Sehr hohe CPU und Datenträgerauslastung - evtl. Virus

Songmaster67 · 18.09.2016, 07:06

Hier mal der Hijack-Logfile, ist dort was verdächtiges drin?
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 07:50:19, on 18.09.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.18123)

FIREFOX: 48.0.2 (x86 de)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
C:\Users\Leon\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\7b4e384f5b096b9656fee276ba88bb81\HijackThis_2.0.5.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPNOT14/4
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ProductUpdater] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKUS\S-1-5-18\..\Run: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun (User 'Default user')
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgfwsa.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
O23 - Service: chip 1-click download service (chip1click) - Chip Digital GmbH - C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10482 bytes

deeprybka · 18.09.2016, 17:40

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Songmaster67 · 18.09.2016, 19:22

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-09-2016
durchgeführt von Leon (Administrator) auf LEON (18-09-2016 20:00:36)
Gestartet von C:\Users\Leon\Desktop
Geladene Profile: Leon (Verfügbare Profile: Leon)
Platform: Windows 8.1 Connected (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7634288 2014-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1386712 2014-06-24] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-05-06] (Synaptics Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-11-12] (IvoSoft)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6718224 2016-08-26] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [204560 2016-09-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2016-01-19] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\...\MountPoints2: {10926062-110f-11e5-8268-d0bf9c11e11c} - "F:\AutoRun.exe" 
HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\...\MountPoints2: {32093fe3-f893-11e4-8265-d0bf9c11e11c} - "F:\AutoRun.exe" 
HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\...\MountPoints2: {3209403a-f893-11e4-8265-d0bf9c11e11c} - "F:\AutoRun.exe" 
HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\...\MountPoints2: {3d92eb65-10dd-11e5-8267-d0bf9c11e11c} - "F:\AutoRun.exe" 
HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\...\MountPoints2: {3d92ec7a-10dd-11e5-8267-d0bf9c11e11c} - "F:\AutoRun.exe" 
HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\...\MountPoints2: {3d92ecb8-10dd-11e5-8267-d0bf9c11e11c} - "F:\AutoRun.exe" 
HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\...\MountPoints2: {695fd658-1b2b-11e6-828f-d0bf9c11e11c} - "F:\autorun.exe" 
HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\...\MountPoints2: {f608c43b-dd54-11e5-827c-d0bf9c11e11c} - "F:\autorun.exe" 

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{206FB9D1-3744-45D6-B00F-DABAC9C2A4CE}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{241529EE-1D63-40E2-BB7D-0303E9CC74F0}: [DhcpNameServer] 198.18.0.1 198.18.0.2

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.hao123.com/?tn=sdks_inner_hp_01_hao123_de&guid=ce57accbaf190e11e5a1cd15768d5887
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.hao123.com/?tn=sdks_inner_hp_01_hao123_de&guid=ce57accbaf190e11e5a1cd15768d5887
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPNOT14/4
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {A4EB470D-100B-40CD-BEBC-04CD9E2BFA36} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2880619619-2121856950-3395575582-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2880619619-2121856950-3395575582-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2880619619-2121856950-3395575582-1001 -> {A4EB470D-100B-40CD-BEBC-04CD9E2BFA36} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-22] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-22] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\wldvbhvo.default
FF Homepage: hxxp://google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-22] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Leon\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2009-09-25] (Microsoft Corporation)

Chrome: 
=======
CHR Profile: C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default [2016-09-18]
CHR Extension: (Google Drive) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-24]
CHR Extension: (YouTube) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-24]
CHR Extension: (ZenMate VPN - Top Internet Security & Unblock) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2016-09-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-24]
CHR Extension: (Google Mail) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-18]

Opera: 
=======
OPR StartupUrls:  "hxxp://google.de/" 
OPR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Leon\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnhbkkedmelfmalgjpkngiaoifpdfcnl [2016-05-21]
OPR Extension: (SurfEasy Proxy, ein Opera-Software-Unternehmen) - C:\Users\Leon\AppData\Roaming\Opera Software\Opera Stable\Extensions\ebpielhlnnpkiddeeacoephkilopgblc [2016-05-21]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [674552 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [2048920 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5285344 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1097488 2016-09-07] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [760024 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-06-24] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-05-06] (Synaptics Incorporated)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4878096 2016-08-19] (AVG Technologies CZ, s.r.o.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 HPSLPSVC; C:\Users\Leon\AppData\Local\Temp\7zS4CAA\hpslpsvc64.dll [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [73480 2016-06-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-08-23] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272640 2016-07-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [262400 2016-08-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-01-23] (Intel Corporation)
S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [294104 2014-04-30] (Realtek Semiconductor Corp.)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4733184 2015-10-14] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-05-06] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-02-15] (AVG Netherlands B.V.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 ewusbnet; \SystemRoot\system32\DRIVERS\ewusbnet.sys [X]
S3 hwdatacard; \SystemRoot\system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; \SystemRoot\system32\DRIVERS\ewusbdev.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-18 20:00 - 2016-09-18 20:01 - 00020779 _____ C:\Users\Leon\Desktop\FRST.txt
2016-09-18 20:00 - 2016-09-18 20:00 - 00000000 ____D C:\FRST
2016-09-18 19:59 - 2016-09-18 19:59 - 02399232 _____ (Farbar) C:\Users\Leon\Desktop\FRST64.exe
2016-09-18 18:06 - 2016-09-18 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-09-18 16:25 - 2016-08-04 16:17 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-09-18 16:25 - 2016-08-03 20:06 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-09-18 16:25 - 2016-08-03 20:05 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-09-18 16:10 - 2016-08-21 01:22 - 00435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-09-18 16:10 - 2016-08-21 00:50 - 00360448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-09-18 16:10 - 2016-06-11 05:44 - 00107984 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-09-18 16:10 - 2016-06-11 05:44 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-09-18 15:54 - 2016-08-21 01:45 - 07076864 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-09-18 15:54 - 2016-08-21 01:05 - 05273600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-09-18 15:54 - 2016-08-21 00:42 - 07795712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-09-18 15:54 - 2016-08-21 00:27 - 05268480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-09-18 15:54 - 2016-08-10 00:47 - 00803176 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-09-18 15:54 - 2016-08-10 00:47 - 00611576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-09-18 15:23 - 2016-09-08 23:51 - 00443224 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-09-18 15:23 - 2016-09-08 23:51 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-09-18 15:23 - 2016-08-22 18:06 - 00179248 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-09-18 15:23 - 2016-08-22 18:06 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-09-18 15:23 - 2016-08-21 03:03 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-09-18 15:23 - 2016-08-21 03:01 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-09-18 15:23 - 2016-08-21 03:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-09-18 15:23 - 2016-08-21 02:17 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-09-18 15:23 - 2016-08-21 01:27 - 01445376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-09-18 15:23 - 2016-08-21 01:26 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-09-18 15:23 - 2016-08-21 00:55 - 00104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-09-18 15:22 - 2016-08-13 09:41 - 07445848 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-09-18 15:22 - 2016-08-13 09:40 - 01737080 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-09-18 15:22 - 2016-08-13 09:40 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-09-18 15:22 - 2016-08-13 09:40 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-09-18 15:22 - 2016-08-13 09:40 - 01490120 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-09-18 15:22 - 2016-08-13 09:40 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-09-18 15:22 - 2016-08-13 02:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-09-18 15:02 - 2016-08-11 18:26 - 01156608 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2016-09-18 15:02 - 2016-08-11 18:17 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2016-09-18 15:02 - 2016-08-11 18:16 - 00455680 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2016-09-18 14:37 - 2016-08-14 21:34 - 01541248 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-09-18 14:37 - 2016-08-14 20:25 - 04171264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-09-18 14:37 - 2016-08-14 18:14 - 01376768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-09-18 11:34 - 2016-09-18 11:34 - 00000000 ____D C:\Users\Leon\AppData\Local\Downloaded Installations
2016-09-18 11:07 - 2016-09-18 11:07 - 00077824 _____ (Task Manager Fix) C:\Users\Leon\Desktop\TaskManagerFix.exe
2016-09-18 08:48 - 2016-09-18 08:48 - 00000000 ____D C:\Users\Leon\AppData\Roaming\dragonscales
2016-09-18 06:59 - 2016-09-18 07:00 - 00000000 ____D C:\ProgramData\F-Secure-UninstallationTool
2016-09-18 06:48 - 2016-09-18 07:02 - 00000000 ____D C:\ProgramData\F-Secure
2016-09-18 06:25 - 2016-09-18 06:41 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-09-18 04:11 - 2016-09-18 04:11 - 00000000 ____D C:\Users\Leon\Desktop\Alte Firefox-Daten
2016-09-18 03:29 - 2016-09-18 03:29 - 00000000 ____D C:\Users\Leon\AppData\Local\ESET
2016-09-18 03:18 - 2016-09-18 03:18 - 15258612 _____ C:\Users\Leon\Downloads\Rootkit_Remover_3022.zip
2016-09-18 02:29 - 2016-09-18 02:29 - 00000000 ____D C:\Users\Leon\Documents\ProcAlyzer Dumps
2016-09-18 00:52 - 2016-09-18 00:52 - 00000036 _____ C:\Users\Leon\AppData\Local\housecall.guid.cache
2016-09-18 00:50 - 2016-09-18 10:51 - 00000000 ____D C:\Program Files (x86)\TrojanHunter
2016-09-17 23:12 - 2016-09-18 10:51 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-09-17 23:12 - 2016-09-17 23:12 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-09-17 23:11 - 2016-09-17 23:11 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2016-09-17 22:53 - 2016-09-17 22:53 - 00007608 _____ C:\Users\Leon\AppData\Local\Resmon.ResmonCfg
2016-09-16 04:58 - 2016-09-18 06:41 - 00000000 ____D C:\Program Files (x86)\Sophos
2016-09-15 21:45 - 2016-09-18 10:51 - 00000000 ____D C:\AdwCleaner
2016-09-15 21:40 - 2016-09-18 10:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-14 13:53 - 2016-07-09 18:10 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2016-09-14 13:53 - 2016-07-09 00:35 - 00101208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-09-14 13:53 - 2016-07-08 16:17 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2016-09-14 13:53 - 2016-07-08 16:17 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2016-09-14 13:53 - 2016-07-08 00:32 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2016-09-14 13:53 - 2016-07-08 00:18 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2016-09-14 13:53 - 2016-07-08 00:10 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2016-09-14 13:53 - 2016-07-08 00:01 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2016-09-14 13:53 - 2016-07-07 23:04 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll
2016-09-14 13:53 - 2016-07-07 22:59 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-09-14 13:53 - 2016-07-07 22:44 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2016-09-14 13:53 - 2016-07-07 22:41 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2016-09-14 13:53 - 2016-07-07 22:34 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2016-09-14 13:53 - 2016-07-07 22:29 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-09-14 13:53 - 2016-07-07 22:29 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2016-09-14 13:53 - 2016-07-07 22:23 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2016-09-14 13:53 - 2016-07-07 22:18 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2016-09-14 13:53 - 2016-07-07 22:11 - 01661064 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-09-14 13:53 - 2016-07-07 22:11 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-09-14 13:53 - 2016-07-07 22:11 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasppp.dll
2016-09-14 13:53 - 2016-07-07 21:35 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasman.dll
2016-09-14 13:53 - 2016-07-07 21:14 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2016-09-14 13:53 - 2016-07-04 07:09 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-09-14 13:53 - 2016-07-04 05:45 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2016-09-14 13:53 - 2016-07-04 05:37 - 02897920 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-09-14 13:53 - 2016-07-04 05:33 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-09-14 13:53 - 2016-07-04 05:04 - 02539008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-09-14 13:53 - 2016-07-04 05:02 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2016-09-14 13:53 - 2016-07-04 04:19 - 03547136 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-09-14 13:53 - 2016-07-01 22:39 - 00197352 _____ (Microsoft Corporation) C:\Windows\system32\dssenh.dll
2016-09-14 13:53 - 2016-07-01 22:39 - 00157016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dssenh.dll
2016-09-14 13:53 - 2016-01-10 19:08 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2016-09-11 09:31 - 2016-09-11 09:31 - 00016246 _____ C:\Users\Leon\Desktop\Schreiben - IKK Classic.tmd
2016-09-11 06:12 - 2016-09-11 06:20 - 01028896 _____ C:\Users\Leon\Desktop\Familienversicherung.pdf
2016-09-09 09:58 - 2016-09-09 09:58 - 00222664 _____ C:\Users\Leon\Documents\Scan0002.pdf
2016-09-05 10:52 - 2016-09-05 10:52 - 00154480 _____ C:\Users\Leon\Documents\Scan0001.pdf
2016-08-29 23:06 - 2016-09-18 10:31 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-26 18:26 - 2016-08-26 18:26 - 06190584 _____ C:\Users\Leon\Downloads\CopyTransDriversInstallerDEv2.038.zip
2016-08-26 18:13 - 2016-09-18 10:30 - 00000000 ____D C:\Program Files (x86)\Gskstudio
2016-08-26 18:13 - 2016-08-26 18:13 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Video Hunter Professional.lnk
2016-08-25 07:23 - 2016-05-12 20:38 - 00135336 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-08-25 07:23 - 2016-05-12 20:38 - 00135336 _____ (Microsoft Corporation) C:\Windows\system32\gpapi(113).dll
2016-08-25 07:23 - 2016-05-12 19:43 - 00115704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-08-25 07:23 - 2016-05-12 18:17 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-08-25 07:23 - 2016-05-12 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-08-25 07:23 - 2016-05-12 18:07 - 01360896 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-08-25 07:23 - 2016-05-12 18:07 - 01360896 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc(114).dll
2016-08-25 07:23 - 2016-05-12 17:59 - 00398848 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-08-25 07:23 - 2016-05-12 17:43 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-08-25 07:23 - 2016-05-12 17:37 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-08-25 07:22 - 2016-05-06 17:45 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-08-25 07:22 - 2016-05-06 17:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-08-25 07:21 - 2016-05-19 01:15 - 01379040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-08-25 07:21 - 2016-05-19 01:15 - 01379040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32(112).dll
2016-08-25 07:21 - 2016-05-18 22:35 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-08-25 07:21 - 2016-05-18 22:35 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32(142).dll
2016-08-25 07:21 - 2016-05-18 07:31 - 00372568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-08-25 07:21 - 2016-05-18 07:31 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-08-25 07:21 - 2016-05-14 22:01 - 00363104 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-08-25 07:21 - 2016-05-14 22:01 - 00363104 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32(140).dll
2016-08-25 07:21 - 2016-05-14 22:01 - 00320720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-08-25 07:21 - 2016-05-14 22:01 - 00320720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32(147).dll
2016-08-25 07:21 - 2016-05-14 01:07 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-08-25 07:21 - 2016-05-14 01:04 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-08-25 07:21 - 2016-05-14 00:19 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-08-25 07:21 - 2016-05-13 23:58 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-08-25 07:21 - 2016-05-13 23:58 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\mswsock(120).dll
2016-08-25 07:21 - 2016-05-13 23:45 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-08-25 07:21 - 2016-05-13 23:45 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\winhttp(136).dll
2016-08-25 07:21 - 2016-05-13 23:35 - 00286208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-08-25 07:21 - 2016-05-13 23:26 - 00631808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-08-25 07:13 - 2016-08-25 07:13 - 00000000 ____D C:\Users\Leon\AppData\Local\ElevatedDiagnostics
2016-08-23 19:57 - 2016-08-23 19:57 - 00010397 _____ C:\Users\Leon\Documents\Mappe1.xlsx
2016-08-23 16:31 - 2016-08-23 16:31 - 00310016 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2016-08-22 13:11 - 2016-08-22 23:12 - 00000000 ____D C:\Users\Leon\AppData\Roaming\TZ-EasyBuch
2016-08-22 13:11 - 2016-08-22 13:11 - 00000000 ____D C:\ProgramData\TZ-EasyBuch
2016-08-22 07:16 - 2016-08-22 07:16 - 00096581 _____ C:\Users\Leon\Documents\Richtung Thüringenhalle.pdf
2016-08-21 10:27 - 2016-08-21 10:27 - 00302894 _____ C:\Users\Leon\Documents\algI.pdf
2016-08-19 22:11 - 2016-07-12 16:08 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2016-08-19 21:44 - 2016-06-25 22:05 - 00050368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-08-19 21:44 - 2016-06-22 15:48 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-08-19 21:44 - 2016-06-21 15:48 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-08-19 21:44 - 2016-06-21 15:48 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-08-19 21:44 - 2016-06-21 15:48 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-08-19 21:44 - 2016-06-21 15:48 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-08-19 21:44 - 2016-06-21 15:48 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-08-19 21:44 - 2016-06-21 15:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-08-19 21:44 - 2016-06-21 15:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic(106).dll
2016-08-19 21:44 - 2016-06-21 15:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-08-19 21:44 - 2016-06-03 19:11 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-08-19 21:44 - 2016-06-03 19:11 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc(127).dll
2016-08-19 21:13 - 2016-06-25 20:13 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-08-19 21:13 - 2016-06-25 20:13 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\inetpp(115).dll
2016-08-19 21:13 - 2016-06-25 18:24 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-08-19 21:13 - 2016-06-25 18:15 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-08-19 21:13 - 2016-06-25 18:15 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\localspl(116).dll
2016-08-19 21:13 - 2016-06-25 18:13 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-08-19 21:13 - 2016-06-25 18:13 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl(135).dll
2016-08-19 21:13 - 2016-06-25 18:05 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-08-19 21:13 - 2016-01-30 21:50 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2016-08-19 21:13 - 2016-01-30 21:00 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2016-08-19 21:13 - 2016-01-30 20:48 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2016-08-19 21:13 - 2016-01-30 20:18 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2016-08-19 21:13 - 2016-01-30 19:48 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2016-08-19 21:13 - 2016-01-30 19:41 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2016-08-19 13:17 - 2016-08-19 13:17 - 00000919 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Protection.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-18 20:01 - 2015-04-18 16:42 - 00000000 ____D C:\Users\Leon\AppData\Local\ClassicShell
2016-09-18 19:49 - 2016-04-24 08:32 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-18 19:37 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-09-18 19:36 - 2015-04-18 19:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-18 19:27 - 2015-04-18 12:58 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2880619619-2121856950-3395575582-1001
2016-09-18 19:24 - 2016-07-20 19:14 - 00000000 ____D C:\Users\Leon\Documents\Youcam
2016-09-18 19:22 - 2016-04-24 08:32 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-18 19:22 - 2015-04-18 12:59 - 00000000 __RDO C:\Users\Leon\OneDrive
2016-09-18 19:18 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-18 19:13 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\setup
2016-09-18 19:13 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\setup
2016-09-18 19:13 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-09-18 19:07 - 2015-12-04 19:14 - 00000000 ____D C:\Windows\system32\MRT
2016-09-18 19:07 - 2015-05-03 22:45 - 00000000 ____D C:\ProgramData\MFAData
2016-09-18 18:55 - 2015-12-04 19:14 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-09-18 18:45 - 2013-08-22 16:44 - 00386344 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-18 18:42 - 2016-03-22 08:52 - 00000000 ____D C:\Program Files (x86)\OXXOGames
2016-09-18 18:42 - 2015-12-05 10:31 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-09-18 18:42 - 2015-12-05 10:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-09-18 18:08 - 2014-03-18 11:38 - 00000000 ____D C:\Windows\ShellNew
2016-09-18 17:47 - 2015-04-26 21:06 - 00000000 ____D C:\ProgramData\Skype
2016-09-18 16:56 - 2015-12-21 09:47 - 00000000 ____D C:\Users\Leon\AppData\Roaming\HpUpdate
2016-09-18 16:56 - 2015-05-03 22:15 - 00000000 ____D C:\Users\Leon\AppData\Local\Microsoft Help
2016-09-18 16:56 - 2015-04-26 21:06 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Skype
2016-09-18 16:40 - 2014-09-03 15:52 - 00800954 _____ C:\Windows\system32\perfh007.dat
2016-09-18 16:40 - 2014-09-03 15:52 - 00174458 _____ C:\Windows\system32\perfc007.dat
2016-09-18 16:40 - 2014-03-18 11:53 - 01921090 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-18 12:50 - 2015-06-12 21:32 - 00000000 ____D C:\Users\Leon\AppData\Roaming\vlc
2016-09-18 11:50 - 2016-04-24 08:33 - 00002174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-09-18 11:17 - 2015-12-20 07:57 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-18 11:01 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-09-18 10:56 - 2015-04-18 12:49 - 00000000 ____D C:\Users\Leon
2016-09-18 10:52 - 2013-08-22 17:36 - 00000000 __RSD C:\Windows\Media
2016-09-18 10:52 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-09-18 10:52 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-09-18 10:52 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-09-18 10:51 - 2016-02-27 14:09 - 00000000 ___SD C:\Windows\system32\GWX
2016-09-18 10:51 - 2015-12-20 11:20 - 00000000 ____D C:\Program Files\WinRAR
2016-09-18 10:51 - 2015-04-18 19:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-18 10:51 - 2014-09-03 07:22 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2016-09-18 10:51 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\Sysprep
2016-09-18 10:44 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-18 10:34 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-18 10:34 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\registration
2016-09-18 10:33 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-18 10:31 - 2015-12-04 20:01 - 00000000 ____D C:\Program Files\Common Files\AV
2016-09-18 06:03 - 2015-12-19 13:38 - 00000000 ____D C:\Users\Leon\AppData\Roaming\UseNeXT
2016-09-17 15:49 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-09-15 21:00 - 2015-04-18 19:23 - 00000000 ____D C:\Users\Leon\AppData\Local\Adobe
2016-09-13 21:43 - 2015-04-18 13:10 - 00003766 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{003F1F49-3F9C-4DB0-A793-493FA420D1ED}
2016-09-13 12:36 - 2015-04-18 19:23 - 00003636 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-12 16:23 - 2015-05-03 22:48 - 00000000 ___HD C:\$AVG
2016-09-11 09:10 - 2016-07-31 07:23 - 00000338 _____ C:\Windows\Tasks\HPCeeScheduleForLeon.job
2016-09-07 03:11 - 2013-08-22 17:38 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-09-07 03:11 - 2013-08-22 17:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-08-29 22:27 - 2016-04-19 05:49 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Abelssoft
2016-08-29 22:27 - 2016-04-19 05:49 - 00000000 ____D C:\Users\Leon\AppData\Local\Abelssoft
2016-08-26 18:40 - 2015-12-25 15:37 - 00000000 ____D C:\Program Files\iTunes
2016-08-26 18:35 - 2015-12-25 15:33 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-08-26 18:34 - 2014-12-10 18:18 - 00000000 ____D C:\ProgramData\Apple
2016-08-26 17:53 - 2015-12-19 18:44 - 00000000 ____D C:\Users\Leon\AppData\Roaming\WindSolutions
2016-08-26 17:53 - 2015-12-19 18:44 - 00000000 ____D C:\ProgramData\WindSolutions
2016-08-25 07:37 - 2015-05-12 13:34 - 00000000 ____D C:\Windows\system32\appraiser
2016-08-25 06:47 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2016-08-24 09:08 - 2015-12-19 11:24 - 00002545 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2016-08-22 19:06 - 2015-12-23 17:22 - 00017601 _____ C:\Users\Leon\Documents\Leon - Gehalt an Landratsamt Meiningen.tmd
2016-08-22 18:54 - 2015-12-23 17:22 - 00017601 _____ C:\Users\Leon\Documents\Leon - Gehalt an Landratsamt Meiningen.bak
2016-08-19 20:45 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI(109)
2016-08-19 16:35 - 2015-12-19 11:24 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2016-08-19 13:29 - 2015-05-03 22:48 - 00000000 ____D C:\ProgramData\AVG2015
2016-08-19 13:23 - 2015-12-19 11:24 - 00000000 ____D C:\Users\Leon\AppData\Roaming\AVG
2016-08-19 13:23 - 2015-12-19 11:21 - 00000000 ____D C:\Users\Leon\AppData\Local\AvgSetupLog
2016-08-19 13:23 - 2015-05-03 22:48 - 00000000 ____D C:\Program Files (x86)\AVG
2016-08-19 13:22 - 2015-06-12 10:39 - 00000000 ____D C:\Users\Leon\AppData\Local\Avg
2016-08-19 13:17 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-08-19 13:14 - 2015-12-19 11:21 - 00000000 ____D C:\ProgramData\Avg

