECD3}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{7FC58348-EA2D-4B93-97F5-1FCC28A13098}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{3EA5B687-CB70-4B38-8EDB-DA92D5DEA03E}H:\images\warcraft iii\war3.exe] => (Block) H:\images\warcraft iii\war3.exe
FirewallRules: [UDP Query User{E4CE38B1-67C6-48BE-AEB0-43741A5DB61A}H:\images\warcraft iii\war3.exe] => (Block) H:\images\warcraft iii\war3.exe
FirewallRules: [{3CEA719B-59CA-47A3-A128-EA38F6203767}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{ED046DE6-8593-4ACB-88AB-12FE9DADCE5E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{50F22C28-A275-49F5-8FFB-4FC705790566}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1CF30EEA-5266-4843-842E-A5848F3B3A8C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{2071ED9D-CDA3-4AE0-AB99-589D0063C1A3}H:\images\warcraft iii\war3.exe] => (Block) H:\images\warcraft iii\war3.exe
FirewallRules: [UDP Query User{4AD09943-4E0B-4B4C-BE6F-8BEC47558360}H:\images\warcraft iii\war3.exe] => (Block) H:\images\warcraft iii\war3.exe
FirewallRules: [{E0C67E8B-538C-4C58-9B8D-E9A136C6561A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{089ABDF0-6301-454A-9E00-D13741DD5F78}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{A62C35D7-1438-4E07-A376-9045403121FB}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{CF93EF37-7C0C-4FBE-9E76-1DB4ECD36BE4}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{258D4E68-9F48-4A3D-99FF-4B8A893327FC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{3CA64B4F-3945-45D9-B296-59A57D7668DE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{CA7BFC79-27B7-4FD4-8D55-A3D36F815288}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{2E631837-A925-4599-898C-62EDE02384B7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [TCP Query User{3D05B55B-499A-43EA-AC1B-DC84C070E646}C:\programdata\battle.net\agent\agent.beta.2753\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2753\agent.exe
FirewallRules: [UDP Query User{BEBCDCC8-3A54-4488-888A-CC1124C73A24}C:\programdata\battle.net\agent\agent.beta.2753\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2753\agent.exe
FirewallRules: [{2525FEB5-4C76-4820-9E01-EEEE099226AF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{738646F5-B9CD-48CC-8481-E5F32FE03D8F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{6BF1BE8E-9965-4F07-8A7F-098D1FA07692}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{C000DB22-758D-4972-8ACE-D6846D0EBEBC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{E08FA131-8EE3-4BC3-B230-A993E75926BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{7F43164F-A3E3-4828-A84D-3860D76E119D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{E80D329B-C554-44EC-9AF2-6642CCEFFFF3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{DC37F596-A736-4BC2-9EDD-7A571139BEB2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{6315E9FB-005B-451B-9465-45F90B02F124}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CE581422-A7C9-4DD0-AEC7-A132E5ACA086}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{839CDCCA-5215-4C87-8F03-77F1DB5FC8CE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{BF82BF46-B9F3-4496-AF19-515B13C00AF3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{CE821BED-65FA-40E8-8B5C-9F0090F25DC4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{0BA6424E-E16B-4462-BBC8-ABDDEF8AC93A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{3855BB20-4D88-4158-9639-EEF44C206138}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{D9063798-C745-454E-8603-0A6D57671F75}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{88712BB0-D5F5-4DE7-AE51-04E1A168B205}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{1ED02756-ED68-4E0C-A669-008DD26E65D1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{281651BA-1176-4C05-A603-035167472F7F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{42FF3278-2FD6-44B7-B0BD-B92F2B56992C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{53F137EF-F8F1-45EA-AA2B-4E646B5E6691}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{D0FEAEA8-BF35-409E-838E-13FF2748490C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{D58C92BB-93AB-4929-9097-D46A5915577E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{33CA1E79-5DDC-4344-BE83-402446E0E1A5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{55230E58-E582-4278-B295-9881D7A259EC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{AD73000A-66E6-476A-B801-93276BB049C2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{ED4B1177-E3C3-46F4-8D53-D0E5280FAE47}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8C48C058-1ED7-491B-B109-1A2763612EF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{34C1140C-BC6D-4169-A56A-197A4E6DF4B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7C41BEBA-7DCE-4F11-AAFB-191E2BD9696A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4F2971CB-2AF3-4BA1-BF92-397547B2BC36}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{DB683BEC-4583-40F1-ADB1-1639A8E4C0F8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [TCP Query User{50A20A17-A0F4-4551-9288-7C0FC6774E58}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{77ACD185-CEBC-4E21-B547-B9D1952775A6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{2A7955DA-B167-4725-914E-871EE27C98FB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7CEEB1ED-31CC-47CC-A481-7F3A0B46A7DE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{9D2A75DE-90DE-4B23-A49F-A024821864BE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F44820B3-9FB0-466D-8D5D-C6C1AD7EEEBB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{31F0C286-4B92-4A29-AC2A-1F34C2F53DE8}H:\unrealtournament\system\unrealtournament.exe] => (Block) H:\unrealtournament\system\unrealtournament.exe
FirewallRules: [UDP Query User{9E8CF545-129E-471D-B4B4-1E2F56C06C1D}H:\unrealtournament\system\unrealtournament.exe] => (Block) H:\unrealtournament\system\unrealtournament.exe
FirewallRules: [{4A64229C-E342-4F29-A41D-563CEBC24A7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{DC1AF2C8-DEC4-4329-AAC2-02E64FEFF89C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [TCP Query User{EC78C749-D555-4833-9C3F-FE2B3BC1039B}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [UDP Query User{3C686866-55BA-45BD-A161-9E4934ECCAFE}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{767C01C4-A9A7-43A4-8B4F-4819E2F57C62}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

29-12-2015 20:52:19 Windows Update
29-12-2015 21:00:17 Windows Backup

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/22/2015 04:54:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Avira.ServiceHost.exe, version: 1.1.49.18939, time stamp: 0x561e029a
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19045, time stamp: 0x56258f05
Exception code: 0xe0434352
Fault offset: 0x0000c42d
Faulting process id: 0xd00
Faulting application start time: 0xAvira.ServiceHost.exe0
Faulting application path: Avira.ServiceHost.exe1
Faulting module path: Avira.ServiceHost.exe2
Report Id: Avira.ServiceHost.exe3

Error: (11/22/2015 04:54:57 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.InvalidOperationException
Stack:
   at System.ThrowHelper.ThrowInvalidOperationException(System.ExceptionResource)
   at System.Collections.Generic.Dictionary`2+ValueCollection+Enumerator[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].MoveNext()
   at Avira.OE.ServiceHost.ServiceStatusProviderContainer.GetDeviceStatus()
   at Avira.OE.ServiceHost.ComputerAndServicesInfoFactory.CreateComputerAndServicesInfo()
   at Avira.OE.ServiceHost.AnonymousUserDeviceStatusConnector.UpdateCurrentComputerAndServiceInfo()
   at Avira.OE.ServiceHost.AnonymousUserDeviceStatusConnector.SendAnonymousSyncStatus()
   at Avira.OE.ServiceHost.AnonymousUserDeviceStatusConnector.AnonymousSyncStatusNeeded(System.Object, System.EventArgs)
   at Avira.OE.WinCore.EventHandlerExtensions.SafeInvoke[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.EventHandler`1<System.__Canon>, System.Object, System.__Canon)
   at Avira.OE.Communicator.Communicator.CheckAndRequestAnonymousSyncStatus()
   at Avira.OE.Communicator.Communicator.CreateAndSendDeviceUpdateDataMessage(System.String)
   at Avira.OE.Communicator.Communicator.SessionChanged(Avira.OE.WinCore.Interface.Session, Avira.OE.WinCore.Interface.Session)
   at Avira.OE.Communicator.Communicator.OnActiveSessionChanged(System.Object, Avira.OE.WinCore.Interface.ActiveSessionChangedEventArgs)
   at Avira.OE.WinCore.EventHandlerExtensions.SafeInvoke[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.EventHandler`1<System.__Canon>, System.Object, System.__Canon)
   at Avira.OE.ServiceHost.SessionManager.FireActiveSessionChangeAndSetActiveSession(Avira.OE.WinCore.Interface.Session)
   at Avira.OE.ServiceHost.SessionManager.Initialize()
   at Avira.OE.ServiceHost.ServiceHost.Initialize()
   at Avira.OE.ServiceHost.Program+<>c__DisplayClass1.<OnServiceStart>b__0(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (11/17/2015 05:58:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fallout4.exe, version: 1.1.30.0, time stamp: 0x563b8ba7
Faulting module name: Fallout4.exe, version: 1.1.30.0, time stamp: 0x563b8ba7
Exception code: 0xc000041d
Fault offset: 0x00000000016c723e
Faulting process id: 0x147c
Faulting application start time: 0xFallout4.exe0
Faulting application path: Fallout4.exe1
Faulting module path: Fallout4.exe2
Report Id: Fallout4.exe3

Error: (11/14/2015 04:44:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Fallout4.exe version 1.1.30.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1540

Start Time: 01d11ed224656f7e

Termination Time: 634

Application Path: C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4.exe

Report Id:

Error: (11/10/2015 10:28:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Fallout4.exe version 1.1.29.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 4c0

Start Time: 01d11ba9172af642

Termination Time: 898

Application Path: C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4.exe

Report Id:

Error: (11/08/2015 08:52:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Bioshock.exe, version: 1.0.0.0, time stamp: 0x474f5a3a
Faulting module name: kernel32.dll, version: 6.1.7601.19018, time stamp: 0x5609fed3
Exception code: 0xc0000005
Fault offset: 0x00011390
Faulting process id: 0x158
Faulting application start time: 0xBioshock.exe0
Faulting application path: Bioshock.exe1
Faulting module path: Bioshock.exe2
Report Id: Bioshock.exe3

Error: (09/07/2015 01:48:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Gothic3.exe, version: 1.74.25931.14, time stamp: 0x4c030371
Faulting module name: Engine.dll, version: 1.74.25931.14, time stamp: 0x4c02ffc9
Exception code: 0xc0000005
Fault offset: 0x000dfcc1
Faulting process id: 0xbec
Faulting application start time: 0xGothic3.exe0
Faulting application path: Gothic3.exe1
Faulting module path: Gothic3.exe2
Report Id: Gothic3.exe3

Error: (09/06/2015 06:39:33 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file  for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Genome Gaming System because of this error.

Program: Genome Gaming System
File: 

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
	- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
	- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: 00000000
Disk type: 0

Error: (09/06/2015 06:39:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Gothic3.exe, version: 1.74.25931.14, time stamp: 0x4c030371
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000096
Fault offset: 0x3e931996
Faulting process id: 0x3f4
Faulting application start time: 0xGothic3.exe0
Faulting application path: Gothic3.exe1
Faulting module path: Gothic3.exe2
Report Id: Gothic3.exe3

Error: (07/21/2015 09:27:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: audacity.exe, version: 0.0.0.0, time stamp: 0x43791554
Faulting module name: ntdll.dll, version: 6.1.7601.18798, time stamp: 0x5507b3e0
Exception code: 0xc0000005
Fault offset: 0x00039e03
Faulting process id: 0x834
Faulting application start time: 0xaudacity.exe0
Faulting application path: audacity.exe1
Faulting module path: audacity.exe2
Report Id: audacity.exe3


System errors:
=============
Error: (12/31/2015 12:02:09 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Avira Email-Schutz service terminated with service-specific error %%1.

Error: (12/31/2015 12:02:09 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Avira Email-Schutz service hung on starting.

Error: (12/31/2015 12:02:09 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Error: (12/30/2015 03:24:25 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Avira Email-Schutz service terminated with service-specific error %%1.

Error: (12/30/2015 03:24:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Avira Email-Schutz service hung on starting.

Error: (12/30/2015 01:20:33 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Avira Email-Schutz service terminated with service-specific error %%1.

Error: (12/30/2015 01:20:32 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Avira Email-Schutz service hung on starting.

Error: (12/30/2015 01:20:33 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Error: (12/29/2015 08:51:37 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Avira Email-Schutz service terminated with service-specific error %%1.

Error: (12/29/2015 08:51:37 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Avira Email-Schutz service hung on starting.


CodeIntegrity:
===================================
  Date: 2013-10-20 18:45:44.901
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-10-20 18:45:44.848
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 74%
Total physical RAM: 8173.57 MB
Available physical RAM: 2103.8 MB
Total Virtual: 16345.36 MB
Available Virtual: 6925.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:3.9 GB) NTFS
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Elements) (Fixed) (Total:465.75 GB) (Free:49.9 GB) NTFS
Drive g: () (Fixed) (Total:99.51 GB) (Free:71.44 GB) NTFS
Drive h: (Games) (Fixed) (Total:244.14 GB) (Free:92.53 GB) NTFS
Drive i: (Musik und Filme) (Fixed) (Total:587.76 GB) (Free:107.92 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 786EE9E8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 61BCEE7D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=99.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=587.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 946FF2BA)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

benjay · 31.12.2015, 13:54

FRST

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
Ran by benjay (administrator) on BENJAY-PC (31-12-2015 13:19:52)
Running from C:\Users\benjay\Desktop
Loaded Profiles: benjay &  (Available Profiles: benjay)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CMedia) C:\Program Files\UNi Xonar Audio\Customapp\AsusAudioCenter.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Bethesda Softworks) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [221216 2015-11-18] (Geek Software GmbH)
HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
HKU\S-1-5-21-1780921663-2346165912-1911888604-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{644AFD7F-2BFA-4EAF-9367-910E4890C4A0}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6577D245-50AD-4FD1-BE32-C7919691D5E1}: [DhcpNameServer] 192.168.179.1
Tcpip\..\Interfaces\{C6522AAA-71CD-4ABC-A830-78F97174AD2A}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1780921663-2346165912-1911888604-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-1780921663-2346165912-1911888604-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2013-05-06] (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901
FF DefaultSearchEngine: LEO Eng-Deu
FF Homepage: hxxps://www.google.de/?gws_rd=ssl
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll [2014-01-29] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2013-05-06] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-1780921663-2346165912-1911888604-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\benjay\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-05-11] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1780921663-2346165912-1911888604-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\benjay\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-05-11] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\searchplugins\google-images.xml [2014-12-30]
FF SearchPlugin: C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\searchplugins\google-maps.xml [2014-12-30]
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-06-03] [not signed]
FF Extension: FoxyProxy Standard - C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\extensions\foxyproxy@eric.h.jung [2015-05-29]
FF Extension: Flash and Video Download - C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-12-17]
FF Extension: Ghostery - C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\Extensions\firefox@ghostery.com.xpi [2015-12-14]
FF Extension: Adblock Plus - C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-14]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5

Chrome: 
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-23]
CHR Extension: (Google Docs) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-23]
CHR Extension: (Google Drive) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-30]
CHR Extension: (Google-Suche) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Tabellen) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-23]
CHR Extension: (Avira Browserschutz) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-12-16]
CHR Extension: (Google Docs Offline) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-21]
CHR Extension: (Ghostery) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-12-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2015-06-23]
CHR Extension: (Bitdefender QuickScan) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-11-07]
CHR Extension: (Google Mail) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-23]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-10-22] (Adobe Systems) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-03-08] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-30] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2735616 2013-12-11] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-12-20] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2013-01-20] (Echobit, LLC)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-03-08] ()
S3 Maplom; no ImagePath
S3 MaplomL; no ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [450048 2010-03-31] (Realtek Semiconductor Corporation                           )
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2011-12-19] (Duplex Secure Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-31 13:19 - 2015-12-31 13:20 - 00023456 _____ C:\Users\benjay\Desktop\FRST.txt
2015-12-31 13:19 - 2015-12-31 13:19 - 02370560 _____ (Farbar) C:\Users\benjay\Desktop\FRST64.exe
2015-12-31 13:19 - 2015-12-31 13:19 - 00000000 ____D C:\FRST
2015-12-31 13:05 - 2015-12-31 13:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-12-17 19:50 - 2015-12-17 19:50 - 00000000 ____D C:\Users\benjay\Desktop\freenet Mail
2015-12-14 02:57 - 2015-12-17 20:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-13 19:22 - 2015-12-13 19:22 - 00494158 _____ C:\Users\benjay\Desktop\Ticket Freiburg.pdf
2015-12-09 10:26 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 10:26 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 10:26 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 10:26 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 10:26 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 10:26 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 10:26 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-09 10:26 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 10:26 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 10:26 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 10:26 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 10:26 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 10:26 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 10:26 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 10:26 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 10:26 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 10:26 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 10:26 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 10:26 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 10:26 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 10:26 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 10:26 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 10:26 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 10:26 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 10:26 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 10:26 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 10:26 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 10:26 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 10:26 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 10:26 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 10:26 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 10:26 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 10:26 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 10:26 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 10:26 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 10:26 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 10:26 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 10:26 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 10:26 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 10:26 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 10:26 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 10:26 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 10:26 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 10:26 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 10:26 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 10:26 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 10:26 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 10:26 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 10:26 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 10:26 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 10:26 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 10:26 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 10:26 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 10:26 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 10:26 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 10:26 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 10:26 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 10:26 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 10:26 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 10:26 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 10:26 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 10:26 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 10:26 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 10:26 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 10:26 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 10:26 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 10:26 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 10:26 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 10:26 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 10:26 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 10:26 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 10:26 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 10:26 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 10:26 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 10:26 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 10:26 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 10:26 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 10:26 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 10:26 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 10:26 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 10:26 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 10:26 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 10:26 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 10:26 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 10:26 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 10:26 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 10:26 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 10:25 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 10:25 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-08 11:35 - 2015-12-08 11:35 - 00001083 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2015-12-08 11:35 - 2015-12-08 11:35 - 00000000 ____D C:\Users\benjay\AppData\Local\PDF24
2015-12-08 11:35 - 2015-12-08 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-12-08 11:35 - 2015-12-08 11:35 - 00000000 ____D C:\Program Files (x86)\PDF24
2015-12-08 11:23 - 2015-12-08 12:01 - 00000000 ____D C:\Users\benjay\Desktop\Weinheim

