Browser Videos lasten CPU voll aus

kaiman888 · 05.06.2015, 17:19

Hallo,

wenn ich mir in Firefox oder Internet Explorer Videos anschaue (z.B. Youtube), geht das nach einem Neustart meines Rechners nur etwa 1-2 Minuten lang. Dann hat die CPU-Auslastung 100% erreicht, und geht erst wieder runter, wenn ich eine andere Webseite - ohne Video - aufrufe. Wenn ich dann beispielsweise wieder zu Youtube gehe und ein Video starte, schießt die CPU-Auslastung sofort wieder auf 100%. Obige 1-2 Minuten habe ich erst wieder nach einem Neustart meines Rechners.

Bei Videos, die ich z.B. mit dem VLC Media Player anschaue, habe ich das Problem nicht.

Ich habe meinen Rechner (Win7 32bit) schon neu aufgesetzt, aber das hat nicht geholfen.

Avira Antivirus und AdwCleaner finden nichts.

Es wäre prima, wenn ihr mir helfen könntet.

schrauber · 05.06.2015, 17:40

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

kaiman888 · 05.06.2015, 18:01

Vielen Dank für die rasche Rückmeldung. Hier sind die beiden gewünschten Dateien.

FRST.txt

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-06-2015
Ran by ___ (administrator) on KAIMAN on 05-06-2015 18:45:19
Running from C:\Users\___\Desktop
Loaded Profiles: ___ (Available Profiles: ___)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
() C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Brother Industries, Ltd.) C:\Windows\System32\BrmfRsmg.exe
(Brother Industries, Ltd.) C:\Windows\System32\BrmfRsmg.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avgnt.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Dexpot GbR) C:\Program Files\Dexpot\dexpot.exe
(CompanionLink Software, Inc.) C:\Program Files\CompanionLink\CompanionLink.exe
(Dropbox, Inc.) C:\Users\___\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\CompanionLink\DCLHelper\CLDCLHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Avira Systray] => C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [130048 2015-04-10] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1096044479-75660273-3594680574-1000\...\Run: [Dexpot] => C:\Program Files\Dexpot\dexpot.exe [1845296 2014-09-04] (Dexpot GbR)
HKU\S-1-5-21-1096044479-75660273-3594680574-1000\...\Run: [CompanionLink] => c:\program files\companionlink\companionlink.exe [23985808 2015-05-06] (CompanionLink Software, Inc.)
Startup: C:\Users\___\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-30]
ShortcutTarget: Dropbox.lnk -> C:\Users\___\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\___\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\___\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\___\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\___\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\___\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\___\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\___\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-04-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\___\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-04-14] (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1096044479-75660273-3594680574-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1096044479-75660273-3594680574-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 195.234.128.9 195.234.128.16

FireFox:
========
FF ProfilePath: C:\Users\___\AppData\Roaming\Mozilla\Firefox\Profiles\1c6xyt2k.default-1433517152343
FF Homepage: https://www.google.de
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-03-30] (Google)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1185584 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [205104 2015-04-10] (Avira Operations GmbH & Co. KG)
R2 brmfrsmg; C:\Windows\system32\BrmfRsmg.exe [49152 2009-07-14] (Brother Industries, Ltd.)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107400 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136216 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [37896 2015-03-24] (Avira Operations GmbH & Co. KG)
S3 brfilt; C:\Windows\System32\Drivers\Brfilt.sys [3840 2009-07-14] (Brother Industries Ltd.)
S3 BrUsbScn; C:\Windows\System32\Drivers\BrUsbScn.sys [11648 2009-07-14] (Brother Industries Ltd.)
S3 mf; C:\Windows\System32\DRIVERS\mf.sys [114176 2009-07-14] (Microsoft Corporation)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2015-03-24] (Avira GmbH)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-05 18:45 - 2015-06-05 18:46 - 00011018 _____ C:\Users\___\Desktop\FRST.txt
2015-06-05 18:44 - 2015-06-05 18:45 - 00000000 ____D C:\FRST
2015-06-05 18:44 - 2015-06-05 18:44 - 01147392 _____ (Farbar) C:\Users\___\Desktop\FRST.exe
2015-06-05 08:35 - 2015-05-22 20:03 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-05 08:35 - 2015-05-22 20:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-05 08:35 - 2015-05-22 20:02 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-05 08:35 - 2015-05-22 20:02 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-05 08:35 - 2015-05-22 20:02 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-05 08:35 - 2015-05-22 20:02 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-05 08:35 - 2015-05-22 19:58 - 00901120 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-05 08:35 - 2015-05-21 15:20 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-04 21:21 - 2015-06-04 21:21 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-06-04 21:21 - 2015-06-04 21:21 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-06-04 07:37 - 2015-06-04 07:37 - 00000348 _____ C:\Windows\PFRO.log
2015-06-03 08:33 - 2015-06-04 07:37 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-06-01 07:15 - 2015-06-05 10:13 - 00000392 _____ C:\Windows\setupact.log
2015-06-01 07:15 - 2015-06-01 07:15 - 00000000 _____ C:\Windows\setuperr.log
2015-06-01 06:25 - 2015-06-01 06:25 - 00000000 ____D C:\Users\___\AppData\Local\GWX
2015-05-24 10:49 - 2015-05-24 10:49 - 00001071 _____ C:\Users\Public\Desktop\Easy2Sync für Outlook.lnk
2015-05-24 10:49 - 2015-05-24 10:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy2Sync für Outlook
2015-05-24 10:49 - 2015-05-24 10:49 - 00000000 ____D C:\Program Files\Easy2Sync für Outlook
2015-05-13 09:17 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 07:45 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 07:44 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 07:44 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-05-13 07:44 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 07:44 - 2015-04-27 21:11 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 07:44 - 2015-04-27 21:11 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 07:44 - 2015-04-27 21:08 - 01307648 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 07:44 - 2015-04-27 21:05 - 00851456 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 07:44 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 07:44 - 2015-04-27 21:05 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 07:44 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 07:44 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 07:44 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 07:44 - 2015-04-27 21:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 07:44 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 07:44 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 07:44 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 07:44 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 07:44 - 2015-04-27 21:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 07:44 - 2015-04-27 21:04 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 07:44 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 07:44 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 07:44 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 07:44 - 2015-04-27 21:04 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 07:44 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 07:44 - 2015-04-27 21:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 07:44 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 07:44 - 2015-04-27 21:04 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 07:44 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 07:44 - 2015-04-27 21:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 07:44 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 07:44 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 07:44 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 07:44 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 07:44 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 07:44 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 07:44 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 07:44 - 2015-04-27 20:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 07:44 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 07:44 - 2015-04-20 04:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 07:44 - 2015-04-20 04:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 07:44 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 07:44 - 2015-04-13 05:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 07:43 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 07:43 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 07:43 - 2015-04-21 18:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 07:43 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 07:43 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 07:43 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 07:43 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 07:43 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 07:43 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 07:43 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 07:43 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 07:43 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 07:43 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 07:43 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 07:43 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 07:43 - 2015-04-21 17:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 07:43 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 07:43 - 2015-04-21 17:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 07:43 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 07:43 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 07:43 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 07:43 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 07:43 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 07:43 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 07:43 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 07:43 - 2015-04-21 17:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 07:43 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 07:43 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 07:43 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 07:43 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 07:43 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 07:43 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 07:43 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 07:43 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 07:43 - 2015-03-04 06:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 07:43 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 07:42 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 07:42 - 2015-04-08 05:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 07:42 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-10 20:35 - 2015-05-10 20:35 - 00001975 _____ C:\Users\Public\Desktop\CompanionLink Setup.lnk
2015-05-10 20:35 - 2015-05-10 20:35 - 00000000 ____D C:\Users\___\AppData\Roaming\CompanionLink
2015-05-10 20:35 - 2015-05-10 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CompanionLink Software, Inc
2015-05-10 20:35 - 2015-05-10 20:35 - 00000000 ____D C:\Program Files\CompanionLink
2015-05-10 08:25 - 2015-05-11 16:06 - 00000000 ____D C:\Users\___\AppData\Roaming\gSyncit
2015-05-06 10:27 - 2015-05-06 10:27 - 00000000 ____D C:\Users\___\AppData\Roaming\CodeTwo Sync for iCloud
2015-05-06 10:27 - 2015-05-06 10:27 - 00000000 ____D C:\ProgramData\CodeTwo
2015-05-06 09:29 - 2015-05-06 09:29 - 00000000 ____D C:\Users\___\AppData\Roaming\CodeTwo