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-01-17 09:51 - 2016-01-17 09:51 - 0099384 _____ () C:\Users\Leon\AppData\Roaming\inst.exe
2016-01-17 09:51 - 2016-01-17 09:51 - 0007859 _____ () C:\Users\Leon\AppData\Roaming\pcouffin.cat
2016-01-17 09:51 - 2016-01-17 09:51 - 0001167 _____ () C:\Users\Leon\AppData\Roaming\pcouffin.inf
2016-01-17 09:51 - 2016-01-17 09:51 - 0000055 _____ () C:\Users\Leon\AppData\Roaming\pcouffin.log
2016-01-17 09:51 - 2016-01-17 09:51 - 0082816 _____ (VSO Software) C:\Users\Leon\AppData\Roaming\pcouffin.sys
2016-09-18 00:52 - 2016-09-18 00:52 - 0000036 _____ () C:\Users\Leon\AppData\Local\housecall.guid.cache
2016-09-17 22:53 - 2016-09-17 22:53 - 0007608 _____ () C:\Users\Leon\AppData\Local\Resmon.ResmonCfg
2015-12-21 09:45 - 2015-12-21 09:45 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-01-06 21:43 - 2016-01-06 21:43 - 0005035 _____ () C:\ProgramData\eaapqbsg.gfr
2016-01-06 21:43 - 2016-01-06 21:43 - 0000016 _____ () C:\ProgramData\mntemp

Einige Dateien in TEMP:
====================
C:\Users\Leon\AppData\Local\Temp\gkey.exe
C:\Users\Leon\AppData\Local\Temp\pkeyui.exe
C:\Users\Leon\AppData\Local\Temp\Uninstall.exe
C:\Users\Leon\AppData\Local\Temp\wabk.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-04 19:07

==================== Ende von FRST.txt ============================

[CODE]Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-09-2016
durchgeführt von Leon (18-09-2016 20:05:16)
Gestartet von C:\Users\Leon\Desktop
Windows 8.1 Connected (Update) (X64) (2015-04-18 10:51:34)
Start-Modus: Normal
==========================================================

==================== Konten: =============================

Administrator (S-1-5-21-2880619619-2121856950-3395575582-500 - Administrator - Disabled)
Gast (S-1-5-21-2880619619-2121856950-3395575582-501 - Limited - Disabled)
Leon (S-1-5-21-2880619619-2121856950-3395575582-1001 - Administrator - Enabled) => C:\Users\Leon