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-31 13:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-31 13:02 - 2015-06-21 13:28 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-31 12:57 - 2015-06-27 10:30 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-31 12:49 - 2012-11-12 12:00 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-31 12:19 - 2015-03-31 17:11 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-31 12:09 - 2009-07-14 05:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-31 12:09 - 2009-07-14 05:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-31 12:05 - 2009-07-14 06:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-31 12:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-31 12:00 - 2015-06-21 13:28 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-31 12:00 - 2015-01-26 22:31 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-31 12:00 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-30 00:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-12-29 22:49 - 2012-11-12 12:00 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-29 22:49 - 2012-06-22 06:28 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-29 22:49 - 2011-11-03 00:46 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-19 01:19 - 2011-11-03 07:17 - 00000436 _____ C:\Users\benjay\Desktop\fut.pls
2015-12-17 19:25 - 2015-03-06 00:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-17 19:25 - 2014-10-09 13:13 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-16 23:06 - 2015-06-21 13:29 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-11 21:25 - 2009-07-14 05:45 - 04846936 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-09 10:57 - 2011-11-11 02:20 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-09 10:56 - 2013-01-03 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 10:55 - 2013-01-03 20:46 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-09 10:55 - 2013-01-03 20:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 10:54 - 2013-07-23 02:00 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 10:51 - 2012-12-16 23:17 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 04:39 - 2011-11-03 00:42 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-12-08 12:34 - 2015-11-30 15:33 - 00000000 ____D C:\Users\benjay\Desktop\Fotos Ordnen
2015-12-07 18:06 - 2015-11-14 12:37 - 00010136 _____ C:\Users\benjay\Desktop\Bewerbungsstand.xlsx
2015-12-05 02:57 - 2015-06-21 13:28 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-05 02:57 - 2015-06-21 13:28 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-04 21:45 - 2014-03-12 13:59 - 00000000 ____D C:\Users\benjay\AppData\Local\Battle.net
2015-12-04 21:45 - 2014-03-12 13:56 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-12-01 21:58 - 2013-05-02 09:39 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-12-01 21:58 - 2013-03-28 01:51 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-12-01 21:58 - 2013-03-28 01:51 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

==================== Files in the root of some directories =======

2013-06-12 21:51 - 2013-06-12 21:51 - 0004608 _____ () C:\Users\benjay\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-19 21:20 - 2015-09-19 21:20 - 0007605 _____ () C:\Users\benjay\AppData\Local\Resmon.ResmonCfg
2011-12-20 00:21 - 2011-12-20 00:22 - 0000044 ___SH () C:\ProgramData\.zreglib

Some files in TEMP:
====================
C:\Users\benjay\AppData\Local\Temp\avgnt.exe
C:\Users\benjay\AppData\Local\Temp\Quarantine.exe
C:\Users\benjay\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-12-30 00:28

==================== End of FRST.txt ============================

--- --- ---

--- --- ---

--- --- ---

Malwarebytes

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 31-Dec-15
Scan Time: 12:57
Logfile: Malware.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2015.12.31.03
Rootkit Database: v2015.12.26.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: benjay

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 356850
Time Elapsed: 6 min, 23 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Avira

Code:

ATTFilter

Free Antivirus
Erstellungsdatum der Reportdatei: Tuesday, December 29, 2015  21:01


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira Antivirus Free
Seriennummer   : 0000149996-AVHOE-0000001
Plattform      : Windows 7 Professional
Windowsversion : (Service Pack 1)  [6.1.7601]
Boot Modus     : Normal gebootet
Benutzername   : SYSTEM
Computername   : BENJAY-PC

Versionsinformationen:
build.dat      : 15.0.15.129    93076 Bytes   12/3/2015 15:25:00
AVSCAN.EXE     : 15.0.15.122  1203832 Bytes   12/1/2015 20:58:24
AVSCANRC.DLL   : 15.0.15.106    67688 Bytes   12/1/2015 20:58:24
LUKE.DLL       : 15.0.15.106    69248 Bytes   12/1/2015 20:58:32
AVSCPLR.DLL    : 15.0.15.122   106352 Bytes   12/1/2015 20:58:24
REPAIR.DLL     : 15.0.15.106   493608 Bytes   12/1/2015 20:58:24
repair.rdf     : 1.0.13.18    1412088 Bytes  12/29/2015 20:00:28
AVREG.DLL      : 15.0.15.106   346312 Bytes   12/1/2015 20:58:23
avlode.dll     : 15.0.15.106   701680 Bytes   12/1/2015 20:58:23
avlode.rdf     : 14.0.5.18      88653 Bytes  12/11/2015 20:36:26
XBV00003.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00004.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00005.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00006.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00007.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00008.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00009.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00010.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00011.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00012.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00013.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00014.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00015.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00016.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00017.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00018.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00019.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00020.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00021.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00022.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00023.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00024.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00025.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00026.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00027.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00028.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00029.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00030.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00031.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00032.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00033.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00034.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00035.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00036.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00037.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00038.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00039.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:01
XBV00040.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:01
XBV00041.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:01
XBV00149.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00150.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00151.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00152.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00153.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00154.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00155.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00156.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00157.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00158.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00159.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00160.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00161.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00162.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00163.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00164.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00165.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00166.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00167.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00168.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00169.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00170.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00171.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00172.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00173.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00174.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00175.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00176.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00177.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00178.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00179.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00180.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00181.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00182.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00183.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00184.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00185.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00186.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00187.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00188.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00189.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00190.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00191.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00192.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00193.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00194.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00195.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00196.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00197.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00198.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00199.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00200.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00201.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00202.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00203.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00204.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00205.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00206.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00207.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00208.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00209.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00210.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00211.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00212.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00213.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00214.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00215.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00216.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00217.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00218.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00219.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00220.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00221.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00222.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00223.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00224.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00225.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00226.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00227.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00228.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00229.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00230.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00231.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00232.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00233.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00234.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00235.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00236.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00237.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00238.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00239.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00240.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00241.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00242.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00243.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00244.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00245.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00246.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00247.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00248.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00249.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00250.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00251.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00252.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00253.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00254.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00255.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00000.VDF   : 7.11.70.0   66736640 Bytes    4/4/2013 09:57:06
XBV00001.VDF   : 7.11.237.0  48041984 Bytes    6/2/2015 18:23:54
XBV00002.VDF   : 7.12.37.36  16452096 Bytes  12/17/2015 18:24:00
XBV00042.VDF   : 8.12.37.66    774656 Bytes  12/17/2015 18:24:01
XBV00043.VDF   : 8.12.37.236   160768 Bytes  12/18/2015 09:51:36
XBV00044.VDF   : 8.12.38.2      21504 Bytes  12/18/2015 11:51:31
XBV00045.VDF   : 8.12.38.24     87040 Bytes  12/18/2015 23:51:34
XBV00046.VDF   : 8.12.38.26      2048 Bytes  12/18/2015 23:51:34
XBV00047.VDF   : 8.12.38.46     10240 Bytes  12/18/2015 23:51:34
XBV00048.VDF   : 8.12.38.48      2048 Bytes  12/18/2015 23:51:34
XBV00049.VDF   : 8.12.38.52     11264 Bytes  12/18/2015 23:51:34
XBV00050.VDF   : 8.12.38.72     25600 Bytes  12/18/2015 01:51:32
XBV00051.VDF   : 8.12.38.94     45568 Bytes  12/19/2015 20:00:20
XBV00052.VDF   : 8.12.38.114    10240 Bytes  12/19/2015 20:00:20
XBV00053.VDF   : 8.12.38.134    17408 Bytes  12/19/2015 20:00:20
XBV00054.VDF   : 8.12.38.154    18944 Bytes  12/19/2015 20:00:20
XBV00055.VDF   : 8.12.38.174   110080 Bytes  12/20/2015 20:00:20
XBV00056.VDF   : 8.12.38.176     2048 Bytes  12/20/2015 20:00:20
XBV00057.VDF   : 8.12.38.178    16896 Bytes  12/20/2015 20:00:20
XBV00058.VDF   : 8.12.38.180    12800 Bytes  12/20/2015 20:00:20
XBV00059.VDF   : 8.12.38.182    71168 Bytes  12/21/2015 20:00:20
XBV00060.VDF   : 8.12.38.202     5632 Bytes  12/21/2015 20:00:20
XBV00061.VDF   : 8.12.38.220     9216 Bytes  12/21/2015 20:00:20
XBV00062.VDF   : 8.12.38.238     4096 Bytes  12/21/2015 20:00:20
XBV00063.VDF   : 8.12.39.0       3072 Bytes  12/21/2015 20:00:20
XBV00064.VDF   : 8.12.39.2       8704 Bytes  12/21/2015 20:00:20
XBV00065.VDF   : 8.12.39.4      14336 Bytes  12/21/2015 20:00:20
XBV00066.VDF   : 8.12.39.10     57344 Bytes  12/21/2015 20:00:20
XBV00067.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:20
XBV00068.VDF   : 8.12.39.14      2048 Bytes  12/21/2015 20:00:20
XBV00069.VDF   : 8.12.39.16      2048 Bytes  12/21/2015 20:00:20
XBV00070.VDF   : 8.12.39.18     18432 Bytes  12/21/2015 20:00:20
XBV00071.VDF   : 8.12.39.20      2048 Bytes  12/21/2015 20:00:20
XBV00072.VDF   : 8.12.39.38     37888 Bytes  12/21/2015 20:00:21
XBV00073.VDF   : 8.12.39.56      2048 Bytes  12/22/2015 20:00:21
XBV00074.VDF   : 8.12.39.92     26112 Bytes  12/22/2015 20:00:21
XBV00075.VDF   : 8.12.39.110     8704 Bytes  12/22/2015 20:00:21
XBV00076.VDF   : 8.12.39.128     4608 Bytes  12/22/2015 20:00:21
XBV00077.VDF   : 8.12.39.130     8192 Bytes  12/22/2015 20:00:21
XBV00078.VDF   : 8.12.39.134    45056 Bytes  12/22/2015 20:00:21
XBV00079.VDF   : 8.12.39.152     2048 Bytes  12/22/2015 20:00:21
XBV00080.VDF   : 8.12.39.168     9728 Bytes  12/22/2015 20:00:21
XBV00081.VDF   : 8.12.39.186    20480 Bytes  12/22/2015 20:00:22
XBV00082.VDF   : 8.12.39.202     9728 Bytes  12/22/2015 20:00:22
XBV00083.VDF   : 8.12.39.204     6144 Bytes  12/22/2015 20:00:22
XBV00084.VDF   : 8.12.39.206     7168 Bytes  12/22/2015 20:00:22
XBV00085.VDF   : 8.12.39.208     6656 Bytes  12/22/2015 20:00:22
XBV00086.VDF   : 8.12.39.210     5120 Bytes  12/22/2015 20:00:22
XBV00087.VDF   : 8.12.39.214    34816 Bytes  12/23/2015 20:00:22
XBV00088.VDF   : 8.12.39.216    15872 Bytes  12/23/2015 20:00:22
XBV00089.VDF   : 8.12.39.232    15360 Bytes  12/23/2015 20:00:22
XBV00090.VDF   : 8.12.39.248    23040 Bytes  12/23/2015 20:00:22
XBV00091.VDF   : 8.12.40.8      10752 Bytes  12/23/2015 20:00:22
XBV00092.VDF   : 8.12.40.10      2048 Bytes  12/23/2015 20:00:22
XBV00093.VDF   : 8.12.40.12      2048 Bytes  12/23/2015 20:00:22
XBV00094.VDF   : 8.12.40.30      4608 Bytes  12/23/2015 20:00:22
XBV00095.VDF   : 8.12.40.32      2048 Bytes  12/23/2015 20:00:22
XBV00096.VDF   : 8.12.40.34     31744 Bytes  12/23/2015 20:00:22
XBV00097.VDF   : 8.12.40.36      7680 Bytes  12/23/2015 20:00:22
XBV00098.VDF   : 8.12.40.38      5120 Bytes  12/23/2015 20:00:22
XBV00099.VDF   : 8.12.40.40     16896 Bytes  12/23/2015 20:00:22
XBV00100.VDF   : 8.12.40.42      2048 Bytes  12/23/2015 20:00:22
XBV00101.VDF   : 8.12.40.44     10240 Bytes  12/23/2015 20:00:22
XBV00102.VDF   : 8.12.40.46      6656 Bytes  12/23/2015 20:00:22
XBV00103.VDF   : 8.12.40.48      7168 Bytes  12/23/2015 20:00:22
XBV00104.VDF   : 8.12.40.50      6144 Bytes  12/23/2015 20:00:22
XBV00105.VDF   : 8.12.40.54     31744 Bytes  12/24/2015 20:00:22
XBV00106.VDF   : 8.12.40.70     14848 Bytes  12/24/2015 20:00:22
XBV00107.VDF   : 8.12.40.84      8704 Bytes  12/24/2015 20:00:22
XBV00108.VDF   : 8.12.40.98      2048 Bytes  12/24/2015 20:00:23
XBV00109.VDF   : 8.12.40.112    11264 Bytes  12/24/2015 20:00:23
XBV00110.VDF   : 8.12.40.114     6656 Bytes  12/24/2015 20:00:23
XBV00111.VDF   : 8.12.40.118    28160 Bytes  12/24/2015 20:00:23
XBV00112.VDF   : 8.12.40.124   152576 Bytes  12/25/2015 20:00:23
XBV00113.VDF   : 8.12.40.126     2048 Bytes  12/25/2015 20:00:23
XBV00114.VDF   : 8.12.40.130    16896 Bytes  12/25/2015 20:00:23
XBV00115.VDF   : 8.12.40.144    18432 Bytes  12/25/2015 20:00:23
XBV00116.VDF   : 8.12.40.158    12288 Bytes  12/25/2015 20:00:23
XBV00117.VDF   : 8.12.40.172    86016 Bytes  12/26/2015 20:00:23
XBV00118.VDF   : 8.12.40.186     2048 Bytes  12/26/2015 20:00:23
XBV00119.VDF   : 8.12.40.212    21504 Bytes  12/26/2015 20:00:23
XBV00120.VDF   : 8.12.40.226    15872 Bytes  12/26/2015 20:00:23
XBV00121.VDF   : 8.12.40.238     7680 Bytes  12/26/2015 20:00:23
XBV00122.VDF   : 8.12.40.250    10240 Bytes  12/26/2015 20:00:23
XBV00123.VDF   : 8.12.41.6     120320 Bytes  12/27/2015 20:00:23
XBV00124.VDF   : 8.12.41.8       2048 Bytes  12/27/2015 20:00:23
XBV00125.VDF   : 8.12.41.10     26112 Bytes  12/27/2015 20:00:23
XBV00126.VDF   : 8.12.41.12     17920 Bytes  12/27/2015 20:00:23
XBV00127.VDF   : 8.12.41.14    103424 Bytes  12/28/2015 20:00:23
XBV00128.VDF   : 8.12.41.26     23552 Bytes  12/28/2015 20:00:23
XBV00129.VDF   : 8.12.41.38     20992 Bytes  12/28/2015 20:00:23
XBV00130.VDF   : 8.12.41.50     19456 Bytes  12/28/2015 20:00:23
XBV00131.VDF   : 8.12.41.52      4096 Bytes  12/28/2015 20:00:23
XBV00132.VDF   : 8.12.41.66     97280 Bytes  12/28/2015 20:00:24
XBV00133.VDF   : 8.12.41.68      2048 Bytes  12/28/2015 20:00:24
XBV00134.VDF   : 8.12.41.70     29696 Bytes  12/28/2015 20:00:24
XBV00135.VDF   : 8.12.41.72      8192 Bytes  12/28/2015 20:00:24
XBV00136.VDF   : 8.12.41.74     12288 Bytes  12/28/2015 20:00:24
XBV00137.VDF   : 8.12.41.76      7680 Bytes  12/28/2015 20:00:24
XBV00138.VDF   : 8.12.41.90     39424 Bytes  12/29/2015 20:00:24
XBV00139.VDF   : 8.12.41.100     8704 Bytes  12/29/2015 20:00:24
XBV00140.VDF   : 8.12.41.110    10240 Bytes  12/29/2015 20:00:24
XBV00141.VDF   : 8.12.41.120    24576 Bytes  12/29/2015 20:00:24
XBV00142.VDF   : 8.12.41.130    10752 Bytes  12/29/2015 20:00:24
XBV00143.VDF   : 8.12.41.134    16896 Bytes  12/29/2015 20:00:24
XBV00144.VDF   : 8.12.41.136    58880 Bytes  12/29/2015 20:00:24
XBV00145.VDF   : 8.12.41.146     2560 Bytes  12/29/2015 20:00:24
XBV00146.VDF   : 8.12.41.156    18432 Bytes  12/29/2015 20:00:24
XBV00147.VDF   : 8.12.41.166     5632 Bytes  12/29/2015 20:00:24
XBV00148.VDF   : 8.12.41.168     2048 Bytes  12/29/2015 20:00:24
LOCAL001.VDF   : 8.12.41.168 136568320 Bytes  12/29/2015 20:00:47
Engineversion  : 8.3.34.106
AEBB.DLL       : 8.1.3.0        59296 Bytes  11/20/2015 21:25:01
AECORE.DLL     : 8.3.9.0       249920 Bytes  11/13/2015 18:05:26
AEDROID.DLL    : 8.4.3.348    1800104 Bytes   11/7/2015 17:17:00
AEEMU.DLL      : 8.1.3.6       404328 Bytes  11/20/2015 21:25:01
AEEXP.DLL      : 8.4.2.144     289920 Bytes  12/29/2015 20:00:20
AEGEN.DLL      : 8.1.8.14      490344 Bytes  12/18/2015 13:51:35
AEHELP.DLL     : 8.3.2.8       284584 Bytes  12/29/2015 20:00:20
AEHEUR.DLL     : 8.1.4.2098  10002496 Bytes  12/17/2015 18:23:39
AEMOBILE.DLL   : 8.1.8.10      301936 Bytes  11/29/2015 20:02:02
AEOFFICE.DLL   : 8.3.1.72      426048 Bytes  12/29/2015 20:00:20
AEPACK.DLL     : 8.4.1.20      801920 Bytes   12/4/2015 20:26:43
AERDL.DLL      : 8.2.1.38      813928 Bytes   11/7/2015 17:16:59
AESBX.DLL      : 8.2.21.2     1629032 Bytes   11/7/2015 17:17:00
AESCN.DLL      : 8.3.4.0       141216 Bytes  11/13/2015 18:05:28
AESCRIPT.DLL   : 8.3.0.18      547968 Bytes  12/29/2015 20:00:20
AEVDF.DLL      : 8.3.2.4       141216 Bytes  11/20/2015 21:25:05
AVWINLL.DLL    : 15.0.15.106    28632 Bytes   12/1/2015 20:58:20
AVPREF.DLL     : 15.0.15.106    54896 Bytes   12/1/2015 20:58:23
AVREP.DLL      : 15.0.15.106   225320 Bytes   12/1/2015 20:58:23
AVARKT.DLL     : 15.0.15.106   231032 Bytes   12/1/2015 20:58:21
AVEVTLOG.DLL   : 15.0.15.106   200632 Bytes   12/1/2015 20:58:21
SQLITE3.DLL    : 15.0.15.106   460704 Bytes   12/1/2015 20:58:33
AVSMTP.DLL     : 15.0.15.106    82120 Bytes   12/1/2015 20:58:24
NETNT.DLL      : 15.0.15.106    18792 Bytes   12/1/2015 20:58:32
CommonImageRc.dll: 15.0.15.106  4309752 Bytes   12/1/2015 20:58:20
CommonTextRc.dll: 15.0.15.106    70784 Bytes   12/1/2015 20:58:20

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Schnelle Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\quicksysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Intelligente Dateiauswahl
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Abweichende Gefahrenkategorien........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Beginn des Suchlaufs: Tuesday, December 29, 2015  21:01

Der Suchlauf über die Bootsektoren wird begonnen:

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '106' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvSCPAPISvr.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'MsMpEng.exe' - '94' Modul(e) wurden durchsucht
Durchsuche Prozess 'atiesrxx.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '126' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '161' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'atieclxx.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvxdsync.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '164' Modul(e) wurden durchsucht
Durchsuche Prozess 'msseces.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvBackend.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'HsMgr.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'HsMgr64.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '134' Modul(e) wurden durchsucht
Durchsuche Prozess 'nusb3mon.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'GfExperienceService.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'pdf24.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'ASUSAUDIOCENTER.EXE' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvNetworkService.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtray.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.ServiceHost.exe' - '132' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSvcM.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvStreamNetworkService.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'winamp.exe' - '138' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'NisSrv.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '105' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.Systray.exe' - '130' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'TrustedInstaller.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'AAM Updates Notifier.exe' - '88' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '117' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '3831' Dateien ).



