Trojaner-Board - Sehr hohe CPU und Datenträgerauslastung

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-09-2016

durchgeführt von Leon (Administrator) auf LEON (18-09-2016 20:00:36)

Gestartet von C:\Users\Leon\Desktop

Geladene Profile: Leon (Verfügbare Profile: Leon)

Platform: Windows 8.1 Connected (Update) (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: FF)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe

(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe

(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe

(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_162.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 

==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7634288 2014-06-24] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1386712 2014-06-24] (Realtek Semiconductor)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-05-06] (Synaptics Incorporated)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-11-12] (IvoSoft)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6718224 2016-08-26] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [204560 2016-09-07] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2016-01-19] ()

HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\...\MountPoints2: {10926062-110f-11e5-8268-d0bf9c11e11c} - "F:\AutoRun.exe" 

HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\...\MountPoints2: {32093fe3-f893-11e4-8265-d0bf9c11e11c} - "F:\AutoRun.exe" 

HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\...\MountPoints2: {3209403a-f893-11e4-8265-d0bf9c11e11c} - "F:\AutoRun.exe" 

HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\...\MountPoints2: {3d92eb65-10dd-11e5-8267-d0bf9c11e11c} - "F:\AutoRun.exe" 

HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\...\MountPoints2: {3d92ec7a-10dd-11e5-8267-d0bf9c11e11c} - "F:\AutoRun.exe" 

HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\...\MountPoints2: {3d92ecb8-10dd-11e5-8267-d0bf9c11e11c} - "F:\AutoRun.exe" 

HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\...\MountPoints2: {695fd658-1b2b-11e6-828f-d0bf9c11e11c} - "F:\autorun.exe" 

HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\...\MountPoints2: {f608c43b-dd54-11e5-827c-d0bf9c11e11c} - "F:\autorun.exe" 
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{206FB9D1-3744-45D6-B00F-DABAC9C2A4CE}: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{241529EE-1D63-40E2-BB7D-0303E9CC74F0}: [DhcpNameServer] 198.18.0.1 198.18.0.2
 

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.hao123.com/?tn=sdks_inner_hp_01_hao123_de&guid=ce57accbaf190e11e5a1cd15768d5887

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.hao123.com/?tn=sdks_inner_hp_01_hao123_de&guid=ce57accbaf190e11e5a1cd15768d5887

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPNOT14/4

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4

HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP

HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> {A4EB470D-100B-40CD-BEBC-04CD9E2BFA36} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKU\S-1-5-21-2880619619-2121856950-3395575582-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}

SearchScopes: HKU\S-1-5-21-2880619619-2121856950-3395575582-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}

SearchScopes: HKU\S-1-5-21-2880619619-2121856950-3395575582-1001 -> {A4EB470D-100B-40CD-BEBC-04CD9E2BFA36} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-22] (Oracle Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-22] (Oracle Corporation)

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
 

FireFox:

========

FF ProfilePath: C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\wldvbhvo.default

FF Homepage: hxxp://google.de/

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()

FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-22] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-22] (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-16] (VideoLAN)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Users\Leon\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2009-09-25] (Microsoft Corporation)
 

Chrome: 

=======

CHR Profile: C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default [2016-09-18]

CHR Extension: (Google Drive) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-24]

CHR Extension: (YouTube) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-24]

CHR Extension: (ZenMate VPN - Top Internet Security & Unblock) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2016-09-10]

CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-24]

CHR Extension: (Google Mail) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-24]

CHR Extension: (Chrome Media Router) - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-18]
 

Opera: 

=======

OPR StartupUrls:  "hxxp://google.de/" 

OPR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Leon\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnhbkkedmelfmalgjpkngiaoifpdfcnl [2016-05-21]

OPR Extension: (SurfEasy Proxy, ein Opera-Software-Unternehmen) - C:\Users\Leon\AppData\Roaming\Opera Software\Opera Stable\Extensions\ebpielhlnnpkiddeeacoephkilopgblc [2016-05-21]
 

==================== Dienste (Nicht auf der Ausnahmeliste) ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)

S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [674552 2016-08-26] (AVG Technologies CZ, s.r.o.)

R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [2048920 2016-08-26] (AVG Technologies CZ, s.r.o.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5285344 2016-08-26] (AVG Technologies CZ, s.r.o.)

R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1097488 2016-09-07] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [760024 2016-08-26] (AVG Technologies CZ, s.r.o.)

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)

R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.)

R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Datei ist nicht signiert]

S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-06-24] (Realtek Semiconductor)

R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-05-06] (Synaptics Incorporated)

R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [4878096 2016-08-19] (AVG Technologies CZ, s.r.o.)

