Laptop braucht viel Zeit für Start und wird sehr heiß

Serey-Die · 19.07.2016, 16:14

Hallo,

Seit ein paar Tagen braucht mein Laptop für den Start gute 15-30 Minuten, manchmal stürzt er dabei sogar noch ab und wird dabei auch extrem heiß. Dies allerdings erst seit ein paar Tagen, vorher hatte ich bezüglich der Geschwindigkeit und der Hitzeentwicklung nie Schwierigkeiten hier gehabt.
Es gab davor oder danach keine offensichtliche Fehlermeldung und da ich kein PC-Experte bin, wollte ich mich mal an euch melden und fragen, ob ihr mir dabei helfen könnt, falls es sich dabei um einen Virus handelt.

LG

M-K-D-B · 19.07.2016, 16:44

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

Serey-Die · 19.07.2016, 17:10

FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-11-2015
durchgeführt von Lea (Administrator) auf LEAS-PC (19-07-2016 17:59:43)
Gestartet von C:\Users\Lea\Downloads
Geladene Profile: Lea (Verfügbare Profile: Lea)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Online Shield\OnlineShieldService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Spotify Ltd) C:\Users\Lea\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [914648 2014-03-05] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830104 2014-01-14] (Conexant Systems, Inc.)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-01-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-09] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-21] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2810608 2014-02-21] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-24] (TOSHIBA)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-06-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-04-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [921208 2015-08-11] (BlueStack Systems, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-498569451-59547736-918960003-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-498569451-59547736-918960003-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-498569451-59547736-918960003-1001\...\Run: [Spotify Web Helper] => C:\Users\Lea\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-05-07] (Spotify Ltd)
HKU\S-1-5-21-498569451-59547736-918960003-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [589312 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [SOS_Agent] => C:\Program Files (x86)\Steganos Online Shield\OnlineShieldClient.exe [6200336 2015-07-09] (Steganos Software GmbH)
HKU\S-1-5-18\...\Run: [SOS Browser Monitor] => C:\Program Files (x86)\Steganos Online Shield\SteganosBrowserMonitor.exe [75776 2015-07-08] (Steganos Software GmbH)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
CHR HKU\S-1-5-21-498569451-59547736-918960003-1001\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{769D9330-952C-4182-93CB-41846F55DE86}: [DhcpNameServer] 134.99.128.5
Tcpip\..\Interfaces\{99276197-A566-4D70-B4C5-EBA92F042364}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-498569451-59547736-918960003-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-498569451-59547736-918960003-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-498569451-59547736-918960003-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-498569451-59547736-918960003-1001 -> DefaultScope {05F745D2-1BC2-4C02-A28C-C95178355A49} URL = 
SearchScopes: HKU\S-1-5-21-498569451-59547736-918960003-1001 -> {05F745D2-1BC2-4C02-A28C-C95178355A49} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-05-17] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-05-17] (Microsoft Corporation)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2015-10-19] (pdfforge GmbH)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2015-10-19] (pdfforge GmbH)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Lea\AppData\Roaming\Mozilla\Firefox\Profiles\ihk08wru.default-1456051773609
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll [2014-11-07] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-11-04] (Microsoft Corporation)
FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Lea\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-498569451-59547736-918960003-1001: @hola.org/vlc,version=1.8.649 -> C:\Users\Lea\AppData\Local\Hola\firefox_hola\app\vlc [Keine Datei]
FF Extension: Avira Browser Safety - C:\Users\Lea\AppData\Roaming\Mozilla\Firefox\Profiles\ihk08wru.default-1456051773609\Extensions\abs@avira.com [2016-07-17]
FF Extension: Adblock Plus - C:\Users\Lea\AppData\Roaming\Mozilla\Firefox\Profiles\ihk08wru.default-1456051773609\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: PDF Architect 4 Creator - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2015-12-06] [ist nicht signiert]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-06-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-06-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-06-02] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-06-02] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [280008 2016-04-25] (Avira Operations GmbH & Co. KG)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-08-11] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417400 2015-08-11] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [847480 2015-08-11] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3009776 2016-05-27] (Microsoft Corporation)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-21] ()
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
S2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [131312 2015-03-19] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319888 2014-12-31] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-03-06] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-03-06] (Intel Corporation)
R2 Online Shield Starter Service; C:\Program Files (x86)\Steganos Online Shield\OnlineShieldService.exe [345136 2015-07-09] (Steganos Software GmbH)
S3 OpenVPNService; C:\Program Files (x86)\Steganos Online Shield\bin\openvpnserv.exe [157487 2015-09-04] (The OpenVPN Project) [Datei ist nicht signiert]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-09] (Electronic Arts)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2015-10-19] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2015-10-19] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2015-10-19] (pdfforge GmbH)
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [120392 2015-11-17] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S1 acedrv07; C:\Windows\system32\drivers\acedrv07.sys [125440 2015-07-06] () [Datei ist nicht signiert]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-06-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-01-05] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-06-02] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-08-11] (BlueStack Systems)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [253680 2015-03-19] (Intel Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2014-03-06] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3607520 2013-10-14] (Intel Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [293592 2014-02-11] (Realtek Semiconductor Corp.)
S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [12528 2016-01-23] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Datei ist nicht signiert]
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-02-21] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [33168 2013-10-11] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-19 17:59 - 2016-07-19 18:00 - 00020717 _____ C:\Users\Lea\Downloads\FRST.txt
2016-07-19 17:23 - 2016-07-19 17:23 - 00000000 ____D C:\Windows\pss
2016-07-18 23:01 - 2016-07-18 23:01 - 00035083 _____ C:\Users\Lea\AppData\Local\recently-used.xbel
2016-07-18 21:24 - 2016-07-18 21:24 - 00000144 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-07-18 16:01 - 2016-07-18 16:01 - 00000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-07-17 21:52 - 2016-07-19 17:39 - 00000000 __SHD C:\Users\Lea\IntelGraphicsProfiles
2016-07-17 20:47 - 2016-07-17 20:47 - 00012867 _____ C:\Users\Lea\Downloads\2.Broke.Girls.S04E14.HDTV.x264.rar
2016-07-17 20:45 - 2016-07-17 20:45 - 00030781 _____ C:\Users\Lea\Downloads\2.Broke.Girls.S04E14.HDTV.x264-LOL.de-SubCentral.srt
2016-07-17 20:45 - 2016-07-17 20:45 - 00030781 _____ C:\Users\Lea\Downloads\2.Broke.Girls.S04E14.720p.HDTV.x264-DIMENSION.de-SubCentral.srt
2016-07-17 20:38 - 2016-07-18 23:01 - 00000000 ____D C:\Users\Lea\Desktop\London_STARWARS
2016-07-13 05:01 - 2016-05-25 15:22 - 00875712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-07-13 05:01 - 2016-05-25 15:22 - 00536768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2016-07-13 05:01 - 2016-05-25 15:12 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-07-13 05:01 - 2016-05-25 15:12 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2016-07-12 21:34 - 2016-06-25 22:05 - 00050368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-07-12 21:34 - 2016-06-25 20:13 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-12 21:34 - 2016-06-25 18:24 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-12 21:34 - 2016-06-25 18:15 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-12 21:34 - 2016-06-25 18:13 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-12 21:34 - 2016-06-25 18:05 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-07-12 21:34 - 2016-06-22 15:48 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-07-12 21:34 - 2016-06-21 20:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2016-07-12 21:34 - 2016-06-21 16:12 - 00129536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2016-07-12 21:34 - 2016-06-21 15:48 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-07-12 21:34 - 2016-06-21 15:48 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-07-12 21:34 - 2016-06-21 15:48 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-07-12 21:34 - 2016-06-21 15:48 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-07-12 21:34 - 2016-06-21 15:48 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-07-12 21:34 - 2016-06-21 15:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-07-12 21:34 - 2016-06-21 15:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-12 21:34 - 2016-06-11 21:45 - 07445856 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-07-12 21:34 - 2016-06-11 20:14 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-12 21:34 - 2016-06-11 20:11 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-12 21:34 - 2016-06-11 19:56 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-12 21:34 - 2016-06-11 19:42 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-12 21:34 - 2016-06-11 19:23 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-12 21:34 - 2016-06-11 19:22 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-12 21:34 - 2016-06-11 19:22 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-07-12 21:34 - 2016-06-11 19:20 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-12 21:34 - 2016-06-11 19:13 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-12 21:34 - 2016-06-11 19:12 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-12 21:34 - 2016-06-11 19:12 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-07-12 21:34 - 2016-06-11 19:07 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-12 21:34 - 2016-06-11 19:03 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-07-12 21:34 - 2016-06-11 19:00 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-12 21:34 - 2016-06-11 18:57 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-12 21:34 - 2016-06-11 18:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-07-12 21:34 - 2016-06-11 18:43 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-12 21:34 - 2016-06-11 18:38 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-07-12 21:34 - 2016-06-11 18:33 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-07-12 21:34 - 2016-06-11 18:31 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-12 21:34 - 2016-06-11 18:31 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-12 21:34 - 2016-06-11 18:30 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-12 21:34 - 2016-06-11 18:29 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-12 21:34 - 2016-06-11 18:26 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-12 21:34 - 2016-06-11 18:15 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-12 21:34 - 2016-06-11 18:12 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-12 21:34 - 2016-06-11 18:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-07-12 21:34 - 2016-06-11 17:59 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-12 21:34 - 2016-06-11 17:56 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-12 21:34 - 2016-06-11 17:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-07-12 21:34 - 2016-01-30 21:50 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2016-07-12 21:34 - 2016-01-30 21:00 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2016-07-12 21:34 - 2016-01-30 20:48 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2016-07-12 21:34 - 2016-01-30 20:18 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2016-07-12 21:34 - 2016-01-30 19:48 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2016-07-12 21:34 - 2016-01-30 19:41 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2016-07-12 21:33 - 2016-06-11 19:56 - 25812992 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-12 21:33 - 2016-06-11 19:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-07-12 21:33 - 2016-06-11 19:01 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-07-12 21:33 - 2016-06-11 19:00 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-07-12 21:33 - 2016-06-11 18:31 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-07-12 21:33 - 2016-06-10 23:35 - 04167680 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-21 01:53 - 2016-06-21 01:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-21 01:50 - 2016-06-21 01:53 - 00000000 ____D C:\Program Files\iTunes
2016-06-21 01:50 - 2016-06-21 01:50 - 00000000 ____D C:\Program Files\iPod
2016-06-21 01:50 - 2016-06-21 01:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-06-21 01:48 - 2016-06-21 01:48 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-06-21 01:48 - 2016-06-21 01:48 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-06-21 01:46 - 2016-06-21 01:46 - 00000000 ____D C:\Program Files\Bonjour
2016-06-21 01:46 - 2016-06-21 01:46 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-06-21 01:45 - 2016-06-21 01:50 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-06-21 01:41 - 2016-06-21 01:42 - 170473288 _____ (Apple Inc.) C:\Users\Lea\Downloads\iTunes6464Setup.exe
2016-06-19 18:39 - 2016-06-19 18:39 - 00000000 ____D C:\Users\Lea\AppData\LocalLow\Unity
2016-06-19 18:39 - 2016-06-19 18:39 - 00000000 ____D C:\Users\Lea\AppData\LocalLow\The Pokémon Company International
2016-06-19 18:38 - 2016-06-19 18:38 - 00000000 ____D C:\Users\Lea\AppData\Roaming\Pokémon Trading Card Game Online
2016-06-19 11:55 - 2016-06-19 11:55 - 00012321 _____ C:\Users\Lea\Downloads\2.Broke.Girls.S04E14.HDTV.x264-LOL.VO.rar