Ende des Suchlaufs: Tuesday, December 29, 2015  21:02
Benötigte Zeit: 00:41 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

      0 Verzeichnisse wurden überprüft
   4734 Dateien wurden geprüft
      0 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      0 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
   4734 Dateien ohne Befall
     22 Archive wurden durchsucht
      0 Warnungen
      0 Hinweise

Ob es nützt, weiß ich nicht, hier aber der Header der Mail:
(Die Adressen habe ich aus dem Thread entfernt, sind Leute, deren Adressen "irgendwo" auf dem Mailaccount zu finden sind. Verteilerlisten etc.)

Code:

ATTFilter

Delivered-To: @gmail.com
Received: by 10.55.120.197 with SMTP id t188csp6453033qkc;
        Thu, 31 Dec 2015 01:11:43 -0800 (PST)
X-Received: by 10.28.131.70 with SMTP id f67mr20984676wmd.66.1451553103310;
        Thu, 31 Dec 2015 01:11:43 -0800 (PST)
Return-Path: <benjay@freakmail.de>
Received: from mailbox.xtra.pl (mailbox.xtra.pl. [212.14.56.8])
        by mx.google.com with ESMTP id x203si104029154wmx.3.2015.12.31.01.11.43
        for <@gmail.com>;
        Thu, 31 Dec 2015 01:11:43 -0800 (PST)
Received-SPF: neutral (google.com: 212.14.56.8 is neither permitted nor denied by best guess record for domain of benjay@freakmail.de) client-ip=212.14.56.8;
Authentication-Results: mx.google.com;
       spf=neutral (google.com: 212.14.56.8 is neither permitted nor denied by best guess record for domain of benjay@freakmail.de) smtp.mailfrom=benjay@freakmail.de
Received: by mailbox.xtra.pl (Postfix, from userid 110)
	id DF7D983C5; Thu, 31 Dec 2015 10:11:42 +0100 (CET)
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on mailbox.xtra.pl
X-Spam-Level: 
X-Spam-Status: No, score=-0.3 required=5.0 tests=ALL_TRUSTED,BAYES_00,
	DATE_IN_FUTURE_12_24,HTML_MESSAGE,URIBL_BLACK autolearn=no version=3.2.5
Received: from efyv.net (unknown [46.120.59.148])
	by mailbox.xtra.pl (Postfix) with ESMTPSA id 48CFB83C4;
	Thu, 31 Dec 2015 10:11:41 +0100 (CET)
From:  <benjay@freakmail.de>
To: 
Subject: Fw: new message
Date: Thu, 31 Dec 2015 17:08:01 -0800
Message-ID: <0000e12c5431$f4e8b061$3102e717$@freakmail.de>
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----=_NextPart_000_0001_6E97054C.1A16CE81"
X-Mailer: Microsoft Outlook 15.0
Thread-Index: AdE6q4livu79tGH7d5P3aDW4ipT8Sg==
Content-Language: en-us

This is a multipart message in MIME format.

------=_NextPart_000_0001_6E97054C.1A16CE81
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

Hey!

 

Open message <hxxp://flooring-tile.co.uk/took.php?yqr>

 

benjay@freakmail.de


------=_NextPart_000_0001_6E97054C.1A16CE81
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas=
-microsoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:off=
ice:word" xmlns:m=3D"hxxp://schemas.microsoft.com/office/2004/12/omml"=
 xmlns=3D"hxxp://www.w3.org/TR/REC-html40"><head><META HTTP-EQUIV=3D"C=
ontent-Type" CONTENT=3D"text/html; charset=3Dus-ascii"><meta name=3DGe=
nerator content=3D"Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0cm;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri",sans-serif;
	mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:#0563C1;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:#954F72;
	text-decoration:underline;}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:"Calibri",sans-serif;
	color:windowtext;}
=2EMsoChpDefault
	{mso-style-type:export-only;
	font-family:"Calibri",sans-serif;
	mso-fareast-language:EN-US;}
@page WordSection1
	{size:612.0pt 792.0pt;
	margin:2.0cm 42.5pt 2.0cm 3.0cm;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]--></head><body lang=3DEN link=3D"#0563=
C1" vlink=3D"#954F72"><div class=3DWordSection1><p class=3DMsoNormal><=
span lang=3DEN-US>Hey!<o:p></o:p></span></p><p class=3DMsoNormal><span=
 lang=3DEN-US><o:p>&nbsp;</o:p></span></p><p class=3DMsoNormal><span l=
ang=3DEN-US><b>Open message</b> <a href=3D"hxxp://flooring-tile.co.uk/=
took.php?yqr">hxxp://flooring-tile.co.uk/took.php</a><o:p></o:p></span=
></p><p class=3DMsoNormal><span lang=3DEN-US><o:p>&nbsp;</o:p></span><=
/p><p class=3DMsoNormal><span lang=3DEN-US>benjay@freakmail.de<o:p></o=
:p></span></p></div></body></html>

------=_NextPart_000_0001_6E97054C.1A16CE81--

deeprybka · 03.01.2016, 15:36

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Schritt 1
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

benjay · 04.01.2016, 15:55

Hallo Jürgen,
vielen Dank, dass du dich meiner Sache annimmst. Hier das Log

Code:

ATTFilter

15:53:45.0888 0x0b88  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
15:53:49.0368 0x0b88  ============================================================
15:53:49.0368 0x0b88  Current date / time: 2016/01/04 15:53:49.0368
15:53:49.0368 0x0b88  SystemInfo:
15:53:49.0368 0x0b88  
15:53:49.0368 0x0b88  OS Version: 6.1.7601 ServicePack: 1.0
15:53:49.0368 0x0b88  Product type: Workstation
15:53:49.0368 0x0b88  ComputerName: BENJAY-PC
15:53:49.0369 0x0b88  UserName: benjay
15:53:49.0369 0x0b88  Windows directory: C:\Windows
15:53:49.0369 0x0b88  System windows directory: C:\Windows
15:53:49.0369 0x0b88  Running under WOW64
15:53:49.0369 0x0b88  Processor architecture: Intel x64
15:53:49.0369 0x0b88  Number of processors: 4
15:53:49.0369 0x0b88  Page size: 0x1000
15:53:49.0369 0x0b88  Boot type: Normal boot
15:53:49.0369 0x0b88  ============================================================
15:53:50.0535 0x0b88  KLMD registered as C:\Windows\system32\drivers\93519189.sys
15:53:51.0488 0x0b88  System UUID: {CB580BE7-8DD2-5970-BC23-270049115F63}
15:53:51.0936 0x0b88  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:53:51.0936 0x0b88  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:53:51.0937 0x0b88  Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:53:51.0941 0x0b88  ============================================================
15:53:51.0941 0x0b88  \Device\Harddisk0\DR0:
15:53:51.0941 0x0b88  MBR partitions:
15:53:51.0941 0x0b88  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:53:51.0941 0x0b88  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
15:53:51.0941 0x0b88  \Device\Harddisk1\DR1:
15:53:51.0941 0x0b88  MBR partitions:
15:53:51.0941 0x0b88  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:53:51.0941 0x0b88  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC705800
15:53:51.0941 0x0b88  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0xC738000, BlocksNum 0x1E848000
15:53:51.0941 0x0b88  \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x2AF80000, BlocksNum 0x49786000
15:53:51.0941 0x0b88  \Device\Harddisk2\DR2:
15:53:51.0941 0x0b88  MBR partitions:
15:53:51.0941 0x0b88  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
15:53:51.0941 0x0b88  ============================================================
15:53:51.0943 0x0b88  C: <-> \Device\Harddisk0\DR0\Partition2
15:53:51.0952 0x0b88  E: <-> \Device\Harddisk1\DR1\Partition1
15:53:52.0372 0x0b88  F: <-> \Device\Harddisk2\DR2\Partition1
15:53:52.0381 0x0b88  G: <-> \Device\Harddisk1\DR1\Partition2
15:53:52.0399 0x0b88  H: <-> \Device\Harddisk1\DR1\Partition3
15:53:52.0419 0x0b88  I: <-> \Device\Harddisk1\DR1\Partition4
15:53:52.0419 0x0b88  ============================================================
15:53:52.0419 0x0b88  Initialize success
15:53:52.0419 0x0b88  ============================================================
15:53:54.0287 0x00ac  ============================================================
15:53:54.0287 0x00ac  Scan started
15:53:54.0287 0x00ac  Mode: Manual; 
15:53:54.0287 0x00ac  ============================================================
15:53:54.0287 0x00ac  KSN ping started
15:54:08.0616 0x00ac  KSN ping finished: true
15:54:10.0481 0x00ac  ================ Scan system memory ========================
15:54:10.0481 0x00ac  System memory - ok
15:54:10.0482 0x00ac  ================ Scan services =============================
15:54:10.0508 0x00ac  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:54:10.0514 0x00ac  1394ohci - ok
15:54:10.0530 0x00ac  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:54:10.0537 0x00ac  ACPI - ok
15:54:10.0540 0x00ac  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:54:10.0544 0x00ac  AcpiPmi - ok
15:54:10.0552 0x00ac  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
15:54:10.0562 0x00ac  Adobe LM Service - ok
15:54:10.0584 0x00ac  [ 84DB0A40692CF8A58D1E3710FA5D121F, 0C29C59CAF056C79F56957DB06A8CF480D5BD7BDF6A4F0E9A72653806CF154D0 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:54:10.0642 0x00ac  AdobeFlashPlayerUpdateSvc - ok
15:54:10.0654 0x00ac  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:54:10.0670 0x00ac  adp94xx - ok
15:54:10.0679 0x00ac  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:54:10.0693 0x00ac  adpahci - ok
15:54:10.0698 0x00ac  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:54:10.0707 0x00ac  adpu320 - ok
15:54:10.0712 0x00ac  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:54:10.0714 0x00ac  AeLookupSvc - ok
15:54:10.0725 0x00ac  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
15:54:10.0748 0x00ac  AFD - ok
15:54:10.0752 0x00ac  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:54:10.0754 0x00ac  agp440 - ok
15:54:10.0758 0x00ac  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:54:10.0760 0x00ac  ALG - ok
15:54:10.0763 0x00ac  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:54:10.0767 0x00ac  aliide - ok
15:54:10.0774 0x00ac  [ E20DDDFBD0DBE7D8EAD4D7A51D654367, 62164C58655318E7453C6136BE845091D6244A69BD762F1D588605670BA66B12 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:54:10.0783 0x00ac  AMD External Events Utility - ok
15:54:10.0786 0x00ac  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:54:10.0790 0x00ac  amdide - ok
15:54:10.0794 0x00ac  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:54:10.0801 0x00ac  AmdK8 - ok
15:54:11.0019 0x00ac  [ 4284FB1240537A33E6EC417EFD87D40F, DAD37EBDCD57C8559FD9395AED7FA85BCA1EDB0337CD2A4F7613E869D859B3F2 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:54:11.0263 0x00ac  amdkmdag - ok
15:54:11.0280 0x00ac  [ 6C25C497E05EFD0CB6033A0444FC9B51, 318318F06545869D5E17C6CC9E48109790C2F3A5E65779CB1569A10610136B34 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
15:54:11.0295 0x00ac  amdkmdap - ok
15:54:11.0298 0x00ac  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:54:11.0305 0x00ac  AmdPPM - ok
15:54:11.0310 0x00ac  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:54:11.0316 0x00ac  amdsata - ok
15:54:11.0322 0x00ac  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:54:11.0331 0x00ac  amdsbs - ok
15:54:11.0333 0x00ac  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:54:11.0337 0x00ac  amdxata - ok
15:54:11.0361 0x00ac  [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
15:54:11.0382 0x00ac  AntiVirMailService - ok
15:54:11.0396 0x00ac  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:54:11.0403 0x00ac  AntiVirSchedulerService - ok
15:54:11.0416 0x00ac  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:54:11.0422 0x00ac  AntiVirService - ok
15:54:11.0449 0x00ac  [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
15:54:11.0478 0x00ac  AntiVirWebService - ok
15:54:11.0484 0x00ac  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
15:54:11.0487 0x00ac  AppID - ok
15:54:11.0489 0x00ac  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:54:11.0491 0x00ac  AppIDSvc - ok
15:54:11.0494 0x00ac  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
15:54:11.0497 0x00ac  Appinfo - ok
15:54:11.0504 0x00ac  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:54:11.0509 0x00ac  AppMgmt - ok
15:54:11.0513 0x00ac  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:54:11.0521 0x00ac  arc - ok
15:54:11.0524 0x00ac  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:54:11.0532 0x00ac  arcsas - ok
15:54:11.0542 0x00ac  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:54:11.0553 0x00ac  aspnet_state - ok
15:54:11.0556 0x00ac  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:54:11.0557 0x00ac  AsyncMac - ok
15:54:11.0559 0x00ac  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:54:11.0561 0x00ac  atapi - ok
15:54:11.0598 0x00ac  [ EA0AF9B866DF07E8FE6C2342585788B0, BE8E799C1ED36B9DC6BEAB40E8B460464C01014DEC021760FB19626C77550792 ] athur           C:\Windows\system32\DRIVERS\athurx.sys
15:54:11.0643 0x00ac  athur - ok
15:54:11.0862 0x00ac  [ 4284FB1240537A33E6EC417EFD87D40F, DAD37EBDCD57C8559FD9395AED7FA85BCA1EDB0337CD2A4F7613E869D859B3F2 ] atikmdag        C:\Windows\system32\drivers\atikmdag.sys
15:54:12.0021 0x00ac  atikmdag - ok
15:54:12.0039 0x00ac  [ 64F07381335E37C142F6D176705FFCA6, 8F7F633B891FE653D3298578897711A04E7B2B08E51CEE131C50102EFD45AC0E ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
15:54:12.0056 0x00ac  atksgt - ok
15:54:12.0071 0x00ac  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:54:12.0084 0x00ac  AudioEndpointBuilder - ok
15:54:12.0098 0x00ac  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:54:12.0108 0x00ac  AudioSrv - ok
15:54:12.0116 0x00ac  [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
15:54:12.0123 0x00ac  avgntflt - ok
15:54:12.0128 0x00ac  [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
15:54:12.0136 0x00ac  avipbb - ok
15:54:12.0146 0x00ac  [ 2027E82463B6F6BB4D2A5BAF09202BA8, 7E61DEAC45F710F62C388177B43D99F3C39B89CEFCEFCC581DF12201C8CDB23C ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
15:54:12.0149 0x00ac  Avira.ServiceHost - ok
15:54:12.0152 0x00ac  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
15:54:12.0157 0x00ac  avkmgr - ok
15:54:12.0161 0x00ac  [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
15:54:12.0167 0x00ac  avnetflt - ok
15:54:12.0172 0x00ac  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:54:12.0174 0x00ac  AxInstSV - ok
15:54:12.0186 0x00ac  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
15:54:12.0202 0x00ac  b06bdrv - ok
15:54:12.0211 0x00ac  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:54:12.0222 0x00ac  b57nd60a - ok
15:54:12.0228 0x00ac  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:54:12.0231 0x00ac  BDESVC - ok
15:54:12.0233 0x00ac  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:54:12.0234 0x00ac  Beep - ok
15:54:12.0251 0x00ac  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:54:12.0263 0x00ac  BFE - ok
15:54:12.0282 0x00ac  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:54:12.0298 0x00ac  BITS - ok
15:54:12.0303 0x00ac  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:54:12.0308 0x00ac  blbdrive - ok
15:54:12.0312 0x00ac  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:54:12.0313 0x00ac  bowser - ok
15:54:12.0317 0x00ac  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:54:12.0321 0x00ac  BrFiltLo - ok
15:54:12.0323 0x00ac  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:54:12.0326 0x00ac  BrFiltUp - ok
15:54:12.0331 0x00ac  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
15:54:12.0333 0x00ac  BridgeMP - ok
15:54:12.0338 0x00ac  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:54:12.0342 0x00ac  Browser - ok
15:54:12.0349 0x00ac  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:54:12.0361 0x00ac  Brserid - ok
15:54:12.0364 0x00ac  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:54:12.0371 0x00ac  BrSerWdm - ok
15:54:12.0372 0x00ac  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:54:12.0376 0x00ac  BrUsbMdm - ok
15:54:12.0378 0x00ac  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:54:12.0383 0x00ac  BrUsbSer - ok
15:54:12.0386 0x00ac  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:54:12.0392 0x00ac  BTHMODEM - ok
15:54:12.0397 0x00ac  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:54:12.0399 0x00ac  bthserv - ok
15:54:12.0401 0x00ac  catchme - ok
15:54:12.0406 0x00ac  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:54:12.0408 0x00ac  cdfs - ok
15:54:12.0413 0x00ac  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:54:12.0417 0x00ac  cdrom - ok
15:54:12.0422 0x00ac  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:54:12.0424 0x00ac  CertPropSvc - ok
15:54:12.0428 0x00ac  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:54:12.0434 0x00ac  circlass - ok
15:54:12.0443 0x00ac  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
15:54:12.0451 0x00ac  CLFS - ok
15:54:12.0456 0x00ac  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:54:12.0459 0x00ac  clr_optimization_v2.0.50727_32 - ok
15:54:12.0464 0x00ac  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:54:12.0468 0x00ac  clr_optimization_v2.0.50727_64 - ok
15:54:12.0476 0x00ac  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:54:12.0497 0x00ac  clr_optimization_v4.0.30319_32 - ok
15:54:12.0502 0x00ac  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:54:12.0521 0x00ac  clr_optimization_v4.0.30319_64 - ok
15:54:12.0523 0x00ac  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:54:12.0528 0x00ac  CmBatt - ok
15:54:12.0531 0x00ac  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:54:12.0534 0x00ac  cmdide - ok
15:54:12.0587 0x00ac  [ 2A01CA9628F36208A7D188F34B295192, 336532A03600759C8D243A0E8AAE334EB741EFE89165C1BE08339AE1EC5838B1 ] cmudaxp         C:\Windows\system32\drivers\cmudaxp.sys
15:54:12.0664 0x00ac  cmudaxp - ok
15:54:12.0678 0x00ac  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
15:54:12.0687 0x00ac  CNG - ok
15:54:12.0691 0x00ac  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:54:12.0696 0x00ac  Compbatt - ok
15:54:12.0699 0x00ac  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:54:12.0701 0x00ac  CompositeBus - ok
15:54:12.0702 0x00ac  COMSysApp - ok
15:54:12.0706 0x00ac  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:54:12.0711 0x00ac  crcdisk - ok
15:54:12.0717 0x00ac  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:54:12.0722 0x00ac  CryptSvc - ok
15:54:12.0733 0x00ac  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
15:54:12.0744 0x00ac  CSC - ok
15:54:12.0759 0x00ac  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
15:54:12.0772 0x00ac  CscService - ok
15:54:12.0784 0x00ac  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:54:12.0796 0x00ac  DcomLaunch - ok
15:54:12.0804 0x00ac  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:54:12.0811 0x00ac  defragsvc - ok
15:54:12.0817 0x00ac  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:54:12.0819 0x00ac  DfsC - ok
15:54:12.0828 0x00ac  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:54:12.0834 0x00ac  Dhcp - ok
15:54:12.0838 0x00ac  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:54:12.0839 0x00ac  discache - ok
15:54:12.0844 0x00ac  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:54:12.0846 0x00ac  Disk - ok
15:54:12.0852 0x00ac  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:54:12.0857 0x00ac  Dnscache - ok
15:54:12.0864 0x00ac  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:54:12.0871 0x00ac  dot3svc - ok
15:54:12.0876 0x00ac  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:54:12.0879 0x00ac  DPS - ok
15:54:12.0882 0x00ac  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:54:12.0883 0x00ac  drmkaud - ok
15:54:12.0892 0x00ac  [ 400582B09E0BB557D0EC28A945150EEB, 605AC0DF14F9F64B72604968CC4C02725E8D5C879D6DB1B2B5D9598B902FC9D0 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:54:12.0896 0x00ac  dtsoftbus01 - ok
15:54:12.0916 0x00ac  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:54:12.0929 0x00ac  DXGKrnl - ok
15:54:12.0934 0x00ac  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:54:12.0938 0x00ac  EapHost - ok
15:54:12.0999 0x00ac  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
15:54:13.0068 0x00ac  ebdrv - ok
15:54:13.0073 0x00ac  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS             C:\Windows\System32\lsass.exe
15:54:13.0082 0x00ac  EFS - ok
15:54:13.0098 0x00ac  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:54:13.0108 0x00ac  ehRecvr - ok
15:54:13.0113 0x00ac  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:54:13.0116 0x00ac  ehSched - ok
15:54:13.0128 0x00ac  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:54:13.0144 0x00ac  elxstor - ok
15:54:13.0147 0x00ac  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:54:13.0148 0x00ac  ErrDev - ok
15:54:13.0161 0x00ac  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:54:13.0168 0x00ac  EventSystem - ok
15:54:13.0172 0x00ac  [ A0539478593A00AA64E600CF7E19F195, BD835D70F3EE9BFEFFABE747AD65BC97C73AD8042F653BF93535277FB0CBD4CE ] EvolveVirtualAdapter C:\Windows\system32\DRIVERS\evolve.sys
15:54:13.0186 0x00ac  EvolveVirtualAdapter - ok
15:54:13.0192 0x00ac  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:54:13.0197 0x00ac  exfat - ok
15:54:13.0203 0x00ac  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:54:13.0208 0x00ac  fastfat - ok
15:54:13.0224 0x00ac  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:54:13.0238 0x00ac  Fax - ok
15:54:13.0241 0x00ac  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:54:13.0245 0x00ac  fdc - ok
15:54:13.0249 0x00ac  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:54:13.0250 0x00ac  fdPHost - ok
15:54:13.0253 0x00ac  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:54:13.0255 0x00ac  FDResPub - ok
15:54:13.0258 0x00ac  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:54:13.0260 0x00ac  FileInfo - ok
15:54:13.0263 0x00ac  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:54:13.0264 0x00ac  Filetrace - ok
15:54:13.0267 0x00ac  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:54:13.0272 0x00ac  flpydisk - ok
15:54:13.0279 0x00ac  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:54:13.0285 0x00ac  FltMgr - ok
15:54:13.0308 0x00ac  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
15:54:13.0345 0x00ac  FontCache - ok
15:54:13.0350 0x00ac  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:54:13.0354 0x00ac  FontCache3.0.0.0 - ok
15:54:13.0357 0x00ac  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:54:13.0359 0x00ac  FsDepends - ok
15:54:13.0362 0x00ac  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:54:13.0363 0x00ac  Fs_Rec - ok
15:54:13.0369 0x00ac  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:54:13.0374 0x00ac  fvevol - ok
15:54:13.0378 0x00ac  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:54:13.0385 0x00ac  gagp30kx - ok
15:54:13.0410 0x00ac  [ 7F18FB86E1023DDB80874CEA671442D5, BA236CD30A6932DC439DCA1DD4B06B7DF9181B1EC3654A72D05DFD70949C5E06 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
15:54:13.0428 0x00ac  GfExperienceService - ok
15:54:13.0445 0x00ac  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:54:13.0462 0x00ac  gpsvc - ok
15:54:13.0469 0x00ac  [ 0C03FB91E17987EED93F60007B08DAA0, BF4549F45FA1B291339E5053738B95BA50F021225F294F7B1ED9DACBD09BA426 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:54:13.0478 0x00ac  gupdate - ok
15:54:13.0484 0x00ac  [ 0C03FB91E17987EED93F60007B08DAA0, BF4549F45FA1B291339E5053738B95BA50F021225F294F7B1ED9DACBD09BA426 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:54:13.0487 0x00ac  gupdatem - ok
15:54:13.0489 0x00ac  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:54:13.0495 0x00ac  hcw85cir - ok
15:54:13.0504 0x00ac  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:54:13.0512 0x00ac  HdAudAddService - ok
15:54:13.0517 0x00ac  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:54:13.0519 0x00ac  HDAudBus - ok
15:54:13.0523 0x00ac  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:54:13.0528 0x00ac  HidBatt - ok
15:54:13.0532 0x00ac  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:54:13.0538 0x00ac  HidBth - ok
15:54:13.0542 0x00ac  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:54:13.0547 0x00ac  HidIr - ok
15:54:13.0550 0x00ac  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
15:54:13.0552 0x00ac  hidserv - ok
15:54:13.0555 0x00ac  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:54:13.0557 0x00ac  HidUsb - ok
15:54:13.0562 0x00ac  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:54:13.0564 0x00ac  hkmsvc - ok
15:54:13.0573 0x00ac  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:54:13.0578 0x00ac  HomeGroupListener - ok
15:54:13.0584 0x00ac  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:54:13.0590 0x00ac  HomeGroupProvider - ok
15:54:13.0594 0x00ac  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:54:13.0600 0x00ac  HpSAMD - ok
15:54:13.0617 0x00ac  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:54:13.0630 0x00ac  HTTP - ok
15:54:13.0633 0x00ac  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:54:13.0634 0x00ac  hwpolicy - ok