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-05 18:20 - 2015-05-03 14:10 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-05 10:23 - 2009-07-14 06:34 - 00022336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-05 10:23 - 2009-07-14 06:34 - 00022336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-05 10:18 - 2015-04-30 13:47 - 01810990 _____ C:\Windows\WindowsUpdate.log
2015-06-05 10:14 - 2015-04-30 18:53 - 00000000 ___RD C:\Dropbox
2015-06-05 10:14 - 2015-04-30 18:45 - 00000000 ____D C:\Users\___\AppData\Roaming\Dropbox
2015-06-05 10:13 - 2015-05-03 14:10 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-05 10:13 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-05 10:11 - 2015-05-03 19:00 - 00000000 ____D C:\AdwCleaner
2015-06-05 09:39 - 2015-05-01 22:58 - 00000000 ____D C:\Users\___\AppData\Roaming\Dexpot
2015-06-05 09:37 - 2015-05-02 00:26 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-05 09:37 - 2015-05-02 00:26 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-04 21:22 - 2015-05-04 20:25 - 00000000 ____D C:\Users\___\AppData\Local\Adobe
2015-06-04 18:00 - 2015-05-05 07:35 - 00000000 ____D C:\Users\___\AppData\Roaming\vlc
2015-06-04 07:37 - 2015-04-30 14:07 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-06-03 23:45 - 2015-04-30 14:06 - 00000000 ____D C:\Zwischenablage
2015-05-31 15:02 - 2015-04-30 07:54 - 00000000 ____D C:\Musik
2015-05-31 13:00 - 2015-05-03 19:09 - 00000000 ____D C:\Program Files\CCleaner
2015-05-31 12:57 - 2015-05-03 19:09 - 00000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-05-24 11:14 - 2015-04-30 13:54 - 00000000 ____D C:\Users\___\AppData\Local\VirtualStore
2015-05-20 07:21 - 2015-05-02 00:26 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-18 13:50 - 2015-05-04 10:48 - 00000027 _____ C:\Windows\BRMFBIDI.INI
2015-05-15 21:55 - 2015-05-03 11:10 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2015-05-13 22:24 - 2015-05-01 12:07 - 00000000 ____D C:\Users\___\TomTom MySports
2015-05-13 22:24 - 2015-05-01 12:07 - 00000000 ____D C:\Users\___\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TomTom
2015-05-13 17:41 - 2015-05-03 17:35 - 00000000 ____D C:\Users\___\AppData\Roaming\Foxit Software
2015-05-13 16:28 - 2010-11-20 23:01 - 01618320 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-13 12:01 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-05-13 10:20 - 2011-04-12 03:38 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-13 09:55 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-05-13 09:32 - 2009-07-14 06:33 - 00334952 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-13 09:28 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-05-13 09:27 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-13 09:19 - 2015-04-30 18:08 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-05-13 09:09 - 2015-05-01 22:40 - 00000000 ____D C:\Windows\system32\MRT
2015-05-13 08:56 - 2015-05-01 22:39 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-12 07:01 - 2015-04-30 18:53 - 00000976 _____ C:\Users\___\Desktop\Dropbox.lnk
2015-05-12 07:00 - 2015-04-30 18:47 - 00000000 ____D C:\Users\___\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-09 20:25 - 2013-08-21 11:55 - 00000000 ____D C:\Fotos
2015-05-06 12:40 - 2015-05-03 15:18 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-05-06 12:39 - 2015-05-03 15:23 - 00000000 ____D C:\Users\___\AppData\Roaming\Apple Computer
2015-05-06 11:25 - 2015-04-30 18:08 - 00000000 ____D C:\Users\___\AppData\Local\Microsoft Help
2015-05-06 11:11 - 2015-05-03 15:23 - 00000000 ____D C:\Users\___\AppData\Local\Apple Computer

Some files in TEMP:
====================
C:\Users\___\AppData\Local\Temp\avgnt.exe
C:\Users\___\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphenvse.dll
C:\Users\___\AppData\Local\Temp\Quarantine.exe
C:\Users\___\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-03 08:57

==================== End of log ============================

--- --- ---

Addition.txt
FRST Additions Logfile:
[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x86) Version: 03-06-2015
Ran by ___ at 2015-06-05 18:46:46
Running from C:\Users\___\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1096044479-75660273-3594680574-500 - Administrator - Disabled)
___ (S-1-5-21-1096044479-75660273-3594680574-1000 - Administrator - Enabled) => C:\Users\___
Gast (S-1-5-21-1096044479-75660273-3594680574-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AAVUpdateManager (HKLM\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM\...\{d8490d5d-0f24-4000-b2e4-4b500a9a704d}) (Version: 1.1.35.25717 - Avira Operations GmbH & Co. KG)
Avira (Version: 1.1.35.25717 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5571 - CDBurnerXP)
CompanionLink (HKLM\...\{506EA5AF-B1FF-4340-AFC5-7A3EAC61737F}) (Version: 6.00.6000 - Ihr Firmenname)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dexpot (HKU\S-1-5-21-1096044479-75660273-3594680574-1000\...\Dexpot) (Version: 1.6.14 - Dexpot GbR)
Dropbox (HKU\S-1-5-21-1096044479-75660273-3594680574-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
Easy2Sync für Outlook 8.03.00 (HKLM\...\{EF702322-B623-4B6A-B41D-411725582043}_is1) (Version: 8.03.00 - ITSTH)
FormatFactory 3.6.0.0 (HKLM\...\FormatFactory) (Version: 3.6.0.0 - Format Factory)
Fotogalerie (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 7.0.8.1216 - Foxit Software Inc.)
Google Earth (HKLM\...\{1A295C25-6E02-49FB-826B-F0D2C56FFA4E}) (Version: 7.1.4.1529 - Google)
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{CE1F04C7-79BC-4219-BE6A-BA490224D4B5}) (Version: 12.1.2.27 - Apple Inc.)
KeePass Password Safe 1.29 (HKLM\...\KeePass Password Safe_is1) (Version: 1.29 - Dominik Reichl)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.5 (x86 de) (HKLM\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
PDF24 Creator 6.9.2 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SteuerSparErklärung 2015 (HKLM\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.32.155 - Akademische Arbeitsgemeinschaft)
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1096044479-75660273-3594680574-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\___\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1096044479-75660273-3594680574-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\___\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1096044479-75660273-3594680574-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\___\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1096044479-75660273-3594680574-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\___\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1096044479-75660273-3594680574-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\___\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1096044479-75660273-3594680574-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\___\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1096044479-75660273-3594680574-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\___\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1096044479-75660273-3594680574-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\___\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1096044479-75660273-3594680574-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\___\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1096044479-75660273-3594680574-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\___\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll (Dropbox, Inc.)

==================== Restore Points =========================

29-05-2015 09:51:41 Geplanter Prüfpunkt
05-06-2015 08:42:30 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1FD2E9D1-DB27-426B-94D6-EB4528099A9D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {265CD66A-D48B-43C8-84E8-AE797CE60C6C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: {42F5BAD5-F5BA-43E2-87EA-8E4C73D5ADDA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7ECF90A3-8286-4C4E-996D-70EB51D378F0} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {8DA86CFF-DF5C-4EBE-892E-D0D8492DFA42} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {A7D52D44-1F1F-4476-AFAA-B3430D8FB9F8} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {ADA97CAF-207C-478C-831F-B9516E01BA70} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {CAC6DC7E-9480-48D6-8E4C-9EBFDDEB31E8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-03] (Google Inc.)
Task: {CE415680-B37F-44BF-A295-13965F392E0F} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {E1340D4F-C081-4F45-8D41-403AFAD8CFB7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {F16904BE-D878-42F3-ACAE-43A1F434B4CB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-03] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2008-10-24 16:35 - 2008-10-24 16:35 - 00128296 _____ () C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2015-03-20 18:12 - 2015-03-20 18:12 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-03 11:10 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-05-03 11:10 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2015-05-03 11:10 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-05-03 11:10 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2015-05-03 11:10 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2009-03-06 15:24 - 2009-03-06 15:24 - 00057344 _____ () c:\program files\companionlink\ClxMD5.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2015-06-05 10:13 - 2015-06-05 10:13 - 00043008 _____ () c:\users\___\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphenvse.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\___\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\___\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\___\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\___\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-03-11 10:05 - 2015-03-11 10:05 - 00020480 _____ () c:\program files\companionlink\DCLHelper\CLDCLHelper.exe
2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1096044479-75660273-3594680574-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 195.234.128.9 - 195.234.128.16

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PDFPrint => C:\Program Files\PDF24\pdf24.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{52FE17D0-C6E1-4A37-9918-EAA49C1D60D4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{010B4A18-6C8A-4BA8-BA61-06A82A4A820F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C4270F47-34DE-4602-A775-A15DCB5A1AEF}] => (Allow) C:\Users\___\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{B12E215C-391E-466E-99A2-E08C139DB33E}] => (Allow) C:\Users\___\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{05C6A134-6594-43E0-9CF5-0FBD739B363B}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{961CFB16-C832-4A2A-B143-DA4DAFA19309}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{627D56FB-4C98-4D1A-8022-2BD8084B39BC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{81276085-3D50-4C2F-8881-1A2362EF2F0E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{595774AB-C097-4DD8-A56C-1DFB7C6DA1D8}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B4C05893-101E-4FA6-9273-4DF6F3007360}] => (Allow) LPort=2869
FirewallRules: [{D7209B66-0CDB-4038-B6B7-427AF7A8DC88}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{54DBA203-7A72-42E3-8BAE-C5D832429942}C:\users\___\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\___\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{9B35658D-C536-46B4-B133-19F313D6B852}C:\users\___\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\___\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{1EC9B666-AA6A-4678-B85E-DADB1A249856}] => (Allow) LPort=1201
FirewallRules: [{701282EF-8F4F-4A7C-A05C-4F8256FC92DA}] => (Allow) C:\Program Files\Easy2Sync für Outlook\E2S4Outlook.exe
FirewallRules: [{CD41722A-A02A-455F-81FB-0211E212C3B6}] => (Allow) C:\Program Files\Easy2Sync für Outlook\E2S4Outlook64Bit.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Faulty Device Manager Devices =============

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Dell Truemobile 355 Bluetooth + EDR
Description: Dell Truemobile 355 Bluetooth + EDR
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Dell
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/05/2015 04:34:56 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 

Error: (06/05/2015 10:13:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 09:38:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 08:13:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/04/2015 03:39:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2237663

Error: (06/04/2015 03:39:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2237663

Error: (06/04/2015 03:39:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/04/2015 03:01:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15054

Error: (06/04/2015 03:01:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15054

Error: (06/04/2015 03:01:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (06/05/2015 11:29:19 AM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.