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-19 17:59 - 2015-09-19 02:41 - 00000000 ____D C:\FRST
2016-07-19 17:59 - 2014-10-29 16:12 - 03511296 ___SH C:\Users\Lea\Downloads\Thumbs.db
2016-07-19 17:59 - 2014-10-29 15:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-19 17:59 - 2014-10-29 13:09 - 00000000 __RDO C:\Users\Lea\OneDrive
2016-07-19 17:40 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-07-19 17:40 - 2013-08-22 15:36 - 00000000 ____D C:\Windows
2016-07-19 17:34 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-19 17:31 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-07-19 17:08 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-19 17:08 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-07-19 17:06 - 2014-11-05 14:41 - 00000000 ____D C:\Windows\Minidump
2016-07-19 17:05 - 2014-10-29 13:17 - 00003918 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0053D9ED-4119-4497-85D3-394A69CFE0D6}
2016-07-18 23:08 - 2014-10-29 18:33 - 00000000 ____D C:\Users\Lea\.gimp-2.8
2016-07-18 23:01 - 2014-10-29 18:36 - 00000000 ____D C:\Users\Lea\AppData\Local\gtk-2.0
2016-07-18 16:35 - 2014-10-29 13:12 - 00003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-498569451-59547736-918960003-1001
2016-07-18 16:03 - 2015-01-03 23:44 - 00000000 ____D C:\Users\Lea\AppData\Roaming\PhotoScape
2016-07-18 03:00 - 2014-10-29 13:03 - 00000000 ____D C:\Users\Lea
2016-07-17 22:39 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-07-17 22:08 - 2014-10-29 18:05 - 00000000 ____D C:\KMPlayer
2016-07-17 21:41 - 2014-07-19 12:20 - 00000000 ____D C:\Intel
2016-07-14 06:59 - 2014-04-22 04:09 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-14 06:59 - 2013-08-28 11:59 - 00765582 _____ C:\Windows\system32\perfh007.dat
2016-07-14 06:59 - 2013-08-28 11:59 - 00159366 _____ C:\Windows\system32\perfc007.dat
2016-07-14 01:16 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-07-13 23:17 - 2013-08-22 16:44 - 00622520 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-13 05:10 - 2015-04-18 20:40 - 00000000 ____D C:\Windows\system32\appraiser
2016-07-13 05:10 - 2014-10-29 15:56 - 00000000 ____D C:\Windows\system32\MRT
2016-07-13 05:10 - 2013-08-22 21:11 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-13 05:10 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-07-13 05:03 - 2014-10-29 15:56 - 144749672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-07-13 03:24 - 2016-05-06 18:49 - 00000000 ____D C:\Users\Lea\Desktop\Subtitle
2016-07-12 17:59 - 2014-10-29 15:57 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-12 17:59 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-12 17:59 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-02 06:29 - 2016-04-14 17:03 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-02 06:29 - 2016-04-14 17:03 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-26 21:33 - 2014-11-06 00:33 - 01941504 ___SH C:\Users\Lea\Desktop\Thumbs.db
2016-06-22 02:47 - 2016-05-30 23:42 - 00000000 ____D C:\Users\Lea\Desktop\Herberts
2016-06-21 01:44 - 2015-10-10 12:47 - 00000000 ____D C:\ProgramData\Apple
2016-06-21 00:22 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-21 00:20 - 2014-11-04 21:41 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-06-19 19:14 - 2014-11-03 17:14 - 00000000 ____D C:\Users\Lea\AppData\Roaming\OBS
2016-06-19 19:13 - 2014-11-03 17:14 - 00000000 ____D C:\Program Files (x86)\OBS
2016-06-19 18:45 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\registration

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-10-29 20:52 - 2014-10-29 20:52 - 0000094 _____ () C:\Users\Lea\AppData\Roaming\settings.xml
2016-07-18 23:01 - 2016-07-18 23:01 - 0035083 _____ () C:\Users\Lea\AppData\Local\recently-used.xbel
2014-12-09 19:44 - 2014-12-09 19:46 - 0000303 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
C:\Users\Lea\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-07-17 22:16

Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-11-2015
durchgeführt von Lea (2016-07-19 18:01:15)
Gestartet von C:\Users\Lea\Downloads
Windows 8.1 (X64) (2014-10-29 11:04:55)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-498569451-59547736-918960003-500 - Administrator - Disabled)
Gast (S-1-5-21-498569451-59547736-918960003-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-498569451-59547736-918960003-1003 - Limited - Enabled)
Lea (S-1-5-21-498569451-59547736-918960003-1001 - Administrator - Enabled) => C:\Users\Lea

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.0 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{42EC3153-24B0-FCAD-0F16-0904BCBAB179}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{bfb60b68-92b8-481b-b416-7e05b4ea01c9}) (Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.61.18979 - Avira Operations GmbH & Co. KG) Hidden
BlueStacks App Player (HKLM-x32\...\{4FEE9A2C-AF32-44CF-902D-9D686E17BF4F}) (Version: 1.1.9.167 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.36.50 - Conexant)
CyberLink MediaStory (HKLM-x32\...\InstallShield_{55762F9A-FCE3-45d5-817B-051218658423}) (Version: 1.0.1321 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3920.05 - CyberLink Corp.)
Die Siedler IV (HKLM-x32\...\S4Uninst) (Version:  - )
DTS Sound (HKLM-x32\...\{5B54DDC3-0ACC-4722-9C23-C3F07AF4825D}) (Version: 1.01.6700 - DTS, Inc.)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Intel(R) Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{182D4D1C-F9C5-4758-9B8C-157655C9F29B}) (Version: 17.1.1512.0771 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6535d76a-59fb-4935-b2c5-cd61917c4a4b}) (Version: 17.16.0 - Intel Corporation)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.0.8.1 - PandoraTV)
LAV Filters 0.68 (HKLM-x32\...\lavfilters_is1) (Version: 0.68 - Hendrik Leppkes)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{4A5D0EEC-885E-4190-83AA-32942142514E}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2014 Plus (HKLM-x32\...\MX.{9E2FEB28-7407-4009-9DC4-203EF2EF6BB7}) (Version: 13.0.3.14 - MAGIX Software GmbH)
MAGIX Video deluxe 2014 Plus (Version: 13.0.3.14 - MAGIX Software GmbH) Hidden
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4833.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{8C7185EB-4165-040E-D581-EA62D922E8A2}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OEM Application Profile (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenVPN 2.3.8-I001 (HKLM\...\OpenVPN) (Version: 2.3.8-I001 - )
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.26.25466 - pdfforge GmbH)
PDF Architect 4 Create Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (Version: 4.0.9.25450 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.1 - pdfforge)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29077 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Spotify (HKU\S-1-5-21-498569451-59547736-918960003-1001\...\Spotify) (Version: 1.0.28.87.g8f9312a4 - Spotify AB)
Steganos Online Shield (HKLM-x32\...\{896614ED-00BD-4E0C-99AB-01C76EE416D9}) (Version: 1.4.16 - Steganos Software GmbH)
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.3.0 - Synaptics Incorporated)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.18.0 - Toshiba Corporation)
TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.02.6402 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{484A4296-6F3D-4182-8CFA-D664F7DA34AA}) (Version: 1.1.17.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.4.2.6403 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.19 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}) (Version: 6.0.4.0 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 3.01.02.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.00.56006005 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.01.6402 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.1.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{E4C7D9D7-19D4-4623-AF0C-EA313C466411}) (Version: 5.0.0 - Toshiba Europe GmbH)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1F8D8040-0BC8-11E5-85C5-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VisualSubSync (remove only) (HKLM-x32\...\VisualSubSync) (Version:  - )
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-498569451-59547736-918960003-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Wiederherstellungspunkte =========================

28-06-2016 21:48:09 Geplanter Prüfpunkt
08-07-2016 02:14:08 Geplanter Prüfpunkt
13-07-2016 02:11:37 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {057DE071-D737-4B7A-A07F-FBCC6724C395} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-19] (Microsoft Corporation)
Task: {0C74B9E1-7BCC-4F23-A7F6-C05BB4D7B8CC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {19E31108-D5D4-47F0-93B7-746768C4A844} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2015-11-17] (Toshiba Europe GmbH)
Task: {25D2089C-171B-460D-9348-D488C0DB4741} - System32\Tasks\{21956C43-5D8B-4842-80B5-2240BFC77256} => pcalua.exe -a "C:\Program Files (x86)\phase6\phase6_V1_5\phase-6.exe" -d C:\Users\Lea\Desktop
Task: {36A44504-C019-4CE7-9646-31A08738F8B2} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2014-03-12] (TOSHIBA Corporation)
Task: {5A6814F3-638B-4B42-B965-8872B97172E7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {6AEB01FD-50DD-42D4-A737-08A287F873EA} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-10-06] ()
Task: {73F0BE33-9B0A-4C67-B23F-6DB1776090AC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-04-12] (Microsoft Corporation)
Task: {81707DB5-4287-438A-A1F7-ABFB5EEBEB75} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {8290208B-A095-49A2-8650-345225432099} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {907EDB07-0C0C-4C85-A9EA-A70FC85D352A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-11-09] (Microsoft Corporation)
Task: {910652F7-A87E-4B37-808B-84E3163C637C} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-498569451-59547736-918960003-1001
Task: {95188CDD-FD08-40DA-AD72-144C91BF5E04} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-05-19] (Microsoft Corporation)
Task: {AD2F764E-267C-4CE9-8787-174019762252} - System32\Tasks\Erstellen eines Systemwiederherstellungpunktes => powershell.exe checkpoint-computer "Datensicherung Wöchentlich"
Task: {BC1E7F03-89F0-4567-BA25-D5188A38CEA0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {C7742D36-EE44-43C6-9EEC-266325D088ED} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-11-09] (Microsoft Corporation)
Task: {CC3DDD05-FB06-4BE7-BB3D-26D304941D04} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {CDA7134A-0F47-4DCA-9B65-6CDB7985BD54} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {F0D29B03-2583-4398-9350-F0F1439B6FE3} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-05-19] (Microsoft Corporation)
Task: {F389E79A-310C-49B1-A54E-808F3AA9C614} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-04 21:41 - 2016-04-19 19:26 - 00114888 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-03-21 23:09 - 2014-03-21 23:09 - 00021840 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2012-07-19 03:38 - 2012-07-19 03:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2014-12-13 00:24 - 2014-12-13 00:24 - 00047104 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-11-21 15:04 - 2014-03-06 14:15 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-498569451-59547736-918960003-1001\...\hola.org -> hxxp://hola.org

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-498569451-59547736-918960003-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lea\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\darth-maul-painted-face-31000.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{9567E2CB-76FC-4906-8C67-0F29F5D6D5C5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{5EA2A6E2-2971-465E-8F8D-E3539B77CEDA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{19EE630D-E85D-45F8-AD66-5386A6D46F35}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{63727502-7D0A-4FCB-906C-58FFB8DC25AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{524B3214-E350-48AC-87CF-BA9D766461D6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{6C36C4EB-7F52-4847-B34A-FF040924BB4F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{CDA53DFD-C4B0-4AFD-BAF3-36C6CD37B8CC}C:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe] => (Allow) C:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe
FirewallRules: [UDP Query User{4273B49F-1232-42AA-B876-38DDFD62054A}C:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe] => (Allow) C:\program files (x86)\origin games\fifa 16 demo\fifa16_demo.exe
FirewallRules: [{6C024F0D-9318-4B05-8390-76AE947AAE94}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{726CA52F-2C57-4087-8745-430A9ADFE210}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{38E2FFC8-E1B3-49B2-B407-C27E8F567F7D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{064F9D43-C8BA-4106-BB00-D8FC1B114E5B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{E25D9377-F64B-4C7C-9692-AC91C092CD91}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{172BF63D-7561-4083-90EE-FF6B1B57A520}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [TCP Query User{A5912B20-1FC5-4AE0-A048-E4911C71B682}C:\users\lea\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lea\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{EE44A05A-D89C-47DE-A9E2-1BF285253E7D}C:\users\lea\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lea\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{33AE8E13-5A5B-485F-8C8C-7551F7E41A3E}C:\users\lea\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lea\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D9F9E767-161B-4BA4-BC60-9977B0DEDCE0}C:\users\lea\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\lea\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{49FE2D51-A0D0-4F5A-8B3F-00F4741D653D}C:\program files (x86)\heroes of the storm\versions\base43259\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base43259\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{5F519C52-D77E-467C-AEAF-7DDE9E18AD52}C:\program files (x86)\heroes of the storm\versions\base43259\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base43259\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{3A1819AC-F9DD-43B6-A00E-A50A6A5C0463}C:\program files (x86)\heroes of the storm\versions\base43259\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base43259\heroesofthestorm.exe
FirewallRules: [UDP Query User{15E5BF74-020F-43D1-83AA-DD973A539F46}C:\program files (x86)\heroes of the storm\versions\base43259\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base43259\heroesofthestorm.exe
FirewallRules: [TCP Query User{A8689754-55B2-4190-854B-3049C56AE88F}C:\program files (x86)\heroes of the storm\versions\base43259\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base43259\heroesofthestorm.exe
FirewallRules: [UDP Query User{024DD439-AA89-440E-AFBA-0E8A3A63AB08}C:\program files (x86)\heroes of the storm\versions\base43259\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base43259\heroesofthestorm.exe
FirewallRules: [{B4EBCEA6-1C09-4091-AADB-E618B8D2E801}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A6C459F9-17DF-4BD8-94A4-97135279E609}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A6B0B189-E24B-43E5-8E6D-1B8B6EF32030}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5E94EDE3-881C-474A-AC8F-A9EB9052A98A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{689ED172-84B6-4E08-AFCB-8AF3694B2463}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/18/2016 09:23:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15032

Error: (07/18/2016 09:23:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15032

Error: (07/18/2016 09:23:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/13/2016 00:05:57 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 2864. Meldungs-ID: [0x2509].

Error: (07/12/2016 06:10:21 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.34209 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 100. Meldungs-ID: [0x2509].

Error: (07/12/2016 05:46:40 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.

Details:
	Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (07/12/2016 05:46:40 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung

Details:
	Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (07/12/2016 05:46:40 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (07/12/2016 05:46:40 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Das angegebene Objekt wurde nicht gefunden. Geben Sie den Namen eines vorhandenen Objekts an.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (07/12/2016 05:46:40 PM) (Source: Windows Search Service) (EventID: 3057) (User: )
Description: Der Plug-In-Manager <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung

Details:
	(HRESULT : 0x8e5e0210) (0x8e5e0210)


Systemfehler:
=============
Error: (07/19/2016 05:39:16 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" wurde mit folgendem Fehler beendet: 
%%20

Error: (07/19/2016 05:39:16 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "RAS-Verbindungsverwaltung" wurde nicht richtig gestartet.