15:54:13.0639 0x00ac  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:54:13.0642 0x00ac  i8042prt - ok
15:54:13.0652 0x00ac  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:54:13.0665 0x00ac  iaStorV - ok
15:54:13.0684 0x00ac  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:54:13.0700 0x00ac  idsvc - ok
15:54:13.0704 0x00ac  IEEtwCollectorService - ok
15:54:13.0708 0x00ac  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:54:13.0713 0x00ac  iirsp - ok
15:54:13.0730 0x00ac  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:54:13.0747 0x00ac  IKEEXT - ok
15:54:13.0752 0x00ac  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:54:13.0755 0x00ac  intelide - ok
15:54:13.0759 0x00ac  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:54:13.0760 0x00ac  intelppm - ok
15:54:13.0765 0x00ac  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:54:13.0768 0x00ac  IPBusEnum - ok
15:54:13.0772 0x00ac  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:54:13.0774 0x00ac  IpFilterDriver - ok
15:54:13.0788 0x00ac  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:54:13.0799 0x00ac  iphlpsvc - ok
15:54:13.0803 0x00ac  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:54:13.0805 0x1470  Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
15:54:13.0812 0x00ac  IPMIDRV - ok
15:54:13.0817 0x00ac  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:54:13.0819 0x00ac  IPNAT - ok
15:54:13.0822 0x00ac  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:54:13.0823 0x00ac  IRENUM - ok
15:54:13.0827 0x00ac  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:54:13.0828 0x00ac  isapnp - ok
15:54:13.0834 0x00ac  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:54:13.0840 0x00ac  iScsiPrt - ok
15:54:13.0844 0x00ac  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:54:13.0845 0x00ac  kbdclass - ok
15:54:13.0848 0x00ac  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:54:13.0849 0x00ac  kbdhid - ok
15:54:13.0853 0x00ac  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso          C:\Windows\system32\lsass.exe
15:54:13.0853 0x00ac  KeyIso - ok
15:54:13.0858 0x00ac  [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:54:13.0859 0x00ac  KSecDD - ok
15:54:13.0865 0x00ac  [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:54:13.0869 0x00ac  KSecPkg - ok
15:54:13.0872 0x00ac  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:54:13.0873 0x00ac  ksthunk - ok
15:54:13.0882 0x00ac  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:54:13.0890 0x00ac  KtmRm - ok
15:54:13.0898 0x00ac  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
15:54:13.0903 0x00ac  LanmanServer - ok
15:54:13.0908 0x00ac  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:54:13.0912 0x00ac  LanmanWorkstation - ok
15:54:13.0918 0x00ac  [ 83BA097ACAAD0B00505634A62D90F93A, 6F1FE2F413A4A939D2D921F537EBB9330E2A65A7C38BD380CF9405792FD03052 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
15:54:13.0922 0x00ac  lirsgt - ok
15:54:13.0925 0x00ac  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:54:13.0927 0x00ac  lltdio - ok
15:54:13.0934 0x00ac  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:54:13.0942 0x00ac  lltdsvc - ok
15:54:13.0944 0x00ac  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:54:13.0947 0x00ac  lmhosts - ok
15:54:13.0952 0x00ac  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:54:13.0958 0x00ac  LSI_FC - ok
15:54:13.0962 0x00ac  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:54:13.0968 0x00ac  LSI_SAS - ok
15:54:13.0972 0x00ac  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:54:13.0978 0x00ac  LSI_SAS2 - ok
15:54:13.0983 0x00ac  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:54:13.0989 0x00ac  LSI_SCSI - ok
15:54:13.0994 0x00ac  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:54:13.0996 0x00ac  luafv - ok
15:54:13.0999 0x00ac  [ 4A503882318BB2F59218D401614E6AF6, 678FDE29EAE20353E780F53CFB9E79EA8B43E1E8BAC77890C178918DC5CCBA0E ] lvpepf64        C:\Windows\system32\DRIVERS\lv302a64.sys
15:54:14.0004 0x00ac  lvpepf64 - ok
15:54:14.0012 0x00ac  [ 125AE13C293889001B8456CF3EB04A40, EB4B7135691935A9AC515099ED8C2767BC02308068AB9BEB2869B6E841268848 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
15:54:14.0026 0x00ac  LVRS64 - ok
15:54:14.0028 0x00ac  Maplom - ok
15:54:14.0030 0x00ac  MaplomL - ok
15:54:14.0034 0x00ac  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:54:14.0038 0x00ac  MBAMProtector - ok
15:54:14.0063 0x00ac  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
15:54:14.0087 0x00ac  MBAMService - ok
15:54:14.0092 0x00ac  [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
15:54:14.0098 0x00ac  MBAMWebAccessControl - ok
15:54:14.0102 0x00ac  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:54:14.0105 0x00ac  Mcx2Svc - ok
15:54:14.0108 0x00ac  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:54:14.0113 0x00ac  megasas - ok
15:54:14.0121 0x00ac  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:54:14.0132 0x00ac  MegaSR - ok
15:54:14.0137 0x00ac  [ 86614752D2FAE34CCD9E7B2AABA5FBEC, AD5ADDACE7679B6BCCBFA3F3AFA7312B9A4CB2A0E79E199D609D2A8BB20C1723 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
15:54:14.0142 0x00ac  MEIx64 - ok
15:54:14.0146 0x00ac  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:54:14.0148 0x00ac  MMCSS - ok
15:54:14.0151 0x00ac  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:54:14.0153 0x00ac  Modem - ok
15:54:14.0156 0x00ac  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:54:14.0157 0x00ac  monitor - ok
15:54:14.0161 0x00ac  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:54:14.0162 0x00ac  mouclass - ok
15:54:14.0165 0x00ac  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:54:14.0166 0x00ac  mouhid - ok
15:54:14.0170 0x00ac  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:54:14.0172 0x00ac  mountmgr - ok
15:54:14.0178 0x00ac  [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:54:14.0188 0x00ac  MozillaMaintenance - ok
15:54:14.0197 0x00ac  [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:54:14.0210 0x00ac  MpFilter - ok
15:54:14.0216 0x00ac  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:54:14.0220 0x00ac  mpio - ok
15:54:14.0223 0x00ac  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:54:14.0226 0x00ac  mpsdrv - ok
15:54:14.0243 0x00ac  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:54:14.0260 0x00ac  MpsSvc - ok
15:54:14.0265 0x00ac  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:54:14.0270 0x00ac  MRxDAV - ok
15:54:14.0275 0x00ac  [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:54:14.0285 0x00ac  mrxsmb - ok
15:54:14.0292 0x00ac  [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:54:14.0307 0x00ac  mrxsmb10 - ok
15:54:14.0311 0x00ac  [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:54:14.0320 0x00ac  mrxsmb20 - ok
15:54:14.0323 0x00ac  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:54:14.0328 0x00ac  msahci - ok
15:54:14.0333 0x00ac  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:54:14.0337 0x00ac  msdsm - ok
15:54:14.0342 0x00ac  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:54:14.0346 0x00ac  MSDTC - ok
15:54:14.0351 0x00ac  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:54:14.0352 0x00ac  Msfs - ok
15:54:14.0355 0x00ac  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:54:14.0356 0x00ac  mshidkmdf - ok
15:54:14.0358 0x00ac  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:54:14.0358 0x00ac  msisadrv - ok
15:54:14.0365 0x00ac  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:54:14.0370 0x00ac  MSiSCSI - ok
15:54:14.0371 0x00ac  msiserver - ok
15:54:14.0373 0x00ac  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:54:14.0375 0x00ac  MSKSSRV - ok
15:54:14.0381 0x00ac  [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:54:14.0381 0x00ac  MsMpSvc - ok
15:54:14.0383 0x00ac  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:54:14.0385 0x00ac  MSPCLOCK - ok
15:54:14.0387 0x00ac  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:54:14.0388 0x00ac  MSPQM - ok
15:54:14.0397 0x00ac  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:54:14.0405 0x00ac  MsRPC - ok
15:54:14.0408 0x00ac  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:54:14.0410 0x00ac  mssmbios - ok
15:54:14.0412 0x00ac  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:54:14.0413 0x00ac  MSTEE - ok
15:54:14.0416 0x00ac  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:54:14.0420 0x00ac  MTConfig - ok
15:54:14.0423 0x00ac  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:54:14.0425 0x00ac  Mup - ok
15:54:14.0436 0x00ac  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:54:14.0445 0x00ac  napagent - ok
15:54:14.0453 0x00ac  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:54:14.0458 0x00ac  NativeWifiP - ok
15:54:14.0478 0x00ac  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:54:14.0496 0x00ac  NDIS - ok
15:54:14.0500 0x00ac  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:54:14.0501 0x00ac  NdisCap - ok
15:54:14.0503 0x00ac  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:54:14.0505 0x00ac  NdisTapi - ok
15:54:14.0508 0x00ac  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:54:14.0510 0x00ac  Ndisuio - ok
15:54:14.0515 0x00ac  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:54:14.0520 0x00ac  NdisWan - ok
15:54:14.0522 0x00ac  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:54:14.0525 0x00ac  NDProxy - ok
15:54:14.0527 0x00ac  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:54:14.0530 0x00ac  NetBIOS - ok
15:54:14.0536 0x00ac  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:54:14.0542 0x00ac  NetBT - ok
15:54:14.0546 0x00ac  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon        C:\Windows\system32\lsass.exe
15:54:14.0547 0x00ac  Netlogon - ok
15:54:14.0556 0x00ac  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:54:14.0563 0x00ac  Netman - ok
15:54:14.0570 0x00ac  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:54:14.0580 0x00ac  NetMsmqActivator - ok
15:54:14.0583 0x00ac  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:54:14.0586 0x00ac  NetPipeActivator - ok
15:54:14.0597 0x00ac  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:54:14.0606 0x00ac  netprofm - ok
15:54:14.0611 0x00ac  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:54:14.0612 0x00ac  NetTcpActivator - ok
15:54:14.0617 0x00ac  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:54:14.0620 0x00ac  NetTcpPortSharing - ok
15:54:14.0623 0x00ac  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:54:14.0628 0x00ac  nfrd960 - ok
15:54:14.0635 0x00ac  [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:54:14.0641 0x00ac  NisDrv - ok
15:54:14.0642 0x0420  Object required for P2P: [ 2027E82463B6F6BB4D2A5BAF09202BA8 ] Avira.ServiceHost
15:54:14.0651 0x00ac  [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
15:54:14.0656 0x00ac  NisSrv - ok
15:54:14.0665 0x00ac  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:54:14.0672 0x00ac  NlaSvc - ok
15:54:14.0675 0x00ac  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:54:14.0676 0x00ac  Npfs - ok
15:54:14.0680 0x00ac  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:54:14.0681 0x00ac  nsi - ok
15:54:14.0683 0x00ac  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:54:14.0685 0x00ac  nsiproxy - ok
15:54:14.0726 0x00ac  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:54:14.0755 0x00ac  Ntfs - ok
15:54:14.0761 0x00ac  [ 1B32C54B95121AB1683C7B83B2DB4B96, 99F4994A0E5BD1BF6E3F637D3225C69FF4CD620557E23637533E7F18D7D6CBA1 ] NTIOLib_1_0_4   C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys
15:54:14.0775 0x00ac  NTIOLib_1_0_4 - ok
15:54:14.0777 0x00ac  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:54:14.0777 0x00ac  Null - ok
15:54:14.0782 0x00ac  [ 0EBC9D13CD96C15B1B18D8678A609E4B, B10896DE16B0C102DFB3E73A6C11A1982C5B428015DAE1F8776BCEF94A0F75C6 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
15:54:14.0788 0x00ac  nusb3hub - ok
15:54:14.0796 0x00ac  [ 7BDEC000D56D485021D9C1E63C2F81CA, 7F1303FD0371AF8715BFC38433B730C797170AEF10C7DB845B7B547DA8DBB5D5 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
15:54:14.0805 0x00ac  nusb3xhc - ok
15:54:14.0811 0x00ac  [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
15:54:14.0827 0x00ac  NVHDA - ok
15:54:15.0012 0x00ac  [ ECC732D5185408FCC323E56D30170848, 7A7A6C410B65DBB1D59653598D7E5414054588BB88505BE68BFFF0378FD555F3 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:54:15.0214 0x00ac  nvlddmkm - ok
15:54:15.0259 0x00ac  [ DB7C6892180C79714EF79F69A788E865, 0E4C109C6F8E8D37447FCE1D7CABCBFAE8E5AA6FD4512150DD17156C9021A6FC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
15:54:15.0288 0x00ac  NvNetworkService - ok
15:54:15.0295 0x00ac  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:54:15.0303 0x00ac  nvraid - ok
15:54:15.0309 0x00ac  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:54:15.0318 0x00ac  nvstor - ok
15:54:15.0322 0x00ac  [ 7308AA5672CC6D14F43C91965DC67200, 573566D94D19F3AEDFB326B0B5987DC52F3802E5F5CAF8C32830660193B93E19 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
15:54:15.0322 0x00ac  NvStreamKms - ok
15:54:15.0324 0x00ac  NvStreamSvc - ok
15:54:15.0344 0x00ac  [ 2AF7D8BCD8912FC16AA15268CDCF2454, 3A2E5ADFC6213A6EA83F78026518EC7EE0DD4BBA7C210CB7A41007BB57DC0636 ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:54:15.0402 0x00ac  nvsvc - ok
15:54:15.0406 0x00ac  [ D0EB00C3BDD50E9CABA534CF829593E8, 6E11117DC30E834C70DC9381A67D057BC2DADA956855A0EEA9801D45C75536B1 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
15:54:15.0420 0x00ac  nvvad_WaveExtensible - ok
15:54:15.0424 0x00ac  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:54:15.0431 0x00ac  nv_agp - ok
15:54:15.0445 0x00ac  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:54:15.0464 0x00ac  odserv - ok
15:54:15.0468 0x00ac  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:54:15.0471 0x00ac  ohci1394 - ok
15:54:15.0478 0x00ac  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:54:15.0488 0x00ac  ose - ok
15:54:15.0497 0x00ac  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:54:15.0504 0x00ac  p2pimsvc - ok
15:54:15.0514 0x00ac  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:54:15.0524 0x00ac  p2psvc - ok
15:54:15.0528 0x00ac  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:54:15.0536 0x00ac  Parport - ok
15:54:15.0539 0x00ac  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:54:15.0542 0x00ac  partmgr - ok
15:54:15.0548 0x00ac  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:54:15.0553 0x00ac  PcaSvc - ok
15:54:15.0559 0x00ac  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:54:15.0563 0x00ac  pci - ok
15:54:15.0566 0x00ac  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:54:15.0567 0x00ac  pciide - ok
15:54:15.0574 0x00ac  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:54:15.0584 0x00ac  pcmcia - ok
15:54:15.0587 0x00ac  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:54:15.0589 0x00ac  pcw - ok
15:54:15.0604 0x00ac  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:54:15.0615 0x00ac  PEAUTH - ok
15:54:15.0641 0x00ac  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:54:15.0667 0x00ac  PeerDistSvc - ok
15:54:15.0679 0x00ac  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:54:15.0681 0x00ac  PerfHost - ok
15:54:15.0736 0x00ac  [ AE0B94363DA0F60D42B9D05B352F61ED, 284EA0123798BDBBAA93F912AD45B3D3F1F662FDDA5C73C0AC0D76AC2F9033C0 ] PID_PEPI        C:\Windows\system32\DRIVERS\LV302V64.SYS
15:54:15.0800 0x00ac  PID_PEPI - ok
15:54:15.0829 0x00ac  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:54:15.0855 0x00ac  pla - ok
15:54:15.0868 0x00ac  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:54:15.0876 0x00ac  PlugPlay - ok
15:54:15.0879 0x00ac  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:54:15.0881 0x00ac  PNRPAutoReg - ok
15:54:15.0890 0x00ac  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:54:15.0895 0x00ac  PNRPsvc - ok
15:54:15.0906 0x00ac  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:54:15.0918 0x00ac  PolicyAgent - ok
15:54:15.0924 0x00ac  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
15:54:15.0928 0x00ac  Power - ok
15:54:15.0933 0x00ac  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:54:15.0935 0x00ac  PptpMiniport - ok
15:54:15.0939 0x00ac  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:54:15.0946 0x00ac  Processor - ok
15:54:15.0953 0x00ac  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:54:15.0958 0x00ac  ProfSvc - ok
15:54:15.0960 0x00ac  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:54:15.0961 0x00ac  ProtectedStorage - ok
15:54:15.0968 0x00ac  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:54:15.0970 0x00ac  Psched - ok
15:54:16.0000 0x00ac  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:54:16.0035 0x00ac  ql2300 - ok
15:54:16.0040 0x00ac  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:54:16.0048 0x00ac  ql40xx - ok
15:54:16.0055 0x00ac  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:54:16.0061 0x00ac  QWAVE - ok
15:54:16.0065 0x00ac  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:54:16.0066 0x00ac  QWAVEdrv - ok
15:54:16.0070 0x00ac  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:54:16.0071 0x00ac  RasAcd - ok
15:54:16.0075 0x00ac  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:54:16.0078 0x00ac  RasAgileVpn - ok
15:54:16.0081 0x00ac  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:54:16.0085 0x00ac  RasAuto - ok
15:54:16.0089 0x00ac  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:54:16.0093 0x00ac  Rasl2tp - ok
15:54:16.0101 0x00ac  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:54:16.0109 0x00ac  RasMan - ok
15:54:16.0114 0x00ac  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:54:16.0116 0x00ac  RasPppoe - ok
15:54:16.0120 0x00ac  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:54:16.0123 0x00ac  RasSstp - ok
15:54:16.0130 0x00ac  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:54:16.0138 0x00ac  rdbss - ok
15:54:16.0140 0x00ac  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:54:16.0143 0x00ac  rdpbus - ok
15:54:16.0145 0x00ac  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:54:16.0145 0x00ac  RDPCDD - ok
15:54:16.0153 0x00ac  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:54:16.0156 0x00ac  RDPDR - ok
15:54:16.0160 0x00ac  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:54:16.0160 0x00ac  RDPENCDD - ok
15:54:16.0164 0x00ac  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:54:16.0165 0x00ac  RDPREFMP - ok
15:54:16.0171 0x00ac  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:54:16.0176 0x00ac  RDPWD - ok
15:54:16.0183 0x00ac  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:54:16.0188 0x00ac  rdyboost - ok
15:54:16.0193 0x00ac  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:54:16.0195 0x00ac  RemoteAccess - ok
15:54:16.0201 0x00ac  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:54:16.0206 0x00ac  RemoteRegistry - ok
15:54:16.0210 0x00ac  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:54:16.0213 0x00ac  RpcEptMapper - ok
15:54:16.0215 0x00ac  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:54:16.0216 0x00ac  RpcLocator - ok
15:54:16.0229 0x00ac  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
15:54:16.0236 0x00ac  RpcSs - ok
15:54:16.0241 0x00ac  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:54:16.0243 0x00ac  rspndr - ok
15:54:16.0248 0x1470  Object send P2P result: true
15:54:16.0248 0x1470  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
15:54:16.0255 0x00ac  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:54:16.0266 0x00ac  RTL8167 - ok
15:54:16.0279 0x00ac  [ 945AB249D12CBE044782430C6013AA1A, 912514C99A8AEEBECBFCB3632520C12F9CB8A8286BE1C70567C8E9D5416320DF ] RTL8187B        C:\Windows\system32\DRIVERS\RTL8187B.sys
15:54:16.0296 0x00ac  RTL8187B - ok
15:54:16.0299 0x00ac  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
15:54:16.0303 0x00ac  s3cap - ok
15:54:16.0305 0x00ac  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs           C:\Windows\system32\lsass.exe