S3 vmicvss; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation)

S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)

S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

S2 HPSLPSVC; C:\Users\Leon\AppData\Local\Temp\7zS4CAA\hpslpsvc64.dll [X]
 

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)

R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [73480 2016-06-06] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-08-23] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272640 2016-07-27] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [262400 2016-08-02] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)

R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)

R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)

S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)

S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)

R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)

S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC)

R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-01-23] (Intel Corporation)

S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)

R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [294104 2014-04-30] (Realtek Semiconductor Corp.)

R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4733184 2015-10-14] (Realtek Semiconductor Corporation                           )

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-05-06] (Synaptics Incorporated)

S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)

R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-02-15] (AVG Netherlands B.V.)

R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)

S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)

R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)

S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)

S3 ewusbnet; \SystemRoot\system32\DRIVERS\ewusbnet.sys [X]

S3 hwdatacard; \SystemRoot\system32\DRIVERS\ewusbmdm.sys [X]

S3 hwusbdev; \SystemRoot\system32\DRIVERS\ewusbdev.sys [X]

S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-09-18 20:00 - 2016-09-18 20:01 - 00020779 _____ C:\Users\Leon\Desktop\FRST.txt

2016-09-18 20:00 - 2016-09-18 20:00 - 00000000 ____D C:\FRST

2016-09-18 19:59 - 2016-09-18 19:59 - 02399232 _____ (Farbar) C:\Users\Leon\Desktop\FRST64.exe

2016-09-18 18:06 - 2016-09-18 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2016-09-18 16:25 - 2016-08-04 16:17 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys

2016-09-18 16:25 - 2016-08-03 20:06 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys

2016-09-18 16:25 - 2016-08-03 20:05 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys

2016-09-18 16:10 - 2016-08-21 01:22 - 00435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2016-09-18 16:10 - 2016-08-21 00:50 - 00360448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2016-09-18 16:10 - 2016-06-11 05:44 - 00107984 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll

2016-09-18 16:10 - 2016-06-11 05:44 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll

2016-09-18 15:54 - 2016-08-21 01:45 - 07076864 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll

2016-09-18 15:54 - 2016-08-21 01:05 - 05273600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll

2016-09-18 15:54 - 2016-08-21 00:42 - 07795712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll

2016-09-18 15:54 - 2016-08-21 00:27 - 05268480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll

2016-09-18 15:54 - 2016-08-10 00:47 - 00803176 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll

2016-09-18 15:54 - 2016-08-10 00:47 - 00611576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll

2016-09-18 15:23 - 2016-09-08 23:51 - 00443224 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2016-09-18 15:23 - 2016-09-08 23:51 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2016-09-18 15:23 - 2016-08-22 18:06 - 00179248 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2016-09-18 15:23 - 2016-08-22 18:06 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2016-09-18 15:23 - 2016-08-21 03:03 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2016-09-18 15:23 - 2016-08-21 03:01 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2016-09-18 15:23 - 2016-08-21 03:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2016-09-18 15:23 - 2016-08-21 02:17 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll

2016-09-18 15:23 - 2016-08-21 01:27 - 01445376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2016-09-18 15:23 - 2016-08-21 01:26 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll

2016-09-18 15:23 - 2016-08-21 00:55 - 00104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2016-09-18 15:22 - 2016-08-13 09:41 - 07445848 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2016-09-18 15:22 - 2016-08-13 09:40 - 01737080 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2016-09-18 15:22 - 2016-08-13 09:40 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi

2016-09-18 15:22 - 2016-08-13 09:40 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe

2016-09-18 15:22 - 2016-08-13 09:40 - 01490120 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi

2016-09-18 15:22 - 2016-08-13 09:40 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe

2016-09-18 15:22 - 2016-08-13 02:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2016-09-18 15:02 - 2016-08-11 18:26 - 01156608 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll

2016-09-18 15:02 - 2016-08-11 18:17 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll

2016-09-18 15:02 - 2016-08-11 18:16 - 00455680 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll

2016-09-18 14:37 - 2016-08-14 21:34 - 01541248 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll

2016-09-18 14:37 - 2016-08-14 20:25 - 04171264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2016-09-18 14:37 - 2016-08-14 18:14 - 01376768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll

2016-09-18 11:34 - 2016-09-18 11:34 - 00000000 ____D C:\Users\Leon\AppData\Local\Downloaded Installations

2016-09-18 11:07 - 2016-09-18 11:07 - 00077824 _____ (Task Manager Fix) C:\Users\Leon\Desktop\TaskManagerFix.exe