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Ashampoo Office 2012 (HKLM-x32\...\{8EBB8452-274B-465D-8324-00B0832FBB02}) (Version: 12.0.960 - ashampoo GmbH & Co. KG)
AVG (Version: 16.111.7797 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.4483 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4656 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.52.2.34122 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.52.2 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.111.7797 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Classic Shell (HKLM\...\{D4B3454F-7529-4F5F-851D-2C36933F7D64}) (Version: 4.2.5 - IvoSoft)
CrystalDiskInfo 6.8.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.8.1 - Crystal Dew World)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.4.4218 - CyberLink Corp.)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
FMW 1 (Version: 1.123.1 - AVG Technologies) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.6.321 - Foxit Software Inc.)
Freemake Video Converter Version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{90CE78B2-4F84-4BE8-B55C-ED85759C8445}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ENVY 5640 series - Grundlegende Software für das Gerät (HKLM\...\{459B0D45-7AC9-4C63-8875-9A9B744E861F}) (Version: 34.0.50.48729 - Hewlett-Packard Co.)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.3.34.7 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.5.32.37 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Utility Center (HKLM\...\{E8F2076D-1885-4A0F-83D8-77B1F9D384CE}) (Version: 2.5.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Jigsaw Tour 2 1.00 (HKLM-x32\...\Jigsaw Tour 2 1.00) (Version: 1.00 - BigFish)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Online Video Hunter Professional v 2.3.0.0 (HKLM-x32\...\Online Video Hunter Professional_is1) (Version: - Gskstudio.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29080 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7272 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.33 - REALTEK Semiconductor Corp.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.9 - Synaptics Incorporated)
The Far Kingdoms - Sacred Grove Solitaire 1.00 (HKLM-x32\...\The Far Kingdoms - Sacred Grove Solitaire 1.00) (Version: 1.00 - BigFish)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.75 - VSO Software)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Zwangs-Update-Killer (HKLM-x32\...\{8E446BC1-620B-47AE-A0B1-ED592A4A758C}_is1) (Version: 1.0.0.0 - pXc-coding.com)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> Keine Datei <==== ACHTUNG
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> Keine Datei <==== ACHTUNG
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> Keine Datei <==== ACHTUNG
Task: {3864A97E-D351-448D-B4B1-34CEBB76D5ED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {4E5DFFF6-2B20-416B-9A64-A354346E0FEE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-09-18] (Microsoft Corporation)
Task: {63F53AF8-CC93-4779-86C8-9C2F1E1EDF73} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2016-08-19] (AVG Technologies CZ, s.r.o.)
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> Keine Datei <==== ACHTUNG
Task: {7F330BDB-C0EC-4504-AB8A-AD35F167D9F6} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-08-18] (HP Inc.)
Task: {83FD6594-E024-4C09-B871-E5EAEB824AF3} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-06-18] (CyberLink Corp.)
Task: {A17F61C6-626A-49DA-AE8F-735FC60416E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {A4D3C75C-3694-4284-B956-A6FEC820709A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> Keine Datei <==== ACHTUNG
Task: {C62B97B5-5DBF-405B-99D1-C0339ADC97E7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {C7620762-AE71-495D-A10B-73391719837F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-24] (Google Inc.)
Task: {C89CAFEE-559B-4AAE-AB3C-2779E2CB7DF0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {CD5590BF-194D-48BC-BFA9-65308EF1DAB1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> Keine Datei <==== ACHTUNG
Task: {E076E663-E5AA-4C04-9DD7-69591A050A6D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13] (Adobe Systems Incorporated)
Task: {E7A4E79E-027C-447A-B555-9DB826726D74} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-24] (Google Inc.)
Task: {FABB09D7-AB21-4FA3-8824-CE8B733D2529} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-05-13] (Piriform Ltd)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForLeon.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-05 15:23 - 2016-07-05 15:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-01-06 13:29 - 2016-01-19 17:51 - 00073216 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2016-09-18 11:50 - 2016-09-14 04:52 - 02280264 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-18 11:50 - 2016-09-14 04:52 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll
2015-12-19 11:21 - 2016-04-07 15:21 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Leon\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "MyStart Anti-phishing Domain Advisor"
HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\...\StartupApproved\Run: => "AshSnap"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{DBAE3C8B-32BC-4EAD-9FC5-BB0CA1A2F6E8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C6B08CE3-2BB3-41A0-8A58-64DB3304AD2E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7978F8A3-AC7C-4A90-9681-26E4F45911E3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{64FE7246-4D0A-457B-8AFC-3F5D2546FEE9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1BDC40D0-0278-44A3-B053-4B8753D11776}] => (Allow) C:\Program Files\HP\HP ENVY 5640 series\Bin\DeviceSetup.exe
FirewallRules: [{455A4ABC-CDAD-4C57-8758-A5B28A2286D5}] => (Allow) LPort=5357
FirewallRules: [{5D1F0FE4-D5FF-4F59-9107-70289F358C8A}] => (Allow) C:\Program Files\HP\HP ENVY 5640 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{0F2F97B5-DE01-41A3-8D9D-4EDDA368692B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{1898FBA3-C2DA-4265-A534-F384818F03A6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{AFBE6028-AAD4-4F25-89E9-AA3395F138EF}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{E034A5A2-76F0-4B79-9A29-B5EF4B167FC5}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{F88B500C-9D08-46CA-8ABC-F81FA7F62593}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{2E99DC1B-F849-414A-835B-D2542765219D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{CE7044F3-D94F-48D5-B520-393E99F26B04}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{2964BFAA-420A-49F4-9FC8-FBBD89F06DE1}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{54E375A9-7F91-4A10-B2E9-A1818000058F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

13-09-2016 23:22:49 Removed Skype™ 7.26
16-09-2016 17:42:54 chip 1-click download service wurde entfernt.
18-09-2016 10:21:03 Wiederherstellungsvorgang

==================== Fehlerhafte Geräte im Gerätemanager =============

==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/18/2016 11:00:00 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1500) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Windows\system32\SRU\SRU022B4.log.

Error: (09/18/2016 10:56:30 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Removed Skype™ 7.26). Zusätzliche Informationen: 0xc0000022.

Error: (09/18/2016 12:06:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SDScan.exe, Version: 2.6.44.181, Zeitstempel: 0x56efed8f
Name des fehlerhaften Moduls: SDScanLibrary.dll_unloaded, Version: 2.6.44.134, Zeitstempel: 0x56efe6de
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002ae274
ID des fehlerhaften Prozesses: 0x4ac
Startzeit der fehlerhaften Anwendung: 0x01d21129279df5da
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Pfad des fehlerhaften Moduls: SDScanLibrary.dll
Berichtskennung: ff439b7f-7d22-11e6-82ad-d0bf9c11e11c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/17/2016 11:44:27 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext: Anwendung, SystemIndex Katalog

Error: (09/16/2016 04:23:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chip 1-click installer.exe, Version: 3.6.9.0, Zeitstempel: 0x57c44a10
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18264, Zeitstempel: 0x56e1bd71
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000008a5c
ID des fehlerhaften Prozesses: 0x10f4
Startzeit der fehlerhaften Anwendung: 0x01d21025e8b2879f
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll
Berichtskennung: 279e1cbd-7c19-11e6-82ac-d0bf9c11e11c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/16/2016 04:23:36 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: chip 1-click installer.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei System.Net.Sockets.TcpListener.AcceptTcpClient()
bei chip_1_click_installer.chip1click.createListener()
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()

Error: (09/11/2016 05:51:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 48.0.2.6079, Zeitstempel: 0x57bd3628
Name des fehlerhaften Moduls: mozglue.dll, Version: 48.0.2.6079, Zeitstempel: 0x57bd2857
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000efe5
ID des fehlerhaften Prozesses: 0x62b0
Startzeit der fehlerhaften Anwendung: 0x01d20c2d1f870908
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
Berichtskennung: 9b4be130-7837-11e6-82ab-d0bf9c11e11c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/09/2016 11:14:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 48.0.2.6079 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 35d8

Startzeit: 01d20a71b1484598

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: c970d2f6-766d-11e6-82ab-d0bf9c11e11c

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/09/2016 11:14:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 48.0.2.6079, Zeitstempel: 0x57bd3628
Name des fehlerhaften Moduls: mozglue.dll, Version: 48.0.2.6079, Zeitstempel: 0x57bd2857
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000efe5
ID des fehlerhaften Prozesses: 0x40d8
Startzeit der fehlerhaften Anwendung: 0x01d20a794e5b3dc6
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
Berichtskennung: c9fee29b-766d-11e6-82ab-d0bf9c11e11c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/09/2016 12:19:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcroRd32.exe, Version: 15.17.20050.61080, Zeitstempel: 0x5774facd
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18233, Zeitstempel: 0x56bb4e1d
Ausnahmecode: 0xc0000008
Fehleroffset: 0x0003c31c
ID des fehlerhaften Prozesses: 0x45f8
Startzeit der fehlerhaften Anwendung: 0x01d20a1eff89343c
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: 486eb9ce-7612-11e6-82ab-d0bf9c11e11c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Systemfehler:
=============
Error: (09/18/2016 07:20:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
Das angegebene Modul wurde nicht gefunden.

Error: (09/18/2016 06:53:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Sicherheitsupdate für Microsoft Office Excel 2007 (KB3115459)

Error: (09/18/2016 06:53:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Sicherheitsupdate für Microsoft Office 2007 suites (KB3118300)

Error: (09/18/2016 06:53:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Sicherheitsupdate für Microsoft Office Compatibility Pack Service Pack 3 (KB3115462)

Error: (09/18/2016 06:52:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Sicherheitsupdate für Microsoft Office PowerPoint 2007 (KB3114744)

Error: (09/18/2016 06:52:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Windows-Tool zum Entfernen bösartiger Software für Windows 8, 8.1, 10 und Windows Server 2012, 2012 R2 x64 Edition - September 2016 (KB890830)

Error: (09/18/2016 06:48:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
Das angegebene Modul wurde nicht gefunden.

Error: (09/18/2016 06:09:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Update für Windows 8.1 für x64-Systeme (KB3162835)

Error: (09/18/2016 06:09:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Update für Windows 8.1 für x64-Systeme (KB3177723)

Error: (09/18/2016 06:09:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073701 fehlgeschlagen: Update für Windows 8.1 für x64-Systeme (KB3179574)

CodeIntegrity:
===================================
Date: 2016-09-18 13:20:53.667
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-09-16 06:15:43.008
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\205D.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-09-16 05:46:34.913
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\293E.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-09-16 05:37:27.912
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\293E.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-09-16 05:10:41.256
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\293E.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-09-16 05:01:12.030
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\293E.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Speicherinformationen ===========================

Prozessor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Prozentuale Nutzung des RAM: 57%
Installierter physikalischer RAM: 3982.27 MB
Verfügbarer physikalischer RAM: 1680.55 MB
Summe virtueller Speicher: 4686.27 MB
Verfügbarer virtueller Speicher: 2208.76 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:443.02 GB) (Free:293.03 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:21.73 GB) (Free:2.43 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: E6DC802C)

Partition: GPT.

[CODE]

deeprybka · 18.09.2016, 19:29

Schritt 1
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Songmaster67 · 18.09.2016, 19:46

Code:

ATTFilter

20:38:51.0243 0x08e8  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
20:38:51.0243 0x08e8  UEFI system
20:38:59.0516 0x08e8  ============================================================
20:38:59.0516 0x08e8  Current date / time: 2016/09/18 20:38:59.0516
20:38:59.0516 0x08e8  SystemInfo:
20:38:59.0516 0x08e8  
20:38:59.0516 0x08e8  OS Version: 6.3.9600 ServicePack: 0.0
20:38:59.0516 0x08e8  Product type: Workstation
20:38:59.0516 0x08e8  ComputerName: LEON
20:38:59.0516 0x08e8  UserName: Leon
20:38:59.0516 0x08e8  Windows directory: C:\Windows
20:38:59.0516 0x08e8  System windows directory: C:\Windows
20:38:59.0516 0x08e8  Running under WOW64
20:38:59.0516 0x08e8  Processor architecture: Intel x64
20:38:59.0516 0x08e8  Number of processors: 2
20:38:59.0516 0x08e8  Page size: 0x1000
20:38:59.0516 0x08e8  Boot type: Normal boot
20:38:59.0516 0x08e8  CodeIntegrityOptions = 0x00000001
20:38:59.0516 0x08e8  ============================================================
20:39:00.0313 0x08e8  KLMD registered as C:\Windows\system32\drivers\92562368.sys
20:39:00.0313 0x08e8  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18438, osProperties = 0x19
20:39:01.0861 0x08e8  System UUID: {66550F60-8132-6A03-606E-8138078458B6}
20:39:04.0208 0x08e8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:39:04.0255 0x08e8  ============================================================
20:39:04.0255 0x08e8  \Device\Harddisk0\DR0:
20:39:04.0255 0x08e8  GPT partitions:
20:39:04.0255 0x08e8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {84CB656D-7142-4F0E-A1C1-4633123E9B66}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x145000
20:39:04.0255 0x08e8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {DB0D3098-EBB7-4CDA-B7A7-166DA0117338}, Name: EFI system partition, StartLBA 0x145800, BlocksNum 0x82000
20:39:04.0255 0x08e8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {2FE812DD-DA13-46DE-8431-BC21FEBA1D25}, Name: Microsoft reserved partition, StartLBA 0x1C7800, BlocksNum 0x40000
20:39:04.0270 0x08e8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D50E158B-F391-40F1-B792-F6BC494DA45F}, Name: Basic data partition, StartLBA 0x207800, BlocksNum 0x37608000
20:39:04.0270 0x08e8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6F4AAEFD-0D1B-4A3F-A836-9BD473736B11}, Name: Basic data partition, StartLBA 0x3780F800, BlocksNum 0x2B74000
20:39:04.0270 0x08e8  MBR partitions:
20:39:04.0270 0x08e8  ============================================================
20:39:04.0317 0x08e8  C: <-> \Device\Harddisk0\DR0\Partition4
20:39:04.0395 0x08e8  D: <-> \Device\Harddisk0\DR0\Partition5
20:39:04.0395 0x08e8  ============================================================
20:39:04.0395 0x08e8  Initialize success
20:39:04.0395 0x08e8  ============================================================
20:40:51.0042 0x1378  ============================================================
20:40:51.0042 0x1378  Scan started
20:40:51.0042 0x1378  Mode: Manual; SigCheck; TDLFS; 
20:40:51.0042 0x1378  ============================================================
20:40:51.0042 0x1378  KSN ping started
20:40:51.0230 0x1378  KSN ping finished: true
20:40:53.0254 0x1378  ================ Scan system memory ========================
20:40:53.0255 0x1378  System memory - ok
20:40:53.0255 0x1378  ================ Scan services =============================
20:40:53.0458 0x1378  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
20:40:53.0591 0x1378  1394ohci - ok
20:40:53.0640 0x1378  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
20:40:53.0686 0x1378  3ware - ok
20:40:53.0764 0x1378  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:40:53.0811 0x1378  ACPI - ok
20:40:53.0826 0x1378  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
20:40:53.0858 0x1378  acpiex - ok
20:40:53.0873 0x1378  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
20:40:53.0904 0x1378  acpipagr - ok
20:40:53.0904 0x1378  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
20:40:53.0951 0x1378  AcpiPmi - ok
20:40:53.0951 0x1378  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
20:40:53.0983 0x1378  acpitime - ok
20:40:54.0092 0x1378  [ A0CAC4F3F998173A8DC1E67E7E0345EF, D0C2F504A5059691EDBBA917D0C6260450A554A365C12E7747E48EE1668C51A5 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:40:54.0154 0x1378  AdobeARMservice - ok
20:40:54.0296 0x1378  [ 8FC33A20D54FB5CC7FBBA814B4E42A22, 707F61F0CEB9467D9BD1782868403BD53DB46EAB0342772661F370E5174AAD8C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:40:54.0337 0x1378  AdobeFlashPlayerUpdateSvc - ok
20:40:54.0391 0x1378  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
20:40:54.0447 0x1378  ADP80XX - ok
20:40:54.0492 0x1378  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:40:54.0534 0x1378  AeLookupSvc - ok
20:40:54.0610 0x1378  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
20:40:54.0671 0x1378  AERTFilters - ok
20:40:54.0764 0x1378  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\Windows\system32\drivers\afd.sys
20:40:54.0812 0x1378  AFD - ok
20:40:54.0858 0x1378  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:40:54.0897 0x1378  agp440 - ok
20:40:54.0934 0x1378  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
20:40:55.0037 0x1378  ahcache - ok
20:40:55.0066 0x1378  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\Windows\System32\alg.exe
20:40:55.0104 0x1378  ALG - ok
20:40:55.0228 0x1378  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
20:40:55.0289 0x1378  AmdK8 - ok
20:40:55.0414 0x1378  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
20:40:55.0492 0x1378  AmdPPM - ok
20:40:55.0570 0x1378  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:40:55.0664 0x1378  amdsata - ok
20:40:55.0930 0x1378  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
20:40:56.0000 0x1378  amdsbs - ok
20:40:56.0015 0x1378  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:40:56.0031 0x1378  amdxata - ok
20:40:56.0109 0x1378  [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
20:40:56.0187 0x1378  AppHostSvc - ok
20:40:56.0344 0x1378  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
20:40:56.0453 0x1378  AppID - ok
20:40:56.0547 0x1378  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:40:56.0609 0x1378  AppIDSvc - ok
20:40:56.0750 0x1378  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\Windows\System32\appinfo.dll
20:40:56.0890 0x1378  Appinfo - ok
20:40:57.0344 0x1378  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:40:57.0422 0x1378  Apple Mobile Device Service - ok
20:40:57.0688 0x1378  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
20:40:57.0750 0x1378  AppReadiness - ok
20:40:58.0204 0x1378  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
20:40:58.0438 0x1378  AppXSvc - ok
20:40:58.0594 0x1378  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:40:58.0688 0x1378  arcsas - ok
20:40:58.0860 0x1378  [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:40:58.0907 0x1378  aspnet_state - ok
20:40:58.0938 0x1378  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:40:58.0969 0x1378  AsyncMac - ok
20:40:58.0985 0x1378  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:40:59.0000 0x1378  atapi - ok
20:40:59.0204 0x1378  [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr            C:\Windows\system32\DRIVERS\athw8x.sys
20:40:59.0438 0x1378  athr - ok
20:40:59.0485 0x1378  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
20:40:59.0532 0x1378  AudioEndpointBuilder - ok
20:40:59.0594 0x1378  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:40:59.0657 0x1378  Audiosrv - ok
20:40:59.0807 0x1378  [ 5834364BED846E6C8FFCC9D2B5D11F1A, 49F38D83215666E15CF984F49688DE65291EF1A0C94956E29A0D11F5DA3FEFDF ] AvgAMPS         C:\Program Files (x86)\AVG\Av\avgamps.exe
20:40:59.0886 0x1378  AvgAMPS - ok
20:40:59.0917 0x1378  [ 344B89E8D91B1F25239310DCC7337ED0, CF57BD6AAA2A1527957DA4BA4FFC8072D4BE071C95A8741690CA051727B4E30C ] Avgboota        C:\Windows\system32\DRIVERS\avgboota.sys
20:40:59.0948 0x1378  Avgboota - ok
20:41:00.0011 0x1378  [ EBE91430DEC70E1F81D1C48B31160CAE, DFFF9663D797D7E289EEB5591ACFED49454FAEB9840CBCB319B60043CD989550 ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
20:41:00.0042 0x1378  Avgdiska - ok
20:41:00.0073 0x1378  [ 25BD83F5A01FECA19B75F8FF75B3D9DB, 637E883324BD295346EBFBC8872ED3344380C0DB1C39EFFEFDC5471C42EAEE67 ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6a.sys
20:41:00.0120 0x1378  Avgfwfd - ok
20:41:00.0245 0x1378  [ B85800922431F8D21ADEECA3CBE017AA, 1DA91974EDC53FE6FE83D205CCE37CDA413F074CDEE08DC628982B70A0F482E4 ] avgfws          C:\Program Files (x86)\AVG\Av\avgfwsa.exe
20:41:00.0339 0x1378  avgfws - ok
20:41:00.0620 0x1378  [ 3E3E75ACF3AC9C5B5820CC0CC8A132B6, 5CBAA9AC4DD964E9D50E9C9B97096F1A93BAA40AB2FE32948F0C2B4345425B15 ] AVGIDSAgent     C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
20:41:00.0839 0x1378  AVGIDSAgent - ok
20:41:00.0948 0x1378  [ 381FB91B6FD4AD81659ECA806C0FB0A4, CB195F19601332D9CA3CADC7C7E2B87797F881B33AA5B86D5CE985191B4E8BF3 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
20:41:01.0011 0x1378  AVGIDSDriver - ok
20:41:01.0042 0x1378  [ 89C52A9E784C390474FED7FF340DC917, C192789D0186ABADFC866DD6BD5A09E3951809A8ED448667143D58FF3658654B ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
20:41:01.0089 0x1378  AVGIDSHA - ok
20:41:01.0120 0x1378  [ 65E62E92584319747183FA54C08C0330, 26F3D9C36254499DC0A43B5FF4A6B35784BC49143CDAED7E0257A6C527BF2EE5 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
20:41:01.0167 0x1378  Avgldx64 - ok
20:41:01.0183 0x1378  [ 301E95F388C93D3C73EE35E3693C6A97, 512BA2905EDCC900B12037701A120EE527A14894BF562610F3CF57A65D20FCD5 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
20:41:01.0230 0x1378  Avgloga - ok
20:41:01.0276 0x1378  [ B3FCE2E7EBC30E9A3506C1FA4FF858EF, 587643C7D09DDC5F18C17DBF0F433EAEFA3717049BB464ED2F61CF25C665E59D ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
20:41:01.0308 0x1378  Avgmfx64 - ok
20:41:01.0323 0x1378  [ 2A0D6982D0492BF6266E64F25C23EAE8, 7400F85784C0658B4DF6C7424E3ACDCF421D8293D247E80D6AEE14FA91EBFBDC ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
20:41:01.0355 0x1378  Avgrkx64 - ok
20:41:01.0495 0x1378  [ F740A8CD551DC8373A7CB9B507C847E6, FD960CA1F35190F1D801897ED43439BBEAD0079F944AC629543B36B86698BE8C ] avgsvc          C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
20:41:01.0558 0x1378  avgsvc - ok
20:41:01.0605 0x1378  [ 1EEB894456B375A486950D343F6DB81F, C5D6EBAC49A4AABE360EE2FA791628C164608FAF5CF37049368CE061D8ABFC10 ] avguniva        C:\Windows\system32\DRIVERS\avguniva.sys
20:41:01.0620 0x1378  avguniva - ok
20:41:01.0745 0x1378  [ D06ED6BF86CD5A0E930FD71760FB6CE4, 1DCABF02E04A8A2172D23494986FA4F80CF901E0CDC379289FE4CFC9635BE05C ] avgwd           C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
20:41:01.0792 0x1378  avgwd - ok
20:41:01.0854 0x1378  [ B7C9C5FD9406605A0449160FF17AF1A6, CDB07896591FC8316ACB50CF28D3CB523BD09AE2D89C3A30E36F9673594C0869 ] Avgwfpa         C:\Windows\system32\DRIVERS\avgwfpa.sys
20:41:01.0886 0x1378  Avgwfpa - ok
20:41:01.0917 0x1378  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:41:01.0948 0x1378  AxInstSV - ok
20:41:01.0995 0x1378  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
20:41:02.0042 0x1378  b06bdrv - ok
20:41:02.0089 0x1378  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
20:41:02.0167 0x1378  BasicDisplay - ok
20:41:02.0183 0x1378  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
20:41:02.0214 0x1378  BasicRender - ok
20:41:02.0261 0x1378  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
20:41:02.0276 0x1378  bcmfn2 - ok
20:41:02.0323 0x1378  [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:41:02.0370 0x1378  BDESVC - ok
20:41:02.0386 0x1378  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
20:41:02.0401 0x1378  Beep - ok
20:41:02.0479 0x1378  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\Windows\System32\bfe.dll
20:41:02.0542 0x1378  BFE - ok
20:41:02.0652 0x1378  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\Windows\System32\qmgr.dll
20:41:02.0730 0x1378  BITS - ok
20:41:02.0761 0x1378  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:41:02.0808 0x1378  bowser - ok
20:41:02.0855 0x1378  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
20:41:02.0892 0x1378  BrokerInfrastructure - ok
20:41:02.0923 0x1378  [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser         C:\Windows\System32\browser.dll
20:41:02.0986 0x1378  Browser - ok
20:41:03.0001 0x1378  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
20:41:03.0033 0x1378  BthAvrcpTg - ok
20:41:03.0064 0x1378  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
20:41:03.0126 0x1378  BthHFEnum - ok
20:41:03.0142 0x1378  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
20:41:03.0173 0x1378  bthhfhid - ok
20:41:03.0220 0x1378  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
20:41:03.0267 0x1378  BthHFSrv - ok
20:41:03.0298 0x1378  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
20:41:03.0330 0x1378  BTHMODEM - ok
20:41:03.0376 0x1378  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\Windows\system32\bthserv.dll
20:41:03.0439 0x1378  bthserv - ok
20:41:03.0470 0x1378  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:41:03.0501 0x1378  cdfs - ok
20:41:03.0517 0x1378  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
20:41:03.0548 0x1378  cdrom - ok
20:41:03.0579 0x1378  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:41:03.0626 0x1378  CertPropSvc - ok
20:41:03.0642 0x1378  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
20:41:03.0673 0x1378  circlass - ok
20:41:03.0736 0x1378  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
20:41:03.0783 0x1378  CLFS - ok
20:41:03.0825 0x1378  [ 9731DAFDC7B690B2C7752FDFF045BFD8, 9DDBDC4FE519AF38993EAB2F16602B2B71CF8675BDD1F651F22DFA8C5C2C80F7 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
20:41:03.0836 0x1378  clwvd - ok
20:41:03.0852 0x1378  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
20:41:03.0883 0x1378  CmBatt - ok
20:41:03.0930 0x1378  [ 5CBF8B3E27D824D2AA2A34AFB406F1D0, 955AF1307C02D2B4DEEB150F37F77B8631C0F3C450037C233E9E27D6571B0265 ] CNG             C:\Windows\system32\Drivers\cng.sys
20:41:03.0992 0x1378  CNG - ok
20:41:04.0024 0x1378  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
20:41:04.0039 0x1378  CompositeBus - ok
20:41:04.0055 0x1378  COMSysApp - ok
20:41:04.0070 0x1378  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
20:41:04.0086 0x1378  condrv - ok