Error: (06/05/2015 10:12:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (06/05/2015 10:12:14 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WMPNetworkSvc" konnte sich nicht als "NT AUTHORITY\NetworkService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (06/05/2015 10:12:14 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (06/05/2015 10:12:14 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (06/05/2015 10:11:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Office Software Protection Platform" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/05/2015 10:11:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/05/2015 10:11:44 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/05/2015 10:11:44 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/05/2015 10:11:43 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (06/05/2015 04:34:56 PM) (Source: Adobe Reader) (EventID: 16) (User: )
Description: 

Error: (06/05/2015 10:13:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 09:38:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 08:13:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/04/2015 03:39:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2237663

Error: (06/04/2015 03:39:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2237663

Error: (06/04/2015 03:39:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/04/2015 03:01:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15054

Error: (06/04/2015 03:01:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15054

Error: (06/04/2015 03:01:58 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz
Percentage of memory in use: 68%
Total physical RAM: 1526.19 MB
Available physical RAM: 475.7 MB
Total Pagefile: 3052.38 MB
Available Pagefile: 1321.11 MB
Total Virtual: 2047.88 MB
Available Virtual: 1884.29 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:93.06 GB) (Free:21.52 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 91.8 GB) (Disk ID: 23F12D67)
Partition 1: (Active) - (Size=93.1 GB) - (Type=07 NTFS)

==================== End of log ============================

--- --- ---

--- --- ---

schrauber · 06.06.2015, 16:04

hi,

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

kaiman888 · 07.06.2015, 20:27

"Leider" nichts gefunden:

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.06.07.05
  rootkit: v2015.06.02.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.17801
___ :: KAIMAN [administrator]

07.06.2015 20:32:08
mbar-log-2015-06-07 (20-32-08).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 321703
Time elapsed: 32 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Code:

ATTFilter

21:17:45.0854 0x02c0  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
21:17:55.0667 0x02c0  ============================================================
21:17:55.0667 0x02c0  Current date / time: 2015/06/07 21:17:55.0667
21:17:55.0667 0x02c0  SystemInfo:
21:17:55.0667 0x02c0  
21:17:55.0667 0x02c0  OS Version: 6.1.7601 ServicePack: 1.0
21:17:55.0667 0x02c0  Product type: Workstation
21:17:55.0667 0x02c0  ComputerName: KAIMAN
21:17:55.0667 0x02c0  UserName: ___
21:17:55.0667 0x02c0  Windows directory: C:\Windows
21:17:55.0667 0x02c0  System windows directory: C:\Windows
21:17:55.0667 0x02c0  Processor architecture: Intel x86
21:17:55.0667 0x02c0  Number of processors: 2
21:17:55.0667 0x02c0  Page size: 0x1000
21:17:55.0667 0x02c0  Boot type: Normal boot
21:17:55.0667 0x02c0  ============================================================
21:17:57.0601 0x02c0  KLMD registered as C:\Windows\system32\drivers\16711604.sys
21:17:57.0913 0x02c0  System UUID: {38B6B436-778D-769B-A81F-FFFBE965330E}
21:17:58.0756 0x02c0  Drive \Device\Harddisk0\DR0 - Size: 0x16F0649400 ( 91.76 Gb ), SectorSize: 0x200, Cylinders: 0x2ECA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:17:58.0756 0x02c0  ============================================================
21:17:58.0756 0x02c0  \Device\Harddisk0\DR0:
21:17:58.0756 0x02c0  MBR partitions:
21:17:58.0756 0x02c0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xBA1F000
21:17:58.0756 0x02c0  ============================================================
21:17:58.0787 0x02c0  C: <-> \Device\Harddisk0\DR0\Partition1
21:17:58.0802 0x02c0  ============================================================
21:17:58.0802 0x02c0  Initialize success
21:17:58.0802 0x02c0  ============================================================
21:20:10.0412 0x11c0  ============================================================
21:20:10.0412 0x11c0  Scan started
21:20:10.0412 0x11c0  Mode: Manual; SigCheck; TDLFS; 
21:20:10.0412 0x11c0  ============================================================
21:20:10.0412 0x11c0  KSN ping started
21:20:24.0169 0x11c0  KSN ping finished: true
21:20:24.0731 0x11c0  ================ Scan system memory ========================
21:20:24.0731 0x11c0  System memory - ok
21:20:24.0731 0x11c0  ================ Scan services =============================
21:20:24.0949 0x11c0  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
21:20:25.0214 0x11c0  1394ohci - ok
21:20:25.0324 0x11c0  [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
21:20:25.0355 0x11c0  AAV UpdateService - ok
21:20:25.0402 0x11c0  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:20:25.0417 0x11c0  ACPI - ok
21:20:25.0464 0x11c0  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:20:25.0542 0x11c0  AcpiPmi - ok
21:20:25.0636 0x11c0  [ 929593D76589294BA3F74540298D1B3E, 3D1C1772579141BD1040363BD65F2A2D78BF42EC85AE96317AE397E3D5267145 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:20:25.0651 0x11c0  AdobeARMservice - ok
21:20:25.0714 0x11c0  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:20:25.0760 0x11c0  adp94xx - ok
21:20:25.0776 0x11c0  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:20:25.0792 0x11c0  adpahci - ok
21:20:25.0823 0x11c0  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:20:25.0838 0x11c0  adpu320 - ok
21:20:25.0870 0x11c0  [ 12E6A172D72AFC626727B8635DD17E39, 33B3D109C39DF6EA86AFC3C89A93657906E981D3D22FF854401BC7326990CC08 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:20:25.0916 0x11c0  AeLookupSvc - ok
21:20:25.0979 0x11c0  [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD             C:\Windows\system32\drivers\afd.sys
21:20:26.0041 0x11c0  AFD - ok
21:20:26.0088 0x11c0  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
21:20:26.0119 0x11c0  agp440 - ok
21:20:26.0150 0x11c0  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
21:20:26.0166 0x11c0  aic78xx - ok
21:20:26.0213 0x11c0  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
21:20:26.0275 0x11c0  ALG - ok
21:20:26.0338 0x11c0  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:20:26.0353 0x11c0  aliide - ok
21:20:26.0369 0x11c0  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
21:20:26.0384 0x11c0  amdagp - ok
21:20:26.0400 0x11c0  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:20:26.0416 0x11c0  amdide - ok
21:20:26.0447 0x11c0  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:20:26.0478 0x11c0  AmdK8 - ok
21:20:26.0509 0x11c0  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
21:20:26.0572 0x11c0  AmdPPM - ok
21:20:26.0634 0x11c0  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:20:26.0665 0x11c0  amdsata - ok
21:20:26.0681 0x11c0  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:20:26.0696 0x11c0  amdsbs - ok
21:20:26.0712 0x11c0  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:20:26.0728 0x11c0  amdxata - ok
21:20:26.0884 0x11c0  [ D908096B873B940BB438CE63BA35BD1E, F1C79C907E6CDBC2770C16AFFAE0D6F9B9B7DA21F5074D602AC5FE1597975748 ] AntiVirMailService C:\Program Files\Avira\Antivirus\avmailc7.exe
21:20:26.0930 0x11c0  AntiVirMailService - ok
21:20:26.0993 0x11c0  [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirSchedulerService C:\Program Files\Avira\Antivirus\sched.exe
21:20:27.0024 0x11c0  AntiVirSchedulerService - ok
21:20:27.0055 0x11c0  [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirService  C:\Program Files\Avira\Antivirus\avguard.exe
21:20:27.0086 0x11c0  AntiVirService - ok
21:20:27.0164 0x11c0  [ 0F3D12E5FAE0082DB3F306095CA6B027, 726D054357031F45B43C87D798E84FA93439ECA6C691EB8C76FE524B50C25B32 ] AntiVirWebService C:\Program Files\Avira\Antivirus\avwebg7.exe
21:20:27.0227 0x11c0  AntiVirWebService - ok
21:20:27.0258 0x11c0  [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID           C:\Windows\system32\drivers\appid.sys
21:20:27.0305 0x11c0  AppID - ok
21:20:27.0320 0x11c0  [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:20:27.0367 0x11c0  AppIDSvc - ok
21:20:27.0414 0x11c0  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
21:20:27.0461 0x11c0  Appinfo - ok
21:20:27.0586 0x11c0  [ D2B87FC03BE28CD0B33C2B5C1119FD8E, 97EB74CB7F62C0D06D45CB250E3A90657A0F107C2FC20738FF6B2C87B0240080 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:20:27.0601 0x11c0  Apple Mobile Device - ok
21:20:27.0648 0x11c0  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
21:20:27.0664 0x11c0  arc - ok
21:20:27.0679 0x11c0  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:20:27.0695 0x11c0  arcsas - ok
21:20:27.0835 0x11c0  [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:20:27.0866 0x11c0  aspnet_state - ok
21:20:27.0898 0x11c0  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:20:28.0054 0x11c0  AsyncMac - ok
21:20:28.0100 0x11c0  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:20:28.0116 0x11c0  atapi - ok
21:20:28.0194 0x11c0  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:20:28.0241 0x11c0  AudioEndpointBuilder - ok
21:20:28.0256 0x11c0  [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
21:20:28.0288 0x11c0  Audiosrv - ok
21:20:28.0319 0x11c0  [ EC17E91BC9026C5ED580FB2B13E341AB, 2D9421AE05F3D4A8DBD69D73B4B562EA4F93FBD12AB2F77C52DA8B411626EBF1 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
21:20:28.0366 0x11c0  avgntflt - ok
21:20:28.0381 0x11c0  [ 7BAA36ED6C6098899D9E1269A61085C3, 2D101F1C6C79B0BD722BDB5939344F65728EC2F5B747B6619640775E6FDEFC0A ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
21:20:28.0397 0x11c0  avipbb - ok
21:20:28.0459 0x11c0  [ A33384A5CA1CE308ABF16815AFE1873D, 54AD83AEC416EDC13BD6CE53072E9E0A1510E332186975F7E577D0385981FB40 ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
21:20:28.0490 0x11c0  Avira.OE.ServiceHost - ok
21:20:28.0506 0x11c0  [ F80F5DCA8A5D9D93CC5BE933D20CAF05, 2AFBB2D62127FACBCABBB3E78F3568A6BA016ED4A97A1490BAA29A1EFB7A4408 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
21:20:28.0506 0x11c0  avkmgr - ok
21:20:28.0553 0x11c0  [ 3303FB85532093FC6723632B5947E8C4, F8301069A8EAD7303CAE5B7CAE3F119747E7B7B4402178018EB5254087238A42 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
21:20:28.0568 0x11c0  avnetflt - ok
21:20:28.0615 0x11c0  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:20:28.0709 0x11c0  AxInstSV - ok
21:20:28.0771 0x11c0  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
21:20:28.0834 0x11c0  b06bdrv - ok
21:20:28.0880 0x11c0  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
21:20:28.0912 0x11c0  b57nd60x - ok
21:20:28.0943 0x11c0  [ 82DD21BFA8BBE0A3A3833A1BD8E86158, 72975911934948B47D4E88BCF1A6260185E6F1C451BEB62DD3F3A238DC7EE3C2 ] bcm4sbxp        C:\Windows\system32\DRIVERS\bcm4sbxp.sys
21:20:28.0974 0x11c0  bcm4sbxp - ok
21:20:29.0005 0x11c0  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
21:20:29.0052 0x11c0  BDESVC - ok
21:20:29.0068 0x11c0  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:20:29.0114 0x11c0  Beep - ok
21:20:29.0161 0x11c0  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
21:20:29.0224 0x11c0  BFE - ok
21:20:29.0286 0x11c0  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
21:20:29.0348 0x11c0  BITS - ok
21:20:29.0380 0x11c0  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:20:29.0395 0x11c0  blbdrive - ok
21:20:29.0520 0x11c0  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:20:29.0567 0x11c0  Bonjour Service - ok
21:20:29.0598 0x11c0  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:20:29.0629 0x11c0  bowser - ok
21:20:29.0660 0x11c0  [ CAED732C8D2A1914651F6279128CCDB7, C9394A166481EDF5A076B96D47B827205928A5B654451DFBE4ECCB7577FE628F ] brfilt          C:\Windows\system32\Drivers\Brfilt.sys
21:20:29.0692 0x11c0  brfilt - ok
21:20:29.0723 0x11c0  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:20:29.0770 0x11c0  BrFiltLo - ok
21:20:29.0801 0x11c0  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:20:29.0832 0x11c0  BrFiltUp - ok
21:20:29.0832 0x11c0  brmfrsmg - ok
21:20:29.0879 0x11c0  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
21:20:29.0926 0x11c0  Browser - ok
21:20:29.0957 0x11c0  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:20:30.0004 0x11c0  Brserid - ok
21:20:30.0035 0x11c0  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\Drivers\BrSerWdm.sys
21:20:30.0066 0x11c0  BrSerWdm - ok
21:20:30.0082 0x11c0  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\Drivers\BrUsbMdm.sys
21:20:30.0113 0x11c0  BrUsbMdm - ok
21:20:30.0144 0x11c0  [ 5614F91DD5D5A8744DBE390C391F0BBB, F2C3D25C3A73C8D0133FBAEC740CE5E5CA1B0F5ABF4C678B3692E2F70AC1C598 ] BrUsbScn        C:\Windows\system32\Drivers\BrUsbScn.sys
21:20:30.0160 0x11c0  BrUsbScn - ok
21:20:30.0191 0x11c0  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:20:30.0222 0x11c0  BrUsbSer - ok
21:20:30.0269 0x11c0  [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
21:20:30.0300 0x11c0  BthEnum - ok
21:20:30.0331 0x11c0  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:20:30.0362 0x11c0  BTHMODEM - ok
21:20:30.0394 0x11c0  [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:20:30.0425 0x11c0  BthPan - ok
21:20:30.0472 0x11c0  [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
21:20:30.0518 0x11c0  BTHPORT - ok
21:20:30.0550 0x11c0  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
21:20:30.0581 0x11c0  bthserv - ok
21:20:30.0612 0x11c0  [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
21:20:30.0643 0x11c0  BTHUSB - ok
21:20:30.0674 0x11c0  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:20:30.0706 0x11c0  cdfs - ok
21:20:30.0768 0x11c0  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:20:30.0815 0x11c0  cdrom - ok
21:20:30.0877 0x11c0  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:20:30.0940 0x11c0  CertPropSvc - ok
21:20:30.0971 0x11c0  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:20:31.0002 0x11c0  circlass - ok
21:20:31.0033 0x11c0  [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS            C:\Windows\system32\CLFS.sys
21:20:31.0064 0x11c0  CLFS - ok
21:20:31.0142 0x11c0  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:20:31.0174 0x11c0  clr_optimization_v2.0.50727_32 - ok
21:20:31.0236 0x11c0  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:20:31.0267 0x11c0  clr_optimization_v4.0.30319_32 - ok
21:20:31.0283 0x11c0  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:20:31.0314 0x11c0  CmBatt - ok
21:20:31.0361 0x11c0  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:20:31.0376 0x11c0  cmdide - ok
21:20:31.0423 0x11c0  [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG             C:\Windows\system32\Drivers\cng.sys
21:20:31.0470 0x11c0  CNG - ok
21:20:31.0486 0x11c0  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:20:31.0501 0x11c0  Compbatt - ok
21:20:31.0517 0x11c0  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:20:31.0532 0x11c0  CompositeBus - ok
21:20:31.0548 0x11c0  COMSysApp - ok
21:20:31.0579 0x11c0  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:20:31.0595 0x11c0  crcdisk - ok
21:20:31.0626 0x11c0  [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:20:31.0657 0x11c0  CryptSvc - ok
21:20:31.0704 0x11c0  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:20:31.0766 0x11c0  DcomLaunch - ok
21:20:31.0798 0x11c0  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
21:20:31.0844 0x11c0  defragsvc - ok
21:20:31.0876 0x11c0  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:20:31.0922 0x11c0  DfsC - ok
21:20:31.0954 0x11c0  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:20:31.0985 0x11c0  Dhcp - ok
21:20:32.0110 0x11c0  [ E95DE5B790B2D16706DAC8472E51F31A, 9D7A72742D369B9F0E4ACEC9C1850D0D60E975AEBEFF5BA06B954EA3AB3E9FF6 ] DiagTrack       C:\Windows\system32\diagtrack.dll
21:20:32.0172 0x11c0  DiagTrack - ok