2016-09-18 08:48 - 2016-09-18 08:48 - 00000000 ____D C:\Users\Leon\AppData\Roaming\dragonscales

2016-09-18 06:59 - 2016-09-18 07:00 - 00000000 ____D C:\ProgramData\F-Secure-UninstallationTool

2016-09-18 06:48 - 2016-09-18 07:02 - 00000000 ____D C:\ProgramData\F-Secure

2016-09-18 06:25 - 2016-09-18 06:41 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files

2016-09-18 04:11 - 2016-09-18 04:11 - 00000000 ____D C:\Users\Leon\Desktop\Alte Firefox-Daten

2016-09-18 03:29 - 2016-09-18 03:29 - 00000000 ____D C:\Users\Leon\AppData\Local\ESET

2016-09-18 03:18 - 2016-09-18 03:18 - 15258612 _____ C:\Users\Leon\Downloads\Rootkit_Remover_3022.zip

2016-09-18 02:29 - 2016-09-18 02:29 - 00000000 ____D C:\Users\Leon\Documents\ProcAlyzer Dumps

2016-09-18 00:52 - 2016-09-18 00:52 - 00000036 _____ C:\Users\Leon\AppData\Local\housecall.guid.cache

2016-09-18 00:50 - 2016-09-18 10:51 - 00000000 ____D C:\Program Files (x86)\TrojanHunter

2016-09-17 23:12 - 2016-09-18 10:51 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

2016-09-17 23:12 - 2016-09-17 23:12 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking

2016-09-17 23:11 - 2016-09-17 23:11 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH

2016-09-17 22:53 - 2016-09-17 22:53 - 00007608 _____ C:\Users\Leon\AppData\Local\Resmon.ResmonCfg

2016-09-16 04:58 - 2016-09-18 06:41 - 00000000 ____D C:\Program Files (x86)\Sophos

2016-09-15 21:45 - 2016-09-18 10:51 - 00000000 ____D C:\AdwCleaner

2016-09-15 21:40 - 2016-09-18 10:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2016-09-14 13:53 - 2016-07-09 18:10 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll

2016-09-14 13:53 - 2016-07-09 00:35 - 00101208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys

2016-09-14 13:53 - 2016-07-08 16:17 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll

2016-09-14 13:53 - 2016-07-08 16:17 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll

2016-09-14 13:53 - 2016-07-08 00:32 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys

2016-09-14 13:53 - 2016-07-08 00:18 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll

2016-09-14 13:53 - 2016-07-08 00:10 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll

2016-09-14 13:53 - 2016-07-08 00:01 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll

2016-09-14 13:53 - 2016-07-07 23:04 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll

2016-09-14 13:53 - 2016-07-07 22:59 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL

2016-09-14 13:53 - 2016-07-07 22:44 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll

2016-09-14 13:53 - 2016-07-07 22:41 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll

2016-09-14 13:53 - 2016-07-07 22:34 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll

2016-09-14 13:53 - 2016-07-07 22:29 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll

2016-09-14 13:53 - 2016-07-07 22:29 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll

2016-09-14 13:53 - 2016-07-07 22:23 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll

2016-09-14 13:53 - 2016-07-07 22:18 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll

2016-09-14 13:53 - 2016-07-07 22:11 - 01661064 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll

2016-09-14 13:53 - 2016-07-07 22:11 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll

2016-09-14 13:53 - 2016-07-07 22:11 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasppp.dll

2016-09-14 13:53 - 2016-07-07 21:35 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasman.dll

2016-09-14 13:53 - 2016-07-07 21:14 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll

2016-09-14 13:53 - 2016-07-04 07:09 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll

2016-09-14 13:53 - 2016-07-04 05:45 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe

2016-09-14 13:53 - 2016-07-04 05:37 - 02897920 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll

2016-09-14 13:53 - 2016-07-04 05:33 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll

2016-09-14 13:53 - 2016-07-04 05:04 - 02539008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll

2016-09-14 13:53 - 2016-07-04 05:02 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll

2016-09-14 13:53 - 2016-07-04 04:19 - 03547136 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll

2016-09-14 13:53 - 2016-07-01 22:39 - 00197352 _____ (Microsoft Corporation) C:\Windows\system32\dssenh.dll

2016-09-14 13:53 - 2016-07-01 22:39 - 00157016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dssenh.dll

2016-09-14 13:53 - 2016-01-10 19:08 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll

2016-09-11 09:31 - 2016-09-11 09:31 - 00016246 _____ C:\Users\Leon\Desktop\Schreiben - IKK Classic.tmd