20:41:04.0180 0x1378  [ 8525856F890D71FEC9953C34DE74B92A, 31701D5D2958547BBEA4A0F037F2C17B13D17D5E2B91AFC2A71C2CD5F83A08F3 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
20:41:04.0227 0x1378  cphs - ok
20:41:04.0258 0x1378  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:41:04.0305 0x1378  CryptSvc - ok
20:41:04.0321 0x1378  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
20:41:04.0336 0x1378  dam - ok
20:41:04.0430 0x1378  [ E4220FD9C7F1579D9C5F9DFB00427841, 77740122A01A08F18CC82A4BB3F00EC59F29EE10779092F872572C264F6728D0 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:41:04.0477 0x1378  DcomLaunch - ok
20:41:04.0524 0x1378  [ AF3FF97AC2A73E70F8A8D11FB694175B, 3AA25BF9DED08056F52ACF246118C13C8816B5E8AA4D8606DB7DAB4E4E6A9169 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:41:04.0555 0x1378  defragsvc - ok
20:41:04.0602 0x1378  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\Windows\system32\das.dll
20:41:04.0633 0x1378  DeviceAssociationService - ok
20:41:04.0680 0x1378  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
20:41:04.0727 0x1378  DeviceInstall - ok
20:41:04.0774 0x1378  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
20:41:04.0820 0x1378  Dfsc - ok
20:41:04.0852 0x1378  [ D722BC26F7431A4DA9A183E56CA9FEE3, 86AB717431CB3DDAF6213A1CFE8DF3684080BAAD569731A90AA1AA198E97506D ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
20:41:04.0883 0x1378  dg_ssudbus - ok
20:41:04.0978 0x1378  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:41:05.0041 0x1378  Dhcp - ok
20:41:05.0181 0x1378  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\Windows\system32\diagtrack.dll
20:41:05.0259 0x1378  DiagTrack - ok
20:41:05.0306 0x1378  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\Windows\system32\drivers\disk.sys
20:41:05.0337 0x1378  disk - ok
20:41:05.0369 0x1378  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
20:41:05.0400 0x1378  dmvsc - ok
20:41:05.0447 0x1378  [ 561CBB163EB3C8221D9B1D7D1E5CA477, 4D235E73CC127769A257B31A92180552276EC8DDD991F1106815FADEF385E72D ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:41:05.0494 0x1378  Dnscache - ok
20:41:05.0556 0x1378  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\Windows\System32\dot3svc.dll
20:41:05.0603 0x1378  dot3svc - ok
20:41:05.0641 0x1378  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\Windows\system32\dps.dll
20:41:05.0698 0x1378  DPS - ok
20:41:05.0729 0x1378  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:41:05.0776 0x1378  drmkaud - ok
20:41:05.0823 0x1378  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
20:41:05.0870 0x1378  DsmSvc - ok
20:41:05.0983 0x1378  [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:41:06.0077 0x1378  DXGKrnl - ok
20:41:06.0108 0x1378  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\Windows\System32\eapsvc.dll
20:41:06.0139 0x1378  Eaphost - ok
20:41:06.0374 0x1378  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
20:41:06.0593 0x1378  ebdrv - ok
20:41:06.0640 0x1378  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
20:41:06.0672 0x1378  EFS - ok
20:41:06.0687 0x1378  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
20:41:06.0718 0x1378  EhStorClass - ok
20:41:06.0734 0x1378  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
20:41:06.0765 0x1378  EhStorTcgDrv - ok
20:41:06.0781 0x1378  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
20:41:06.0797 0x1378  ErrDev - ok
20:41:06.0953 0x1378  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\Windows\system32\es.dll
20:41:06.0984 0x1378  EventSystem - ok
20:41:07.0000 0x1378  ewusbnet - ok
20:41:07.0031 0x1378  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:41:07.0062 0x1378  exfat - ok
20:41:07.0094 0x1378  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:41:07.0125 0x1378  fastfat - ok
20:41:07.0219 0x1378  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\Windows\system32\fxssvc.exe
20:41:07.0266 0x1378  Fax - ok
20:41:07.0297 0x1378  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
20:41:07.0312 0x1378  fdc - ok
20:41:07.0344 0x1378  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\Windows\system32\fdPHost.dll
20:41:07.0375 0x1378  fdPHost - ok
20:41:07.0390 0x1378  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\Windows\system32\fdrespub.dll
20:41:07.0422 0x1378  FDResPub - ok
20:41:07.0437 0x1378  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\Windows\system32\fhsvc.dll
20:41:07.0469 0x1378  fhsvc - ok
20:41:07.0484 0x1378  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:41:07.0500 0x1378  FileInfo - ok
20:41:07.0515 0x1378  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:41:07.0547 0x1378  Filetrace - ok
20:41:07.0578 0x1378  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
20:41:07.0594 0x1378  flpydisk - ok
20:41:07.0625 0x1378  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:41:07.0672 0x1378  FltMgr - ok
20:41:07.0782 0x1378  [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache       C:\Windows\system32\FntCache.dll
20:41:07.0861 0x1378  FontCache - ok
20:41:07.0919 0x1378  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:41:07.0981 0x1378  FontCache3.0.0.0 - ok
20:41:08.0013 0x1378  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:41:08.0059 0x1378  FsDepends - ok
20:41:08.0075 0x1378  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:41:08.0106 0x1378  Fs_Rec - ok
20:41:08.0153 0x1378  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:41:08.0216 0x1378  fvevol - ok
20:41:08.0231 0x1378  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
20:41:08.0247 0x1378  FxPPM - ok
20:41:08.0278 0x1378  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:41:08.0294 0x1378  gagp30kx - ok
20:41:08.0309 0x1378  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
20:41:08.0325 0x1378  gencounter - ok
20:41:08.0372 0x1378  [ A7528907E163E60EFEBFC76C42868E9B, DA00B98532622562AE7370352F84CDB1AD5676DEF13AEA35FD4A54AE69142257 ] GPIO            C:\Windows\System32\drivers\iaiogpioe.sys
20:41:08.0434 0x1378  GPIO - ok
20:41:08.0466 0x1378  [ EF3AE7773394DF49CE74AF78A1C8D23D, CB12FF004C460A89F12AFF2467512B479A07CA10D4280CD4E624A5A9CDAB9C1B ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
20:41:08.0528 0x1378  GPIOClx0101 - ok
20:41:08.0638 0x1378  [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:41:08.0731 0x1378  gpsvc - ok
20:41:08.0810 0x1378  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:41:08.0872 0x1378  gupdate - ok
20:41:08.0888 0x1378  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:41:08.0904 0x1378  gupdatem - ok
20:41:08.0966 0x1378  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:41:09.0013 0x1378  HdAudAddService - ok
20:41:09.0044 0x1378  [ 498288DD5CA42C2D36D125893E968C53, 03B62FA51F9195D77170DCEFF3A93A6898AA96FB610044DDAE83767DA12745C5 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
20:41:09.0091 0x1378  HDAudBus - ok
20:41:09.0107 0x1378  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
20:41:09.0138 0x1378  HidBatt - ok
20:41:09.0169 0x1378  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
20:41:09.0247 0x1378  HidBth - ok
20:41:09.0263 0x1378  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
20:41:09.0310 0x1378  hidi2c - ok
20:41:09.0325 0x1378  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
20:41:09.0357 0x1378  HidIr - ok
20:41:09.0388 0x1378  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\Windows\system32\hidserv.dll
20:41:09.0419 0x1378  hidserv - ok
20:41:09.0450 0x1378  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
20:41:09.0482 0x1378  HidUsb - ok
20:41:09.0497 0x1378  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:41:09.0528 0x1378  hkmsvc - ok
20:41:09.0575 0x1378  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:41:09.0622 0x1378  HomeGroupListener - ok
20:41:09.0685 0x1378  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:41:09.0747 0x1378  HomeGroupProvider - ok
20:41:09.0857 0x1378  [ 7B7DE6B3DC30F3246958F42C67A6F7BB, 4B66B90CFEC2231B905B21DECC4EC7C6500E546F080A452EF67E724EDF37ADD9 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
20:41:09.0919 0x1378  hpqwmiex - ok
20:41:09.0935 0x1378  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:41:09.0966 0x1378  HpSAMD - ok
20:41:10.0134 0x1378  HPSLPSVC - ok
20:41:10.0197 0x1378  [ 02F1253476B7F5F818364443DFED3264, 645F51A6781E9DEB381694718EDEF38B02F5345ADCE8860EC2D9483F7C1C7CC2 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
20:41:10.0259 0x1378  HPSupportSolutionsFrameworkService - ok
20:41:10.0384 0x1378  [ 316CE4F4D31F105534DA16B83F6A44C1, 6CD64E9E1EE8101BB4858C27AD70F0F7FEB65932ADDC7A01331472835085FFD0 ] HPWMISVC        c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
20:41:10.0431 0x1378  HPWMISVC - ok
20:41:10.0588 0x1378  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:41:10.0666 0x1378  HTTP - ok
20:41:10.0666 0x1378  hwdatacard - ok
20:41:10.0697 0x1378  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:41:10.0728 0x1378  hwpolicy - ok
20:41:10.0744 0x1378  hwusbdev - ok
20:41:10.0775 0x1378  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
20:41:10.0791 0x1378  hyperkbd - ok
20:41:10.0806 0x1378  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
20:41:10.0822 0x1378  HyperVideo - ok
20:41:10.0869 0x1378  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
20:41:10.0900 0x1378  i8042prt - ok
20:41:10.0916 0x1378  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
20:41:10.0931 0x1378  iaLPSSi_GPIO - ok
20:41:10.0963 0x1378  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
20:41:10.0978 0x1378  iaLPSSi_I2C - ok
20:41:11.0041 0x1378  [ 4558F084BCB7EFA3E8321C95B4EE736F, 4E088E1A9F9CE9F3FCA9CA2954CA7969135D4A42F632E495070FBAC4051148C2 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
20:41:11.0088 0x1378  iaStorA - ok
20:41:11.0134 0x1378  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
20:41:11.0166 0x1378  iaStorAV - ok
20:41:11.0213 0x1378  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:41:11.0264 0x1378  iaStorV - ok
20:41:11.0327 0x1378  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
20:41:11.0389 0x1378  ICCS - ok
20:41:11.0389 0x1378  IEEtwCollectorService - ok
20:41:11.0639 0x1378  [ E786FA74AA145ECB7FA3467A362B1AF5, 4A84AA3595ADC586EB03526750735219B16629C9372B4A606F352424656AE6D3 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
20:41:11.0905 0x1378  igfx - ok
20:41:11.0983 0x1378  [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT          C:\Windows\System32\ikeext.dll
20:41:12.0045 0x1378  IKEEXT - ok
20:41:12.0092 0x1378  [ F0F581A2299CB2BAB1DF2597BCDDB80F, EE485AF3049C87666BC6D6BFFC8A0EB4B95831D9061EB81848ECEE29C4232BF4 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
20:41:12.0108 0x1378  intaud_WaveExtensible - ok
20:41:12.0342 0x1378  [ F121B8C45FE6550D9E2DBC40C0A2E408, 08010538C876ABA196C546D603893339E7A117B5F98C0C2AF9451B627EEB4FE7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:41:12.0624 0x1378  IntcAzAudAddService - ok
20:41:12.0764 0x1378  [ EC80E6B9E27DC3E22ED5B2E0E75A39C0, 8EEC89F88AE79DA256BB651983397773F6B25139006C8A7C8F77960F47774CF5 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
20:41:12.0827 0x1378  IntcDAud - ok
20:41:12.0968 0x1378  [ 768DD5CB66952BC4A3BD474757AEE34F, 5A1F91FC8028D84FD83591D60CB7E3B24425C3B0FFF5A9BB0F7CE2E17AAB92D4 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
20:41:13.0030 0x1378  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
20:41:13.0266 0x1378  Detect skipped due to KSN trusted
20:41:13.0266 0x1378  Intel(R) Capability Licensing Service Interface - ok
20:41:13.0406 0x1378  [ 7C9ED65324CF268ACBA8024257F782D8, 1DC43DBA3612E26454D7786DEB0538B44A736B67EC99642B4CC574D8A03E0DC7 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
20:41:13.0453 0x1378  Intel(R) Capability Licensing Service TCP IP Interface - ok
20:41:13.0484 0x1378  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:41:13.0500 0x1378  intelide - ok
20:41:13.0531 0x1378  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
20:41:13.0547 0x1378  intelpep - ok
20:41:13.0578 0x1378  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
20:41:13.0609 0x1378  intelppm - ok
20:41:13.0625 0x1378  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:41:13.0656 0x1378  IpFilterDriver - ok
20:41:13.0734 0x1378  [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:41:13.0797 0x1378  iphlpsvc - ok
20:41:13.0828 0x1378  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
20:41:13.0906 0x1378  IPMIDRV - ok
20:41:13.0953 0x1378  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:41:14.0031 0x1378  IPNAT - ok
20:41:14.0047 0x1378  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:41:14.0078 0x1378  IRENUM - ok
20:41:14.0094 0x1378  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:41:14.0109 0x1378  isapnp - ok
20:41:14.0156 0x1378  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
20:41:14.0203 0x1378  iScsiPrt - ok
20:41:14.0234 0x1378  [ C2BC9AC9C6514230A481BDCA6A24BEFD, 84E41675D11EF2EEECED23C8469503C8D12810A2C6B6743D7AA322EB6DF7E68D ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
20:41:14.0250 0x1378  iwdbus - ok
20:41:14.0281 0x1378  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
20:41:14.0312 0x1378  kbdclass - ok
20:41:14.0328 0x1378  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
20:41:14.0375 0x1378  kbdhid - ok
20:41:14.0391 0x1378  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
20:41:14.0422 0x1378  kdnic - ok
20:41:14.0457 0x1378  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
20:41:14.0478 0x1378  KeyIso - ok
20:41:14.0510 0x1378  [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:41:14.0541 0x1378  KSecDD - ok
20:41:14.0572 0x1378  [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:41:14.0633 0x1378  KSecPkg - ok
20:41:14.0656 0x1378  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:41:14.0678 0x1378  ksthunk - ok
20:41:14.0725 0x1378  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:41:14.0771 0x1378  KtmRm - ok
20:41:14.0803 0x1378  [ 46378ECCB4A29AA81BF296641C2501EF, 5AB79BD824C00EF1338FDB8450692318AB14E0AE4145C30B37136767DFC1E4F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:41:14.0850 0x1378  LanmanServer - ok
20:41:14.0896 0x1378  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:41:14.0943 0x1378  LanmanWorkstation - ok
20:41:15.0006 0x1378  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
20:41:15.0053 0x1378  lfsvc - ok
20:41:15.0085 0x1378  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:41:15.0147 0x1378  lltdio - ok