Error: (07/19/2016 05:39:15 PM) (Source: DCOM) (EventID: 10010) (User: LEAS-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/19/2016 05:38:54 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}

Error: (07/19/2016 05:38:30 PM) (Source: RasMan) (EventID: 20063) (User: )
Description: Fehler beim Starten der RAS-Verbindungsverwaltung, da das Protokoll-Engine [C:\Windows\system32\vpnike.dll] nicht initialisiert wurde. Das System kann das angegebene Gerät nicht finden.

Error: (07/19/2016 05:36:54 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}

Error: (07/19/2016 05:31:26 PM) (Source: DCOM) (EventID: 10005) (User: LEAS-PC)
Description: 1084WSearchNicht verfügbar{9E175B68-F52A-11D8-B9A5-505054503030}

Error: (07/19/2016 05:31:25 PM) (Source: DCOM) (EventID: 10005) (User: LEAS-PC)
Description: 1084ShellHWDetectionNicht verfügbar{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/19/2016 05:31:14 PM) (Source: DCOM) (EventID: 10005) (User: LEAS-PC)
Description: 1084ShellHWDetectionNicht verfügbar{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/19/2016 05:29:04 PM) (Source: DCOM) (EventID: 10005) (User: LEAS-PC)
Description: 1084ShellHWDetectionNicht verfügbar{DD522ACC-F821-461A-A407-50B198B896DC}


CodeIntegrity:
===================================
  Date: 2016-07-19 17:34:21.508
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\acedrv07.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-19 16:59:42.640
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\acedrv07.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-18 15:56:15.849
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\acedrv07.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-17 21:30:06.439
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\acedrv07.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-17 20:32:05.910
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\acedrv07.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-14 06:55:04.596
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\acedrv07.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-13 23:17:11.400
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\acedrv07.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-12 17:40:49.006
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\acedrv07.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-03 15:53:10.865
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\acedrv07.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-06-19 19:04:47.192
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\acedrv07.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 8112.14 MB
Verfügbarer physikalischer RAM: 5915.8 MB
Summe virtueller Speicher: 16304.14 MB
Verfügbarer virtueller Speicher: 14007.09 MB

==================== Laufwerke ================================

Drive c: (TI31322700A) (Fixed) (Total:918.61 GB) (Free:784.85 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

Serey-Die · 19.07.2016, 17:11

TDSS

Code:

ATTFilter

18:06:13.0319 0x1034  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
18:06:13.0319 0x1034  UEFI system
18:06:17.0578 0x1034  ============================================================
18:06:17.0578 0x1034  Current date / time: 2016/07/19 18:06:17.0578
18:06:17.0578 0x1034  SystemInfo:
18:06:17.0578 0x1034  
18:06:17.0578 0x1034  OS Version: 6.3.9600 ServicePack: 0.0
18:06:17.0578 0x1034  Product type: Workstation
18:06:17.0578 0x1034  ComputerName: LEAS-PC
18:06:17.0579 0x1034  UserName: Lea
18:06:17.0579 0x1034  Windows directory: C:\Windows
18:06:17.0579 0x1034  System windows directory: C:\Windows
18:06:17.0579 0x1034  Running under WOW64
18:06:17.0579 0x1034  Processor architecture: Intel x64
18:06:17.0579 0x1034  Number of processors: 4
18:06:17.0579 0x1034  Page size: 0x1000
18:06:17.0579 0x1034  Boot type: Normal boot
18:06:17.0579 0x1034  ============================================================
18:06:18.0204 0x1034  KLMD registered as C:\Windows\system32\drivers\71721478.sys
18:06:18.0556 0x1034  System UUID: {8A304E76-093A-5B2D-852B-C1635AA38162}
18:06:19.0863 0x1034  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:06:19.0876 0x1034  ============================================================
18:06:19.0876 0x1034  \Device\Harddisk0\DR0:
18:06:19.0876 0x1034  GPT partitions:
18:06:19.0877 0x1034  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {9FEFCFAA-CD66-11E3-8DDC-CA6477994E64}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x200000
18:06:19.0877 0x1034  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {9FEFCFB2-CD66-11E3-8DDC-CA6477994E64}, Name: Basic data partition, StartLBA 0x200800, BlocksNum 0x32000
18:06:19.0877 0x1034  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {9FEFCFB4-CD66-11E3-8DDC-CA6477994E64}, Name: Basic data partition, StartLBA 0x232800, BlocksNum 0x40000
18:06:19.0877 0x1034  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9FEFCFBC-CD66-11E3-8DDC-CA6477994E64}, Name: Basic data partition, StartLBA 0x272800, BlocksNum 0x72D36000
18:06:19.0877 0x1034  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2EC71CF0-0F44-11E4-BC31-C45444A3C906}, Name: Basic data partition, StartLBA 0x72FA8800, BlocksNum 0x175E35A
18:06:19.0877 0x1034  MBR partitions:
18:06:19.0877 0x1034  ============================================================
18:06:19.0894 0x1034  C: <-> \Device\Harddisk0\DR0\Partition4
18:06:19.0894 0x1034  ============================================================
18:06:19.0894 0x1034  Initialize success
18:06:19.0894 0x1034  ============================================================
18:06:32.0316 0x13e4  ============================================================
18:06:32.0316 0x13e4  Scan started
18:06:32.0316 0x13e4  Mode: Manual; SigCheck; TDLFS; 
18:06:32.0316 0x13e4  ============================================================
18:06:32.0316 0x13e4  KSN ping started
18:06:32.0421 0x13e4  KSN ping finished: true
18:06:35.0199 0x13e4  ================ Scan system memory ========================
18:06:35.0199 0x13e4  System memory - ok
18:06:35.0200 0x13e4  ================ Scan services =============================
18:06:35.0385 0x13e4  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
18:06:35.0481 0x13e4  1394ohci - ok
18:06:35.0523 0x13e4  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
18:06:35.0554 0x13e4  3ware - ok
18:06:35.0591 0x13e4  [ 6E9C8B324980AFE454C6F7762E2B4478, B65CC18B2A63EC28FF125F547F71FD265299CE30128174AE05FFEE05108B69AC ] acedrv07        C:\Windows\system32\drivers\acedrv07.sys
18:06:35.0606 0x13e4  acedrv07 - detected UnsignedFile.Multi.Generic ( 1 )
18:06:35.0734 0x13e4  Detect skipped due to KSN trusted
18:06:35.0735 0x13e4  acedrv07 - ok
18:06:35.0807 0x13e4  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:06:35.0872 0x13e4  ACPI - ok
18:06:35.0908 0x13e4  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
18:06:35.0938 0x13e4  acpiex - ok
18:06:35.0948 0x13e4  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
18:06:35.0974 0x13e4  acpipagr - ok
18:06:35.0996 0x13e4  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
18:06:36.0023 0x13e4  AcpiPmi - ok
18:06:36.0033 0x13e4  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
18:06:36.0059 0x13e4  acpitime - ok
18:06:36.0170 0x13e4  [ 32B31B696CB8E8F380831DFEB80A67E4, 8C8F6E16F2FB3E8F10569261B7712BBC931A2924B6C27D561E7F828041C4F3E6 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:06:36.0204 0x13e4  AdobeFlashPlayerUpdateSvc - ok
18:06:36.0285 0x13e4  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
18:06:36.0366 0x13e4  ADP80XX - ok
18:06:36.0418 0x13e4  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:06:36.0461 0x13e4  AeLookupSvc - ok
18:06:36.0524 0x13e4  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\Windows\system32\drivers\afd.sys
18:06:36.0585 0x13e4  AFD - ok
18:06:36.0619 0x13e4  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:06:36.0646 0x13e4  agp440 - ok
18:06:36.0685 0x13e4  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
18:06:36.0714 0x13e4  ahcache - ok
18:06:36.0763 0x13e4  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
18:06:36.0792 0x13e4  ALG - ok
18:06:36.0837 0x13e4  [ 157AC2302089842D327F78F4646CD3E9, 409825DBC5A5D0185467099C5E16EB6BEC78C1241EF8F6ED342E801C994B85C8 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:06:36.0883 0x13e4  AMD External Events Utility - ok
18:06:36.0922 0x13e4  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
18:06:36.0950 0x13e4  AmdK8 - ok
18:06:37.0803 0x13e4  [ 7FB0E7F055D7AC2CABC2812F9D87EF91, 0E8180193DABD514CFCE88B8EF5A74F157403F3EAE047FF4AE3BFEA102ABB553 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
18:06:38.0770 0x13e4  amdkmdag - ok
18:06:38.0912 0x13e4  [ 1909B7A244A44E70C495BF9A95001FC7, 041608576D4C3E4BEA292B60D308001DB6EB249312C3306C3EE9FE9443CC860D ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
18:06:38.0992 0x13e4  amdkmdap - ok
18:06:39.0022 0x13e4  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
18:06:39.0051 0x13e4  AmdPPM - ok
18:06:39.0084 0x13e4  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:06:39.0116 0x13e4  amdsata - ok
18:06:39.0148 0x13e4  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:06:39.0190 0x13e4  amdsbs - ok
18:06:39.0211 0x13e4  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:06:39.0237 0x13e4  amdxata - ok
18:06:39.0399 0x13e4  [ 157DA3885AA4F03C80C10DAEB0949CAA, 69EA1C9F904FBDFE904A3BC52CB0E188AF18A93EA87A119E5E6234C6F5D4742E ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
18:06:39.0490 0x13e4  AntiVirMailService - ok
18:06:39.0542 0x13e4  [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:06:39.0592 0x13e4  AntiVirSchedulerService - ok
18:06:39.0655 0x13e4  [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:06:39.0705 0x13e4  AntiVirService - ok
18:06:39.0821 0x13e4  [ CF586007CB1F9189CDF07D0D5A02C448, 7BA6E27A835A0851C12A7A115C24665631CC77D857DAF32D24BF2D2AF676FE30 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
18:06:39.0930 0x13e4  AntiVirWebService - ok
18:06:40.0012 0x13e4  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
18:06:40.0045 0x13e4  AppID - ok
18:06:40.0080 0x13e4  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:06:40.0106 0x13e4  AppIDSvc - ok
18:06:40.0141 0x13e4  [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo         C:\Windows\System32\appinfo.dll
18:06:40.0174 0x13e4  Appinfo - ok
18:06:40.0242 0x13e4  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:06:40.0265 0x13e4  Apple Mobile Device Service - ok
18:06:40.0337 0x13e4  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
18:06:40.0398 0x13e4  AppReadiness - ok
18:06:40.0511 0x13e4  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
18:06:40.0617 0x13e4  AppXSvc - ok
18:06:40.0694 0x13e4  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:06:40.0731 0x13e4  arcsas - ok
18:06:40.0756 0x13e4  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:06:40.0780 0x13e4  atapi - ok
18:06:40.0834 0x13e4  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
18:06:40.0874 0x13e4  AudioEndpointBuilder - ok
18:06:40.0942 0x13e4  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
18:06:41.0022 0x13e4  Audiosrv - ok
18:06:41.0064 0x13e4  [ 5CF5E80616F74B769AABCF76FEA791D1, CA56643D41DB4E139FE85098DCD67187AAC126CE2414276364A97334E15F9F53 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
18:06:41.0087 0x13e4  avgntflt - ok
18:06:41.0119 0x13e4  [ 8EF22CC03EFA1CB6810003C6A3B287D3, 352FE3194713D86BBD900A74AF033D5FE96A71389CC63DFC4821B43A55837206 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
18:06:41.0147 0x13e4  avipbb - ok
18:06:41.0274 0x13e4  [ 125DFFF37D51A45A72934C3BF89A64CD, 19208A6544DC822D5010C835A6FA5E8AC5406CBFB277C4C9E034EF6309B113EE ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
18:06:41.0307 0x13e4  Avira.ServiceHost - ok
18:06:41.0342 0x13e4  [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
18:06:41.0367 0x13e4  avkmgr - ok
18:06:41.0406 0x13e4  [ 899D89FDF015BBAF628076987D74C295, 7534A10F652FBE559431B9B1C6BC13874E8BC7438D7AFD7553F96811FD3E59BD ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
18:06:41.0430 0x13e4  avnetflt - ok
18:06:41.0469 0x13e4  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:06:41.0500 0x13e4  AxInstSV - ok
18:06:41.0556 0x13e4  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
18:06:41.0618 0x13e4  b06bdrv - ok
18:06:41.0642 0x13e4  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
18:06:41.0669 0x13e4  BasicDisplay - ok
18:06:41.0682 0x13e4  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
18:06:41.0707 0x13e4  BasicRender - ok
18:06:41.0730 0x13e4  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
18:06:41.0751 0x13e4  bcmfn2 - ok
18:06:41.0812 0x13e4  [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:06:41.0860 0x13e4  BDESVC - ok
18:06:41.0896 0x13e4  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
18:06:41.0923 0x13e4  Beep - ok
18:06:42.0003 0x13e4  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\Windows\System32\bfe.dll
18:06:42.0081 0x13e4  BFE - ok
18:06:42.0177 0x13e4  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
18:06:42.0267 0x13e4  BITS - ok
18:06:42.0326 0x13e4  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:06:42.0369 0x13e4  Bonjour Service - ok
18:06:42.0401 0x13e4  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:06:42.0432 0x13e4  bowser - ok
18:06:42.0482 0x13e4  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
18:06:42.0524 0x13e4  BrokerInfrastructure - ok
18:06:42.0572 0x13e4  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
18:06:42.0606 0x13e4  Browser - ok
18:06:42.0687 0x13e4  [ 4DC5439DBD530B4DA8B13185AC2E8E8B, E384E1A880F0450A0F44A50232DE8AF45267F4E717C091BDE4DA9684505181A4 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
18:06:42.0730 0x13e4  BstHdAndroidSvc - ok
18:06:42.0771 0x13e4  [ 346F9FC1E87D06069A7E203A06DD6BFD, 75B5F38B8D45FE324F7B5084954BCC4FCFF1DDBF3551DB040A05195A0384BC7B ] BstHdDrv        C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
18:06:42.0796 0x13e4  BstHdDrv - ok
18:06:42.0835 0x13e4  [ B7902AE916F1218696A7346327157CA5, 1EC7A74BFF6B16D44DB29149D60FBBA20053371BBD8EBC94E6C794310021E9B6 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
18:06:42.0877 0x13e4  BstHdLogRotatorSvc - ok
18:06:42.0943 0x13e4  [ 253858BF82D201531EAF6CE2EA4CFD8E, EE3ABA5D320E19092D08F81A377C5A0457E7ADAD8FB0A9227B69167D225D58C8 ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
18:06:43.0011 0x13e4  BstHdUpdaterSvc - ok
18:06:43.0033 0x13e4  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
18:06:43.0061 0x13e4  BthAvrcpTg - ok
18:06:43.0118 0x13e4  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
18:06:43.0146 0x13e4  BthEnum - ok
18:06:43.0182 0x13e4  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
18:06:43.0210 0x13e4  BthHFEnum - ok
18:06:43.0235 0x13e4  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
18:06:43.0262 0x13e4  bthhfhid - ok
18:06:43.0333 0x13e4  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
18:06:43.0378 0x13e4  BthHFSrv - ok
18:06:43.0417 0x13e4  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
18:06:43.0455 0x13e4  BthLEEnum - ok
18:06:43.0487 0x13e4  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
18:06:43.0514 0x13e4  BTHMODEM - ok
18:06:43.0567 0x13e4  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\Windows\System32\drivers\bthpan.sys
18:06:43.0596 0x13e4  BthPan - ok
18:06:43.0719 0x13e4  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
18:06:43.0815 0x13e4  BTHPORT - ok
18:06:43.0864 0x13e4  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
18:06:43.0894 0x13e4  bthserv - ok
18:06:43.0935 0x13e4  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
18:06:43.0963 0x13e4  BTHUSB - ok
18:06:43.0982 0x13e4  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:06:44.0014 0x13e4  cdfs - ok
18:06:44.0044 0x13e4  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
18:06:44.0077 0x13e4  cdrom - ok
18:06:44.0127 0x13e4  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:06:44.0162 0x13e4  CertPropSvc - ok
18:06:44.0185 0x13e4  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
18:06:44.0211 0x13e4  circlass - ok
18:06:44.0266 0x13e4  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
18:06:44.0323 0x13e4  CLFS - ok
18:06:44.0548 0x13e4  [ 89772864139E48E6E1CEF832AB83E449, 6587F4CBA9143E5889060C2FF1461C9FA51373A84067209BF5B2F57E9359C9F1 ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
18:06:44.0765 0x13e4  ClickToRunSvc - ok
18:06:44.0818 0x13e4  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
18:06:44.0845 0x13e4  CmBatt - ok
18:06:44.0916 0x13e4  [ 1F20A2F59B7F979B39CBFA602E0D1F8E, B289FFE11764884070D3196E7E07883BF5084EF4FAE12C6760D63824B0E6B0DA ] CNG             C:\Windows\system32\Drivers\cng.sys
18:06:44.0987 0x13e4  CNG - ok
18:06:45.0112 0x13e4  [ 1772434819B9BA3F566EEDEB71102F0B, 0BA57A536A791090879DA96FE8AF02EB7F4D543A2296A937C4120832B04CB126 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
18:06:45.0217 0x13e4  CnxtHdAudService - ok
18:06:45.0282 0x13e4  [ 81F2B52C47B8AD32CC4FF967FC8D73DA, 13D84B4096E0F9AB9D04F6CD9E9C0DE4B6DF6F11D63C797266D719FD2429A655 ] CompFilter64    C:\Windows\System32\drivers\lvbflt64.sys
18:06:45.0300 0x13e4  CompFilter64 - ok
18:06:45.0324 0x13e4  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
18:06:45.0352 0x13e4  CompositeBus - ok
18:06:45.0360 0x13e4  COMSysApp - ok