21:20:32.0188 0x11c0  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
21:20:32.0219 0x11c0  discache - ok
21:20:32.0266 0x11c0  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
21:20:32.0297 0x11c0  Disk - ok
21:20:32.0328 0x11c0  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:20:32.0375 0x11c0  Dnscache - ok
21:20:32.0406 0x11c0  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:20:32.0437 0x11c0  dot3svc - ok
21:20:32.0468 0x11c0  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
21:20:32.0515 0x11c0  DPS - ok
21:20:32.0609 0x11c0  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:20:32.0656 0x11c0  drmkaud - ok
21:20:32.0734 0x11c0  [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:20:32.0780 0x11c0  DXGKrnl - ok
21:20:32.0812 0x11c0  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
21:20:32.0858 0x11c0  EapHost - ok
21:20:33.0061 0x11c0  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
21:20:33.0217 0x11c0  ebdrv - ok
21:20:33.0248 0x11c0  [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] EFS             C:\Windows\System32\lsass.exe
21:20:33.0280 0x11c0  EFS - ok
21:20:33.0373 0x11c0  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:20:33.0451 0x11c0  ehRecvr - ok
21:20:33.0467 0x11c0  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
21:20:33.0498 0x11c0  ehSched - ok
21:20:33.0607 0x11c0  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:20:33.0638 0x11c0  elxstor - ok
21:20:33.0670 0x11c0  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:20:33.0685 0x11c0  ErrDev - ok
21:20:33.0748 0x11c0  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
21:20:33.0794 0x11c0  EventSystem - ok
21:20:33.0826 0x11c0  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:20:33.0872 0x11c0  exfat - ok
21:20:33.0904 0x11c0  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:20:33.0950 0x11c0  fastfat - ok
21:20:33.0997 0x11c0  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
21:20:34.0060 0x11c0  Fax - ok
21:20:34.0091 0x11c0  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys
21:20:34.0106 0x11c0  fdc - ok
21:20:34.0122 0x11c0  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
21:20:34.0153 0x11c0  fdPHost - ok
21:20:34.0169 0x11c0  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:20:34.0216 0x11c0  FDResPub - ok
21:20:34.0231 0x11c0  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:20:34.0247 0x11c0  FileInfo - ok
21:20:34.0262 0x11c0  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:20:34.0294 0x11c0  Filetrace - ok
21:20:34.0325 0x11c0  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:20:34.0340 0x11c0  flpydisk - ok
21:20:34.0372 0x11c0  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:20:34.0387 0x11c0  FltMgr - ok
21:20:34.0481 0x11c0  [ 6EC244F102C7F129678E5F7309D1366D, C30DA201AC623DA440B0A0716534557C578218C2A591FA8893CCCBD96B4518F9 ] FontCache       C:\Windows\system32\FntCache.dll
21:20:34.0559 0x11c0  FontCache - ok
21:20:34.0621 0x11c0  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:20:34.0652 0x11c0  FontCache3.0.0.0 - ok
21:20:34.0684 0x11c0  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:20:34.0699 0x11c0  FsDepends - ok
21:20:34.0746 0x11c0  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:20:34.0777 0x11c0  Fs_Rec - ok
21:20:34.0808 0x11c0  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:20:34.0840 0x11c0  fvevol - ok
21:20:34.0855 0x11c0  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:20:34.0871 0x11c0  gagp30kx - ok
21:20:34.0918 0x11c0  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:20:34.0918 0x11c0  GEARAspiWDM - ok
21:20:34.0980 0x11c0  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:20:35.0042 0x11c0  gpsvc - ok
21:20:35.0120 0x11c0  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
21:20:35.0152 0x11c0  gupdate - ok
21:20:35.0167 0x11c0  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
21:20:35.0183 0x11c0  gupdatem - ok
21:20:35.0214 0x11c0  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:20:35.0245 0x11c0  hcw85cir - ok
21:20:35.0292 0x11c0  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:20:35.0339 0x11c0  HdAudAddService - ok
21:20:35.0354 0x11c0  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:20:35.0386 0x11c0  HDAudBus - ok
21:20:35.0401 0x11c0  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:20:35.0432 0x11c0  HidBatt - ok
21:20:35.0448 0x11c0  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:20:35.0479 0x11c0  HidBth - ok
21:20:35.0510 0x11c0  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:20:35.0588 0x11c0  HidIr - ok
21:20:35.0620 0x11c0  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
21:20:35.0682 0x11c0  hidserv - ok
21:20:35.0760 0x11c0  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:20:35.0807 0x11c0  HidUsb - ok
21:20:35.0854 0x11c0  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:20:35.0900 0x11c0  hkmsvc - ok
21:20:35.0932 0x11c0  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:20:35.0978 0x11c0  HomeGroupListener - ok
21:20:36.0010 0x11c0  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:20:36.0041 0x11c0  HomeGroupProvider - ok
21:20:36.0088 0x11c0  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:20:36.0103 0x11c0  HpSAMD - ok
21:20:36.0166 0x11c0  [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:20:36.0197 0x11c0  HTTP - ok
21:20:36.0244 0x11c0  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:20:36.0259 0x11c0  hwpolicy - ok
21:20:36.0290 0x11c0  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:20:36.0322 0x11c0  i8042prt - ok
21:20:36.0415 0x11c0  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:20:36.0462 0x11c0  iaStorV - ok
21:20:36.0618 0x11c0  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:20:36.0665 0x11c0  idsvc - ok
21:20:36.0696 0x11c0  IEEtwCollectorService - ok
21:20:36.0961 0x11c0  [ 9467514EA189475A6E7FDC5D7BDE9D3F, E6F5B99BF6B614832770F9310B06334A8174C7660DDEC7589433640527A14683 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
21:20:37.0351 0x11c0  igfx - ok
21:20:37.0460 0x11c0  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:20:37.0476 0x11c0  iirsp - ok
21:20:37.0679 0x11c0  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
21:20:37.0741 0x11c0  IKEEXT - ok
21:20:37.0788 0x11c0  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:20:37.0819 0x11c0  intelide - ok
21:20:37.0850 0x11c0  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:20:37.0882 0x11c0  intelppm - ok
21:20:37.0897 0x11c0  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:20:37.0944 0x11c0  IPBusEnum - ok
21:20:37.0960 0x11c0  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:20:38.0006 0x11c0  IpFilterDriver - ok
21:20:38.0053 0x11c0  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:20:38.0100 0x11c0  iphlpsvc - ok
21:20:38.0131 0x11c0  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:20:38.0178 0x11c0  IPMIDRV - ok
21:20:38.0209 0x11c0  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:20:38.0256 0x11c0  IPNAT - ok
21:20:38.0350 0x11c0  [ FB7679FD086C60597F8C6929FF66FAC2, 6333339CB052D2A64CFBE5916D6D8F2A4D6CA84A31B549F70733A91F3C4D6EB8 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:20:38.0396 0x11c0  iPod Service - ok
21:20:38.0412 0x11c0  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:20:38.0443 0x11c0  IRENUM - ok
21:20:38.0474 0x11c0  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:20:38.0490 0x11c0  isapnp - ok
21:20:38.0599 0x11c0  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:20:38.0630 0x11c0  iScsiPrt - ok
21:20:38.0677 0x11c0  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:20:38.0708 0x11c0  kbdclass - ok
21:20:38.0755 0x11c0  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:20:38.0802 0x11c0  kbdhid - ok
21:20:38.0833 0x11c0  [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] KeyIso          C:\Windows\system32\lsass.exe
21:20:38.0864 0x11c0  KeyIso - ok
21:20:38.0896 0x11c0  [ 6DD2A1064DD8AFBED22E71176E2AF59B, 915F36860DAA72DA89E906A7F6F255A854A2A91EEA536A7C2EDB4A63250F66CC ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:20:38.0911 0x11c0  KSecDD - ok
21:20:38.0927 0x11c0  [ 76C0D35167B1369C68388FEDB56A3048, 2788962AB21DBB0A4D130AE5F822E9FDB96D7FF6320E2798714BF18BCB9CAE4F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:20:38.0942 0x11c0  KSecPkg - ok
21:20:38.0989 0x11c0  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:20:39.0052 0x11c0  KtmRm - ok
21:20:39.0098 0x11c0  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:20:39.0145 0x11c0  LanmanServer - ok
21:20:39.0192 0x11c0  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:20:39.0223 0x11c0  LanmanWorkstation - ok
21:20:39.0286 0x11c0  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:20:39.0332 0x11c0  lltdio - ok
21:20:39.0364 0x11c0  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:20:39.0426 0x11c0  lltdsvc - ok
21:20:39.0442 0x11c0  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:20:39.0488 0x11c0  lmhosts - ok
21:20:39.0504 0x11c0  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:20:39.0535 0x11c0  LSI_FC - ok
21:20:39.0551 0x11c0  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:20:39.0566 0x11c0  LSI_SAS - ok
21:20:39.0582 0x11c0  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:20:39.0598 0x11c0  LSI_SAS2 - ok
21:20:39.0644 0x11c0  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:20:39.0660 0x11c0  LSI_SCSI - ok
21:20:39.0676 0x11c0  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:20:39.0722 0x11c0  luafv - ok
21:20:39.0754 0x11c0  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:20:39.0785 0x11c0  Mcx2Svc - ok
21:20:39.0800 0x11c0  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:20:39.0816 0x11c0  megasas - ok
21:20:39.0847 0x11c0  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:20:39.0878 0x11c0  MegaSR - ok
21:20:39.0910 0x11c0  [ 26F4CA8A0B33658382424BF0B4326C0A, 366903BC3FAA7683A5F9DE5A865CA407EA1C615FB39462D2DB77F6FB0548940C ] mf              C:\Windows\system32\DRIVERS\mf.sys
21:20:39.0925 0x11c0  mf - ok
21:20:39.0956 0x11c0  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
21:20:40.0019 0x11c0  MMCSS - ok
21:20:40.0034 0x11c0  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
21:20:40.0066 0x11c0  Modem - ok
21:20:40.0112 0x11c0  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:20:40.0128 0x11c0  monitor - ok
21:20:40.0159 0x11c0  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:20:40.0175 0x11c0  mouclass - ok
21:20:40.0190 0x11c0  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:20:40.0222 0x11c0  mouhid - ok
21:20:40.0253 0x11c0  [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:20:40.0268 0x11c0  mountmgr - ok
21:20:40.0331 0x11c0  [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:20:40.0362 0x11c0  MozillaMaintenance - ok
21:20:40.0378 0x11c0  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:20:40.0409 0x11c0  mpio - ok
21:20:40.0424 0x11c0  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:20:40.0456 0x11c0  mpsdrv - ok
21:20:40.0502 0x11c0  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:20:40.0596 0x11c0  MpsSvc - ok
21:20:40.0627 0x11c0  [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:20:40.0674 0x11c0  MRxDAV - ok
21:20:40.0721 0x11c0  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:20:40.0768 0x11c0  mrxsmb - ok
21:20:40.0783 0x11c0  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:20:40.0814 0x11c0  mrxsmb10 - ok
21:20:40.0814 0x11c0  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:20:40.0846 0x11c0  mrxsmb20 - ok
21:20:40.0861 0x11c0  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:20:40.0877 0x11c0  msahci - ok
21:20:40.0924 0x11c0  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:20:40.0939 0x11c0  msdsm - ok
21:20:40.0955 0x11c0  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
21:20:40.0970 0x11c0  MSDTC - ok
21:20:41.0002 0x11c0  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:20:41.0033 0x11c0  Msfs - ok
21:20:41.0033 0x11c0  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:20:41.0080 0x11c0  mshidkmdf - ok
21:20:41.0111 0x11c0  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:20:41.0126 0x11c0  msisadrv - ok
21:20:41.0158 0x11c0  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:20:41.0189 0x11c0  MSiSCSI - ok
21:20:41.0204 0x11c0  msiserver - ok
21:20:41.0236 0x11c0  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:20:41.0298 0x11c0  MSKSSRV - ok
21:20:41.0329 0x11c0  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:20:41.0376 0x11c0  MSPCLOCK - ok
21:20:41.0392 0x11c0  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:20:41.0438 0x11c0  MSPQM - ok
21:20:41.0454 0x11c0  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:20:41.0470 0x11c0  MsRPC - ok
21:20:41.0485 0x11c0  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:20:41.0501 0x11c0  mssmbios - ok
21:20:41.0548 0x11c0  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:20:41.0594 0x11c0  MSTEE - ok
21:20:41.0610 0x11c0  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:20:41.0626 0x11c0  MTConfig - ok
21:20:41.0641 0x11c0  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:20:41.0672 0x11c0  Mup - ok
21:20:41.0704 0x11c0  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
21:20:41.0750 0x11c0  napagent - ok
21:20:41.0813 0x11c0  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:20:41.0860 0x11c0  NativeWifiP - ok
21:20:41.0953 0x11c0  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:20:41.0984 0x11c0  NDIS - ok
21:20:42.0016 0x11c0  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:20:42.0062 0x11c0  NdisCap - ok
21:20:42.0094 0x11c0  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:20:42.0140 0x11c0  NdisTapi - ok