20:41:15.0194 0x1378  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:41:15.0245 0x1378  lltdsvc - ok
20:41:15.0245 0x1378  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:41:15.0276 0x1378  lmhosts - ok
20:41:15.0292 0x1378  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:41:15.0323 0x1378  LSI_SAS - ok
20:41:15.0339 0x1378  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
20:41:15.0370 0x1378  LSI_SAS2 - ok
20:41:15.0370 0x1378  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
20:41:15.0401 0x1378  LSI_SAS3 - ok
20:41:15.0401 0x1378  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
20:41:15.0433 0x1378  LSI_SSS - ok
20:41:15.0495 0x1378  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
20:41:15.0573 0x1378  LSM - ok
20:41:15.0620 0x1378  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:41:15.0651 0x1378  luafv - ok
20:41:15.0683 0x1378  [ DE585D1D266805E5EEDAE911FDD16F38, D954C1795D98653F1FB0AE8650FF0DEDDAA730B98C9449E6F608154D573DAB27 ] ManyCam         C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
20:41:15.0714 0x1378  ManyCam - ok
20:41:15.0745 0x1378  MBAMSwissArmy - ok
20:41:15.0792 0x1378  [ 0D3CF8B876F55291B137B972891C1575, 2E7D0A54D5B2211D340EB56F3D5FCB8362E75415A3C75F553643BA55888DC690 ] MBI             C:\Windows\system32\drivers\MBI.sys
20:41:15.0855 0x1378  MBI - ok
20:41:15.0901 0x1378  [ 5858C4ABE87D0A842A941D6BD08038F1, FA082135752ECE107AC5E94066541F07FC1D56CE070CE8476A30375308F290A9 ] mcaudrv_simple  C:\Windows\system32\drivers\mcaudrv_x64.sys
20:41:15.0979 0x1378  mcaudrv_simple - ok
20:41:15.0995 0x1378  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
20:41:16.0026 0x1378  megasas - ok
20:41:16.0073 0x1378  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
20:41:16.0120 0x1378  megasr - ok
20:41:16.0151 0x1378  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\Windows\system32\mmcss.dll
20:41:16.0183 0x1378  MMCSS - ok
20:41:16.0214 0x1378  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
20:41:16.0235 0x1378  Modem - ok
20:41:16.0251 0x1378  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
20:41:16.0282 0x1378  monitor - ok
20:41:16.0329 0x1378  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
20:41:16.0360 0x1378  mouclass - ok
20:41:16.0376 0x1378  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
20:41:16.0391 0x1378  mouhid - ok
20:41:16.0438 0x1378  [ 24DABC0A77FAFDC0E379AB3B30F61BB6, E66624ABBF1D742879035F9161F9D3713DE7B759B3D3CF8B96C9E397A02FCF82 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:41:16.0469 0x1378  mountmgr - ok
20:41:16.0501 0x1378  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:41:16.0532 0x1378  mpsdrv - ok
20:41:16.0610 0x1378  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:41:16.0673 0x1378  MpsSvc - ok
20:41:16.0719 0x1378  [ D2AC8F07995CE6CD18848C129435B481, 839B04116B49A757950E049150F6AADE41335914CC699ED73BE886BECAC39D36 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:41:16.0782 0x1378  MRxDAV - ok
20:41:16.0844 0x1378  [ 3AF30CEB99E581E2FADA0B5FC4B551D8, 59BDE83C10D6F31E13B81FC317F1DE0E00793FBA288EAF844E29CFA0EB184502 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:41:16.0907 0x1378  mrxsmb - ok
20:41:16.0938 0x1378  [ 15D7AF1A26CCEBA32DF21A8E2098F463, 84390806AD3A9651DAB803E9257EEE851B898ED2AB56D8936E8C9F6B41967243 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:41:16.0969 0x1378  mrxsmb10 - ok
20:41:17.0001 0x1378  [ 0790EEB1EC199F8BE8259E47B373ED23, F9330F43B40675CCB60804182EF04BFBA3837ED14C798788A4B27D65A646D1C7 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:41:17.0032 0x1378  mrxsmb20 - ok
20:41:17.0063 0x1378  [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
20:41:17.0110 0x1378  MsBridge - ok
20:41:17.0141 0x1378  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\Windows\System32\msdtc.exe
20:41:17.0173 0x1378  MSDTC - ok
20:41:17.0204 0x1378  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:41:17.0235 0x1378  Msfs - ok
20:41:17.0251 0x1378  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
20:41:17.0266 0x1378  msgpiowin32 - ok
20:41:17.0291 0x1378  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:41:17.0306 0x1378  mshidkmdf - ok
20:41:17.0306 0x1378  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
20:41:17.0338 0x1378  mshidumdf - ok
20:41:17.0353 0x1378  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:41:17.0369 0x1378  msisadrv - ok
20:41:17.0400 0x1378  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:41:17.0447 0x1378  MSiSCSI - ok
20:41:17.0447 0x1378  msiserver - ok
20:41:17.0478 0x1378  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:41:17.0509 0x1378  MSKSSRV - ok
20:41:17.0541 0x1378  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
20:41:17.0556 0x1378  MsLldp - ok
20:41:17.0572 0x1378  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:41:17.0588 0x1378  MSPCLOCK - ok
20:41:17.0603 0x1378  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:41:17.0619 0x1378  MSPQM - ok
20:41:17.0682 0x1378  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:41:17.0745 0x1378  MsRPC - ok
20:41:17.0808 0x1378  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
20:41:17.0839 0x1378  mssmbios - ok
20:41:17.0854 0x1378  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:41:17.0885 0x1378  MSTEE - ok
20:41:17.0885 0x1378  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
20:41:17.0917 0x1378  MTConfig - ok
20:41:17.0932 0x1378  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
20:41:17.0948 0x1378  Mup - ok
20:41:17.0964 0x1378  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
20:41:17.0979 0x1378  mvumis - ok
20:41:18.0026 0x1378  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\Windows\system32\qagentRT.dll
20:41:18.0073 0x1378  napagent - ok
20:41:18.0120 0x1378  [ 78514B073CC5775800A65BFB82A0D66B, DCD18E277569F23921E899F508860F89ABD417C74A7776152A4463284A989488 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:41:18.0167 0x1378  NativeWifiP - ok
20:41:18.0210 0x1378  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\Windows\System32\ncasvc.dll
20:41:18.0251 0x1378  NcaSvc - ok
20:41:18.0267 0x1378  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\Windows\System32\ncbservice.dll
20:41:18.0298 0x1378  NcbService - ok
20:41:18.0329 0x1378  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
20:41:18.0376 0x1378  NcdAutoSetup - ok
20:41:18.0486 0x1378  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:41:18.0564 0x1378  NDIS - ok
20:41:18.0595 0x1378  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:41:18.0642 0x1378  NdisCap - ok
20:41:18.0658 0x1378  [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
20:41:18.0798 0x1378  NdisImPlatform - ok
20:41:18.0814 0x1378  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:41:18.0845 0x1378  NdisTapi - ok
20:41:18.0861 0x1378  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:41:18.0876 0x1378  Ndisuio - ok
20:41:18.0923 0x1378  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
20:41:18.0954 0x1378  NdisVirtualBus - ok
20:41:18.0986 0x1378  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:41:19.0017 0x1378  NdisWan - ok
20:41:19.0033 0x1378  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
20:41:19.0064 0x1378  NdisWanLegacy - ok
20:41:19.0079 0x1378  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:41:19.0111 0x1378  NDProxy - ok
20:41:19.0126 0x1378  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
20:41:19.0158 0x1378  Ndu - ok
20:41:19.0173 0x1378  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:41:19.0204 0x1378  NetBIOS - ok
20:41:19.0251 0x1378  [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:41:19.0304 0x1378  NetBT - ok
20:41:19.0309 0x1378  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
20:41:19.0340 0x1378  Netlogon - ok
20:41:19.0387 0x1378  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\Windows\System32\netman.dll
20:41:19.0418 0x1378  Netman - ok
20:41:19.0465 0x1378  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\Windows\System32\netprofmsvc.dll
20:41:19.0512 0x1378  netprofm - ok
20:41:19.0590 0x1378  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:41:19.0715 0x1378  NetTcpPortSharing - ok
20:41:19.0737 0x1378  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\Windows\system32\DRIVERS\netvsc63.sys
20:41:19.0766 0x1378  netvsc - ok
20:41:19.0812 0x1378  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:41:19.0890 0x1378  NlaSvc - ok
20:41:19.0906 0x1378  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:41:19.0953 0x1378  Npfs - ok
20:41:19.0969 0x1378  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
20:41:20.0031 0x1378  npsvctrig - ok
20:41:20.0062 0x1378  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\Windows\system32\nsisvc.dll
20:41:20.0094 0x1378  nsi - ok
20:41:20.0109 0x1378  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:41:20.0174 0x1378  nsiproxy - ok
20:41:20.0403 0x1378  [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:41:20.0530 0x1378  Ntfs - ok
20:41:20.0561 0x1378  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
20:41:20.0593 0x1378  Null - ok
20:41:20.0608 0x1378  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:41:20.0639 0x1378  nvraid - ok
20:41:20.0639 0x1378  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:41:20.0680 0x1378  nvstor - ok
20:41:20.0690 0x1378  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:41:20.0716 0x1378  nv_agp - ok
20:41:20.0797 0x1378  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:41:20.0834 0x1378  odserv - ok
20:41:20.0874 0x1378  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:41:20.0917 0x1378  ose - ok
20:41:20.0979 0x1378  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:41:21.0045 0x1378  p2pimsvc - ok
20:41:21.0081 0x1378  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:41:21.0122 0x1378  p2psvc - ok
20:41:21.0143 0x1378  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
20:41:21.0170 0x1378  Parport - ok
20:41:21.0185 0x1378  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:41:21.0208 0x1378  partmgr - ok
20:41:21.0264 0x1378  [ 0A2DF1055FEEA30DFF73DAC0DA45FDE4, 497B2AE591ABBCFA8FC571D9C1D750006212F2D2DDF12F5A9E7FFA811CD707A3 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:41:21.0321 0x1378  PcaSvc - ok
20:41:21.0352 0x1378  [ 275AFE3FA35E8D78BE97695DF49817C6, 447CEBB16285AE073B4251D2DA71399306EF2DCB7F56286ABE2F0BD6C83EB489 ] pci             C:\Windows\system32\drivers\pci.sys
20:41:21.0391 0x1378  pci - ok
20:41:21.0403 0x1378  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:41:21.0419 0x1378  pciide - ok
20:41:21.0450 0x1378  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:41:21.0482 0x1378  pcmcia - ok
20:41:21.0497 0x1378  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:41:21.0529 0x1378  pcw - ok
20:41:21.0560 0x1378  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
20:41:21.0591 0x1378  pdc - ok
20:41:21.0638 0x1378  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:41:21.0685 0x1378  PEAUTH - ok
20:41:21.0763 0x1378  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:41:21.0828 0x1378  PerfHost - ok
20:41:21.0937 0x1378  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\Windows\system32\pla.dll
20:41:22.0031 0x1378  pla - ok
20:41:22.0063 0x1378  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:41:22.0094 0x1378  PlugPlay - ok
20:41:22.0125 0x1378  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:41:22.0141 0x1378  PNRPAutoReg - ok
20:41:22.0172 0x1378  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:41:22.0219 0x1378  PNRPsvc - ok
20:41:22.0281 0x1378  [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:41:22.0312 0x1378  PolicyAgent - ok
20:41:22.0344 0x1378  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\Windows\system32\umpo.dll
20:41:22.0391 0x1378  Power - ok
20:41:22.0422 0x1378  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:41:22.0469 0x1378  PptpMiniport - ok
20:41:22.0704 0x1378  [ 346F352E17EA5793C726D3F6582BA855, 5CD830CDCC73335EDC58D26D1BC8B8830DA885CA6D1E21BB7EE763354B5C35EA ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
20:41:22.0954 0x1378  PrintNotify - ok
20:41:22.0985 0x1378  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
20:41:23.0016 0x1378  Processor - ok
20:41:23.0063 0x1378  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\Windows\system32\profsvc.dll
20:41:23.0110 0x1378  ProfSvc - ok
20:41:23.0126 0x1378  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:41:23.0157 0x1378  Psched - ok
20:41:23.0219 0x1378  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\Windows\system32\qwave.dll
20:41:23.0267 0x1378  QWAVE - ok
20:41:23.0282 0x1378  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:41:23.0326 0x1378  QWAVEdrv - ok
20:41:23.0331 0x1378  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:41:23.0373 0x1378  RasAcd - ok
20:41:23.0404 0x1378  [ D5ECE7E7F349EB3C4B152AFF3577280D, 3A5D3E440D1ED72D654BBFE30A73667F055C0AD04375C22C202F21BF75B612B2 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:41:23.0447 0x1378  RasAgileVpn - ok
20:41:23.0494 0x1378  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\Windows\System32\rasauto.dll
20:41:23.0541 0x1378  RasAuto - ok
20:41:23.0588 0x1378  [ 235624C147E3CB4C288D5D3D8E8D64A2, B3F182019DBAD9C761FE9F62EAED34AD5902B41A13A766D814FC3E2EA29D8D92 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:41:23.0635 0x1378  Rasl2tp - ok
20:41:23.0729 0x1378  [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan          C:\Windows\System32\rasmans.dll
20:41:23.0807 0x1378  RasMan - ok
20:41:23.0830 0x1378  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:41:23.0862 0x1378  RasPppoe - ok
20:41:23.0877 0x1378  [ 2B0F1677CDD08967005F34488559BC6F, FFF168EBD171C0B85A448AD1A04F66534E889AE1DC128F68EA3F35D5996C8D39 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:41:23.0908 0x1378  RasSstp - ok
20:41:23.0940 0x1378  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:41:24.0002 0x1378  rdbss - ok
20:41:24.0018 0x1378  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
20:41:24.0049 0x1378  rdpbus - ok
20:41:24.0089 0x1378  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
20:41:24.0114 0x1378  RDPDR - ok
20:41:24.0161 0x1378  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:41:24.0193 0x1378  RdpVideoMiniport - ok
20:41:24.0239 0x1378  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:41:24.0271 0x1378  rdyboost - ok