18:06:45.0376 0x13e4  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
18:06:45.0407 0x13e4  condrv - ok
18:06:45.0508 0x13e4  [ 66492FB9826C29CCD0E491AF1FDB5FDB, 34BD6D3156D9773686B86EEF6EF5BE0270A0508D26E3A55B3F2B0805B3C44E5D ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
18:06:45.0565 0x13e4  cphs - ok
18:06:45.0614 0x13e4  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:06:45.0649 0x13e4  CryptSvc - ok
18:06:45.0692 0x13e4  [ 426B2624A1669D233BAB6C4AC5E9432E, C03746D04094FAEA0650032447667055E7C7D1094581D4C1EB414D22A164CA99 ] CxAudMsg        C:\Windows\system32\CxAudMsg64.exe
18:06:45.0724 0x13e4  CxAudMsg - ok
18:06:45.0748 0x13e4  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
18:06:45.0775 0x13e4  dam - ok
18:06:45.0877 0x13e4  [ E4220FD9C7F1579D9C5F9DFB00427841, 77740122A01A08F18CC82A4BB3F00EC59F29EE10779092F872572C264F6728D0 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:06:45.0956 0x13e4  DcomLaunch - ok
18:06:46.0021 0x13e4  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
18:06:46.0078 0x13e4  defragsvc - ok
18:06:46.0131 0x13e4  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
18:06:46.0184 0x13e4  DeviceAssociationService - ok
18:06:46.0227 0x13e4  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
18:06:46.0262 0x13e4  DeviceInstall - ok
18:06:46.0302 0x13e4  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
18:06:46.0333 0x13e4  Dfsc - ok
18:06:46.0375 0x13e4  [ 85137571AEC8AC757D497B9DD30D544D, 6E15C9FB4010B26A8E5AFD4E85F7362B2616EB8503ACCE28EC31AC1E7D18566F ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
18:06:46.0403 0x13e4  dg_ssudbus - ok
18:06:46.0473 0x13e4  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:06:46.0519 0x13e4  Dhcp - ok
18:06:46.0646 0x13e4  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\Windows\system32\diagtrack.dll
18:06:46.0770 0x13e4  DiagTrack - ok
18:06:46.0830 0x13e4  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\Windows\system32\drivers\disk.sys
18:06:46.0861 0x13e4  disk - ok
18:06:46.0891 0x13e4  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
18:06:46.0916 0x13e4  dmvsc - ok
18:06:46.0970 0x13e4  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:06:47.0009 0x13e4  Dnscache - ok
18:06:47.0066 0x13e4  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:06:47.0106 0x13e4  dot3svc - ok
18:06:47.0141 0x13e4  [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4            C:\Windows\system32\DRIVERS\Dot4.sys
18:06:47.0164 0x13e4  dot4 - ok
18:06:47.0182 0x13e4  [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print       C:\Windows\System32\drivers\Dot4Prt.sys
18:06:47.0196 0x13e4  Dot4Print - ok
18:06:47.0217 0x13e4  [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
18:06:47.0239 0x13e4  dot4usb - ok
18:06:47.0285 0x13e4  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
18:06:47.0325 0x13e4  DPS - ok
18:06:47.0366 0x13e4  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:06:47.0393 0x13e4  drmkaud - ok
18:06:47.0443 0x13e4  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
18:06:47.0482 0x13e4  DsmSvc - ok
18:06:47.0535 0x13e4  [ 4D00535C0451B2056E684925172A33C7, 866EB71A15FEBD2E05C3C61A253795AADF975859D0399185148EC60FE2FF43C8 ] dts_apo_service C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
18:06:47.0553 0x13e4  dts_apo_service - ok
18:06:47.0676 0x13e4  [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:06:47.0801 0x13e4  DXGKrnl - ok
18:06:47.0849 0x13e4  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
18:06:47.0881 0x13e4  Eaphost - ok
18:06:48.0100 0x13e4  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
18:06:48.0350 0x13e4  ebdrv - ok
18:06:48.0428 0x13e4  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
18:06:48.0460 0x13e4  EFS - ok
18:06:48.0475 0x13e4  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
18:06:48.0507 0x13e4  EhStorClass - ok
18:06:48.0538 0x13e4  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
18:06:48.0569 0x13e4  EhStorTcgDrv - ok
18:06:48.0585 0x13e4  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
18:06:48.0600 0x13e4  ErrDev - ok
18:06:48.0678 0x13e4  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
18:06:48.0741 0x13e4  EventSystem - ok
18:06:48.0772 0x13e4  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:06:48.0838 0x13e4  exfat - ok
18:06:48.0900 0x13e4  Fabs - ok
18:06:48.0947 0x13e4  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:06:48.0979 0x13e4  fastfat - ok
18:06:49.0057 0x13e4  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
18:06:49.0119 0x13e4  Fax - ok
18:06:49.0135 0x13e4  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
18:06:49.0166 0x13e4  fdc - ok
18:06:49.0197 0x13e4  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:06:49.0229 0x13e4  fdPHost - ok
18:06:49.0275 0x13e4  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:06:49.0307 0x13e4  FDResPub - ok
18:06:49.0354 0x13e4  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
18:06:49.0385 0x13e4  fhsvc - ok
18:06:49.0432 0x13e4  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:06:49.0463 0x13e4  FileInfo - ok
18:06:49.0479 0x13e4  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:06:49.0510 0x13e4  Filetrace - ok
18:06:49.0682 0x13e4  [ 5BD96D8C5411ACE71A7EAACAF0EF2903, 2AF58E6060C7DEC44B4CA30E14E164473CD4089AE475DAFFC61DFE56990C1147 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
18:06:49.0854 0x13e4  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 )
18:06:49.0963 0x13e4  Detect skipped due to KSN trusted
18:06:49.0963 0x13e4  FirebirdServerMAGIXInstance - ok
18:06:49.0994 0x13e4  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
18:06:50.0010 0x13e4  flpydisk - ok
18:06:50.0072 0x13e4  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:06:50.0119 0x13e4  FltMgr - ok
18:06:50.0244 0x13e4  [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache       C:\Windows\system32\FntCache.dll
18:06:50.0354 0x13e4  FontCache - ok
18:06:50.0479 0x13e4  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:06:50.0494 0x13e4  FontCache3.0.0.0 - ok
18:06:50.0526 0x13e4  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:06:50.0557 0x13e4  FsDepends - ok
18:06:50.0588 0x13e4  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:06:50.0619 0x13e4  Fs_Rec - ok
18:06:50.0682 0x13e4  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:06:50.0744 0x13e4  fvevol - ok
18:06:50.0760 0x13e4  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
18:06:50.0776 0x13e4  FxPPM - ok
18:06:50.0807 0x13e4  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:06:50.0838 0x13e4  gagp30kx - ok
18:06:50.0870 0x13e4  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
18:06:50.0885 0x13e4  gencounter - ok
18:06:50.0932 0x13e4  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
18:06:50.0979 0x13e4  GPIOClx0101 - ok
18:06:51.0088 0x13e4  [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:06:51.0198 0x13e4  gpsvc - ok
18:06:51.0307 0x13e4  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:06:51.0354 0x13e4  HdAudAddService - ok
18:06:51.0385 0x13e4  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
18:06:51.0416 0x13e4  HDAudBus - ok
18:06:51.0432 0x13e4  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
18:06:51.0463 0x13e4  HidBatt - ok
18:06:51.0495 0x13e4  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
18:06:51.0526 0x13e4  HidBth - ok
18:06:51.0541 0x13e4  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
18:06:51.0573 0x13e4  hidi2c - ok
18:06:51.0604 0x13e4  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
18:06:51.0635 0x13e4  HidIr - ok
18:06:51.0666 0x13e4  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
18:06:51.0682 0x13e4  hidserv - ok
18:06:51.0729 0x13e4  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
18:06:51.0745 0x13e4  HidUsb - ok
18:06:51.0791 0x13e4  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:06:51.0823 0x13e4  hkmsvc - ok
18:06:51.0885 0x13e4  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:06:51.0917 0x13e4  HomeGroupListener - ok
18:06:51.0995 0x13e4  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:06:52.0042 0x13e4  HomeGroupProvider - ok
18:06:52.0057 0x13e4  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:06:52.0088 0x13e4  HpSAMD - ok
18:06:52.0182 0x13e4  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:06:52.0276 0x13e4  HTTP - ok
18:06:52.0292 0x13e4  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:06:52.0307 0x13e4  hwpolicy - ok
18:06:52.0323 0x13e4  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
18:06:52.0354 0x13e4  hyperkbd - ok
18:06:52.0370 0x13e4  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
18:06:52.0385 0x13e4  HyperVideo - ok
18:06:52.0432 0x13e4  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
18:06:52.0463 0x13e4  i8042prt - ok
18:06:52.0495 0x13e4  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
18:06:52.0510 0x13e4  iaLPSSi_GPIO - ok
18:06:52.0542 0x13e4  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
18:06:52.0557 0x13e4  iaLPSSi_I2C - ok
18:06:52.0620 0x13e4  [ 25555186E4FBDF0E30A5DBFC9B9A73F9, 4A9DAC2B56389C5955C343E202C6E81CD3A608E78A4BB7E6ED560719DF02C955 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
18:06:52.0682 0x13e4  iaStorA - ok
18:06:52.0745 0x13e4  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
18:06:52.0792 0x13e4  iaStorAV - ok
18:06:52.0834 0x13e4  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:06:52.0897 0x13e4  iaStorV - ok
18:06:52.0959 0x13e4  [ B1E9019A1A2573A112D6FA6FBD4E60AC, 8282A9830ACBC6407B4593A249F5AF3EEA745FE2842E72CB4014709B3ED8190E ] ibtsiva         C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
18:06:52.0990 0x13e4  ibtsiva - ok
18:06:53.0037 0x13e4  [ 78DC93872CF915831F98DD46DF6283EE, 084E6BF12835A6DABC8F6EB6A758866DE1C44396A9F5078262F89ECC27A9A1BD ] ibtusb          C:\Windows\system32\DRIVERS\ibtusb.sys
18:06:53.0068 0x13e4  ibtusb - ok
18:06:53.0115 0x13e4  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:06:53.0131 0x13e4  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
18:06:53.0272 0x13e4  Detect skipped due to KSN trusted
18:06:53.0272 0x13e4  IDriverT - ok
18:06:53.0272 0x13e4  IEEtwCollectorService - ok
18:06:53.0537 0x13e4  [ 3203DD8BBB0E8E26550C4D7B58617F3C, 5A4BABE3EEFD06F05538407E31873536EA47C4FD66C960611A73AC395DFB292A ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:06:53.0818 0x13e4  igfx - ok
18:06:53.0913 0x13e4  [ 361529DF1EBD05E0B15E1026DCCC1885, 8D3182D3861F4854E6C169701BE74015EF941004A538B1971C8FE853CE84AC20 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
18:06:53.0945 0x13e4  igfxCUIService1.0.0.0 - ok
18:06:54.0038 0x13e4  [ 2530D33CE2F5F30D08A039EC33E91F17, DE1669A9F67C9CA3EEF6D0D0A56167318E4DB50965D87BF94A2795A21EBEE979 ] IKEEXT          C:\Windows\System32\ikeext.dll
18:06:54.0132 0x13e4  IKEEXT - ok
18:06:54.0163 0x13e4  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
18:06:54.0179 0x13e4  intaud_WaveExtensible - ok
18:06:54.0242 0x13e4  [ B375D8686E1BD2B79C0F00E3868A8C3B, A15D99F04B69FB37ED3AC0C3BBA464BF6D6EB1873D4AE1062983120E3BD1C4DB ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
18:06:54.0273 0x13e4  IntcDAud - ok
18:06:54.0398 0x13e4  [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:06:54.0460 0x13e4  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
18:06:55.0133 0x13e4  Detect skipped due to KSN trusted
18:06:55.0133 0x13e4  Intel(R) Capability Licensing Service Interface - ok
18:06:55.0227 0x13e4  [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
18:06:55.0289 0x13e4  Intel(R) Capability Licensing Service TCP IP Interface - ok
18:06:55.0321 0x13e4  [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
18:06:55.0336 0x13e4  Intel(R) ME Service - ok
18:06:55.0368 0x13e4  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:06:55.0383 0x13e4  intelide - ok
18:06:55.0415 0x13e4  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
18:06:55.0446 0x13e4  intelpep - ok
18:06:55.0461 0x13e4  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
18:06:55.0493 0x13e4  intelppm - ok
18:06:55.0524 0x13e4  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:06:55.0571 0x13e4  IpFilterDriver - ok
18:06:55.0664 0x13e4  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:06:55.0743 0x13e4  iphlpsvc - ok
18:06:55.0774 0x13e4  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
18:06:55.0805 0x13e4  IPMIDRV - ok
18:06:55.0837 0x13e4  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:06:55.0868 0x13e4  IPNAT - ok
18:06:55.0946 0x13e4  [ 2BFF13AC46A5850161317D0F924B5B42, B8A09F66435EC6582F8772515988503CC13DC200A370EBB8C3FE661F2EA688DA ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:06:55.0993 0x13e4  iPod Service - ok
18:06:56.0040 0x13e4  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:06:56.0071 0x13e4  IRENUM - ok
18:06:56.0102 0x13e4  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:06:56.0118 0x13e4  isapnp - ok
18:06:56.0180 0x13e4  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
18:06:56.0212 0x13e4  iScsiPrt - ok
18:06:56.0306 0x13e4  [ 16B5B394028D8ED80A569123A38DC4F7, 19839364B7A48584615F0ED56D94AB6E6F8159EAD826605F74C73845CE2C5C12 ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
18:06:56.0337 0x13e4  iumsvc - ok
18:06:56.0353 0x13e4  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
18:06:56.0368 0x13e4  iwdbus - ok
18:06:56.0431 0x13e4  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:06:56.0447 0x13e4  jhi_service - ok
18:06:56.0478 0x13e4  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
18:06:56.0509 0x13e4  kbdclass - ok
18:06:56.0540 0x13e4  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
18:06:56.0572 0x13e4  kbdhid - ok
18:06:56.0603 0x13e4  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
18:06:56.0618 0x13e4  kdnic - ok
18:06:56.0650 0x13e4  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
18:06:56.0665 0x13e4  KeyIso - ok
18:06:56.0712 0x13e4  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:06:56.0743 0x13e4  KSecDD - ok
18:06:56.0790 0x13e4  [ 38BED40B100C6A844C3DB1AEE2F0C6CF, 711ABC7244139F17268F679F9466EA4E78C2F7DFD760FDBFECF17AB6FD0E7787 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:06:56.0822 0x13e4  KSecPkg - ok
18:06:56.0853 0x13e4  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:06:56.0884 0x13e4  ksthunk - ok
18:06:56.0947 0x13e4  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:06:57.0009 0x13e4  KtmRm - ok