15:54:16.0306 0x00ac  SamSs - ok
15:54:16.0310 0x00ac  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:54:16.0318 0x00ac  sbp2port - ok
15:54:16.0324 0x00ac  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:54:16.0330 0x00ac  SCardSvr - ok
15:54:16.0333 0x00ac  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:54:16.0334 0x00ac  scfilter - ok
15:54:16.0356 0x00ac  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
15:54:16.0378 0x00ac  Schedule - ok
15:54:16.0383 0x00ac  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:54:16.0384 0x00ac  SCPolicySvc - ok
15:54:16.0390 0x00ac  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:54:16.0395 0x00ac  SDRSVC - ok
15:54:16.0399 0x00ac  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:54:16.0403 0x00ac  secdrv - ok
15:54:16.0406 0x00ac  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
15:54:16.0409 0x00ac  seclogon - ok
15:54:16.0411 0x00ac  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
15:54:16.0414 0x00ac  SENS - ok
15:54:16.0418 0x00ac  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:54:16.0420 0x00ac  SensrSvc - ok
15:54:16.0423 0x00ac  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:54:16.0424 0x00ac  Serenum - ok
15:54:16.0429 0x00ac  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:54:16.0431 0x00ac  Serial - ok
15:54:16.0434 0x00ac  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:54:16.0435 0x00ac  sermouse - ok
15:54:16.0443 0x00ac  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:54:16.0446 0x00ac  SessionEnv - ok
15:54:16.0449 0x00ac  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:54:16.0451 0x00ac  sffdisk - ok
15:54:16.0454 0x00ac  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:54:16.0455 0x00ac  sffp_mmc - ok
15:54:16.0458 0x00ac  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:54:16.0459 0x00ac  sffp_sd - ok
15:54:16.0461 0x00ac  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:54:16.0465 0x00ac  sfloppy - ok
15:54:16.0474 0x00ac  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:54:16.0483 0x00ac  SharedAccess - ok
15:54:16.0491 0x00ac  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:54:16.0500 0x00ac  ShellHWDetection - ok
15:54:16.0504 0x00ac  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:54:16.0509 0x00ac  SiSRaid2 - ok
15:54:16.0513 0x00ac  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:54:16.0520 0x00ac  SiSRaid4 - ok
15:54:16.0524 0x00ac  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:54:16.0526 0x00ac  Smb - ok
15:54:16.0531 0x00ac  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:54:16.0533 0x00ac  SNMPTRAP - ok
15:54:16.0535 0x00ac  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:54:16.0536 0x00ac  spldr - ok
15:54:16.0549 0x00ac  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
15:54:16.0558 0x00ac  Spooler - ok
15:54:16.0624 0x00ac  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:54:16.0693 0x00ac  sppsvc - ok
15:54:16.0700 0x00ac  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:54:16.0703 0x00ac  sppuinotify - ok
15:54:16.0705 0x00ac  sptd - ok
15:54:16.0718 0x00ac  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:54:16.0724 0x00ac  srv - ok
15:54:16.0735 0x00ac  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:54:16.0741 0x00ac  srv2 - ok
15:54:16.0748 0x00ac  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:54:16.0750 0x00ac  srvnet - ok
15:54:16.0759 0x00ac  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:54:16.0765 0x00ac  SSDPSRV - ok
15:54:16.0770 0x00ac  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:54:16.0773 0x00ac  SstpSvc - ok
15:54:16.0791 0x00ac  [ A831D5A4D2F5138E332AC1B98315EBB1, 2FF5C256A83ACFB5CEC17B9FA7875048F770B793C37657D6D4E37C70B2F857A8 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:54:17.0039 0x0420  Object send P2P result: true
15:54:17.0073 0x00ac  Steam Client Service - ok
15:54:17.0085 0x00ac  [ 6213F20854FB987119503F9F91C70B9F, E1683753D192B154DBFE1FD03625A2A56F8576CE2A7619B41159B1C718C73B88 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:54:18.0209 0x00ac  Stereo Service - ok
15:54:18.0211 0x00ac  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:54:18.0218 0x00ac  stexstor - ok
15:54:18.0230 0x00ac  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:54:18.0243 0x00ac  stisvc - ok
15:54:18.0248 0x00ac  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
15:54:18.0253 0x00ac  storflt - ok
15:54:18.0255 0x00ac  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
15:54:18.0258 0x00ac  StorSvc - ok
15:54:18.0260 0x00ac  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:54:18.0266 0x00ac  storvsc - ok
15:54:18.0269 0x00ac  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:54:18.0273 0x00ac  swenum - ok
15:54:18.0285 0x00ac  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:54:18.0296 0x00ac  swprv - ok
15:54:18.0330 0x00ac  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
15:54:18.0363 0x00ac  SysMain - ok
15:54:18.0368 0x00ac  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:54:18.0371 0x00ac  TabletInputService - ok
15:54:18.0380 0x00ac  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:54:18.0389 0x00ac  TapiSrv - ok
15:54:18.0393 0x00ac  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
15:54:18.0394 0x00ac  TBS - ok
15:54:18.0430 0x00ac  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:54:18.0464 0x00ac  Tcpip - ok
15:54:18.0501 0x00ac  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:54:18.0526 0x00ac  TCPIP6 - ok
15:54:18.0533 0x00ac  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:54:18.0534 0x00ac  tcpipreg - ok
15:54:18.0538 0x00ac  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:54:18.0539 0x00ac  TDPIPE - ok
15:54:18.0541 0x00ac  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:54:18.0543 0x00ac  TDTCP - ok
15:54:18.0548 0x00ac  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:54:18.0559 0x00ac  tdx - ok
15:54:18.0563 0x00ac  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:54:18.0564 0x00ac  TermDD - ok
15:54:18.0579 0x00ac  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
15:54:18.0593 0x00ac  TermService - ok
15:54:18.0596 0x00ac  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
15:54:18.0599 0x00ac  Themes - ok
15:54:18.0603 0x00ac  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:54:18.0605 0x00ac  THREADORDER - ok
15:54:18.0609 0x00ac  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:54:18.0613 0x00ac  TrkWks - ok
15:54:18.0620 0x00ac  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:54:18.0624 0x00ac  TrustedInstaller - ok
15:54:18.0628 0x00ac  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:54:18.0630 0x00ac  tssecsrv - ok
15:54:18.0633 0x00ac  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:54:18.0635 0x00ac  TsUsbFlt - ok
15:54:18.0640 0x00ac  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:54:18.0643 0x00ac  tunnel - ok
15:54:18.0646 0x00ac  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:54:18.0646 0x1470  Object send P2P result: true
15:54:18.0648 0x1470  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
15:54:18.0653 0x00ac  uagp35 - ok
15:54:18.0661 0x00ac  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:54:18.0669 0x00ac  udfs - ok
15:54:18.0674 0x00ac  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:54:18.0676 0x00ac  UI0Detect - ok
15:54:18.0679 0x00ac  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:54:18.0685 0x00ac  uliagpkx - ok
15:54:18.0689 0x00ac  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
15:54:18.0690 0x00ac  umbus - ok
15:54:18.0693 0x00ac  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:54:18.0696 0x00ac  UmPass - ok
15:54:18.0704 0x00ac  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
15:54:18.0709 0x00ac  UmRdpService - ok
15:54:18.0719 0x00ac  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:54:18.0726 0x00ac  upnphost - ok
15:54:18.0731 0x00ac  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
15:54:18.0735 0x00ac  usbaudio - ok
15:54:18.0739 0x00ac  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:54:18.0751 0x00ac  usbccgp - ok
15:54:18.0756 0x00ac  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:54:18.0765 0x00ac  usbcir - ok
15:54:18.0769 0x00ac  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:54:18.0770 0x00ac  usbehci - ok
15:54:18.0779 0x00ac  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:54:18.0786 0x00ac  usbhub - ok
15:54:18.0790 0x00ac  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:54:18.0791 0x00ac  usbohci - ok
15:54:18.0794 0x00ac  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:54:18.0799 0x00ac  usbprint - ok
15:54:18.0803 0x00ac  [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:54:18.0814 0x00ac  USBSTOR - ok
15:54:18.0816 0x00ac  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:54:18.0818 0x00ac  usbuhci - ok
15:54:18.0821 0x00ac  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:54:18.0824 0x00ac  UxSms - ok
15:54:18.0826 0x00ac  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc        C:\Windows\system32\lsass.exe
15:54:18.0828 0x00ac  VaultSvc - ok
15:54:18.0834 0x00ac  [ 8FD4BE594B4247E534E5D7CADA47FF20, A1D4DF89FAE48B2A6E3443C49533000A3E13A3CE1C18D8DB5DAEE4DDD9C51E88 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
15:54:18.0844 0x00ac  VBoxNetAdp - ok
15:54:18.0846 0x00ac  VBoxNetFlt - ok
15:54:18.0849 0x00ac  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:54:18.0851 0x00ac  vdrvroot - ok
15:54:18.0863 0x00ac  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:54:18.0874 0x00ac  vds - ok
15:54:18.0878 0x00ac  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:54:18.0880 0x00ac  vga - ok
15:54:18.0883 0x00ac  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:54:18.0884 0x00ac  VgaSave - ok
15:54:18.0890 0x00ac  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:54:18.0894 0x00ac  vhdmp - ok
15:54:18.0896 0x00ac  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:54:18.0900 0x00ac  viaide - ok
15:54:18.0906 0x00ac  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:54:18.0918 0x00ac  vmbus - ok
15:54:18.0920 0x00ac  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
15:54:18.0924 0x00ac  VMBusHID - ok
15:54:18.0929 0x00ac  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:54:18.0931 0x00ac  volmgr - ok
15:54:18.0940 0x00ac  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:54:18.0948 0x00ac  volmgrx - ok
15:54:18.0955 0x00ac  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:54:18.0961 0x00ac  volsnap - ok
15:54:18.0968 0x00ac  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:54:18.0976 0x00ac  vsmraid - ok
15:54:19.0006 0x00ac  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:54:19.0036 0x00ac  VSS - ok
15:54:19.0040 0x00ac  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:54:19.0041 0x00ac  vwifibus - ok
15:54:19.0045 0x00ac  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:54:19.0048 0x00ac  vwififlt - ok
15:54:19.0058 0x00ac  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:54:19.0066 0x00ac  W32Time - ok
15:54:19.0070 0x00ac  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:54:19.0074 0x00ac  WacomPen - ok
15:54:19.0079 0x00ac  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:54:19.0081 0x00ac  WANARP - ok
15:54:19.0085 0x00ac  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:54:19.0088 0x00ac  Wanarpv6 - ok
15:54:19.0116 0x00ac  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:54:19.0144 0x00ac  wbengine - ok
15:54:19.0151 0x00ac  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:54:19.0158 0x00ac  WbioSrvc - ok
15:54:19.0166 0x00ac  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:54:19.0175 0x00ac  wcncsvc - ok
15:54:19.0179 0x00ac  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:54:19.0181 0x00ac  WcsPlugInService - ok
15:54:19.0184 0x00ac  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:54:19.0189 0x00ac  Wd - ok
15:54:19.0205 0x00ac  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:54:19.0220 0x00ac  Wdf01000 - ok
15:54:19.0224 0x00ac  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:54:19.0228 0x00ac  WdiServiceHost - ok
15:54:19.0231 0x00ac  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:54:19.0234 0x00ac  WdiSystemHost - ok
15:54:19.0241 0x00ac  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
15:54:19.0248 0x00ac  WebClient - ok
15:54:19.0255 0x00ac  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:54:19.0261 0x00ac  Wecsvc - ok
15:54:19.0265 0x00ac  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:54:19.0268 0x00ac  wercplsupport - ok
15:54:19.0273 0x00ac  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:54:19.0275 0x00ac  WerSvc - ok
15:54:19.0279 0x00ac  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:54:19.0280 0x00ac  WfpLwf - ok
15:54:19.0283 0x00ac  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:54:19.0284 0x00ac  WIMMount - ok
15:54:19.0286 0x00ac  WinDefend - ok
15:54:19.0290 0x00ac  WinHttpAutoProxySvc - ok
15:54:19.0300 0x00ac  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:54:19.0305 0x00ac  Winmgmt - ok
15:54:19.0344 0x00ac  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:54:19.0380 0x00ac  WinRM - ok
15:54:19.0389 0x00ac  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:54:19.0403 0x00ac  WinUsb - ok
15:54:19.0421 0x00ac  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:54:19.0439 0x00ac  Wlansvc - ok
15:54:19.0484 0x00ac  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:54:19.0526 0x00ac  wlidsvc - ok
15:54:19.0531 0x00ac  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:54:19.0533 0x00ac  WmiAcpi - ok
15:54:19.0540 0x00ac  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:54:19.0545 0x00ac  wmiApSrv - ok
15:54:19.0548 0x00ac  WMPNetworkSvc - ok
15:54:19.0550 0x00ac  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:54:19.0553 0x00ac  WPCSvc - ok
15:54:19.0558 0x00ac  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:54:19.0560 0x00ac  WPDBusEnum - ok
15:54:19.0564 0x00ac  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:54:19.0565 0x00ac  ws2ifsl - ok
15:54:19.0569 0x00ac  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
15:54:19.0573 0x00ac  wscsvc - ok
15:54:19.0575 0x00ac  WSearch - ok
15:54:19.0623 0x00ac  [ 6075791ED85E47A2A2916B1F34582944, 25B5FAD161711875B38BDD014A26FA527C8EE4854D485989D19A72D5EBBA4054 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:54:19.0670 0x00ac  wuauserv - ok
15:54:19.0675 0x00ac  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:54:19.0678 0x00ac  WudfPf - ok
15:54:19.0685 0x00ac  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:54:19.0690 0x00ac  WUDFRd - ok
15:54:19.0695 0x00ac  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:54:19.0698 0x00ac  wudfsvc - ok
15:54:19.0705 0x00ac  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:54:19.0711 0x00ac  WwanSvc - ok
15:54:19.0716 0x00ac  ================ Scan global ===============================
15:54:19.0719 0x00ac  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
15:54:19.0726 0x00ac  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
15:54:19.0748 0x00ac  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
15:54:19.0754 0x00ac  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:54:19.0763 0x00ac  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
15:54:19.0769 0x00ac  [ Global ] - ok
15:54:19.0769 0x00ac  ================ Scan MBR ==================================
15:54:19.0770 0x00ac  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:54:19.0976 0x00ac  \Device\Harddisk0\DR0 - ok
15:54:19.0978 0x00ac  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:54:20.0070 0x00ac  \Device\Harddisk1\DR1 - ok
15:54:20.0071 0x00ac  [ 988D3C46CBD13EC7F482B833C55264C8 ] \Device\Harddisk2\DR2
15:54:20.0075 0x00ac  \Device\Harddisk2\DR2 - ok
15:54:20.0075 0x00ac  ================ Scan VBR ==================================
15:54:20.0076 0x00ac  [ F6837954E147B634BF2AD664FABF4BF6 ] \Device\Harddisk0\DR0\Partition1
15:54:20.0079 0x00ac  \Device\Harddisk0\DR0\Partition1 - ok
15:54:20.0080 0x00ac  [ DCE858D6C9F7CCF09DA9BDF4C36D0E67 ] \Device\Harddisk0\DR0\Partition2
15:54:20.0083 0x00ac  \Device\Harddisk0\DR0\Partition2 - ok
15:54:20.0084 0x00ac  [ E13FBCCC5B05C0E2070179038181A67E ] \Device\Harddisk1\DR1\Partition1
15:54:20.0130 0x00ac  \Device\Harddisk1\DR1\Partition1 - ok
15:54:20.0131 0x00ac  [ 8609533CF3BD113BA1BE72FB9BF6BA11 ] \Device\Harddisk1\DR1\Partition2
15:54:20.0174 0x00ac  \Device\Harddisk1\DR1\Partition2 - ok
15:54:20.0175 0x00ac  [ 383E4B4A5D3DF421AE29D47974C36C85 ] \Device\Harddisk1\DR1\Partition3
15:54:20.0176 0x00ac  \Device\Harddisk1\DR1\Partition3 - ok
15:54:20.0178 0x00ac  [ E04879AC8DB84D84DA8065AEFE045809 ] \Device\Harddisk1\DR1\Partition4
15:54:20.0179 0x00ac  \Device\Harddisk1\DR1\Partition4 - ok
15:54:20.0180 0x00ac  [ A6DBB8959C2F94376654F12B80365952 ] \Device\Harddisk2\DR2\Partition1
15:54:20.0181 0x00ac  \Device\Harddisk2\DR2\Partition1 - ok
15:54:20.0181 0x00ac  ================ Scan generic autorun ======================
15:54:20.0208 0x00ac  [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] C:\Program Files\Microsoft Security Client\msseces.exe
15:54:20.0235 0x00ac  MSC - ok
15:54:20.0286 0x00ac  [ A416FBE18A8FF5C942B5E4A65A66EAE0, DC021A544A16BA984A906D235E0E6DA8AC0DF0A7FC8A89D192E427BBE6D2434C ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
15:54:20.0330 0x00ac  NvBackend - ok
15:54:20.0334 0x00ac  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
15:54:20.0336 0x00ac  ShadowPlay - ok
15:54:20.0346 0x00ac  [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\syswow64\RunDll32.exe
15:54:20.0348 0x00ac  Cmaudio8788 - ok
15:54:20.0354 0x00ac  [ 0740D338A42F7778760F2B0CB6DA5830, C6D275B4993502A155F85D8DE26B119866DEE106C98CF29CDAACBAF11484C94A ] C:\Windows\syswow64\HsMgr.exe
15:54:20.0361 0x00ac  Cmaudio8788GX - ok
15:54:20.0369 0x00ac  [ BEF1B23AD0BBF805F02FAA01EAE0AF4E, 65CCFEC1F61E475A1F6759ECCA8DE1844A26AB7F827BC1F63339A0DFF554B039 ] C:\Windows\system\HsMgr64.exe
15:54:20.0373 0x00ac  Cmaudio8788GX64 - ok
15:54:20.0391 0x00ac  [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
15:54:20.0403 0x00ac  avgnt - ok
15:54:20.0408 0x00ac  [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
15:54:20.0409 0x00ac  NUSB3MON - ok
15:54:20.0416 0x00ac  [ 1DE859B82E381A645C44284A5044BC33, 305AE678D3163D57C8E027F94BC553FDFDE7F9A14599EAEC370B0867DE4A9EC2 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:54:20.0426 0x00ac  SunJavaUpdateSched - ok
15:54:20.0430 0x00ac  [ 3405A4A63018892F31E61C01E9A0313E, 49B2102C3593270DAD15548D1FB2C7E36A65419AA7AE057AB1F0B6A80365B1F6 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
15:54:20.0436 0x00ac  Avira SystrayStartTrigger - ok
15:54:20.0436 0x00ac  Waiting for KSN requests completion. In queue: 221
15:54:21.0042 0x1470  Object send P2P result: true
15:54:21.0042 0x1470  Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
15:54:21.0437 0x00ac  Waiting for KSN requests completion. In queue: 220
15:54:22.0437 0x00ac  Waiting for KSN requests completion. In queue: 220
15:54:22.0780 0x1254  Object required for P2P: [ 3405A4A63018892F31E61C01E9A0313E ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
15:54:23.0437 0x00ac  Waiting for KSN requests completion. In queue: 4
15:54:23.0454 0x1470  Object send P2P result: true
15:54:24.0437 0x00ac  Waiting for KSN requests completion. In queue: 1
15:54:25.0202 0x1254  Object send P2P result: true
15:54:25.0452 0x00ac  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
15:54:25.0452 0x00ac  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
15:54:25.0462 0x00ac  Win FW state via NFP2: enabled ( trusted )
15:54:27.0821 0x00ac  ============================================================
15:54:27.0821 0x00ac  Scan finished
15:54:27.0821 0x00ac  ============================================================
15:54:27.0826 0x156c  Detected object count: 0
15:54:27.0826 0x156c  Actual detected object count: 0