20:41:24.0318 0x1378  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
20:41:24.0380 0x1378  ReFS - ok
20:41:24.0443 0x1378  [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:41:24.0489 0x1378  RemoteAccess - ok
20:41:24.0536 0x1378  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:41:24.0583 0x1378  RemoteRegistry - ok
20:41:24.0599 0x1378  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:41:24.0630 0x1378  RpcEptMapper - ok
20:41:24.0661 0x1378  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\Windows\system32\locator.exe
20:41:24.0693 0x1378  RpcLocator - ok
20:41:24.0786 0x1378  [ E4220FD9C7F1579D9C5F9DFB00427841, 77740122A01A08F18CC82A4BB3F00EC59F29EE10779092F872572C264F6728D0 ] RpcSs           C:\Windows\system32\rpcss.dll
20:41:24.0849 0x1378  RpcSs - ok
20:41:24.0896 0x1378  [ FA7EFA65CD06FDA96943F26D8279D897, 13BC39B3BFD840B14F59C36D89433F69FD5C8948131043F2D59F1CCEAADD7A1E ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
20:41:24.0927 0x1378  RSP2STOR - ok
20:41:24.0958 0x1378  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:41:25.0005 0x1378  rspndr - ok
20:41:25.0091 0x1378  [ F1D20C2B36F78863530B251DF504CC51, A3C71BDB45B1DB321BC2D9889CB25CF7840E145DFB769882748B7D507A605A42 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
20:41:25.0154 0x1378  RtkAudioService - ok
20:41:25.0216 0x1378  [ 48E042D6AAB285409AF06200966EA655, 64FD4305C4EBEC25AA7BC2058952BCB79DB0A054CF46F2413CC54FB1E550D5F4 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
20:41:25.0296 0x1378  RTL8168 - ok
20:41:25.0548 0x1378  [ 81836A7CD9E1E7B679FD904AEBE862BF, 3570EDB69EC75F56918F20EA2527E93ECC09D3F637136C1B54F3D97E67C5B963 ] RTWlanE         C:\Windows\system32\DRIVERS\rtwlane.sys
20:41:25.0736 0x1378  RTWlanE - ok
20:41:25.0799 0x1378  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
20:41:25.0846 0x1378  s3cap - ok
20:41:25.0892 0x1378  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
20:41:25.0939 0x1378  SamSs - ok
20:41:25.0955 0x1378  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:41:25.0986 0x1378  sbp2port - ok
20:41:26.0002 0x1378  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:41:26.0049 0x1378  SCardSvr - ok
20:41:26.0064 0x1378  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
20:41:26.0095 0x1378  ScDeviceEnum - ok
20:41:26.0111 0x1378  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:41:26.0127 0x1378  scfilter - ok
20:41:26.0278 0x1378  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\Windows\system32\schedsvc.dll
20:41:26.0340 0x1378  Schedule - ok
20:41:26.0387 0x1378  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:41:26.0434 0x1378  SCPolicySvc - ok
20:41:26.0481 0x1378  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys
20:41:26.0497 0x1378  sdbus - ok
20:41:26.0528 0x1378  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
20:41:26.0559 0x1378  sdstor - ok
20:41:26.0575 0x1378  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:41:26.0659 0x1378  secdrv - ok
20:41:26.0706 0x1378  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\Windows\system32\seclogon.dll
20:41:26.0768 0x1378  seclogon - ok
20:41:26.0800 0x1378  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\Windows\System32\sens.dll
20:41:26.0847 0x1378  SENS - ok
20:41:26.0862 0x1378  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:41:26.0909 0x1378  SensrSvc - ok
20:41:26.0925 0x1378  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
20:41:26.0956 0x1378  SerCx - ok
20:41:26.0972 0x1378  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
20:41:27.0003 0x1378  SerCx2 - ok
20:41:27.0018 0x1378  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
20:41:27.0034 0x1378  Serenum - ok
20:41:27.0065 0x1378  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
20:41:27.0081 0x1378  Serial - ok
20:41:27.0112 0x1378  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys
20:41:27.0159 0x1378  sermouse - ok
20:41:27.0206 0x1378  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:41:27.0269 0x1378  SessionEnv - ok
20:41:27.0293 0x1378  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
20:41:27.0315 0x1378  sfloppy - ok
20:41:27.0378 0x1378  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:41:27.0409 0x1378  SharedAccess - ok
20:41:27.0472 0x1378  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:41:27.0550 0x1378  ShellHWDetection - ok
20:41:27.0581 0x1378  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
20:41:27.0597 0x1378  SiSRaid2 - ok
20:41:27.0612 0x1378  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:41:27.0628 0x1378  SiSRaid4 - ok
20:41:27.0659 0x1378  [ D33A17CB35F7EF7FF332B2650ED1614F, C0FBD4AD06EAAB8870512074BEB3F74454A3FFDD8FC75A697FAD699EE2FDFCE6 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
20:41:27.0659 0x1378  SmbDrvI - ok
20:41:27.0691 0x1378  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
20:41:27.0737 0x1378  smphost - ok
20:41:27.0769 0x1378  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:41:27.0816 0x1378  SNMPTRAP - ok
20:41:27.0863 0x1378  [ B45AE0970B2D66CCE756DE6989E23EEC, 8393CF2DC4F65CD48D4D7B3C8C2D29E26728593B652D6CEAB65B50AEDA0884B7 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
20:41:27.0909 0x1378  spaceport - ok
20:41:27.0925 0x1378  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
20:41:27.0941 0x1378  SpbCx - ok
20:41:27.0988 0x1378  [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler         C:\Windows\System32\spoolsv.exe
20:41:28.0050 0x1378  Spooler - ok
20:41:28.0425 0x1378  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
20:41:28.0832 0x1378  sppsvc - ok
20:41:28.0879 0x1378  [ 36B082C7A764A34FB1DC72D975870B61, 572CB632D9FDC1183F7BF8BFCBC51765C647945E0C13D1C91ADE3D0E76DF83BC ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:41:28.0925 0x1378  srv - ok
20:41:28.0972 0x1378  [ F5849909D4B29B4E3D4445F943E5C7E3, 3FCA1423753716FE1AFDD27EE1E13C4D779A3C976185B5C998EF1A9A39BFC186 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:41:29.0019 0x1378  srv2 - ok
20:41:29.0066 0x1378  [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:41:29.0097 0x1378  srvnet - ok
20:41:29.0129 0x1378  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:41:29.0191 0x1378  SSDPSRV - ok
20:41:29.0207 0x1378  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:41:29.0238 0x1378  SstpSvc - ok
20:41:29.0285 0x1378  [ 36C3697CA09B23C77BDF95A6B0B57310, DAEF9CFBDE444A80FB41DA0BC5C3C4E1E4B535497A5EDA43EC8768A6EC42E4EA ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
20:41:29.0324 0x1378  ssudmdm - ok
20:41:29.0355 0x1378  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
20:41:29.0387 0x1378  stexstor - ok
20:41:29.0418 0x1378  [ 2A997C64F9B2584D81FA6749FE36A887, D26F5BC591ED46B96B2ACFDF555C2BF42F4915A22B12E4139ACEF7DE7AC303A7 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
20:41:29.0480 0x1378  StillCam - ok
20:41:29.0543 0x1378  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\Windows\System32\wiaservc.dll
20:41:29.0590 0x1378  stisvc - ok
20:41:29.0621 0x1378  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
20:41:29.0652 0x1378  storahci - ok
20:41:29.0668 0x1378  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
20:41:29.0699 0x1378  storflt - ok
20:41:29.0715 0x1378  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
20:41:29.0746 0x1378  stornvme - ok
20:41:29.0777 0x1378  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\Windows\system32\storsvc.dll
20:41:29.0809 0x1378  StorSvc - ok
20:41:29.0824 0x1378  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
20:41:29.0840 0x1378  storvsc - ok
20:41:29.0855 0x1378  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\Windows\system32\svsvc.dll
20:41:29.0887 0x1378  svsvc - ok
20:41:29.0902 0x1378  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\Windows\System32\drivers\swenum.sys
20:41:29.0918 0x1378  swenum - ok
20:41:29.0980 0x1378  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\Windows\System32\swprv.dll
20:41:30.0059 0x1378  swprv - ok
20:41:30.0105 0x1378  [ 217ADAA2DBD690C6F2AB2C236C8A1163, 24C8053D26752EDDBFCE8E3E6908CD27F807D7693E83F2D9AB0F76EBD123A197 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
20:41:30.0137 0x1378  SynTP - ok
20:41:30.0184 0x1378  [ FAFE2E35BC2063068EBFA924535CE3BC, 08F5FDE2CCB66FC6518D82C202276821320F6A8B5015DFA2BCEDC979E38BBA14 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
20:41:30.0230 0x1378  SynTPEnhService - ok
20:41:30.0340 0x1378  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\Windows\system32\sysmain.dll
20:41:30.0418 0x1378  SysMain - ok
20:41:30.0496 0x1378  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
20:41:30.0543 0x1378  SystemEventsBroker - ok
20:41:30.0574 0x1378  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\Windows\System32\TabSvc.dll
20:41:30.0606 0x1378  TabletInputService - ok
20:41:30.0637 0x1378  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
20:41:30.0668 0x1378  tap0901 - ok
20:41:30.0684 0x1378  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:41:30.0731 0x1378  TapiSrv - ok
20:41:30.0871 0x1378  [ 1C8560E3A37A9D4F25B7769C3E3D4163, 3246F3CD6C9EA2BD874822D594A0FAC68A9DE0612C0893B50B8A3D5F1E9B0B33 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:41:31.0012 0x1378  Tcpip - ok
20:41:31.0106 0x1378  [ 1C8560E3A37A9D4F25B7769C3E3D4163, 3246F3CD6C9EA2BD874822D594A0FAC68A9DE0612C0893B50B8A3D5F1E9B0B33 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:41:31.0315 0x1378  TCPIP6 - ok
20:41:31.0347 0x1378  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:41:31.0441 0x1378  tcpipreg - ok
20:41:31.0487 0x1378  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:41:31.0534 0x1378  tdx - ok
20:41:31.0550 0x1378  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
20:41:31.0581 0x1378  terminpt - ok
20:41:31.0675 0x1378  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\Windows\System32\termsrv.dll
20:41:31.0737 0x1378  TermService - ok
20:41:31.0784 0x1378  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\Windows\system32\themeservice.dll
20:41:31.0831 0x1378  Themes - ok
20:41:31.0862 0x1378  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\Windows\system32\mmcss.dll
20:41:31.0894 0x1378  THREADORDER - ok
20:41:31.0925 0x1378  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
20:41:31.0972 0x1378  TimeBroker - ok
20:41:32.0003 0x1378  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\Windows\system32\drivers\tpm.sys
20:41:32.0050 0x1378  TPM - ok
20:41:32.0081 0x1378  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\Windows\System32\trkwks.dll
20:41:32.0112 0x1378  TrkWks - ok
20:41:32.0159 0x1378  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:41:32.0206 0x1378  TrustedInstaller - ok
20:41:32.0237 0x1378  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:41:32.0284 0x1378  TsUsbFlt - ok
20:41:32.0284 0x1378  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
20:41:32.0315 0x1378  TsUsbGD - ok
20:41:32.0660 0x1378  [ 1ABABD876BFFA4F2A6D3E5A39082F186, CDEA2CB8A64B33F053A1EC73724F1D6EC99328AEB4EEC93C38FC9CF10809DE41 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
20:41:32.0832 0x1378  TuneUp.UtilitiesSvc - ok
20:41:32.0899 0x1378  [ 9B5C98C9F9EF5E62806DCD58B0D8EACE, B4B8A3F943C2C401CA1ED05BDA0C6D631106B258FB40C433AC856DCA7E8D7F7A ] TuneUpUtilitiesDrv C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys
20:41:32.0946 0x1378  TuneUpUtilitiesDrv - ok
20:41:32.0993 0x1378  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:41:33.0039 0x1378  tunnel - ok
20:41:33.0071 0x1378  [ E624283C1A2F9BB4688A002914CC00A7, B6908C1FFDD6BCFFC5C2FC0C429FC3E237E340F891F80CFD737BE41E5EF7E328 ] TXEIx64         C:\Windows\System32\drivers\TXEIx64.sys
20:41:33.0086 0x1378  TXEIx64 - ok
20:41:33.0130 0x1378  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:41:33.0151 0x1378  uagp35 - ok
20:41:33.0183 0x1378  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
20:41:33.0214 0x1378  UASPStor - ok
20:41:33.0245 0x1378  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
20:41:33.0292 0x1378  UCX01000 - ok
20:41:33.0329 0x1378  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:41:33.0376 0x1378  udfs - ok
20:41:33.0407 0x1378  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
20:41:33.0439 0x1378  UEFI - ok
20:41:33.0485 0x1378  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:41:33.0532 0x1378  UI0Detect - ok
20:41:33.0548 0x1378  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:41:33.0579 0x1378  uliagpkx - ok
20:41:33.0612 0x1378  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
20:41:33.0643 0x1378  umbus - ok
20:41:33.0643 0x1378  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
20:41:33.0674 0x1378  UmPass - ok
20:41:33.0706 0x1378  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\Windows\System32\umrdp.dll
20:41:33.0737 0x1378  UmRdpService - ok
20:41:33.0768 0x1378  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\Windows\System32\upnphost.dll
20:41:33.0815 0x1378  upnphost - ok
20:41:33.0846 0x1378  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys
20:41:33.0862 0x1378  USBAAPL64 - ok
20:41:33.0899 0x1378  [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
20:41:33.0941 0x1378  usbccgp - ok
20:41:33.0962 0x1378  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
20:41:34.0007 0x1378  usbcir - ok
20:41:34.0038 0x1378  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
20:41:34.0054 0x1378  usbehci - ok
20:41:34.0101 0x1378  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
20:41:34.0158 0x1378  usbhub - ok
20:41:34.0196 0x1378  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
20:41:34.0227 0x1378  USBHUB3 - ok
20:41:34.0274 0x1378  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
20:41:34.0316 0x1378  usbohci - ok
20:41:34.0351 0x1378  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
20:41:34.0376 0x1378  usbprint - ok
20:41:34.0410 0x1378  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
20:41:34.0439 0x1378  USBSTOR - ok
20:41:34.0467 0x1378  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
20:41:34.0497 0x1378  usbuhci - ok
20:41:34.0517 0x1378  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
20:41:34.0557 0x1378  usbvideo - ok
20:41:34.0594 0x1378  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
20:41:34.0627 0x1378  USBXHCI - ok
20:41:34.0652 0x1378  [ 3CAAB947B1F247A570DE15983BEDEBCF, 81480D999F67A1755D5C21CE046FB439F0FBD743F73D23C19BC8C4DEB78A4F91 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
20:41:34.0685 0x1378  usb_rndisx - ok