18:06:57.0056 0x13e4  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:06:57.0118 0x13e4  LanmanServer - ok
18:06:57.0150 0x13e4  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:06:57.0197 0x13e4  LanmanWorkstation - ok
18:06:57.0275 0x13e4  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
18:06:57.0322 0x13e4  lfsvc - ok
18:06:57.0368 0x13e4  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:06:57.0400 0x13e4  lltdio - ok
18:06:57.0447 0x13e4  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:06:57.0494 0x13e4  lltdsvc - ok
18:06:57.0525 0x13e4  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:06:57.0556 0x13e4  lmhosts - ok
18:06:57.0603 0x13e4  [ E2952760B05A256FB1412D20A41C89C1, B5AF47DF90D5DC8E6549DE1AFF897669E8200D08083D43DF86E34F6EE19C59DA ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:06:57.0635 0x13e4  LMS - ok
18:06:57.0666 0x13e4  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:06:57.0697 0x13e4  LSI_SAS - ok
18:06:57.0728 0x13e4  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:06:57.0775 0x13e4  LSI_SAS2 - ok
18:06:57.0791 0x13e4  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
18:06:57.0822 0x13e4  LSI_SAS3 - ok
18:06:57.0838 0x13e4  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
18:06:57.0869 0x13e4  LSI_SSS - ok
18:06:57.0963 0x13e4  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
18:06:58.0041 0x13e4  LSM - ok
18:06:58.0072 0x13e4  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:06:58.0103 0x13e4  luafv - ok
18:06:58.0150 0x13e4  [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
18:06:58.0197 0x13e4  LVRS64 - ok
18:06:58.0494 0x13e4  [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
18:06:58.0791 0x13e4  LVUVC64 - ok
18:06:58.0838 0x13e4  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
18:06:58.0854 0x13e4  megasas - ok
18:06:58.0963 0x13e4  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
18:06:59.0026 0x13e4  megasr - ok
18:06:59.0057 0x13e4  [ EB1D78140D6634C32A46AB1006105EDC, 586F988A7272A7E3F6AA2CC9A001A08A3D178A011AE8C095BB7EAD9FFB45AAB1 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
18:06:59.0073 0x13e4  MEIx64 - ok
18:06:59.0119 0x13e4  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
18:06:59.0151 0x13e4  MMCSS - ok
18:06:59.0166 0x13e4  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
18:06:59.0198 0x13e4  Modem - ok
18:06:59.0229 0x13e4  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
18:06:59.0244 0x13e4  monitor - ok
18:06:59.0276 0x13e4  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
18:06:59.0307 0x13e4  mouclass - ok
18:06:59.0326 0x13e4  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
18:06:59.0354 0x13e4  mouhid - ok
18:06:59.0401 0x13e4  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:06:59.0417 0x13e4  mountmgr - ok
18:06:59.0479 0x13e4  [ D6F67A73E6557578B755F7B534E00F47, 769F3D6CB86B2DC4065BDE4CE39139879B7D96F455A3BE80C7ECEAD5494E8B79 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:06:59.0511 0x13e4  MozillaMaintenance - ok
18:06:59.0557 0x13e4  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:06:59.0589 0x13e4  mpsdrv - ok
18:06:59.0667 0x13e4  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:06:59.0761 0x13e4  MpsSvc - ok
18:06:59.0808 0x13e4  [ D2AC8F07995CE6CD18848C129435B481, 839B04116B49A757950E049150F6AADE41335914CC699ED73BE886BECAC39D36 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:06:59.0840 0x13e4  MRxDAV - ok
18:06:59.0887 0x13e4  [ 5DCD41F62F71519D2A46D41F60C69B0C, A9C2F8B8F82BDBF48F34D5837ED27CE251C75232A07AF26F7B796D2A106795A0 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:06:59.0949 0x13e4  mrxsmb - ok
18:06:59.0980 0x13e4  [ D7C9BC4D37BF08C7DD436A0A5F321668, 30A5AF211BEC89E26134CDAE3E60D0D9F0AE2748F56E9D09B07431206AD381C6 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:07:00.0012 0x13e4  mrxsmb10 - ok
18:07:00.0043 0x13e4  [ FE219A7107C4BC3BBC35D6CDC281612C, 98CA0FECF1F7269DAED43561FA40AAC1A9456F2C2FE7C1243C628F78864D2F54 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:07:00.0074 0x13e4  mrxsmb20 - ok
18:07:00.0121 0x13e4  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
18:07:00.0152 0x13e4  MsBridge - ok
18:07:00.0199 0x13e4  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
18:07:00.0230 0x13e4  MSDTC - ok
18:07:00.0277 0x13e4  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:07:00.0324 0x13e4  Msfs - ok
18:07:00.0340 0x13e4  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
18:07:00.0371 0x13e4  msgpiowin32 - ok
18:07:00.0387 0x13e4  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:07:00.0402 0x13e4  mshidkmdf - ok
18:07:00.0434 0x13e4  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
18:07:00.0465 0x13e4  mshidumdf - ok
18:07:00.0496 0x13e4  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:07:00.0512 0x13e4  msisadrv - ok
18:07:00.0543 0x13e4  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:07:00.0590 0x13e4  MSiSCSI - ok
18:07:00.0590 0x13e4  msiserver - ok
18:07:00.0605 0x13e4  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:07:00.0637 0x13e4  MSKSSRV - ok
18:07:00.0673 0x13e4  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
18:07:00.0704 0x13e4  MsLldp - ok
18:07:00.0736 0x13e4  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:07:00.0752 0x13e4  MSPCLOCK - ok
18:07:00.0767 0x13e4  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:07:00.0799 0x13e4  MSPQM - ok
18:07:00.0830 0x13e4  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:07:00.0892 0x13e4  MsRPC - ok
18:07:00.0908 0x13e4  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
18:07:00.0924 0x13e4  mssmbios - ok
18:07:00.0939 0x13e4  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:07:00.0971 0x13e4  MSTEE - ok
18:07:00.0986 0x13e4  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
18:07:01.0017 0x13e4  MTConfig - ok
18:07:01.0033 0x13e4  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
18:07:01.0064 0x13e4  Mup - ok
18:07:01.0080 0x13e4  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
18:07:01.0111 0x13e4  mvumis - ok
18:07:01.0158 0x13e4  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
18:07:01.0221 0x13e4  napagent - ok
18:07:01.0283 0x13e4  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:07:01.0330 0x13e4  NativeWifiP - ok
18:07:01.0377 0x13e4  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
18:07:01.0408 0x13e4  NcaSvc - ok
18:07:01.0439 0x13e4  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
18:07:01.0486 0x13e4  NcbService - ok
18:07:01.0533 0x13e4  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
18:07:01.0549 0x13e4  NcdAutoSetup - ok
18:07:01.0658 0x13e4  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:07:01.0752 0x13e4  NDIS - ok
18:07:01.0799 0x13e4  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:07:01.0830 0x13e4  NdisCap - ok
18:07:01.0862 0x13e4  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
18:07:01.0893 0x13e4  NdisImPlatform - ok
18:07:01.0909 0x13e4  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:07:01.0940 0x13e4  NdisTapi - ok
18:07:01.0971 0x13e4  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:07:01.0987 0x13e4  Ndisuio - ok
18:07:02.0002 0x13e4  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
18:07:02.0049 0x13e4  NdisVirtualBus - ok
18:07:02.0065 0x13e4  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:07:02.0112 0x13e4  NdisWan - ok
18:07:02.0159 0x13e4  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
18:07:02.0205 0x13e4  NdisWanLegacy - ok
18:07:02.0238 0x13e4  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:07:02.0270 0x13e4  NDProxy - ok
18:07:02.0317 0x13e4  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
18:07:02.0348 0x13e4  Ndu - ok
18:07:02.0379 0x13e4  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:07:02.0410 0x13e4  NetBIOS - ok
18:07:02.0473 0x13e4  [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:07:02.0520 0x13e4  NetBT - ok
18:07:02.0551 0x13e4  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
18:07:02.0582 0x13e4  Netlogon - ok
18:07:02.0645 0x13e4  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
18:07:02.0691 0x13e4  Netman - ok
18:07:02.0754 0x13e4  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
18:07:02.0816 0x13e4  netprofm - ok
18:07:02.0879 0x13e4  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:07:02.0910 0x13e4  NetTcpPortSharing - ok
18:07:02.0957 0x13e4  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
18:07:02.0988 0x13e4  netvsc - ok
18:07:03.0223 0x13e4  [ B6EDB4D2BA55CA06FF679FA4B885B1F4, 3A5E509B52216DEFBEDE2CA35C77A2AB8114E41D702765F6712DD8D24B394826 ] NETwNb64        C:\Windows\system32\DRIVERS\NETwbw02.sys
18:07:03.0457 0x13e4  NETwNb64 - ok
18:07:03.0551 0x13e4  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:07:03.0598 0x13e4  NlaSvc - ok
18:07:03.0629 0x13e4  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:07:03.0660 0x13e4  Npfs - ok
18:07:03.0676 0x13e4  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
18:07:03.0691 0x13e4  npsvctrig - ok
18:07:03.0723 0x13e4  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
18:07:03.0754 0x13e4  nsi - ok
18:07:03.0801 0x13e4  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:07:03.0832 0x13e4  nsiproxy - ok
18:07:03.0973 0x13e4  [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:07:04.0207 0x13e4  Ntfs - ok
18:07:04.0270 0x13e4  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
18:07:04.0285 0x13e4  Null - ok
18:07:04.0317 0x13e4  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:07:04.0348 0x13e4  nvraid - ok
18:07:04.0379 0x13e4  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:07:04.0410 0x13e4  nvstor - ok
18:07:04.0426 0x13e4  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:07:04.0457 0x13e4  nv_agp - ok
18:07:04.0535 0x13e4  [ B8DEA8FF85826EBC859653075785F7CA, CC74FF7BBD0B3DC2345AAECB147D8FA942A32B72CF78716A6F5FDA8C2E1DA194 ] Online Shield Starter Service C:\Program Files (x86)\Steganos Online Shield\OnlineShieldService.exe
18:07:04.0567 0x13e4  Online Shield Starter Service - ok
18:07:04.0629 0x13e4  [ F72A296B163FA0CCB7E50127594C8C14, 74BF0112D7AB8F6C68C6F73FC7A4127AA8B70A3B34002E2621499AE3B947A5C0 ] OpenVPNService  C:\Program Files (x86)\Steganos Online Shield\bin\openvpnserv.exe
18:07:04.0645 0x13e4  OpenVPNService - detected UnsignedFile.Multi.Generic ( 1 )
18:07:04.0973 0x13e4  OpenVPNService ( UnsignedFile.Multi.Generic ) - warning
18:07:04.0973 0x13e4  Force sending object to P2P due to detect: OpenVPNService
18:07:05.0192 0x13e4  Object send P2P result: true
18:07:05.0520 0x13e4  [ 4F9FFCF12B6ED0B4DAC95427772C226E, 4A79AEC410ED1034366FAC1388FB29381EE6541AA17E3652BE86265D09541C56 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
18:07:05.0661 0x13e4  Origin Client Service - ok
18:07:05.0708 0x13e4  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:07:05.0739 0x13e4  ose - ok
18:07:05.0801 0x13e4  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:07:05.0848 0x13e4  p2pimsvc - ok
18:07:05.0911 0x13e4  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
18:07:05.0958 0x13e4  p2psvc - ok
18:07:05.0989 0x13e4  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
18:07:06.0020 0x13e4  Parport - ok
18:07:06.0051 0x13e4  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:07:06.0083 0x13e4  partmgr - ok
18:07:06.0129 0x13e4  [ 0A2DF1055FEEA30DFF73DAC0DA45FDE4, 497B2AE591ABBCFA8FC571D9C1D750006212F2D2DDF12F5A9E7FFA811CD707A3 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:07:06.0192 0x13e4  PcaSvc - ok
18:07:06.0254 0x13e4  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
18:07:06.0301 0x13e4  pci - ok
18:07:06.0317 0x13e4  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:07:06.0348 0x13e4  pciide - ok
18:07:06.0364 0x13e4  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:07:06.0395 0x13e4  pcmcia - ok
18:07:06.0411 0x13e4  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:07:06.0442 0x13e4  pcw - ok
18:07:06.0458 0x13e4  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
18:07:06.0489 0x13e4  pdc - ok
18:07:06.0661 0x13e4  [ BED7F77B4CE8B6E9D93F04744C62A4C5, 12688581EEF46F965FAD67A200291A21A94EA00FE8A228DA53C8FEDD60708424 ] PDF Architect 4 C:\Program Files\PDF Architect 4\ws.exe
18:07:06.0817 0x13e4  PDF Architect 4 - ok
18:07:06.0911 0x13e4  [ CB4E4B9203F767699BE02114B6EA5B77, 4092AAFE459EB4DE2256F69F92BF3D5E1735AACD2517371C7842E2536DBDC8C0 ] PDF Architect 4 CrashHandler C:\Program Files\PDF Architect 4\crash-handler-ws.exe
18:07:06.0989 0x13e4  PDF Architect 4 CrashHandler - ok
18:07:07.0130 0x13e4  [ 052979FC099C54405331EC1E6A7E5518, 512D7A1913E8D219D909D934494E261929D7C8EBD0F694082A80D3AA4BFEA18B ] PDF Architect 4 Creator C:\Program Files\PDF Architect 4\creator-ws.exe
18:07:07.0192 0x13e4  PDF Architect 4 Creator - ok
18:07:07.0239 0x13e4  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:07:07.0317 0x13e4  PEAUTH - ok
18:07:07.0380 0x13e4  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:07:07.0411 0x13e4  PerfHost - ok
18:07:07.0536 0x13e4  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
18:07:07.0661 0x13e4  pla - ok
18:07:07.0739 0x13e4  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:07:07.0770 0x13e4  PlugPlay - ok
18:07:07.0802 0x13e4  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:07:07.0833 0x13e4  PNRPAutoReg - ok
18:07:07.0864 0x13e4  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:07:07.0911 0x13e4  PNRPsvc - ok
18:07:07.0958 0x13e4  [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:07:08.0005 0x13e4  PolicyAgent - ok
18:07:08.0067 0x13e4  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
18:07:08.0098 0x13e4  Power - ok
18:07:08.0317 0x13e4  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
18:07:08.0520 0x13e4  PrintNotify - ok
18:07:08.0567 0x13e4  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
18:07:08.0598 0x13e4  Processor - ok
18:07:08.0645 0x13e4  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\Windows\system32\profsvc.dll
18:07:08.0676 0x13e4  ProfSvc - ok
18:07:08.0723 0x13e4  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:07:08.0755 0x13e4  Psched - ok
18:07:08.0786 0x13e4  [ 14C65D2CB61CF50D82CB9E738CA94F00, 17954AD3317816F33F7167F825F4D10449B97DF5328504F0CD9C3D49D23B134A ] QIOMem          C:\Windows\System32\drivers\QIOMem.sys
18:07:08.0817 0x13e4  QIOMem - ok
18:07:08.0864 0x13e4  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