21:20:42.0187 0x11c0  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:20:42.0250 0x11c0  Ndisuio - ok
21:20:42.0265 0x11c0  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:20:42.0296 0x11c0  NdisWan - ok
21:20:42.0312 0x11c0  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:20:42.0359 0x11c0  NDProxy - ok
21:20:42.0390 0x11c0  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:20:42.0437 0x11c0  NetBIOS - ok
21:20:42.0452 0x11c0  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:20:42.0484 0x11c0  NetBT - ok
21:20:42.0499 0x11c0  [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] Netlogon        C:\Windows\system32\lsass.exe
21:20:42.0515 0x11c0  Netlogon - ok
21:20:42.0577 0x11c0  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
21:20:42.0640 0x11c0  Netman - ok
21:20:42.0702 0x11c0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:20:42.0733 0x11c0  NetMsmqActivator - ok
21:20:42.0749 0x11c0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:20:42.0764 0x11c0  NetPipeActivator - ok
21:20:42.0796 0x11c0  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
21:20:42.0842 0x11c0  netprofm - ok
21:20:42.0858 0x11c0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:20:42.0874 0x11c0  NetTcpActivator - ok
21:20:42.0889 0x11c0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:20:42.0905 0x11c0  NetTcpPortSharing - ok
21:20:43.0154 0x11c0  [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32        C:\Windows\system32\DRIVERS\netw5v32.sys
21:20:43.0404 0x11c0  netw5v32 - ok
21:20:43.0451 0x11c0  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:20:43.0466 0x11c0  nfrd960 - ok
21:20:43.0498 0x11c0  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:20:43.0560 0x11c0  NlaSvc - ok
21:20:43.0576 0x11c0  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:20:43.0607 0x11c0  Npfs - ok
21:20:43.0622 0x11c0  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
21:20:43.0669 0x11c0  nsi - ok
21:20:43.0685 0x11c0  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:20:43.0732 0x11c0  nsiproxy - ok
21:20:43.0810 0x11c0  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:20:43.0872 0x11c0  Ntfs - ok
21:20:43.0903 0x11c0  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
21:20:43.0950 0x11c0  Null - ok
21:20:44.0012 0x11c0  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:20:44.0028 0x11c0  nvraid - ok
21:20:44.0044 0x11c0  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:20:44.0059 0x11c0  nvstor - ok
21:20:44.0090 0x11c0  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:20:44.0106 0x11c0  nv_agp - ok
21:20:44.0106 0x11c0  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:20:44.0122 0x11c0  ohci1394 - ok
21:20:44.0215 0x11c0  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:20:44.0246 0x11c0  ose - ok
21:20:44.0527 0x11c0  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:20:44.0668 0x11c0  osppsvc - ok
21:20:44.0730 0x11c0  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:20:44.0808 0x11c0  p2pimsvc - ok
21:20:44.0839 0x11c0  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:20:44.0886 0x11c0  p2psvc - ok
21:20:44.0917 0x11c0  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\drivers\parport.sys
21:20:44.0948 0x11c0  Parport - ok
21:20:44.0964 0x11c0  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:20:44.0980 0x11c0  partmgr - ok
21:20:44.0995 0x11c0  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
21:20:45.0011 0x11c0  Parvdm - ok
21:20:45.0042 0x11c0  [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:20:45.0089 0x11c0  PcaSvc - ok
21:20:45.0104 0x11c0  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
21:20:45.0120 0x11c0  pci - ok
21:20:45.0136 0x11c0  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:20:45.0151 0x11c0  pciide - ok
21:20:45.0182 0x11c0  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:20:45.0198 0x11c0  pcmcia - ok
21:20:45.0214 0x11c0  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:20:45.0229 0x11c0  pcw - ok
21:20:45.0292 0x11c0  [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:20:45.0338 0x11c0  PEAUTH - ok
21:20:45.0463 0x11c0  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
21:20:45.0588 0x11c0  pla - ok
21:20:45.0635 0x11c0  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:20:45.0682 0x11c0  PlugPlay - ok
21:20:45.0697 0x11c0  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:20:45.0713 0x11c0  PNRPAutoReg - ok
21:20:45.0744 0x11c0  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:20:45.0775 0x11c0  PNRPsvc - ok
21:20:45.0822 0x11c0  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:20:45.0869 0x11c0  PolicyAgent - ok
21:20:45.0900 0x11c0  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
21:20:45.0947 0x11c0  Power - ok
21:20:45.0978 0x11c0  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:20:46.0025 0x11c0  PptpMiniport - ok
21:20:46.0040 0x11c0  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
21:20:46.0072 0x11c0  Processor - ok
21:20:46.0118 0x11c0  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:20:46.0150 0x11c0  ProfSvc - ok
21:20:46.0165 0x11c0  [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] ProtectedStorage C:\Windows\system32\lsass.exe
21:20:46.0181 0x11c0  ProtectedStorage - ok
21:20:46.0212 0x11c0  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:20:46.0259 0x11c0  Psched - ok
21:20:46.0352 0x11c0  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:20:46.0415 0x11c0  ql2300 - ok
21:20:46.0430 0x11c0  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:20:46.0446 0x11c0  ql40xx - ok
21:20:46.0477 0x11c0  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
21:20:46.0508 0x11c0  QWAVE - ok
21:20:46.0540 0x11c0  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:20:46.0571 0x11c0  QWAVEdrv - ok
21:20:46.0586 0x11c0  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:20:46.0618 0x11c0  RasAcd - ok
21:20:46.0664 0x11c0  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:20:46.0727 0x11c0  RasAgileVpn - ok
21:20:46.0742 0x11c0  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
21:20:46.0789 0x11c0  RasAuto - ok
21:20:46.0820 0x11c0  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:20:46.0852 0x11c0  Rasl2tp - ok
21:20:46.0883 0x11c0  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
21:20:46.0945 0x11c0  RasMan - ok
21:20:46.0961 0x11c0  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:20:47.0008 0x11c0  RasPppoe - ok
21:20:47.0039 0x11c0  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:20:47.0070 0x11c0  RasSstp - ok
21:20:47.0101 0x11c0  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:20:47.0148 0x11c0  rdbss - ok
21:20:47.0164 0x11c0  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
21:20:47.0179 0x11c0  rdpbus - ok
21:20:47.0210 0x11c0  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:20:47.0242 0x11c0  RDPCDD - ok
21:20:47.0273 0x11c0  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:20:47.0304 0x11c0  RDPENCDD - ok
21:20:47.0335 0x11c0  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:20:47.0366 0x11c0  RDPREFMP - ok
21:20:47.0413 0x11c0  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:20:47.0460 0x11c0  RDPWD - ok
21:20:47.0476 0x11c0  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:20:47.0507 0x11c0  rdyboost - ok
21:20:47.0554 0x11c0  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:20:47.0585 0x11c0  RemoteAccess - ok
21:20:47.0616 0x11c0  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:20:47.0694 0x11c0  RemoteRegistry - ok
21:20:47.0741 0x11c0  [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:20:47.0772 0x11c0  RFCOMM - ok
21:20:47.0803 0x11c0  [ 6C1F93C0760C9F79A1869D07233DF39D, 70DD037E76F6E89CE9630175772707BB8588324058079B5F18C505B31306BACE ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
21:20:47.0834 0x11c0  rismxdp - ok
21:20:47.0866 0x11c0  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:20:47.0897 0x11c0  RpcEptMapper - ok
21:20:47.0928 0x11c0  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
21:20:47.0959 0x11c0  RpcLocator - ok
21:20:47.0990 0x11c0  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
21:20:48.0037 0x11c0  RpcSs - ok
21:20:48.0068 0x11c0  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:20:48.0100 0x11c0  rspndr - ok
21:20:48.0115 0x11c0  [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] SamSs           C:\Windows\system32\lsass.exe
21:20:48.0131 0x11c0  SamSs - ok
21:20:48.0162 0x11c0  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:20:48.0178 0x11c0  sbp2port - ok
21:20:48.0209 0x11c0  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:20:48.0256 0x11c0  SCardSvr - ok
21:20:48.0256 0x11c0  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:20:48.0302 0x11c0  scfilter - ok
21:20:48.0365 0x11c0  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
21:20:48.0427 0x11c0  Schedule - ok
21:20:48.0443 0x11c0  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:20:48.0474 0x11c0  SCPolicySvc - ok
21:20:48.0505 0x11c0  [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
21:20:48.0536 0x11c0  sdbus - ok
21:20:48.0568 0x11c0  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:20:48.0599 0x11c0  SDRSVC - ok
21:20:48.0786 0x11c0  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
21:20:48.0848 0x11c0  SDScannerService - ok
21:20:49.0020 0x11c0  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
21:20:49.0082 0x11c0  SDUpdateService - ok
21:20:49.0192 0x11c0  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
21:20:49.0223 0x11c0  SDWSCService - ok
21:20:49.0254 0x11c0  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:20:49.0285 0x11c0  secdrv - ok
21:20:49.0316 0x11c0  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
21:20:49.0363 0x11c0  seclogon - ok
21:20:49.0379 0x11c0  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
21:20:49.0426 0x11c0  SENS - ok
21:20:49.0457 0x11c0  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:20:49.0488 0x11c0  SensrSvc - ok
21:20:49.0504 0x11c0  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\drivers\serenum.sys
21:20:49.0519 0x11c0  Serenum - ok
21:20:49.0550 0x11c0  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\drivers\serial.sys
21:20:49.0582 0x11c0  Serial - ok
21:20:49.0597 0x11c0  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:20:49.0613 0x11c0  sermouse - ok
21:20:49.0644 0x11c0  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:20:49.0675 0x11c0  SessionEnv - ok
21:20:49.0706 0x11c0  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:20:49.0722 0x11c0  sffdisk - ok
21:20:49.0722 0x11c0  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:20:49.0753 0x11c0  sffp_mmc - ok
21:20:49.0753 0x11c0  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:20:49.0800 0x11c0  sffp_sd - ok
21:20:49.0816 0x11c0  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:20:49.0831 0x11c0  sfloppy - ok
21:20:49.0878 0x11c0  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:20:49.0940 0x11c0  SharedAccess - ok
21:20:49.0956 0x11c0  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:20:50.0003 0x11c0  ShellHWDetection - ok
21:20:50.0034 0x11c0  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
21:20:50.0065 0x11c0  sisagp - ok
21:20:50.0096 0x11c0  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:20:50.0128 0x11c0  SiSRaid2 - ok
21:20:50.0143 0x11c0  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:20:50.0159 0x11c0  SiSRaid4 - ok
21:20:50.0174 0x11c0  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:20:50.0206 0x11c0  Smb - ok
21:20:50.0252 0x11c0  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:20:50.0268 0x11c0  SNMPTRAP - ok
21:20:50.0268 0x11c0  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:20:50.0284 0x11c0  spldr - ok
21:20:50.0346 0x11c0  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
21:20:50.0408 0x11c0  Spooler - ok
21:20:50.0580 0x11c0  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
21:20:50.0736 0x11c0  sppsvc - ok
21:20:50.0783 0x11c0  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:20:50.0861 0x11c0  sppuinotify - ok
21:20:50.0923 0x11c0  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:20:50.0970 0x11c0  srv - ok
21:20:51.0001 0x11c0  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:20:51.0032 0x11c0  srv2 - ok
21:20:51.0064 0x11c0  [ E00FDFAFF025E94F9821153750C35A6D, 6ECDC5F314A29B859B0DCB7FF114CACE0718612556299B16412C21F9539DC9B5 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL3.SYS
21:20:51.0079 0x11c0  SrvHsfHDA - ok
21:20:51.0157 0x11c0  [ CEB4E3B6890E1E42DCA6694D9E59E1A0, 00D841690A88F1051A238F67AACCE905E8A59C86070F215A8D31FA3E68C6BF35 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV3.SYS
21:20:51.0220 0x11c0  SrvHsfV92 - ok
21:20:51.0266 0x11c0  [ BC0C7EA89194C299F051C24119000E17, F5FB21F7AD7370F3D5DF7C23F33118ECF19865B995AF12E9A8A8D893E7E6264F ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
21:20:51.0313 0x11c0  SrvHsfWinac - ok
21:20:51.0344 0x11c0  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:20:51.0376 0x11c0  srvnet - ok
21:20:51.0407 0x11c0  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:20:51.0438 0x11c0  SSDPSRV - ok
21:20:51.0469 0x11c0  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
21:20:51.0469 0x11c0  ssmdrv - ok
21:20:51.0485 0x11c0  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:20:51.0532 0x11c0  SstpSvc - ok
21:20:51.0578 0x11c0  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:20:51.0594 0x11c0  stexstor - ok
21:20:51.0688 0x11c0  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
21:20:51.0734 0x11c0  StiSvc - ok
21:20:51.0750 0x11c0  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:20:51.0766 0x11c0  swenum - ok