deeprybka · 04.01.2016, 22:45

Ach wenn sich am Resultat nicht viel ändern wird, bitte Scan so durchführen wie in der Anleitung beschrieben ist.

benjay · 04.01.2016, 23:51

Sorry! Wer lesen kann, ist klar im Vorteil

Code:

ATTFilter

23:46:03.0633 0x135c  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
23:46:06.0776 0x135c  ============================================================
23:46:06.0776 0x135c  Current date / time: 2016/01/04 23:46:06.0776
23:46:06.0776 0x135c  SystemInfo:
23:46:06.0776 0x135c  
23:46:06.0776 0x135c  OS Version: 6.1.7601 ServicePack: 1.0
23:46:06.0776 0x135c  Product type: Workstation
23:46:06.0776 0x135c  ComputerName: BENJAY-PC
23:46:06.0777 0x135c  UserName: benjay
23:46:06.0777 0x135c  Windows directory: C:\Windows
23:46:06.0777 0x135c  System windows directory: C:\Windows
23:46:06.0777 0x135c  Running under WOW64
23:46:06.0777 0x135c  Processor architecture: Intel x64
23:46:06.0777 0x135c  Number of processors: 4
23:46:06.0777 0x135c  Page size: 0x1000
23:46:06.0777 0x135c  Boot type: Normal boot
23:46:06.0777 0x135c  ============================================================
23:46:07.0474 0x135c  KLMD registered as C:\Windows\system32\drivers\92764187.sys
23:46:08.0004 0x135c  System UUID: {CB580BE7-8DD2-5970-BC23-270049115F63}
23:46:08.0415 0x135c  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:46:08.0427 0x135c  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:46:08.0448 0x135c  Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:46:08.0451 0x135c  ============================================================
23:46:08.0451 0x135c  \Device\Harddisk0\DR0:
23:46:08.0451 0x135c  MBR partitions:
23:46:08.0451 0x135c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:46:08.0451 0x135c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
23:46:08.0451 0x135c  \Device\Harddisk1\DR1:
23:46:08.0451 0x135c  MBR partitions:
23:46:08.0451 0x135c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:46:08.0451 0x135c  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC705800
23:46:08.0451 0x135c  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0xC738000, BlocksNum 0x1E848000
23:46:08.0451 0x135c  \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x2AF80000, BlocksNum 0x49786000
23:46:08.0451 0x135c  \Device\Harddisk2\DR2:
23:46:08.0451 0x135c  MBR partitions:
23:46:08.0451 0x135c  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
23:46:08.0452 0x135c  ============================================================
23:46:08.0454 0x135c  C: <-> \Device\Harddisk0\DR0\Partition2
23:46:08.0458 0x135c  E: <-> \Device\Harddisk1\DR1\Partition1
23:46:08.0470 0x135c  F: <-> \Device\Harddisk2\DR2\Partition1
23:46:08.0486 0x135c  G: <-> \Device\Harddisk1\DR1\Partition2
23:46:08.0514 0x135c  H: <-> \Device\Harddisk1\DR1\Partition3
23:46:08.0543 0x135c  I: <-> \Device\Harddisk1\DR1\Partition4
23:46:08.0543 0x135c  ============================================================
23:46:08.0543 0x135c  Initialize success
23:46:08.0543 0x135c  ============================================================
23:46:22.0461 0x1784  ============================================================
23:46:22.0461 0x1784  Scan started
23:46:22.0461 0x1784  Mode: Manual; SigCheck; TDLFS; 
23:46:22.0461 0x1784  ============================================================
23:46:22.0461 0x1784  KSN ping started
23:46:36.0089 0x1784  KSN ping finished: true
23:46:36.0379 0x1784  ================ Scan system memory ========================
23:46:36.0379 0x1784  System memory - ok
23:46:36.0379 0x1784  ================ Scan services =============================
23:46:36.0406 0x1784  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:46:36.0447 0x1784  1394ohci - ok
23:46:36.0458 0x1784  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:46:36.0473 0x1784  ACPI - ok
23:46:36.0477 0x1784  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:46:36.0500 0x1784  AcpiPmi - ok
23:46:36.0507 0x1784  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
23:46:36.0512 0x1784  Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
23:46:38.0808 0x1784  Detect skipped due to KSN trusted
23:46:38.0808 0x1784  Adobe LM Service - ok
23:46:38.0831 0x1784  [ 84DB0A40692CF8A58D1E3710FA5D121F, 0C29C59CAF056C79F56957DB06A8CF480D5BD7BDF6A4F0E9A72653806CF154D0 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:46:38.0843 0x1784  AdobeFlashPlayerUpdateSvc - ok
23:46:38.0856 0x1784  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
23:46:38.0874 0x1784  adp94xx - ok
23:46:38.0883 0x1784  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
23:46:38.0899 0x1784  adpahci - ok
23:46:38.0905 0x1784  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
23:46:38.0917 0x1784  adpu320 - ok
23:46:38.0922 0x1784  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:46:38.0967 0x1784  AeLookupSvc - ok
23:46:38.0979 0x1784  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
23:46:39.0002 0x1784  AFD - ok
23:46:39.0006 0x1784  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
23:46:39.0015 0x1784  agp440 - ok
23:46:39.0019 0x1784  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
23:46:39.0033 0x1784  ALG - ok
23:46:39.0036 0x1784  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:46:39.0044 0x1784  aliide - ok
23:46:39.0051 0x1784  [ E20DDDFBD0DBE7D8EAD4D7A51D654367, 62164C58655318E7453C6136BE845091D6244A69BD762F1D588605670BA66B12 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:46:39.0080 0x1784  AMD External Events Utility - ok
23:46:39.0083 0x1784  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
23:46:39.0090 0x1784  amdide - ok
23:46:39.0095 0x1784  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
23:46:39.0107 0x1784  AmdK8 - ok
23:46:39.0323 0x1784  [ 4284FB1240537A33E6EC417EFD87D40F, DAD37EBDCD57C8559FD9395AED7FA85BCA1EDB0337CD2A4F7613E869D859B3F2 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
23:46:39.0587 0x1784  amdkmdag - ok
23:46:39.0605 0x1784  [ 6C25C497E05EFD0CB6033A0444FC9B51, 318318F06545869D5E17C6CC9E48109790C2F3A5E65779CB1569A10610136B34 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
23:46:39.0624 0x1784  amdkmdap - ok
23:46:39.0628 0x1784  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
23:46:39.0638 0x1784  AmdPPM - ok
23:46:39.0642 0x1784  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:46:39.0652 0x1784  amdsata - ok
23:46:39.0658 0x1784  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
23:46:39.0670 0x1784  amdsbs - ok
23:46:39.0673 0x1784  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:46:39.0681 0x1784  amdxata - ok
23:46:39.0703 0x1784  [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
23:46:39.0729 0x1784  AntiVirMailService - ok
23:46:39.0742 0x1784  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:46:39.0757 0x1784  AntiVirSchedulerService - ok
23:46:39.0769 0x1784  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:46:39.0784 0x1784  AntiVirService - ok
23:46:39.0812 0x1784  [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
23:46:39.0844 0x1784  AntiVirWebService - ok
23:46:39.0849 0x1784  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
23:46:39.0862 0x1784  AppID - ok
23:46:39.0865 0x1784  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:46:39.0875 0x1784  AppIDSvc - ok
23:46:39.0879 0x1784  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
23:46:39.0891 0x1784  Appinfo - ok
23:46:39.0899 0x1784  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
23:46:39.0913 0x1784  AppMgmt - ok
23:46:39.0917 0x1784  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
23:46:39.0926 0x1784  arc - ok
23:46:39.0930 0x1784  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
23:46:39.0939 0x1784  arcsas - ok
23:46:39.0949 0x1784  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:46:39.0959 0x1784  aspnet_state - ok
23:46:39.0962 0x1784  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:46:39.0986 0x1784  AsyncMac - ok
23:46:39.0989 0x1784  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
23:46:39.0996 0x1784  atapi - ok
23:46:40.0035 0x1784  [ EA0AF9B866DF07E8FE6C2342585788B0, BE8E799C1ED36B9DC6BEAB40E8B460464C01014DEC021760FB19626C77550792 ] athur           C:\Windows\system32\DRIVERS\athurx.sys
23:46:40.0085 0x1784  athur - ok
23:46:40.0304 0x1784  [ 4284FB1240537A33E6EC417EFD87D40F, DAD37EBDCD57C8559FD9395AED7FA85BCA1EDB0337CD2A4F7613E869D859B3F2 ] atikmdag        C:\Windows\system32\drivers\atikmdag.sys
23:46:40.0519 0x1784  atikmdag - ok
23:46:40.0538 0x1784  [ 64F07381335E37C142F6D176705FFCA6, 8F7F633B891FE653D3298578897711A04E7B2B08E51CEE131C50102EFD45AC0E ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
23:46:40.0564 0x1784  atksgt - ok
23:46:40.0579 0x1784  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:46:40.0604 0x1784  AudioEndpointBuilder - ok
23:46:40.0619 0x1784  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:46:40.0638 0x1784  AudioSrv - ok
23:46:40.0645 0x1784  [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
23:46:40.0655 0x1784  avgntflt - ok
23:46:40.0660 0x1784  [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
23:46:40.0669 0x1784  avipbb - ok
23:46:40.0679 0x1784  [ 2027E82463B6F6BB4D2A5BAF09202BA8, 7E61DEAC45F710F62C388177B43D99F3C39B89CEFCEFCC581DF12201C8CDB23C ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
23:46:40.0691 0x1784  Avira.ServiceHost - ok
23:46:40.0694 0x1784  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
23:46:40.0701 0x1784  avkmgr - ok
23:46:40.0705 0x1784  [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
23:46:40.0714 0x1784  avnetflt - ok
23:46:40.0718 0x1784  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:46:40.0739 0x1784  AxInstSV - ok
23:46:40.0751 0x1784  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
23:46:40.0770 0x1784  b06bdrv - ok
23:46:40.0779 0x1784  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:46:40.0793 0x1784  b57nd60a - ok
23:46:40.0799 0x1784  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:46:40.0811 0x1784  BDESVC - ok
23:46:40.0813 0x1784  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:46:40.0836 0x1784  Beep - ok
23:46:40.0852 0x1784  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
23:46:40.0876 0x1784  BFE - ok
23:46:40.0895 0x1784  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
23:46:40.0967 0x1784  BITS - ok
23:46:40.0971 0x1784  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:46:40.0981 0x1784  blbdrive - ok
23:46:40.0986 0x1784  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:46:40.0997 0x1784  bowser - ok
23:46:40.0999 0x1784  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:46:41.0021 0x1784  BrFiltLo - ok
23:46:41.0023 0x1784  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:46:41.0034 0x1784  BrFiltUp - ok
23:46:41.0039 0x1784  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
23:46:41.0064 0x1784  BridgeMP - ok
23:46:41.0069 0x1784  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
23:46:41.0082 0x1784  Browser - ok
23:46:41.0090 0x1784  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:46:41.0108 0x1784  Brserid - ok
23:46:41.0112 0x1784  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:46:41.0124 0x1784  BrSerWdm - ok
23:46:41.0126 0x1784  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:46:41.0137 0x1784  BrUsbMdm - ok
23:46:41.0140 0x1784  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:46:41.0149 0x1784  BrUsbSer - ok
23:46:41.0153 0x1784  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
23:46:41.0165 0x1784  BTHMODEM - ok
23:46:41.0170 0x1784  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
23:46:41.0196 0x1784  bthserv - ok
23:46:41.0197 0x1784  catchme - ok
23:46:41.0202 0x1784  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:46:41.0227 0x1784  cdfs - ok
23:46:41.0233 0x1784  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:46:41.0246 0x1784  cdrom - ok
23:46:41.0251 0x1784  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
23:46:41.0276 0x1784  CertPropSvc - ok
23:46:41.0279 0x1784  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
23:46:41.0292 0x1784  circlass - ok
23:46:41.0301 0x1784  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
23:46:41.0317 0x1784  CLFS - ok
23:46:41.0323 0x1784  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:46:41.0332 0x1784  clr_optimization_v2.0.50727_32 - ok
23:46:41.0337 0x1784  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:46:41.0347 0x1784  clr_optimization_v2.0.50727_64 - ok
23:46:41.0355 0x1784  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:46:41.0366 0x1784  clr_optimization_v4.0.30319_32 - ok
23:46:41.0370 0x1784  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:46:41.0381 0x1784  clr_optimization_v4.0.30319_64 - ok
23:46:41.0384 0x1784  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:46:41.0394 0x1784  CmBatt - ok
23:46:41.0396 0x1784  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:46:41.0404 0x1784  cmdide - ok
23:46:41.0456 0x1784  [ 2A01CA9628F36208A7D188F34B295192, 336532A03600759C8D243A0E8AAE334EB741EFE89165C1BE08339AE1EC5838B1 ] cmudaxp         C:\Windows\system32\drivers\cmudaxp.sys
23:46:41.0542 0x1784  cmudaxp - ok
23:46:41.0555 0x1784  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
23:46:41.0577 0x1784  CNG - ok
23:46:41.0580 0x1784  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:46:41.0588 0x1784  Compbatt - ok
23:46:41.0591 0x1784  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
23:46:41.0603 0x1784  CompositeBus - ok
23:46:41.0605 0x1784  COMSysApp - ok
23:46:41.0608 0x1784  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
23:46:41.0616 0x1784  crcdisk - ok
23:46:41.0623 0x1784  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:46:41.0657 0x1784  CryptSvc - ok
23:46:41.0669 0x1784  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
23:46:41.0689 0x1784  CSC - ok
23:46:41.0705 0x1784  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
23:46:41.0728 0x1784  CscService - ok
23:46:41.0741 0x1784  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:46:41.0775 0x1784  DcomLaunch - ok
23:46:41.0783 0x1784  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
23:46:41.0812 0x1784  defragsvc - ok
23:46:41.0817 0x1784  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:46:41.0842 0x1784  DfsC - ok
23:46:41.0850 0x1784  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:46:41.0879 0x1784  Dhcp - ok
23:46:41.0883 0x1784  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
23:46:41.0906 0x1784  discache - ok
23:46:41.0911 0x1784  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
23:46:41.0920 0x1784  Disk - ok
23:46:41.0926 0x1784  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:46:41.0941 0x1784  Dnscache - ok
23:46:41.0948 0x1784  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:46:41.0978 0x1784  dot3svc - ok
23:46:41.0984 0x1784  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
23:46:42.0012 0x1784  DPS - ok
23:46:42.0014 0x1784  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:46:42.0025 0x1784  drmkaud - ok
23:46:42.0034 0x1784  [ 400582B09E0BB557D0EC28A945150EEB, 605AC0DF14F9F64B72604968CC4C02725E8D5C879D6DB1B2B5D9598B902FC9D0 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
23:46:42.0045 0x1784  dtsoftbus01 - ok
23:46:42.0066 0x1784  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:46:42.0094 0x1784  DXGKrnl - ok
23:46:42.0099 0x1784  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
23:46:42.0125 0x1784  EapHost - ok
23:46:42.0186 0x1784  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
23:46:42.0269 0x1784  ebdrv - ok
23:46:42.0274 0x1784  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS             C:\Windows\System32\lsass.exe
23:46:42.0286 0x1784  EFS - ok
23:46:42.0302 0x1784  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:46:42.0330 0x1784  ehRecvr - ok
23:46:42.0335 0x1784  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
23:46:42.0349 0x1784  ehSched - ok
23:46:42.0361 0x1784  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
23:46:42.0380 0x1784  elxstor - ok
23:46:42.0383 0x1784  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:46:42.0392 0x1784  ErrDev - ok
23:46:42.0403 0x1784  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
23:46:42.0434 0x1784  EventSystem - ok
23:46:42.0437 0x1784  [ A0539478593A00AA64E600CF7E19F195, BD835D70F3EE9BFEFFABE747AD65BC97C73AD8042F653BF93535277FB0CBD4CE ] EvolveVirtualAdapter C:\Windows\system32\DRIVERS\evolve.sys
23:46:42.0454 0x1784  EvolveVirtualAdapter - ok
23:46:42.0459 0x1784  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
23:46:42.0487 0x1784  exfat - ok
23:46:42.0494 0x1784  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:46:42.0522 0x1784  fastfat - ok
23:46:42.0538 0x1784  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
23:46:42.0563 0x1784  Fax - ok
23:46:42.0566 0x1784  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
23:46:42.0576 0x1784  fdc - ok
23:46:42.0579 0x1784  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
23:46:42.0602 0x1784  fdPHost - ok
23:46:42.0605 0x1784  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:46:42.0629 0x1784  FDResPub - ok
23:46:42.0633 0x1784  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:46:42.0642 0x1784  FileInfo - ok
23:46:42.0645 0x1784  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:46:42.0668 0x1784  Filetrace - ok
23:46:42.0671 0x1784  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:46:42.0680 0x1784  flpydisk - ok
23:46:42.0688 0x1784  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:46:42.0702 0x1784  FltMgr - ok
23:46:42.0726 0x1784  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
23:46:42.0762 0x1784  FontCache - ok
23:46:42.0766 0x1784  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:46:42.0774 0x1784  FontCache3.0.0.0 - ok
23:46:42.0778 0x1784  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:46:42.0786 0x1784  FsDepends - ok
23:46:42.0789 0x1784  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:46:42.0797 0x1784  Fs_Rec - ok
23:46:42.0803 0x1784  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:46:42.0818 0x1784  fvevol - ok
23:46:42.0821 0x1784  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
23:46:42.0830 0x1784  gagp30kx - ok
23:46:42.0855 0x1784  [ 7F18FB86E1023DDB80874CEA671442D5, BA236CD30A6932DC439DCA1DD4B06B7DF9181B1EC3654A72D05DFD70949C5E06 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
23:46:42.0885 0x1784  GfExperienceService - ok
23:46:42.0903 0x1784  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
23:46:42.0942 0x1784  gpsvc - ok
23:46:42.0950 0x1784  [ 0C03FB91E17987EED93F60007B08DAA0, BF4549F45FA1B291339E5053738B95BA50F021225F294F7B1ED9DACBD09BA426 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:46:42.0958 0x1784  gupdate - ok
23:46:42.0963 0x1784  [ 0C03FB91E17987EED93F60007B08DAA0, BF4549F45FA1B291339E5053738B95BA50F021225F294F7B1ED9DACBD09BA426 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:46:42.0971 0x1784  gupdatem - ok
23:46:42.0975 0x1784  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:46:42.0985 0x1784  hcw85cir - ok
23:46:42.0994 0x1784  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:46:43.0012 0x1784  HdAudAddService - ok
23:46:43.0017 0x1784  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:46:43.0030 0x1784  HDAudBus - ok
23:46:43.0033 0x1784  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
23:46:43.0042 0x1784  HidBatt - ok
23:46:43.0046 0x1784  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
23:46:43.0059 0x1784  HidBth - ok
23:46:43.0062 0x1784  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
23:46:43.0073 0x1784  HidIr - ok
23:46:43.0077 0x1784  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
23:46:43.0100 0x1784  hidserv - ok
23:46:43.0104 0x1784  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:46:43.0113 0x1784  HidUsb - ok
23:46:43.0117 0x1784  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:46:43.0142 0x1784  hkmsvc - ok
23:46:43.0149 0x1784  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:46:43.0163 0x1784  HomeGroupListener - ok
23:46:43.0169 0x1784  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:46:43.0183 0x1784  HomeGroupProvider - ok
23:46:43.0187 0x1784  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:46:43.0196 0x1784  HpSAMD - ok
23:46:43.0212 0x1784  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:46:43.0237 0x1784  HTTP - ok
23:46:43.0240 0x1784  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:46:43.0248 0x1784  hwpolicy - ok
23:46:43.0252 0x1784  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
23:46:43.0263 0x1784  i8042prt - ok
23:46:43.0273 0x1784  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:46:43.0289 0x1784  iaStorV - ok
23:46:43.0308 0x1784  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:46:43.0334 0x1784  idsvc - ok
23:46:43.0337 0x1784  IEEtwCollectorService - ok
23:46:43.0341 0x1784  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
23:46:43.0349 0x1784  iirsp - ok
23:46:43.0367 0x1784  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
23:46:43.0394 0x1784  IKEEXT - ok
23:46:43.0398 0x1784  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
23:46:43.0406 0x1784  intelide - ok
23:46:43.0409 0x1784  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:46:43.0418 0x1784  intelppm - ok
23:46:43.0423 0x1784  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:46:43.0447 0x1784  IPBusEnum - ok
23:46:43.0451 0x1784  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:46:43.0476 0x1784  IpFilterDriver - ok
23:46:43.0489 0x1784  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:46:43.0524 0x1784  iphlpsvc - ok
23:46:43.0529 0x1784  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:46:43.0539 0x1784  IPMIDRV - ok
23:46:43.0544 0x1784  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:46:43.0570 0x1784  IPNAT - ok
23:46:43.0572 0x1784  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:46:43.0598 0x1784  IRENUM - ok
23:46:43.0604 0x1784  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:46:43.0612 0x1784  isapnp - ok
23:46:43.0620 0x1784  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:46:43.0633 0x1784  iScsiPrt - ok
23:46:43.0637 0x1784  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:46:43.0646 0x1784  kbdclass - ok
23:46:43.0649 0x1784  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:46:43.0659 0x1784  kbdhid - ok
23:46:43.0662 0x1784  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso          C:\Windows\system32\lsass.exe
23:46:43.0671 0x1784  KeyIso - ok
23:46:43.0675 0x1784  [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:46:43.0684 0x1784  KSecDD - ok
23:46:43.0689 0x1784  [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:46:43.0700 0x1784  KSecPkg - ok
23:46:43.0704 0x1784  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:46:43.0728 0x1784  ksthunk - ok
23:46:43.0737 0x1784  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:46:43.0770 0x1784  KtmRm - ok
23:46:43.0779 0x1784  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
23:46:43.0809 0x1784  LanmanServer - ok
23:46:43.0814 0x1784  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:46:43.0842 0x1784  LanmanWorkstation - ok
23:46:43.0847 0x1784  [ 83BA097ACAAD0B00505634A62D90F93A, 6F1FE2F413A4A939D2D921F537EBB9330E2A65A7C38BD380CF9405792FD03052 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
23:46:43.0855 0x1784  lirsgt - ok
23:46:43.0859 0x1784  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:46:43.0882 0x1784  lltdio - ok
23:46:43.0891 0x1784  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:46:43.0920 0x1784  lltdsvc - ok
23:46:43.0923 0x1784  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:46:43.0947 0x1784  lmhosts - ok
23:46:43.0952 0x1784  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
23:46:43.0962 0x1784  LSI_FC - ok
23:46:43.0966 0x1784  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
23:46:43.0976 0x1784  LSI_SAS - ok
23:46:43.0980 0x1784  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:46:43.0988 0x1784  LSI_SAS2 - ok
23:46:43.0992 0x1784  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:46:44.0002 0x1784  LSI_SCSI - ok
23:46:44.0006 0x1784  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
23:46:44.0032 0x1784  luafv - ok
23:46:44.0035 0x1784  [ 4A503882318BB2F59218D401614E6AF6, 678FDE29EAE20353E780F53CFB9E79EA8B43E1E8BAC77890C178918DC5CCBA0E ] lvpepf64        C:\Windows\system32\DRIVERS\lv302a64.sys
23:46:44.0041 0x1784  lvpepf64 - ok
23:46:44.0050 0x1784  [ 125AE13C293889001B8456CF3EB04A40, EB4B7135691935A9AC515099ED8C2767BC02308068AB9BEB2869B6E841268848 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
23:46:44.0063 0x1784  LVRS64 - ok
23:46:44.0066 0x1784  Maplom - ok
23:46:44.0068 0x1784  MaplomL - ok
23:46:44.0072 0x1784  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
23:46:44.0079 0x1784  MBAMProtector - ok
23:46:44.0104 0x1784  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
23:46:44.0134 0x1784  MBAMService - ok
23:46:44.0139 0x1784  [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
23:46:44.0147 0x1784  MBAMWebAccessControl - ok
23:46:44.0151 0x1784  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:46:44.0162 0x1784  Mcx2Svc - ok
23:46:44.0165 0x1784  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