18:07:08.0927 0x13e4  QWAVE - ok
18:07:08.0958 0x13e4  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:07:08.0989 0x13e4  QWAVEdrv - ok
18:07:09.0005 0x13e4  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:07:09.0036 0x13e4  RasAcd - ok
18:07:09.0067 0x13e4  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
18:07:09.0098 0x13e4  RasAuto - ok
18:07:09.0161 0x13e4  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\Windows\System32\rasmans.dll
18:07:09.0223 0x13e4  RasMan - ok
18:07:09.0255 0x13e4  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:07:09.0286 0x13e4  RasPppoe - ok
18:07:09.0333 0x13e4  [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:07:09.0364 0x13e4  RasSstp - ok
18:07:09.0411 0x13e4  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:07:09.0458 0x13e4  rdbss - ok
18:07:09.0473 0x13e4  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
18:07:09.0505 0x13e4  rdpbus - ok
18:07:09.0520 0x13e4  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:07:09.0567 0x13e4  RDPDR - ok
18:07:09.0599 0x13e4  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:07:09.0630 0x13e4  RdpVideoMiniport - ok
18:07:09.0645 0x13e4  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:07:09.0708 0x13e4  rdyboost - ok
18:07:09.0802 0x13e4  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
18:07:09.0914 0x13e4  ReFS - ok
18:07:09.0961 0x13e4  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:07:10.0008 0x13e4  RemoteAccess - ok
18:07:10.0055 0x13e4  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:07:10.0086 0x13e4  RemoteRegistry - ok
18:07:10.0117 0x13e4  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
18:07:10.0164 0x13e4  RFCOMM - ok
18:07:10.0180 0x13e4  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:07:10.0211 0x13e4  RpcEptMapper - ok
18:07:10.0242 0x13e4  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
18:07:10.0274 0x13e4  RpcLocator - ok
18:07:10.0352 0x13e4  [ E4220FD9C7F1579D9C5F9DFB00427841, 77740122A01A08F18CC82A4BB3F00EC59F29EE10779092F872572C264F6728D0 ] RpcSs           C:\Windows\system32\rpcss.dll
18:07:10.0430 0x13e4  RpcSs - ok
18:07:10.0477 0x13e4  [ 8CDA04D9F6C15F8E98FDE926A51DCCD6, F9B6771D7B157FEB9C2AB26B647B9AEC6CE4B9455F06FE4E097A723C1D5B2301 ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
18:07:10.0508 0x13e4  RSP2STOR - ok
18:07:10.0555 0x13e4  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:07:10.0586 0x13e4  rspndr - ok
18:07:10.0664 0x13e4  [ CFE738C524F35B6E523A4D0F54840C30, 73E051DEA744EEC5202693C11EDABB36DE2D086160648D4E41F1F299CBAD8409 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
18:07:10.0727 0x13e4  RTL8168 - ok
18:07:10.0742 0x13e4  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
18:07:10.0758 0x13e4  s3cap - ok
18:07:10.0805 0x13e4  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
18:07:10.0836 0x13e4  SamSs - ok
18:07:10.0852 0x13e4  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:07:10.0883 0x13e4  sbp2port - ok
18:07:10.0930 0x13e4  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:07:10.0977 0x13e4  SCardSvr - ok
18:07:11.0024 0x13e4  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
18:07:11.0055 0x13e4  ScDeviceEnum - ok
18:07:11.0086 0x13e4  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:07:11.0117 0x13e4  scfilter - ok
18:07:11.0227 0x13e4  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\Windows\system32\schedsvc.dll
18:07:11.0321 0x13e4  Schedule - ok
18:07:11.0352 0x13e4  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:07:11.0383 0x13e4  SCPolicySvc - ok
18:07:11.0446 0x13e4  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys
18:07:11.0477 0x13e4  sdbus - ok
18:07:11.0524 0x13e4  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
18:07:11.0539 0x13e4  sdstor - ok
18:07:11.0571 0x13e4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:07:11.0602 0x13e4  secdrv - ok
18:07:11.0649 0x13e4  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\Windows\system32\seclogon.dll
18:07:11.0664 0x13e4  seclogon - ok
18:07:11.0696 0x13e4  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
18:07:11.0742 0x13e4  SENS - ok
18:07:11.0774 0x13e4  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:07:11.0821 0x13e4  SensrSvc - ok
18:07:11.0836 0x13e4  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
18:07:11.0868 0x13e4  SerCx - ok
18:07:11.0899 0x13e4  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
18:07:11.0930 0x13e4  SerCx2 - ok
18:07:11.0946 0x13e4  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
18:07:11.0977 0x13e4  Serenum - ok
18:07:11.0993 0x13e4  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
18:07:12.0024 0x13e4  Serial - ok
18:07:12.0071 0x13e4  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys
18:07:12.0086 0x13e4  sermouse - ok
18:07:12.0149 0x13e4  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\Windows\system32\sessenv.dll
18:07:12.0196 0x13e4  SessionEnv - ok
18:07:12.0211 0x13e4  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
18:07:12.0243 0x13e4  sfloppy - ok
18:07:12.0290 0x13e4  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:07:12.0336 0x13e4  SharedAccess - ok
18:07:12.0383 0x13e4  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:07:12.0461 0x13e4  ShellHWDetection - ok
18:07:12.0477 0x13e4  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:07:12.0508 0x13e4  SiSRaid2 - ok
18:07:12.0540 0x13e4  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:07:12.0555 0x13e4  SiSRaid4 - ok
18:07:12.0586 0x13e4  [ D885207A4A218EC4773E6F7D214FDEA3, EA64958C2058DCDB8858E0EDA0626BD89B90A973130FE2B8886CF28072BF19D9 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
18:07:12.0602 0x13e4  SmbDrvI - ok
18:07:12.0633 0x13e4  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
18:07:12.0665 0x13e4  smphost - ok
18:07:12.0711 0x13e4  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:07:12.0743 0x13e4  SNMPTRAP - ok
18:07:12.0836 0x13e4  [ B45AE0970B2D66CCE756DE6989E23EEC, 8393CF2DC4F65CD48D4D7B3C8C2D29E26728593B652D6CEAB65B50AEDA0884B7 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
18:07:12.0883 0x13e4  spaceport - ok
18:07:12.0915 0x13e4  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
18:07:12.0946 0x13e4  SpbCx - ok
18:07:13.0024 0x13e4  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\Windows\System32\spoolsv.exe
18:07:13.0102 0x13e4  Spooler - ok
18:07:13.0494 0x13e4  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
18:07:13.0994 0x13e4  sppsvc - ok
18:07:14.0056 0x13e4  [ 69DC128CF54009A686E0F0C57E2BA0DC, 961B1F1F4CD07D85660E63DEC0AACDE1BF0DA30C0E39C497AE31BD37C5591B72 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:07:14.0103 0x13e4  srv - ok
18:07:14.0166 0x13e4  [ CED8576CD925E83ABEB14F65EA205C29, 37803AB047B5717EDBB7009F504C87B8DE110FBC5D67DFE6A9C8F04B30DD9629 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:07:14.0228 0x13e4  srv2 - ok
18:07:14.0259 0x13e4  [ 4396587119D8F4B72561ED24666E7567, 11754EA2668B2088363EFD2BCE4FDABC8836A6C9D78873F2A4F3517A48932ABF ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:07:14.0291 0x13e4  srvnet - ok
18:07:14.0338 0x13e4  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:07:14.0384 0x13e4  SSDPSRV - ok
18:07:14.0431 0x13e4  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:07:14.0463 0x13e4  SstpSvc - ok
18:07:14.0509 0x13e4  [ 9B74226E10CD57E965F87014841016F9, 95C76049DBBF3B31A9B01CFD0EDAAC47DE9A1F096B61D05C47FB85E1AFC07288 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
18:07:14.0541 0x13e4  ssudmdm - ok
18:07:14.0572 0x13e4  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:07:14.0588 0x13e4  stexstor - ok
18:07:14.0666 0x13e4  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
18:07:14.0728 0x13e4  stisvc - ok
18:07:14.0759 0x13e4  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
18:07:14.0791 0x13e4  storahci - ok
18:07:14.0822 0x13e4  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
18:07:14.0838 0x13e4  storflt - ok
18:07:14.0869 0x13e4  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
18:07:14.0900 0x13e4  stornvme - ok
18:07:14.0932 0x13e4  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
18:07:14.0963 0x13e4  StorSvc - ok
18:07:14.0963 0x13e4  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
18:07:14.0994 0x13e4  storvsc - ok
18:07:15.0041 0x13e4  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
18:07:15.0072 0x13e4  svsvc - ok
18:07:15.0104 0x13e4  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
18:07:15.0119 0x13e4  swenum - ok
18:07:15.0197 0x13e4  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
18:07:15.0275 0x13e4  swprv - ok
18:07:15.0338 0x13e4  [ AC2AFB0CADC5AB87E6ACC4E1A7F774DD, 706A8CD9CA9225E486F5138DF3B67630067EE257C9E5FFEBA9DE35A11B8C8913 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:07:15.0385 0x13e4  SynTP - ok
18:07:15.0494 0x13e4  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\Windows\system32\sysmain.dll
18:07:15.0603 0x13e4  SysMain - ok
18:07:15.0666 0x13e4  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
18:07:15.0697 0x13e4  SystemEventsBroker - ok
18:07:15.0744 0x13e4  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:07:15.0775 0x13e4  TabletInputService - ok
18:07:15.0807 0x13e4  [ 134B275751051C5D03F9ACCDC4F8CAAB, D50F96485AF6F26EA9A5A3A2ADEACC2DFD3B2ABCDAB88195B75CC72EAC543BE2 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
18:07:15.0822 0x13e4  tap0901 - ok
18:07:15.0869 0x13e4  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:07:15.0916 0x13e4  TapiSrv - ok
18:07:16.0088 0x13e4  [ 1C8560E3A37A9D4F25B7769C3E3D4163, 3246F3CD6C9EA2BD874822D594A0FAC68A9DE0612C0893B50B8A3D5F1E9B0B33 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:07:16.0291 0x13e4  Tcpip - ok
18:07:16.0479 0x13e4  [ 1C8560E3A37A9D4F25B7769C3E3D4163, 3246F3CD6C9EA2BD874822D594A0FAC68A9DE0612C0893B50B8A3D5F1E9B0B33 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:07:16.0682 0x13e4  TCPIP6 - ok
18:07:16.0729 0x13e4  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:07:16.0744 0x13e4  tcpipreg - ok
18:07:16.0791 0x13e4  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:07:16.0822 0x13e4  tdx - ok
18:07:16.0869 0x13e4  [ D8420B070D035C30CC890981E3C4B567, C51C3B3F148097CCBD14B1D2F4E4DF2DA246B3B242701F2319E83B1C14675984 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
18:07:16.0885 0x13e4  TemproMonitoringService - ok
18:07:16.0901 0x13e4  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
18:07:16.0932 0x13e4  terminpt - ok
18:07:17.0026 0x13e4  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
18:07:17.0119 0x13e4  TermService - ok
18:07:17.0166 0x13e4  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
18:07:17.0213 0x13e4  Themes - ok
18:07:17.0229 0x13e4  [ 98F91C69689FB0493E8CC34A45B8FA0B, 17385AB817F74F70848E1C71503DA726A4D417D16A5DCE7593BAD112150F6922 ] Thotkey         C:\Windows\System32\drivers\Thotkey.sys
18:07:17.0260 0x13e4  Thotkey - ok
18:07:17.0291 0x13e4  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:07:17.0323 0x13e4  THREADORDER - ok
18:07:17.0369 0x13e4  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
18:07:17.0416 0x13e4  TimeBroker - ok
18:07:17.0480 0x13e4  [ CF7AC931C378178EB8F6220FA662ABF6, DAE865A27EC027AC0FFD7031F9EED5404C274FC2DCECE8ED8727688761D4DD23 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\Teco\TecoService.exe
18:07:17.0511 0x13e4  TOSHIBA eco Utility Service - ok
18:07:17.0542 0x13e4  [ A884A627C0B6E8B238759FC73C1AAAAF, 5D6E38664B6175F5F541D838675429CEE9FA1492A7E25B48E98794B5EB8B6973 ] tosrfec         C:\Windows\System32\drivers\tosrfec.sys
18:07:17.0558 0x13e4  tosrfec - ok
18:07:17.0620 0x13e4  [ ADC56716CAF55E3ABDF549E9425004F8, FDA93F583AAB6FA6E8447B169BDA6E6E8547959133BD95933228C137B69129B7 ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
18:07:17.0667 0x13e4  TPCHSrv - ok
18:07:17.0714 0x13e4  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\Windows\system32\drivers\tpm.sys
18:07:17.0745 0x13e4  TPM - ok
18:07:17.0792 0x13e4  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
18:07:17.0824 0x13e4  TrkWks - ok
18:07:17.0870 0x13e4  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:07:17.0902 0x13e4  TrustedInstaller - ok
18:07:17.0949 0x13e4  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:07:17.0964 0x13e4  TsUsbFlt - ok
18:07:17.0995 0x13e4  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
18:07:18.0027 0x13e4  TsUsbGD - ok
18:07:18.0074 0x13e4  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:07:18.0105 0x13e4  tunnel - ok
18:07:18.0136 0x13e4  [ 54BDBF3D4DED58DA78B702471C68D4CA, D12F9F09FFE7D38A5EE6BF79DB74D775A9861C3C87E06D7C23259E47247B1782 ] TVALZ           C:\Windows\system32\drivers\TVALZ_O.SYS
18:07:18.0152 0x13e4  TVALZ - ok
18:07:18.0183 0x13e4  [ 7B05B5B492E6E248C2B38CD04B4D3A96, 1E18025DDB5EDEBD30F2FAC8D121F55D768B71DA42D919E1A0E98E2E31AA73C8 ] TVALZFL         C:\Windows\system32\Drivers\TVALZFL.sys
18:07:18.0199 0x13e4  TVALZFL - ok
18:07:18.0214 0x13e4  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:07:18.0245 0x13e4  uagp35 - ok
18:07:18.0277 0x13e4  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
18:07:18.0308 0x13e4  UASPStor - ok
18:07:18.0370 0x13e4  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
18:07:18.0402 0x13e4  UCX01000 - ok
18:07:18.0464 0x13e4  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:07:18.0495 0x13e4  udfs - ok
18:07:18.0511 0x13e4  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
18:07:18.0542 0x13e4  UEFI - ok
18:07:18.0589 0x13e4  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:07:18.0620 0x13e4  UI0Detect - ok
18:07:18.0652 0x13e4  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:07:18.0683 0x13e4  uliagpkx - ok
18:07:18.0683 0x13e4  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
18:07:18.0714 0x13e4  umbus - ok
18:07:18.0730 0x13e4  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
18:07:18.0761 0x13e4  UmPass - ok
18:07:18.0808 0x13e4  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
18:07:18.0855 0x13e4  UmRdpService - ok
18:07:18.0902 0x13e4  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
18:07:18.0964 0x13e4  upnphost - ok
18:07:19.0011 0x13e4  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys
18:07:19.0027 0x13e4  USBAAPL64 - ok
18:07:19.0074 0x13e4  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:07:19.0105 0x13e4  usbaudio - ok
18:07:19.0152 0x13e4  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