21:20:51.0797 0x11c0  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
21:20:51.0844 0x11c0  swprv - ok
21:20:51.0922 0x11c0  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
21:20:52.0000 0x11c0  SysMain - ok
21:20:52.0031 0x11c0  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
21:20:52.0046 0x11c0  TabletInputService - ok
21:20:52.0078 0x11c0  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:20:52.0140 0x11c0  TapiSrv - ok
21:20:52.0156 0x11c0  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
21:20:52.0202 0x11c0  TBS - ok
21:20:52.0296 0x11c0  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:20:52.0358 0x11c0  Tcpip - ok
21:20:52.0421 0x11c0  [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:20:52.0483 0x11c0  TCPIP6 - ok
21:20:52.0514 0x11c0  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:20:52.0561 0x11c0  tcpipreg - ok
21:20:52.0608 0x11c0  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:20:52.0639 0x11c0  TDPIPE - ok
21:20:52.0670 0x11c0  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:20:52.0686 0x11c0  TDTCP - ok
21:20:52.0717 0x11c0  [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:20:52.0733 0x11c0  tdx - ok
21:20:52.0748 0x11c0  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:20:52.0764 0x11c0  TermDD - ok
21:20:52.0842 0x11c0  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
21:20:52.0982 0x11c0  TermService - ok
21:20:53.0123 0x11c0  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
21:20:53.0138 0x11c0  Themes - ok
21:20:53.0154 0x11c0  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
21:20:53.0185 0x11c0  THREADORDER - ok
21:20:53.0216 0x11c0  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
21:20:53.0263 0x11c0  TrkWks - ok
21:20:53.0326 0x11c0  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:20:53.0372 0x11c0  TrustedInstaller - ok
21:20:53.0404 0x11c0  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:20:53.0419 0x11c0  tssecsrv - ok
21:20:53.0419 0x11c0  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:20:53.0450 0x11c0  TsUsbFlt - ok
21:20:53.0482 0x11c0  [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:20:53.0497 0x11c0  TsUsbGD - ok
21:20:53.0528 0x11c0  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:20:53.0575 0x11c0  tunnel - ok
21:20:53.0575 0x11c0  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:20:53.0591 0x11c0  uagp35 - ok
21:20:53.0622 0x11c0  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:20:53.0669 0x11c0  udfs - ok
21:20:53.0700 0x11c0  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:20:53.0731 0x11c0  UI0Detect - ok
21:20:53.0747 0x11c0  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:20:53.0762 0x11c0  uliagpkx - ok
21:20:53.0794 0x11c0  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:20:53.0809 0x11c0  umbus - ok
21:20:53.0856 0x11c0  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:20:53.0887 0x11c0  UmPass - ok
21:20:53.0903 0x11c0  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
21:20:53.0950 0x11c0  upnphost - ok
21:20:53.0981 0x11c0  [ EC1C23779BB41A8B2AB2AA6FCE308BDE, D027A2B472CAE97AECB16F69BE52E06CB61E1C61AE196C22662050B711C1C72D ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
21:20:54.0012 0x11c0  USBAAPL - ok
21:20:54.0043 0x11c0  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:20:54.0074 0x11c0  usbccgp - ok
21:20:54.0090 0x11c0  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:20:54.0137 0x11c0  usbcir - ok
21:20:54.0168 0x11c0  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:20:54.0199 0x11c0  usbehci - ok
21:20:54.0246 0x11c0  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:20:54.0277 0x11c0  usbhub - ok
21:20:54.0308 0x11c0  [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:20:54.0324 0x11c0  usbohci - ok
21:20:54.0355 0x11c0  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:20:54.0386 0x11c0  usbprint - ok
21:20:54.0433 0x11c0  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:20:54.0480 0x11c0  USBSTOR - ok
21:20:54.0511 0x11c0  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
21:20:54.0527 0x11c0  usbuhci - ok
21:20:54.0558 0x11c0  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
21:20:54.0589 0x11c0  UxSms - ok
21:20:54.0620 0x11c0  [ 1667D76FBF42B24B9DE3E8B0A7CF06BE, AB9FD4F7B007633FEC552D14932CDEB56DBCE56D152C0EDC91FAFD08E636AADC ] VaultSvc        C:\Windows\system32\lsass.exe
21:20:54.0636 0x11c0  VaultSvc - ok
21:20:54.0667 0x11c0  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:20:54.0683 0x11c0  vdrvroot - ok
21:20:54.0730 0x11c0  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
21:20:54.0776 0x11c0  vds - ok
21:20:54.0808 0x11c0  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:20:54.0839 0x11c0  vga - ok
21:20:54.0854 0x11c0  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:20:54.0886 0x11c0  VgaSave - ok
21:20:54.0886 0x11c0  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:20:54.0917 0x11c0  vhdmp - ok
21:20:54.0932 0x11c0  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
21:20:54.0948 0x11c0  viaagp - ok
21:20:54.0964 0x11c0  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
21:20:54.0995 0x11c0  ViaC7 - ok
21:20:55.0010 0x11c0  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:20:55.0026 0x11c0  viaide - ok
21:20:55.0057 0x11c0  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:20:55.0073 0x11c0  volmgr - ok
21:20:55.0104 0x11c0  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:20:55.0120 0x11c0  volmgrx - ok
21:20:55.0151 0x11c0  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:20:55.0182 0x11c0  volsnap - ok
21:20:55.0213 0x11c0  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:20:55.0229 0x11c0  vsmraid - ok
21:20:55.0307 0x11c0  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
21:20:55.0400 0x11c0  VSS - ok
21:20:55.0416 0x11c0  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:20:55.0432 0x11c0  vwifibus - ok
21:20:55.0463 0x11c0  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
21:20:55.0510 0x11c0  W32Time - ok
21:20:55.0556 0x11c0  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:20:55.0572 0x11c0  WacomPen - ok
21:20:55.0588 0x11c0  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:20:55.0619 0x11c0  WANARP - ok
21:20:55.0634 0x11c0  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:20:55.0666 0x11c0  Wanarpv6 - ok
21:20:55.0744 0x11c0  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
21:20:55.0822 0x11c0  wbengine - ok
21:20:55.0837 0x11c0  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:20:55.0884 0x11c0  WbioSrvc - ok
21:20:55.0915 0x11c0  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:20:55.0946 0x11c0  wcncsvc - ok
21:20:55.0962 0x11c0  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:20:55.0993 0x11c0  WcsPlugInService - ok
21:20:56.0024 0x11c0  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
21:20:56.0040 0x11c0  Wd - ok
21:20:56.0087 0x11c0  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:20:56.0134 0x11c0  Wdf01000 - ok
21:20:56.0165 0x11c0  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:20:56.0180 0x11c0  WdiServiceHost - ok
21:20:56.0196 0x11c0  [ DDE994E9159497D0D5AB2CDF66D1EAD6, 49BEDECA469C47E7622542D3B9BCD31ECDDAA27838495EC5C2F1338E33FEA877 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:20:56.0227 0x11c0  WdiSystemHost - ok
21:20:56.0258 0x11c0  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
21:20:56.0274 0x11c0  WebClient - ok
21:20:56.0321 0x11c0  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:20:56.0352 0x11c0  Wecsvc - ok
21:20:56.0368 0x11c0  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:20:56.0414 0x11c0  wercplsupport - ok
21:20:56.0446 0x11c0  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
21:20:56.0477 0x11c0  WerSvc - ok
21:20:56.0508 0x11c0  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:20:56.0555 0x11c0  WfpLwf - ok
21:20:56.0570 0x11c0  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:20:56.0586 0x11c0  WIMMount - ok
21:20:56.0680 0x11c0  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
21:20:56.0773 0x11c0  WinDefend - ok
21:20:56.0789 0x11c0  WinHttpAutoProxySvc - ok
21:20:56.0867 0x11c0  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:20:56.0929 0x11c0  Winmgmt - ok
21:20:57.0007 0x11c0  [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM           C:\Windows\system32\WsmSvc.dll
21:20:57.0085 0x11c0  WinRM - ok
21:20:57.0132 0x11c0  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
21:20:57.0148 0x11c0  WinUsb - ok
21:20:57.0210 0x11c0  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:20:57.0288 0x11c0  Wlansvc - ok
21:20:57.0413 0x11c0  [ 5E7C103F8475C4289847D15E129C20F7, C6325D3557545FA1DA26B0B1EA9A1C95AED1FA84A93BE29A771DAD9ECB00768B ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:20:57.0475 0x11c0  wlidsvc - ok
21:20:57.0491 0x11c0  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
21:20:57.0522 0x11c0  WmiAcpi - ok
21:20:57.0553 0x11c0  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:20:57.0584 0x11c0  wmiApSrv - ok
21:20:57.0709 0x11c0  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
21:20:57.0772 0x11c0  WMPNetworkSvc - ok
21:20:57.0803 0x11c0  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:20:57.0834 0x11c0  WPCSvc - ok
21:20:57.0850 0x11c0  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:20:57.0881 0x11c0  WPDBusEnum - ok
21:20:57.0912 0x11c0  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:20:57.0943 0x11c0  ws2ifsl - ok
21:20:57.0959 0x11c0  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
21:20:57.0990 0x11c0  wscsvc - ok
21:20:58.0006 0x11c0  WSearch - ok
21:20:58.0130 0x11c0  [ 7E5C454A3F986FEBAD075DB8D915917E, 9E9147DDACD075958689523130DB92FC4ED0E38433461D8AB8792BCFBD9376DA ] wuauserv        C:\Windows\system32\wuaueng.dll
21:20:58.0224 0x11c0  wuauserv - ok
21:20:58.0271 0x11c0  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:20:58.0302 0x11c0  WudfPf - ok
21:20:58.0333 0x11c0  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
21:20:58.0349 0x11c0  WUDFRd - ok
21:20:58.0411 0x11c0  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:20:58.0427 0x11c0  wudfsvc - ok
21:20:58.0458 0x11c0  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:20:58.0489 0x11c0  WwanSvc - ok
21:20:58.0520 0x11c0  ================ Scan global ===============================
21:20:58.0552 0x11c0  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
21:20:58.0583 0x11c0  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
21:20:58.0598 0x11c0  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
21:20:58.0630 0x11c0  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
21:20:58.0676 0x11c0  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
21:20:58.0676 0x11c0  [ Global ] - ok
21:20:58.0676 0x11c0  ================ Scan MBR ==================================
21:20:58.0692 0x11c0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:20:59.0098 0x11c0  \Device\Harddisk0\DR0 - ok
21:20:59.0098 0x11c0  ================ Scan VBR ==================================
21:20:59.0098 0x11c0  [ AF2B4486854505A5A9595764504D5FDD ] \Device\Harddisk0\DR0\Partition1
21:20:59.0098 0x11c0  \Device\Harddisk0\DR0\Partition1 - ok
21:20:59.0113 0x11c0  ================ Scan generic autorun ======================
21:20:59.0176 0x11c0  [ A097F470DB5D1B09CAD8C177C72FB267, 1B498F3EE1D44CC2BD30D92CFF47EA9BA66DD529C64A81FC6A5730EC2A427860 ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
21:20:59.0191 0x11c0  Avira Systray - ok
21:20:59.0300 0x11c0  [ 66177D4C99FD8B578C7C56DE445E4D5D, 003D0254D7C693A72DE84CB76858F8D67D9FD62206F1B56DF7F5D0FA834C3BA7 ] C:\Program Files\Avira\Antivirus\avgnt.exe
21:20:59.0332 0x11c0  avgnt - ok
21:20:59.0363 0x11c0  [ 68239842340DDFF8993DFD9127553EDA, 9FEC34A35D5A91FEF1C4859AFD0C2538C5CD3E1792FB118487368CFDF66CBCA0 ] C:\Windows\system32\igfxtray.exe
21:20:59.0378 0x11c0  IgfxTray - ok
21:20:59.0394 0x11c0  [ 004763BDF8E48244DBB9FDFDE3065EBC, AA88911C51D73C501C67F62A907425EF91D1820D3ED581F0952619EBB6216F14 ] C:\Windows\system32\hkcmd.exe
21:20:59.0410 0x11c0  HotKeysCmds - ok
21:20:59.0425 0x11c0  [ CD1102E5D340216138C7F56FA8D26998, 805BE128B6A52E304A91AD44B6A7322BAD5F72CD400DB5E74D8EF47424894266 ] C:\Windows\system32\igfxpers.exe
21:20:59.0441 0x11c0  Persistence - ok
21:20:59.0566 0x11c0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
21:20:59.0628 0x11c0  Sidebar - ok
21:20:59.0659 0x11c0  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
21:20:59.0690 0x11c0  mctadmin - ok
21:20:59.0737 0x11c0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
21:20:59.0784 0x11c0  Sidebar - ok
21:20:59.0784 0x11c0  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
21:20:59.0815 0x11c0  mctadmin - ok
21:20:59.0956 0x11c0  [ 4761A3614A47BD22027BBA49B38A2BF7, 75A61E8BFA2344248B145C2144E160C82B2086C3531007CB2E627113190A21BF ] C:\Program Files\Dexpot\dexpot.exe
21:21:00.0018 0x11c0  Dexpot - ok
21:21:00.0080 0x11c0  CompanionLink - ok
21:21:00.0080 0x11c0  Waiting for KSN requests completion. In queue: 84
21:21:01.0094 0x11c0  Waiting for KSN requests completion. In queue: 84
21:21:02.0108 0x11c0  Waiting for KSN requests completion. In queue: 84
21:21:03.0247 0x11c0  AV detected via SS2: Avira Antivirus, C:\Program Files\Avira\Antivirus\wsctool.exe ( 15.0.10.414 ), 0x41000 ( enabled : updated )
21:21:03.0278 0x11c0  Win FW state via NFP2: enabled
21:21:06.0071 0x11c0  ============================================================
21:21:06.0071 0x11c0  Scan finished
21:21:06.0071 0x11c0  ============================================================
21:21:06.0086 0x0d94  Detected object count: 0
21:21:06.0086 0x0d94  Actual detected object count: 0