23:46:44.0173 0x1784  megasas - ok
23:46:44.0180 0x1784  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
23:46:44.0194 0x1784  MegaSR - ok
23:46:44.0199 0x1784  [ 86614752D2FAE34CCD9E7B2AABA5FBEC, AD5ADDACE7679B6BCCBFA3F3AFA7312B9A4CB2A0E79E199D609D2A8BB20C1723 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
23:46:44.0207 0x1784  MEIx64 - ok
23:46:44.0211 0x1784  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
23:46:44.0235 0x1784  MMCSS - ok
23:46:44.0239 0x1784  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
23:46:44.0262 0x1784  Modem - ok
23:46:44.0265 0x1784  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:46:44.0276 0x1784  monitor - ok
23:46:44.0279 0x1784  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:46:44.0287 0x1784  mouclass - ok
23:46:44.0291 0x1784  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:46:44.0301 0x1784  mouhid - ok
23:46:44.0305 0x1784  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:46:44.0314 0x1784  mountmgr - ok
23:46:44.0320 0x1784  [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:46:44.0330 0x1784  MozillaMaintenance - ok
23:46:44.0338 0x1784  [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
23:46:44.0354 0x1784  MpFilter - ok
23:46:44.0359 0x1784  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:46:44.0370 0x1784  mpio - ok
23:46:44.0374 0x1784  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:46:44.0399 0x1784  mpsdrv - ok
23:46:44.0416 0x1784  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:46:44.0456 0x1784  MpsSvc - ok
23:46:44.0462 0x1784  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:46:44.0475 0x1784  MRxDAV - ok
23:46:44.0480 0x1784  [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:46:44.0506 0x1784  mrxsmb - ok
23:46:44.0514 0x1784  [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:46:44.0540 0x1784  mrxsmb10 - ok
23:46:44.0545 0x1784  [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:46:44.0565 0x1784  mrxsmb20 - ok
23:46:44.0569 0x1784  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:46:44.0577 0x1784  msahci - ok
23:46:44.0582 0x1784  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:46:44.0595 0x1784  msdsm - ok
23:46:44.0600 0x1784  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
23:46:44.0614 0x1784  MSDTC - ok
23:46:44.0619 0x1784  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:46:44.0642 0x1784  Msfs - ok
23:46:44.0645 0x1784  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:46:44.0667 0x1784  mshidkmdf - ok
23:46:44.0670 0x1784  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:46:44.0678 0x1784  msisadrv - ok
23:46:44.0686 0x1784  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:46:44.0715 0x1784  MSiSCSI - ok
23:46:44.0717 0x1784  msiserver - ok
23:46:44.0719 0x1784  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:46:44.0743 0x1784  MSKSSRV - ok
23:46:44.0749 0x1784  [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
23:46:44.0758 0x1784  MsMpSvc - ok
23:46:44.0760 0x1784  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:46:44.0784 0x1784  MSPCLOCK - ok
23:46:44.0787 0x1784  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:46:44.0810 0x1784  MSPQM - ok
23:46:44.0819 0x1784  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:46:44.0834 0x1784  MsRPC - ok
23:46:44.0839 0x1784  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
23:46:44.0846 0x1784  mssmbios - ok
23:46:44.0849 0x1784  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:46:44.0872 0x1784  MSTEE - ok
23:46:44.0875 0x1784  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
23:46:44.0884 0x1784  MTConfig - ok
23:46:44.0888 0x1784  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
23:46:44.0897 0x1784  Mup - ok
23:46:44.0908 0x1784  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
23:46:44.0940 0x1784  napagent - ok
23:46:44.0949 0x1784  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:46:44.0968 0x1784  NativeWifiP - ok
23:46:44.0988 0x1784  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:46:45.0015 0x1784  NDIS - ok
23:46:45.0019 0x1784  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:46:45.0044 0x1784  NdisCap - ok
23:46:45.0047 0x1784  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:46:45.0071 0x1784  NdisTapi - ok
23:46:45.0074 0x1784  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:46:45.0098 0x1784  Ndisuio - ok
23:46:45.0103 0x1784  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:46:45.0129 0x1784  NdisWan - ok
23:46:45.0132 0x1784  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:46:45.0156 0x1784  NDProxy - ok
23:46:45.0159 0x1784  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:46:45.0183 0x1784  NetBIOS - ok
23:46:45.0191 0x1784  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:46:45.0219 0x1784  NetBT - ok
23:46:45.0222 0x1784  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon        C:\Windows\system32\lsass.exe
23:46:45.0231 0x1784  Netlogon - ok
23:46:45.0241 0x1784  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
23:46:45.0272 0x1784  Netman - ok
23:46:45.0278 0x1784  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:46:45.0289 0x1784  NetMsmqActivator - ok
23:46:45.0294 0x1784  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:46:45.0304 0x1784  NetPipeActivator - ok
23:46:45.0316 0x1784  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
23:46:45.0349 0x1784  netprofm - ok
23:46:45.0354 0x1784  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:46:45.0365 0x1784  NetTcpActivator - ok
23:46:45.0370 0x1784  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:46:45.0380 0x1784  NetTcpPortSharing - ok
23:46:45.0384 0x1784  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
23:46:45.0392 0x1784  nfrd960 - ok
23:46:45.0398 0x1784  [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
23:46:45.0409 0x1784  NisDrv - ok
23:46:45.0419 0x1784  [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
23:46:45.0434 0x1784  NisSrv - ok
23:46:45.0443 0x1784  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:46:45.0459 0x1784  NlaSvc - ok
23:46:45.0462 0x1784  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:46:45.0487 0x1784  Npfs - ok
23:46:45.0490 0x1784  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
23:46:45.0514 0x1784  nsi - ok
23:46:45.0516 0x1784  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:46:45.0540 0x1784  nsiproxy - ok
23:46:45.0574 0x1784  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:46:45.0617 0x1784  Ntfs - ok
23:46:45.0628 0x1784  [ 1B32C54B95121AB1683C7B83B2DB4B96, 99F4994A0E5BD1BF6E3F637D3225C69FF4CD620557E23637533E7F18D7D6CBA1 ] NTIOLib_1_0_4   C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys
23:46:45.0645 0x1784  NTIOLib_1_0_4 - ok
23:46:45.0648 0x1784  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
23:46:45.0671 0x1784  Null - ok
23:46:45.0676 0x1784  [ 0EBC9D13CD96C15B1B18D8678A609E4B, B10896DE16B0C102DFB3E73A6C11A1982C5B428015DAE1F8776BCEF94A0F75C6 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
23:46:45.0686 0x1784  nusb3hub - ok
23:46:45.0693 0x1784  [ 7BDEC000D56D485021D9C1E63C2F81CA, 7F1303FD0371AF8715BFC38433B730C797170AEF10C7DB845B7B547DA8DBB5D5 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
23:46:45.0705 0x1784  nusb3xhc - ok
23:46:45.0712 0x1784  [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
23:46:45.0734 0x1784  NVHDA - ok
23:46:45.0925 0x1784  [ ECC732D5185408FCC323E56D30170848, 7A7A6C410B65DBB1D59653598D7E5414054588BB88505BE68BFFF0378FD555F3 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:46:46.0239 0x1784  nvlddmkm - ok
23:46:46.0284 0x1784  [ DB7C6892180C79714EF79F69A788E865, 0E4C109C6F8E8D37447FCE1D7CABCBFAE8E5AA6FD4512150DD17156C9021A6FC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
23:46:46.0330 0x1784  NvNetworkService - ok
23:46:46.0337 0x1784  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:46:46.0348 0x1784  nvraid - ok
23:46:46.0353 0x1784  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:46:46.0365 0x1784  nvstor - ok
23:46:46.0369 0x1784  [ 7308AA5672CC6D14F43C91965DC67200, 573566D94D19F3AEDFB326B0B5987DC52F3802E5F5CAF8C32830660193B93E19 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
23:46:46.0375 0x1784  NvStreamKms - ok
23:46:46.0377 0x1784  NvStreamSvc - ok
23:46:46.0397 0x1784  [ 2AF7D8BCD8912FC16AA15268CDCF2454, 3A2E5ADFC6213A6EA83F78026518EC7EE0DD4BBA7C210CB7A41007BB57DC0636 ] nvsvc           C:\Windows\system32\nvvsvc.exe
23:46:46.0423 0x1784  nvsvc - ok
23:46:46.0427 0x1784  [ D0EB00C3BDD50E9CABA534CF829593E8, 6E11117DC30E834C70DC9381A67D057BC2DADA956855A0EEA9801D45C75536B1 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
23:46:46.0444 0x1784  nvvad_WaveExtensible - ok
23:46:46.0449 0x1784  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:46:46.0459 0x1784  nv_agp - ok
23:46:46.0471 0x1784  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:46:46.0487 0x1784  odserv - ok
23:46:46.0491 0x1784  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:46:46.0501 0x1784  ohci1394 - ok
23:46:46.0508 0x1784  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:46:46.0518 0x1784  ose - ok
23:46:46.0527 0x1784  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:46:46.0543 0x1784  p2pimsvc - ok
23:46:46.0555 0x1784  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
23:46:46.0573 0x1784  p2psvc - ok
23:46:46.0577 0x1784  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:46:46.0589 0x1784  Parport - ok
23:46:46.0593 0x1784  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:46:46.0602 0x1784  partmgr - ok
23:46:46.0608 0x1784  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:46:46.0621 0x1784  PcaSvc - ok
23:46:46.0627 0x1784  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
23:46:46.0638 0x1784  pci - ok
23:46:46.0641 0x1784  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
23:46:46.0649 0x1784  pciide - ok
23:46:46.0655 0x1784  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
23:46:46.0667 0x1784  pcmcia - ok
23:46:46.0671 0x1784  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:46:46.0679 0x1784  pcw - ok
23:46:46.0693 0x1784  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:46:46.0716 0x1784  PEAUTH - ok
23:46:46.0744 0x1784  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
23:46:46.0783 0x1784  PeerDistSvc - ok
23:46:46.0795 0x1784  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:46:46.0805 0x1784  PerfHost - ok
23:46:46.0861 0x1784  [ AE0B94363DA0F60D42B9D05B352F61ED, 284EA0123798BDBBAA93F912AD45B3D3F1F662FDDA5C73C0AC0D76AC2F9033C0 ] PID_PEPI        C:\Windows\system32\DRIVERS\LV302V64.SYS
23:46:46.0926 0x1784  PID_PEPI - ok
23:46:46.0956 0x1784  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
23:46:47.0009 0x1784  pla - ok
23:46:47.0021 0x1784  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:46:47.0038 0x1784  PlugPlay - ok
23:46:47.0041 0x1784  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:46:47.0051 0x1784  PNRPAutoReg - ok
23:46:47.0059 0x1784  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:46:47.0073 0x1784  PNRPsvc - ok
23:46:47.0085 0x1784  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:46:47.0119 0x1784  PolicyAgent - ok
23:46:47.0127 0x1784  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
23:46:47.0153 0x1784  Power - ok
23:46:47.0158 0x1784  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:46:47.0182 0x1784  PptpMiniport - ok
23:46:47.0186 0x1784  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
23:46:47.0196 0x1784  Processor - ok
23:46:47.0203 0x1784  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:46:47.0218 0x1784  ProfSvc - ok
23:46:47.0221 0x1784  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:46:47.0229 0x1784  ProtectedStorage - ok
23:46:47.0235 0x1784  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:46:47.0260 0x1784  Psched - ok
23:46:47.0289 0x1784  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
23:46:47.0329 0x1784  ql2300 - ok
23:46:47.0334 0x1784  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
23:46:47.0344 0x1784  ql40xx - ok
23:46:47.0352 0x1784  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
23:46:47.0369 0x1784  QWAVE - ok
23:46:47.0372 0x1784  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:46:47.0384 0x1784  QWAVEdrv - ok
23:46:47.0387 0x1784  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:46:47.0411 0x1784  RasAcd - ok
23:46:47.0415 0x1784  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:46:47.0439 0x1784  RasAgileVpn - ok
23:46:47.0444 0x1784  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
23:46:47.0469 0x1784  RasAuto - ok
23:46:47.0474 0x1784  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:46:47.0499 0x1784  Rasl2tp - ok
23:46:47.0509 0x1784  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
23:46:47.0539 0x1784  RasMan - ok
23:46:47.0544 0x1784  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:46:47.0569 0x1784  RasPppoe - ok
23:46:47.0573 0x1784  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:46:47.0599 0x1784  RasSstp - ok
23:46:47.0608 0x1784  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:46:47.0636 0x1784  rdbss - ok
23:46:47.0639 0x1784  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:46:47.0650 0x1784  rdpbus - ok
23:46:47.0652 0x1784  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:46:47.0674 0x1784  RDPCDD - ok
23:46:47.0681 0x1784  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
23:46:47.0694 0x1784  RDPDR - ok
23:46:47.0697 0x1784  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:46:47.0720 0x1784  RDPENCDD - ok
23:46:47.0724 0x1784  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:46:47.0747 0x1784  RDPREFMP - ok
23:46:47.0754 0x1784  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:46:47.0769 0x1784  RDPWD - ok
23:46:47.0776 0x1784  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:46:47.0788 0x1784  rdyboost - ok
23:46:47.0792 0x1784  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:46:47.0819 0x1784  RemoteAccess - ok
23:46:47.0825 0x1784  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:46:47.0852 0x1784  RemoteRegistry - ok
23:46:47.0856 0x1784  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:46:47.0882 0x1784  RpcEptMapper - ok
23:46:47.0885 0x1784  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
23:46:47.0896 0x1784  RpcLocator - ok
23:46:47.0908 0x1784  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
23:46:47.0939 0x1784  RpcSs - ok
23:46:47.0944 0x1784  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:46:47.0969 0x1784  rspndr - ok
23:46:47.0982 0x1784  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
23:46:48.0001 0x1784  RTL8167 - ok
23:46:48.0014 0x1784  [ 945AB249D12CBE044782430C6013AA1A, 912514C99A8AEEBECBFCB3632520C12F9CB8A8286BE1C70567C8E9D5416320DF ] RTL8187B        C:\Windows\system32\DRIVERS\RTL8187B.sys
23:46:48.0033 0x1784  RTL8187B - ok
23:46:48.0036 0x1784  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
23:46:48.0047 0x1784  s3cap - ok
23:46:48.0050 0x1784  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs           C:\Windows\system32\lsass.exe
23:46:48.0059 0x1784  SamSs - ok
23:46:48.0063 0x1784  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:46:48.0073 0x1784  sbp2port - ok
23:46:48.0080 0x1784  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:46:48.0109 0x1784  SCardSvr - ok
23:46:48.0112 0x1784  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:46:48.0136 0x1784  scfilter - ok
23:46:48.0158 0x1784  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
23:46:48.0194 0x1784  Schedule - ok
23:46:48.0199 0x1784  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:46:48.0222 0x1784  SCPolicySvc - ok
23:46:48.0228 0x1784  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:46:48.0240 0x1784  SDRSVC - ok
23:46:48.0244 0x1784  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:46:48.0255 0x1784  secdrv - ok
23:46:48.0258 0x1784  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
23:46:48.0281 0x1784  seclogon - ok
23:46:48.0285 0x1784  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
23:46:48.0310 0x1784  SENS - ok
23:46:48.0314 0x1784  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:46:48.0324 0x1784  SensrSvc - ok
23:46:48.0327 0x1784  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:46:48.0337 0x1784  Serenum - ok
23:46:48.0341 0x1784  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:46:48.0353 0x1784  Serial - ok
23:46:48.0356 0x1784  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
23:46:48.0366 0x1784  sermouse - ok
23:46:48.0373 0x1784  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
23:46:48.0399 0x1784  SessionEnv - ok
23:46:48.0402 0x1784  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:46:48.0413 0x1784  sffdisk - ok
23:46:48.0416 0x1784  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:46:48.0426 0x1784  sffp_mmc - ok
23:46:48.0429 0x1784  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:46:48.0440 0x1784  sffp_sd - ok
23:46:48.0442 0x1784  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
23:46:48.0452 0x1784  sfloppy - ok
23:46:48.0461 0x1784  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:46:48.0492 0x1784  SharedAccess - ok
23:46:48.0502 0x1784  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:46:48.0534 0x1784  ShellHWDetection - ok
23:46:48.0538 0x1784  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:46:48.0546 0x1784  SiSRaid2 - ok
23:46:48.0550 0x1784  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
23:46:48.0559 0x1784  SiSRaid4 - ok
23:46:48.0564 0x1784  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:46:48.0588 0x1784  Smb - ok
23:46:48.0593 0x1784  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:46:48.0605 0x1784  SNMPTRAP - ok
23:46:48.0607 0x1784  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:46:48.0616 0x1784  spldr - ok
23:46:48.0629 0x1784  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
23:46:48.0664 0x1784  Spooler - ok
23:46:48.0733 0x1784  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
23:46:48.0831 0x1784  sppsvc - ok
23:46:48.0837 0x1784  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:46:48.0862 0x1784  sppuinotify - ok
23:46:48.0864 0x1784  sptd - ok
23:46:48.0876 0x1784  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:46:48.0895 0x1784  srv - ok
23:46:48.0905 0x1784  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:46:48.0923 0x1784  srv2 - ok
23:46:48.0929 0x1784  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:46:48.0941 0x1784  srvnet - ok
23:46:48.0948 0x1784  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:46:48.0975 0x1784  SSDPSRV - ok
23:46:48.0979 0x1784  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:46:49.0005 0x1784  SstpSvc - ok
23:46:49.0023 0x1784  [ A831D5A4D2F5138E332AC1B98315EBB1, 2FF5C256A83ACFB5CEC17B9FA7875048F770B793C37657D6D4E37C70B2F857A8 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
23:46:49.0044 0x1784  Steam Client Service - ok
23:46:49.0056 0x1784  [ 6213F20854FB987119503F9F91C70B9F, E1683753D192B154DBFE1FD03625A2A56F8576CE2A7619B41159B1C718C73B88 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:46:49.0069 0x1784  Stereo Service - ok
23:46:49.0072 0x1784  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
23:46:49.0080 0x1784  stexstor - ok
23:46:49.0094 0x1784  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
23:46:49.0119 0x1784  stisvc - ok
23:46:49.0123 0x1784  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
23:46:49.0132 0x1784  storflt - ok
23:46:49.0135 0x1784  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
23:46:49.0145 0x1784  StorSvc - ok
23:46:49.0148 0x1784  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
23:46:49.0156 0x1784  storvsc - ok
23:46:49.0159 0x1784  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
23:46:49.0166 0x1784  swenum - ok
23:46:49.0178 0x1784  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
23:46:49.0213 0x1784  swprv - ok
23:46:49.0248 0x1784  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
23:46:49.0297 0x1784  SysMain - ok
23:46:49.0302 0x1784  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:46:49.0317 0x1784  TabletInputService - ok
23:46:49.0325 0x1784  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:46:49.0354 0x1784  TapiSrv - ok
23:46:49.0359 0x1784  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
23:46:49.0383 0x1784  TBS - ok
23:46:49.0420 0x1784  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:46:49.0468 0x1784  Tcpip - ok
23:46:49.0506 0x1784  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:46:49.0545 0x1784  TCPIP6 - ok
23:46:49.0552 0x1784  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:46:49.0575 0x1784  tcpipreg - ok
23:46:49.0579 0x1784  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:46:49.0594 0x1784  TDPIPE - ok
23:46:49.0597 0x1784  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:46:49.0607 0x1784  TDTCP - ok
23:46:49.0612 0x1784  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:46:49.0634 0x1784  tdx - ok
23:46:49.0638 0x1784  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
23:46:49.0647 0x1784  TermDD - ok
23:46:49.0664 0x1784  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
23:46:49.0692 0x1784  TermService - ok
23:46:49.0698 0x1784  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
23:46:49.0711 0x1784  Themes - ok
23:46:49.0714 0x1784  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
23:46:49.0739 0x1784  THREADORDER - ok
23:46:49.0746 0x1784  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
23:46:49.0773 0x1784  TrkWks - ok
23:46:49.0780 0x1784  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:46:49.0805 0x1784  TrustedInstaller - ok
23:46:49.0813 0x1784  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:46:49.0823 0x1784  tssecsrv - ok
23:46:49.0827 0x1784  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:46:49.0838 0x1784  TsUsbFlt - ok
23:46:49.0845 0x1784  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:46:49.0871 0x1784  tunnel - ok
23:46:49.0875 0x1784  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
23:46:49.0884 0x1784  uagp35 - ok
23:46:49.0894 0x1784  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:46:49.0924 0x1784  udfs - ok
23:46:49.0932 0x1784  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:46:49.0943 0x1784  UI0Detect - ok
23:46:49.0947 0x1784  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:46:49.0955 0x1784  uliagpkx - ok
23:46:49.0959 0x1784  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
23:46:49.0968 0x1784  umbus - ok
23:46:49.0974 0x1784  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
23:46:49.0987 0x1784  UmPass - ok
23:46:49.0995 0x1784  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
23:46:50.0012 0x1784  UmRdpService - ok
23:46:50.0022 0x1784  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
23:46:50.0053 0x1784  upnphost - ok
23:46:50.0059 0x1784  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
23:46:50.0070 0x1784  usbaudio - ok
23:46:50.0075 0x1784  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:46:50.0093 0x1784  usbccgp - ok
23:46:50.0098 0x1784  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:46:50.0110 0x1784  usbcir - ok
23:46:50.0113 0x1784  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
23:46:50.0123 0x1784  usbehci - ok
23:46:50.0132 0x1784  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:46:50.0148 0x1784  usbhub - ok
23:46:50.0152 0x1784  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
23:46:50.0161 0x1784  usbohci - ok
23:46:50.0164 0x1784  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:46:50.0174 0x1784  usbprint - ok
23:46:50.0179 0x1784  [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:46:50.0198 0x1784  USBSTOR - ok
23:46:50.0201 0x1784  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:46:50.0210 0x1784  usbuhci - ok
23:46:50.0214 0x1784  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
23:46:50.0238 0x1784  UxSms - ok
23:46:50.0241 0x1784  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc        C:\Windows\system32\lsass.exe
23:46:50.0249 0x1784  VaultSvc - ok
23:46:50.0256 0x1784  [ 8FD4BE594B4247E534E5D7CADA47FF20, A1D4DF89FAE48B2A6E3443C49533000A3E13A3CE1C18D8DB5DAEE4DDD9C51E88 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
23:46:50.0267 0x1784  VBoxNetAdp - ok
23:46:50.0270 0x1784  VBoxNetFlt - ok
23:46:50.0274 0x1784  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:46:50.0283 0x1784  vdrvroot - ok
23:46:50.0295 0x1784  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
23:46:50.0327 0x1784  vds - ok
23:46:50.0331 0x1784  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:46:50.0342 0x1784  vga - ok
23:46:50.0345 0x1784  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave

deeprybka · 12.01.2016, 19:18

Gerne. Alles Gute.

04.01.2016, 22:45	#5
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Ich verschicke Spam Ach wenn sich am Resultat nicht viel ändern wird, bitte Scan so durchführen wie in der Anleitung beschrieben ist. __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

12.01.2016, 19:18	#7
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Ich verschicke Spam Gerne. Alles Gute. __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Ich verschicke Spam

Plagegeister aller Art und deren Bekämpfung: Ich verschicke Spam