20:41:34.0702 0x1378  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
20:41:34.0727 0x1378  VaultSvc - ok
20:41:34.0743 0x1378  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:41:34.0774 0x1378  vdrvroot - ok
20:41:34.0907 0x1378  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\Windows\System32\vds.exe
20:41:34.0966 0x1378  vds - ok
20:41:35.0008 0x1378  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
20:41:35.0036 0x1378  VerifierExt - ok
20:41:35.0132 0x1378  [ 34CAF69BF4166AB40BFF0ED068FF6F91, BF5DA4F85A2C537DD76A3271956EC5BDB9ABC495FAA9371037F608152BE2725D ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
20:41:35.0183 0x1378  vhdmp - ok
20:41:35.0199 0x1378  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:41:35.0214 0x1378  viaide - ok
20:41:35.0230 0x1378  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\Windows\system32\drivers\vmbus.sys
20:41:35.0246 0x1378  vmbus - ok
20:41:35.0261 0x1378  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
20:41:35.0292 0x1378  VMBusHID - ok
20:41:35.0330 0x1378  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
20:41:35.0367 0x1378  vmicguestinterface - ok
20:41:35.0383 0x1378  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
20:41:35.0430 0x1378  vmicheartbeat - ok
20:41:35.0446 0x1378  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
20:41:35.0492 0x1378  vmickvpexchange - ok
20:41:35.0508 0x1378  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\Windows\System32\ICSvc.dll
20:41:35.0555 0x1378  vmicrdv - ok
20:41:35.0571 0x1378  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
20:41:35.0617 0x1378  vmicshutdown - ok
20:41:35.0649 0x1378  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\Windows\System32\ICSvc.dll
20:41:35.0680 0x1378  vmictimesync - ok
20:41:35.0711 0x1378  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\Windows\System32\ICSvc.dll
20:41:35.0742 0x1378  vmicvss - ok
20:41:35.0790 0x1378  [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:41:35.0805 0x1378  volmgr - ok
20:41:35.0837 0x1378  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:41:35.0884 0x1378  volmgrx - ok
20:41:35.0931 0x1378  [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:41:35.0977 0x1378  volsnap - ok
20:41:36.0009 0x1378  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\Windows\System32\drivers\vpci.sys
20:41:36.0040 0x1378  vpci - ok
20:41:36.0071 0x1378  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:41:36.0118 0x1378  vsmraid - ok
20:41:36.0290 0x1378  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\Windows\system32\vssvc.exe
20:41:36.0352 0x1378  VSS - ok
20:41:36.0399 0x1378  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
20:41:36.0439 0x1378  VSTXRAID - ok
20:41:36.0485 0x1378  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
20:41:36.0516 0x1378  vwifibus - ok
20:41:36.0541 0x1378  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:41:36.0565 0x1378  vwififlt - ok
20:41:36.0584 0x1378  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
20:41:36.0599 0x1378  vwifimp - ok
20:41:36.0650 0x1378  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\Windows\system32\w32time.dll
20:41:36.0692 0x1378  W32Time - ok
20:41:36.0732 0x1378  [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc        C:\Windows\system32\inetsrv\w3logsvc.dll
20:41:36.0760 0x1378  w3logsvc - ok
20:41:36.0776 0x1378  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
20:41:36.0823 0x1378  WacomPen - ok
20:41:36.0838 0x1378  [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:41:36.0869 0x1378  Wanarp - ok
20:41:36.0885 0x1378  [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:41:36.0916 0x1378  Wanarpv6 - ok
20:41:36.0948 0x1378  [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
20:41:36.0994 0x1378  WAS - ok
20:41:37.0088 0x1378  [ 139D842E5FB75A1E2F0212FBD7B0E457, F29F73B56865C5EBBE89B8F92AEFE2DB19E5C29A94D2E006A23243C23A41AE79 ] wbengine        C:\Windows\system32\wbengine.exe
20:41:37.0166 0x1378  wbengine - ok
20:41:37.0213 0x1378  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:41:37.0260 0x1378  WbioSrvc - ok
20:41:37.0291 0x1378  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
20:41:37.0338 0x1378  Wcmsvc - ok
20:41:37.0370 0x1378  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:41:37.0401 0x1378  wcncsvc - ok
20:41:37.0432 0x1378  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:41:37.0463 0x1378  WcsPlugInService - ok
20:41:37.0495 0x1378  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
20:41:37.0542 0x1378  WdBoot - ok
20:41:37.0604 0x1378  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:41:37.0651 0x1378  Wdf01000 - ok
20:41:37.0682 0x1378  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
20:41:37.0713 0x1378  WdFilter - ok
20:41:37.0745 0x1378  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:41:37.0791 0x1378  WdiServiceHost - ok
20:41:37.0791 0x1378  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:41:37.0840 0x1378  WdiSystemHost - ok
20:41:37.0855 0x1378  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
20:41:37.0886 0x1378  WdNisDrv - ok
20:41:37.0934 0x1378  WdNisSvc - ok
20:41:37.0982 0x1378  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\Windows\System32\webclnt.dll
20:41:38.0015 0x1378  WebClient - ok
20:41:38.0036 0x1378  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:41:38.0066 0x1378  Wecsvc - ok
20:41:38.0082 0x1378  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
20:41:38.0127 0x1378  WEPHOSTSVC - ok
20:41:38.0127 0x1378  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:41:38.0174 0x1378  wercplsupport - ok
20:41:38.0201 0x1378  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:41:38.0219 0x1378  WerSvc - ok
20:41:38.0250 0x1378  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
20:41:38.0297 0x1378  WFPLWFS - ok
20:41:38.0312 0x1378  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\Windows\System32\wiarpc.dll
20:41:38.0344 0x1378  WiaRpc - ok
20:41:38.0359 0x1378  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:41:38.0375 0x1378  WIMMount - ok
20:41:38.0390 0x1378  WinDefend - ok
20:41:38.0469 0x1378  [ 310388D06C11C507226CD7C2D21D5ACE, E8158111566D553B8F0E86C33B5F75AF3A4A3405503927822B80DF64D8DEFB05 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
20:41:38.0515 0x1378  WinHttpAutoProxySvc - ok
20:41:38.0567 0x1378  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:41:38.0629 0x1378  Winmgmt - ok
20:41:38.0801 0x1378  [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM           C:\Windows\system32\WsmSvc.dll
20:41:38.0911 0x1378  WinRM - ok
20:41:38.0949 0x1378  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:41:38.0996 0x1378  WinUsb - ok
20:41:39.0012 0x1378  [ 4F2A80D65AE6F845776E2F06AE6782ED, 2455537C048115435D9EDE4B18F9F54C43912076AEF36BDEFEC35AF2140B8B2E ] WirelessButtonDriver C:\Windows\System32\drivers\WirelessButtonDriver64.sys
20:41:39.0028 0x1378  WirelessButtonDriver - ok
20:41:39.0161 0x1378  [ EF252510DB6C3511E30418BD2AC95A2D, 75B496F5C611129D9D19B382503830FDB0E2E61D4880D2821AE381DF578C5E56 ] WlanSvc         C:\Windows\System32\wlansvc.dll
20:41:39.0239 0x1378  WlanSvc - ok
20:41:39.0386 0x1378  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
20:41:39.0488 0x1378  wlidsvc - ok
20:41:39.0501 0x1378  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
20:41:39.0530 0x1378  WmiAcpi - ok
20:41:39.0551 0x1378  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:41:39.0586 0x1378  wmiApSrv - ok
20:41:39.0604 0x1378  WMPNetworkSvc - ok
20:41:39.0634 0x1378  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
20:41:39.0672 0x1378  Wof - ok
20:41:39.0799 0x1378  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
20:41:39.0877 0x1378  workfolderssvc - ok
20:41:39.0924 0x1378  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
20:41:39.0955 0x1378  wpcfltr - ok
20:41:39.0986 0x1378  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:41:40.0018 0x1378  WPCSvc - ok
20:41:40.0033 0x1378  [ DBDCE2378F65F0A07D4644AC103037E7, 99714F0CD31297C9831BAF04768F467F6E0BF710C859CEDCA83069226BF1A68A ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:41:40.0080 0x1378  WPDBusEnum - ok
20:41:40.0111 0x1378  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
20:41:40.0173 0x1378  WpdUpFltr - ok
20:41:40.0184 0x1378  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:41:40.0201 0x1378  ws2ifsl - ok
20:41:40.0248 0x1378  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\Windows\System32\wscsvc.dll
20:41:40.0279 0x1378  wscsvc - ok
20:41:40.0311 0x1378  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
20:41:40.0358 0x1378  WSDPrintDevice - ok
20:41:40.0403 0x1378  [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
20:41:40.0466 0x1378  WSDScan - ok
20:41:40.0466 0x1378  WSearch - ok
20:41:40.0654 0x1378  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\Windows\System32\WSService.dll
20:41:40.0826 0x1378  WSService - ok
20:41:41.0030 0x1378  [ 020F47C655ED1F63BBA834AA53575D5C, 7E36BB83B937CEA8B5D1EAF1DF63D32D64CA8045DA377DF5237D2F4DC16574CC ] wuauserv        C:\Windows\system32\wuaueng.dll
20:41:41.0214 0x1378  wuauserv - ok
20:41:41.0245 0x1378  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:41:41.0276 0x1378  WudfPf - ok
20:41:41.0308 0x1378  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
20:41:41.0339 0x1378  WUDFRd - ok
20:41:41.0354 0x1378  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:41:41.0386 0x1378  wudfsvc - ok
20:41:41.0401 0x1378  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
20:41:41.0432 0x1378  WUDFWpdFs - ok
20:41:41.0448 0x1378  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
20:41:41.0464 0x1378  WUDFWpdMtp - ok
20:41:41.0526 0x1378  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:41:41.0573 0x1378  WwanSvc - ok
20:41:41.0604 0x1378  ================ Scan global ===============================
20:41:41.0667 0x1378  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll
20:41:41.0714 0x1378  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\Windows\system32\winsrv.dll
20:41:41.0745 0x1378  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\system32\sxssrv.dll
20:41:41.0823 0x1378  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
20:41:41.0839 0x1378  [ Global ] - ok
20:41:41.0839 0x1378  ================ Scan MBR ==================================
20:41:41.0854 0x1378  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
20:41:41.0932 0x1378  \Device\Harddisk0\DR0 - ok
20:41:41.0948 0x1378  ================ Scan VBR ==================================
20:41:41.0948 0x1378  [ 6DA01939CB494FE64564861269D9F63A ] \Device\Harddisk0\DR0\Partition1
20:41:41.0964 0x1378  \Device\Harddisk0\DR0\Partition1 - ok
20:41:41.0995 0x1378  [ 34A5C8F2E0C6A1C37611001ED419DA9A ] \Device\Harddisk0\DR0\Partition2
20:41:41.0995 0x1378  \Device\Harddisk0\DR0\Partition2 - ok
20:41:42.0042 0x1378  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
20:41:42.0042 0x1378  \Device\Harddisk0\DR0\Partition3 - ok
20:41:42.0057 0x1378  [ C05F94ABEA6EABA8B7B3C82DAC44F698 ] \Device\Harddisk0\DR0\Partition4
20:41:42.0073 0x1378  \Device\Harddisk0\DR0\Partition4 - ok
20:41:42.0124 0x1378  [ 2690B8F2A59B86FB05D66126F370F809 ] \Device\Harddisk0\DR0\Partition5
20:41:42.0124 0x1378  \Device\Harddisk0\DR0\Partition5 - ok
20:41:42.0124 0x1378  ================ Scan generic autorun ======================
20:41:42.0171 0x1378  [ 0B091BD3E8F6BD5F985DE8E3DF17D837, 7082AFB9EE8EE2EAAAFA0DB129505117E2BA1D7059B193E0DEF514080F77D1BE ] C:\Windows\system32\igfxtray.exe
20:41:42.0218 0x1378  IgfxTray - ok
20:41:42.0265 0x1378  [ 1ECC8D5528F535EC6CECFB824B349418, 4035CD388A437F1564C6E4E86787756CF196CD0DFDDAD4DAFABDB583D370FF4F ] C:\Windows\system32\hkcmd.exe
20:41:42.0296 0x1378  HotKeysCmds - ok
20:41:42.0358 0x1378  [ 1B8C1C4B77BE157E322A05118A2E25E1, 978C8A511544DE5BC7BCB31B675356E8E764EFC435BCCDF360C8635668D6B072 ] C:\Windows\system32\igfxpers.exe
20:41:42.0405 0x1378  Persistence - ok
20:41:42.0765 0x1378  [ EA7D234FDFED4C9297CF18E893D2BB0A, BF1F42EE1A513F937E763DFBBB6968669BF917582FDF5F15BC129CEADBD60538 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
20:41:43.0030 0x1378  RTHDVCPL - ok
20:41:43.0108 0x1378  [ C64DF38DEC404F9AE07B7691774595E1, 63803D3D54EF65737468968E32E8306DC41ED2482E1A39C77F10BDEA20A60AF4 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:41:43.0186 0x1378  RtHDVBg - ok
20:41:43.0186 0x1378  SynTPEnh - ok
20:41:43.0249 0x1378  [ 889E56C58F5AC4242E395E3AD5F7780C, 35AA891112BE86C28C6AF8DF44BFEE342BAB7BDA877917C9B6466204091B9ADE ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
20:41:43.0296 0x1378  Classic Start Menu - ok
20:41:43.0359 0x1378  [ B62BECFBE0CE87CA4E44F81B9815406A, C7088991FBF29E6DC8CA99897D1885BBAC446BE9015D20E7EFCE7AEF8B39D917 ] C:\Program Files (x86)\AVG\Av\avuirunnerx.exe
20:41:43.0406 0x1378  AVG_UI - ok
20:41:43.0468 0x1378  [ C055411BF5412576E0191A61854C3671, 1D8FA9A922C6C954D8DB48344D7DC391EBD6DD5A19F8AF639569C6AE151AF1E7 ] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
20:41:43.0500 0x1378  HPMessageService - ok
20:41:43.0578 0x1378  [ 14217E357A0FF2B4D27E78D057DEFFF5, 1CCE7423C9AD09D2A744EC5F076A53B9A77848E881330975D3A4B997E067AD7F ] C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe
20:41:43.0625 0x1378  AvgUi - ok
20:41:43.0687 0x1378  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
20:41:43.0750 0x1378  HP Software Update - ok
20:41:43.0750 0x1378  Waiting for KSN requests completion. In queue: 158
20:41:44.0813 0x1378  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
20:41:44.0860 0x1378  AV detected via SS2: AVG Internet Security, C:\Program Files (x86)\AVG\Av\avgwsc.exe ( 16.111.0.7797 ), 0x41000 ( enabled : updated )
20:41:44.0860 0x1378  FW detected via SS2: AVG Internet Security, C:\Program Files (x86)\AVG\Av\avgwsc.exe ( 16.111.0.7797 ), 0x41010 ( enabled )
20:41:45.0079 0x1378  ============================================================
20:41:45.0079 0x1378  Scan finished
20:41:45.0079 0x1378  ============================================================
20:41:45.0110 0x0ae0  Detected object count: 0
20:41:45.0110 0x0ae0  Actual detected object count: 0

deeprybka · 18.09.2016, 19:49

Mach bitte noch einen Kontroll-Scan mit ESET. Ich glaube aber nicht an ein "Virus-Problem".

Schritt 1

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Sehr hohe CPU und Datenträgerauslastung - evtl. Virus

Log-Analyse und Auswertung: Sehr hohe CPU und Datenträgerauslastung - evtl. Virus