schrauber · 08.06.2015, 15:28

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

kaiman888 · 08.06.2015, 20:13

Ich habe das jetzt dreimal versucht, aber mir stürzt immer der Rechner ab. Der Scanprozess beginnt noch mit dem Hinweis, dass er 10-20 Minuten dauern kann. Wenn ich dann nach etwa einer halben Stunde nachsehe, ist der Bildschirm eingefroren.

Woran könnte das liegen?

schrauber · 09.06.2015, 19:59

Mach mal bitte nen Bild vom Process Explorer wenn Die Last oben ist.

ProcessExplorer als Ersatz für den Windows Taskmanager installieren

Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden.

Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt.

Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen).

kaiman888 · 10.06.2015, 09:29

Hier kommt der Screenshot, erstellt während ein Youtube Video lief. In diesem Zustand lässt sich mein Rechner kaum noch bedienen. Selbst das Video anzuhalten, dauert ewig.

Die Lage normalisiert sich am schnellsten, wenn nich Firefox beende.

schrauber · 11.06.2015, 06:21

Schalte mal die Hardwarebeschleunigung ab in Firefox.

kaiman888 · 12.06.2015, 09:34

Habe die Hardwarebeschleunigung ausgeschaltet.

Die grüne Kurve der CPU History ist nicht mehr ganz so hoch, aber die CPU Auslastung ist trotzdem 100%.

Die CPU History des Process Explorer Prozesses wird übrigens immer dann rot, wenn ich vom Firefox Fenster mit dem Youtube Video auf das Process Explorer Fenster umschalte.

schrauber · 13.06.2015, 08:10

Wie ist die CPU Last von Firefox, wenn du kein Video schaust?

kaiman888 · 14.06.2015, 19:39

Ich habe mal nach einem Neustart auf einer News Seite rumgeklickt. Ohne Videos anzuschauen.

Zunächst passiert nichts. Für einige Minuten keine Anzeige in der CPU History. Dann kommt die grüne Kurve - siehe Bild.

Firefox ist weiterhin der aufwändigste Prozess. Die CPU Last liegt immer um die 60%.

schrauber · 15.06.2015, 11:40

Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen

kaiman888 · 17.06.2015, 12:55

Habe ich gemacht. Leider keine Besserung.

11.06.2015, 06:21	#10
schrauber /// the machine /// TB-Ausbilder	Browser Videos lasten CPU voll aus Schalte mal die Hardwarebeschleunigung ab in Firefox. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

13.06.2015, 08:10	#12
schrauber /// the machine /// TB-Ausbilder	Browser Videos lasten CPU voll aus Wie ist die CPU Last von Firefox, wenn du kein Video schaust? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Browser Videos lasten CPU voll aus

Plagegeister aller Art und deren Bekämpfung: Browser Videos lasten CPU voll aus