18:07:19.0183 0x13e4  usbccgp - ok
18:07:19.0214 0x13e4  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
18:07:19.0246 0x13e4  usbcir - ok
18:07:19.0293 0x13e4  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
18:07:19.0324 0x13e4  usbehci - ok
18:07:19.0402 0x13e4  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
18:07:19.0449 0x13e4  usbhub - ok
18:07:19.0527 0x13e4  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
18:07:19.0574 0x13e4  USBHUB3 - ok
18:07:19.0589 0x13e4  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
18:07:19.0621 0x13e4  usbohci - ok
18:07:19.0652 0x13e4  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
18:07:19.0683 0x13e4  usbprint - ok
18:07:19.0714 0x13e4  [ F04D164C4168701A4E7835607722E5F1, 6F743CF2CF73945B4A4B1C4402744BC2FE1624F1346C194493AD2F7110F9EB35 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
18:07:19.0730 0x13e4  usbscan - ok
18:07:19.0777 0x13e4  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
18:07:19.0808 0x13e4  USBSTOR - ok
18:07:19.0855 0x13e4  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
18:07:19.0871 0x13e4  usbuhci - ok
18:07:19.0933 0x13e4  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:07:19.0964 0x13e4  usbvideo - ok
18:07:20.0027 0x13e4  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
18:07:20.0074 0x13e4  USBXHCI - ok
18:07:20.0089 0x13e4  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
18:07:20.0121 0x13e4  VaultSvc - ok
18:07:20.0152 0x13e4  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:07:20.0183 0x13e4  vdrvroot - ok
18:07:20.0293 0x13e4  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
18:07:20.0402 0x13e4  vds - ok
18:07:20.0464 0x13e4  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
18:07:20.0496 0x13e4  VerifierExt - ok
18:07:20.0574 0x13e4  [ 34CAF69BF4166AB40BFF0ED068FF6F91, BF5DA4F85A2C537DD76A3271956EC5BDB9ABC495FAA9371037F608152BE2725D ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
18:07:20.0636 0x13e4  vhdmp - ok
18:07:20.0668 0x13e4  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:07:20.0683 0x13e4  viaide - ok
18:07:20.0714 0x13e4  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
18:07:20.0746 0x13e4  vmbus - ok
18:07:20.0761 0x13e4  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
18:07:20.0777 0x13e4  VMBusHID - ok
18:07:20.0839 0x13e4  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
18:07:20.0902 0x13e4  vmicguestinterface - ok
18:07:20.0949 0x13e4  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
18:07:20.0996 0x13e4  vmicheartbeat - ok
18:07:21.0043 0x13e4  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
18:07:21.0105 0x13e4  vmickvpexchange - ok
18:07:21.0152 0x13e4  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
18:07:21.0199 0x13e4  vmicrdv - ok
18:07:21.0246 0x13e4  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
18:07:21.0308 0x13e4  vmicshutdown - ok
18:07:21.0340 0x13e4  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
18:07:21.0402 0x13e4  vmictimesync - ok
18:07:21.0449 0x13e4  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
18:07:21.0496 0x13e4  vmicvss - ok
18:07:21.0543 0x13e4  [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:07:21.0558 0x13e4  volmgr - ok
18:07:21.0605 0x13e4  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:07:21.0652 0x13e4  volmgrx - ok
18:07:21.0715 0x13e4  [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:07:21.0762 0x13e4  volsnap - ok
18:07:21.0793 0x13e4  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\Windows\System32\drivers\vpci.sys
18:07:21.0824 0x13e4  vpci - ok
18:07:21.0840 0x13e4  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:07:21.0871 0x13e4  vsmraid - ok
18:07:21.0996 0x13e4  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\Windows\system32\vssvc.exe
18:07:22.0105 0x13e4  VSS - ok
18:07:22.0168 0x13e4  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
18:07:22.0215 0x13e4  VSTXRAID - ok
18:07:22.0262 0x13e4  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
18:07:22.0277 0x13e4  vwifibus - ok
18:07:22.0324 0x13e4  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:07:22.0355 0x13e4  vwififlt - ok
18:07:22.0371 0x13e4  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
18:07:22.0387 0x13e4  vwifimp - ok
18:07:22.0449 0x13e4  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
18:07:22.0496 0x13e4  W32Time - ok
18:07:22.0527 0x13e4  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
18:07:22.0558 0x13e4  WacomPen - ok
18:07:22.0668 0x13e4  [ 139D842E5FB75A1E2F0212FBD7B0E457, F29F73B56865C5EBBE89B8F92AEFE2DB19E5C29A94D2E006A23243C23A41AE79 ] wbengine        C:\Windows\system32\wbengine.exe
18:07:22.0793 0x13e4  wbengine - ok
18:07:22.0855 0x13e4  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:07:22.0902 0x13e4  WbioSrvc - ok
18:07:22.0965 0x13e4  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
18:07:23.0012 0x13e4  Wcmsvc - ok
18:07:23.0059 0x13e4  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:07:23.0121 0x13e4  wcncsvc - ok
18:07:23.0152 0x13e4  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:07:23.0184 0x13e4  WcsPlugInService - ok
18:07:23.0215 0x13e4  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
18:07:23.0246 0x13e4  WdBoot - ok
18:07:23.0324 0x13e4  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:07:23.0402 0x13e4  Wdf01000 - ok
18:07:23.0434 0x13e4  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
18:07:23.0496 0x13e4  WdFilter - ok
18:07:23.0527 0x13e4  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:07:23.0574 0x13e4  WdiServiceHost - ok
18:07:23.0574 0x13e4  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:07:23.0621 0x13e4  WdiSystemHost - ok
18:07:23.0668 0x13e4  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
18:07:23.0699 0x13e4  WdNisDrv - ok
18:07:23.0715 0x13e4  WdNisSvc - ok
18:07:23.0762 0x13e4  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\Windows\System32\webclnt.dll
18:07:23.0809 0x13e4  WebClient - ok
18:07:23.0840 0x13e4  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:07:23.0887 0x13e4  Wecsvc - ok
18:07:23.0918 0x13e4  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
18:07:23.0949 0x13e4  WEPHOSTSVC - ok
18:07:23.0996 0x13e4  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:07:24.0043 0x13e4  wercplsupport - ok
18:07:24.0074 0x13e4  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
18:07:24.0121 0x13e4  WerSvc - ok
18:07:24.0153 0x13e4  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
18:07:24.0184 0x13e4  WFPLWFS - ok
18:07:24.0215 0x13e4  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
18:07:24.0246 0x13e4  WiaRpc - ok
18:07:24.0262 0x13e4  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:07:24.0293 0x13e4  WIMMount - ok
18:07:24.0293 0x13e4  WinDefend - ok
18:07:24.0387 0x13e4  [ 310388D06C11C507226CD7C2D21D5ACE, E8158111566D553B8F0E86C33B5F75AF3A4A3405503927822B80DF64D8DEFB05 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
18:07:24.0449 0x13e4  WinHttpAutoProxySvc - ok
18:07:24.0528 0x13e4  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:07:24.0574 0x13e4  Winmgmt - ok
18:07:24.0746 0x13e4  [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM           C:\Windows\system32\WsmSvc.dll
18:07:24.0949 0x13e4  WinRM - ok
18:07:24.0996 0x13e4  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\Windows\System32\drivers\WinUsb.sys
18:07:25.0028 0x13e4  WinUsb - ok
18:07:25.0168 0x13e4  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
18:07:25.0300 0x13e4  WlanSvc - ok
18:07:25.0425 0x13e4  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
18:07:25.0550 0x13e4  wlidsvc - ok
18:07:25.0581 0x13e4  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
18:07:25.0612 0x13e4  WmiAcpi - ok
18:07:25.0659 0x13e4  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:07:25.0691 0x13e4  wmiApSrv - ok
18:07:25.0706 0x13e4  WMPNetworkSvc - ok
18:07:25.0753 0x13e4  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
18:07:25.0784 0x13e4  Wof - ok
18:07:25.0909 0x13e4  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
18:07:26.0034 0x13e4  workfolderssvc - ok
18:07:26.0097 0x13e4  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
18:07:26.0112 0x13e4  wpcfltr - ok
18:07:26.0159 0x13e4  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:07:26.0191 0x13e4  WPCSvc - ok
18:07:26.0222 0x13e4  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:07:26.0253 0x13e4  WPDBusEnum - ok
18:07:26.0300 0x13e4  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
18:07:26.0316 0x13e4  WpdUpFltr - ok
18:07:26.0331 0x13e4  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:07:26.0363 0x13e4  ws2ifsl - ok
18:07:26.0394 0x13e4  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\Windows\System32\wscsvc.dll
18:07:26.0441 0x13e4  wscsvc - ok
18:07:26.0456 0x13e4  WSearch - ok
18:07:26.0691 0x13e4  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
18:07:26.0972 0x13e4  WSService - ok
18:07:27.0253 0x13e4  [ 020F47C655ED1F63BBA834AA53575D5C, 7E36BB83B937CEA8B5D1EAF1DF63D32D64CA8045DA377DF5237D2F4DC16574CC ] wuauserv        C:\Windows\system32\wuaueng.dll
18:07:27.0519 0x13e4  wuauserv - ok
18:07:27.0566 0x13e4  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:07:27.0581 0x13e4  WudfPf - ok
18:07:27.0644 0x13e4  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
18:07:27.0675 0x13e4  WUDFRd - ok
18:07:27.0691 0x13e4  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\Windows\System32\drivers\WUDFRd.sys
18:07:27.0722 0x13e4  WUDFSensorLP - ok
18:07:27.0769 0x13e4  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:07:27.0800 0x13e4  wudfsvc - ok
18:07:27.0816 0x13e4  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
18:07:27.0847 0x13e4  WUDFWpdFs - ok
18:07:27.0863 0x13e4  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\System32\drivers\WUDFRd.sys
18:07:27.0909 0x13e4  WUDFWpdMtp - ok
18:07:27.0956 0x13e4  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:07:28.0019 0x13e4  WwanSvc - ok
18:07:28.0050 0x13e4  ================ Scan global ===============================
18:07:28.0097 0x13e4  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll
18:07:28.0159 0x13e4  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
18:07:28.0206 0x13e4  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
18:07:28.0269 0x13e4  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
18:07:28.0300 0x13e4  [ Global ] - ok
18:07:28.0300 0x13e4  ================ Scan MBR ==================================
18:07:28.0316 0x13e4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
18:07:28.0534 0x13e4  \Device\Harddisk0\DR0 - ok
18:07:28.0534 0x13e4  ================ Scan VBR ==================================
18:07:28.0581 0x13e4  [ AB877BB708CF756F17755AC09B28DF9E ] \Device\Harddisk0\DR0\Partition1
18:07:28.0644 0x13e4  \Device\Harddisk0\DR0\Partition1 - ok
18:07:28.0675 0x13e4  [ 21E0FBA7FEC915494D7031A1CF8FD8F9 ] \Device\Harddisk0\DR0\Partition2
18:07:28.0722 0x13e4  \Device\Harddisk0\DR0\Partition2 - ok
18:07:28.0738 0x13e4  [ 9E5B5C8A9B1726A10CE7763717C499D6 ] \Device\Harddisk0\DR0\Partition3
18:07:28.0800 0x13e4  \Device\Harddisk0\DR0\Partition3 - ok
18:07:28.0816 0x13e4  [ 7AB48A77DFA50FFED532ED4EDADB9D1C ] \Device\Harddisk0\DR0\Partition4
18:07:28.0894 0x13e4  \Device\Harddisk0\DR0\Partition4 - ok
18:07:28.0925 0x13e4  [ 82A6BDC8D1918BD6F412954776424AC3 ] \Device\Harddisk0\DR0\Partition5
18:07:28.0925 0x13e4  \Device\Harddisk0\DR0\Partition5 - ok
18:07:28.0925 0x13e4  ================ Scan generic autorun ======================
18:07:29.0019 0x13e4  [ 18DBA177BD009B91D1884C9DB62BB039, 74777A7B69BB2886920B6F1A1039A90FCA8DC2DAA1D6F985ED7F49A35C2E0D42 ] c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe
18:07:29.0066 0x13e4  TSVU - ok
18:07:29.0207 0x13e4  [ F316A9C0C8BBA9D2A98BE70EE0D8CA96, 20C83B6D1706DED7B645008CD29346A5FD14A4F67FCF17FED28E7A17F021E15B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
18:07:29.0269 0x13e4  avgnt - ok
18:07:29.0394 0x13e4  [ 73F1B07CF82235B25BCC3E9A7522ACCB, 47221B8DFF5A44050AFB0AB5A249FEECE36BE2E000D6529E099128EEDFA647DA ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
18:07:29.0441 0x13e4  StartCCC - ok
18:07:29.0503 0x13e4  [ 62634246BADBB538F78309510CAAEFDA, 74AEF5CA769BF72AC64D22A5C8CFA84438DD7611011987D10DFD81D447B65F5D ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
18:07:29.0535 0x13e4  Avira SystrayStartTrigger - ok
18:07:29.0613 0x13e4  [ 5B1236F78BE4866CDFB8B616DA44DAB7, DDBD48E1C71C01C57C528EEBDB24E1FDD9434ACA9C238772EFE5DB1A45269D39 ] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
18:07:29.0691 0x13e4  BlueStacks Agent - ok
18:07:30.0160 0x13e4  [ B2BAE2D76FBE9FDC3F6E0D1F886DF367, 964EBF736891BE252C68FCE1F9EAD5E60E6E0C2119D21C6DF49FBD30FBB678EF ] C:\Program Files\CCleaner\CCleaner64.exe
18:07:30.0707 0x13e4  CCleaner Monitoring - ok
18:07:31.0176 0x13e4  [ B2BAE2D76FBE9FDC3F6E0D1F886DF367, 964EBF736891BE252C68FCE1F9EAD5E60E6E0C2119D21C6DF49FBD30FBB678EF ] C:\Program Files\CCleaner\CCleaner64.exe
18:07:31.0613 0x13e4  CCleaner - ok
18:07:31.0832 0x13e4  [ 8E3A4D64A060C5CAA90F3B0C15A7DFE9, 62CEE1449AF368A5FA16DDF9690526965C32979564CF66BD8B3BB534110A910C ] C:\Users\Lea\AppData\Roaming\Spotify\SpotifyWebHelper.exe
18:07:31.0957 0x13e4  Spotify Web Helper - ok
18:07:31.0972 0x13e4  Waiting for KSN requests completion. In queue: 190
18:07:33.0020 0x13e4  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.17.264 ), 0x41000 ( enabled : updated )
18:07:33.0020 0x13e4  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
18:07:33.0067 0x13e4  Win FW state via NFP2: enabled ( trusted )
18:07:33.0192 0x13e4  ============================================================
18:07:33.0192 0x13e4  Scan finished
18:07:33.0192 0x13e4  ============================================================
18:07:33.0192 0x17b4  Detected object count: 1
18:07:33.0192 0x17b4  Actual detected object count: 1
18:07:42.0252 0x17b4  OpenVPNService ( UnsignedFile.Multi.Generic ) - skipped by user
18:07:42.0252 0x17b4  OpenVPNService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:07:56.0744 0x0928  Deinitialize success

M-K-D-B · 20.07.2016, 13:59

Servus,

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

M-K-D-B · 24.07.2016, 09:45

Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

Laptop braucht viel Zeit für Start und wird sehr heiß

Plagegeister aller Art und deren Bekämpfung: Laptop braucht viel Zeit für Start und wird sehr heiß