2016-09-11 06:12 - 2016-09-11 06:20 - 01028896 _____ C:\Users\Leon\Desktop\Familienversicherung.pdf

2016-09-09 09:58 - 2016-09-09 09:58 - 00222664 _____ C:\Users\Leon\Documents\Scan0002.pdf

2016-09-05 10:52 - 2016-09-05 10:52 - 00154480 _____ C:\Users\Leon\Documents\Scan0001.pdf

2016-08-29 23:06 - 2016-09-18 10:31 - 00000000 ____D C:\ProgramData\Malwarebytes

2016-08-26 18:26 - 2016-08-26 18:26 - 06190584 _____ C:\Users\Leon\Downloads\CopyTransDriversInstallerDEv2.038.zip

2016-08-26 18:13 - 2016-09-18 10:30 - 00000000 ____D C:\Program Files (x86)\Gskstudio

2016-08-26 18:13 - 2016-08-26 18:13 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Video Hunter Professional.lnk

2016-08-25 07:23 - 2016-05-12 20:38 - 00135336 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll

2016-08-25 07:23 - 2016-05-12 20:38 - 00135336 _____ (Microsoft Corporation) C:\Windows\system32\gpapi(113).dll

2016-08-25 07:23 - 2016-05-12 19:43 - 00115704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll

2016-08-25 07:23 - 2016-05-12 18:17 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll

2016-08-25 07:23 - 2016-05-12 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll

2016-08-25 07:23 - 2016-05-12 18:07 - 01360896 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll

2016-08-25 07:23 - 2016-05-12 18:07 - 01360896 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc(114).dll

2016-08-25 07:23 - 2016-05-12 17:59 - 00398848 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL

2016-08-25 07:23 - 2016-05-12 17:43 - 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll

2016-08-25 07:23 - 2016-05-12 17:37 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll

2016-08-25 07:22 - 2016-05-06 17:45 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll

2016-08-25 07:22 - 2016-05-06 17:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll

2016-08-25 07:21 - 2016-05-19 01:15 - 01379040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2016-08-25 07:21 - 2016-05-19 01:15 - 01379040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32(112).dll

2016-08-25 07:21 - 2016-05-18 22:35 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2016-08-25 07:21 - 2016-05-18 22:35 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32(142).dll

2016-08-25 07:21 - 2016-05-18 07:31 - 00372568 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2016-08-25 07:21 - 2016-05-18 07:31 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2016-08-25 07:21 - 2016-05-14 22:01 - 00363104 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll

2016-08-25 07:21 - 2016-05-14 22:01 - 00363104 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32(140).dll

2016-08-25 07:21 - 2016-05-14 22:01 - 00320720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll

2016-08-25 07:21 - 2016-05-14 22:01 - 00320720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32(147).dll

2016-08-25 07:21 - 2016-05-14 01:07 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys

2016-08-25 07:21 - 2016-05-14 01:04 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2016-08-25 07:21 - 2016-05-14 00:19 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2016-08-25 07:21 - 2016-05-13 23:58 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll

2016-08-25 07:21 - 2016-05-13 23:58 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\mswsock(120).dll

2016-08-25 07:21 - 2016-05-13 23:45 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll

2016-08-25 07:21 - 2016-05-13 23:45 - 00802816 _____ (Microsoft Corporation) C:\Windows\system32\winhttp(136).dll

2016-08-25 07:21 - 2016-05-13 23:35 - 00286208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll

2016-08-25 07:21 - 2016-05-13 23:26 - 00631808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll

2016-08-25 07:13 - 2016-08-25 07:13 - 00000000 ____D C:\Users\Leon\AppData\Local\ElevatedDiagnostics

2016-08-23 19:57 - 2016-08-23 19:57 - 00010397 _____ C:\Users\Leon\Documents\Mappe1.xlsx

2016-08-23 16:31 - 2016-08-23 16:31 - 00310016 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys

2016-08-22 13:11 - 2016-08-22 23:12 - 00000000 ____D C:\Users\Leon\AppData\Roaming\TZ-EasyBuch

2016-08-22 13:11 - 2016-08-22 13:11 - 00000000 ____D C:\ProgramData\TZ-EasyBuch

2016-08-22 07:16 - 2016-08-22 07:16 - 00096581 _____ C:\Users\Leon\Documents\Richtung Thüringenhalle.pdf

2016-08-21 10:27 - 2016-08-21 10:27 - 00302894 _____ C:\Users\Leon\Documents\algI.pdf

2016-08-19 22:11 - 2016-07-12 16:08 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll

2016-08-19 21:44 - 2016-06-25 22:05 - 00050368 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe

2016-08-19 21:44 - 2016-06-22 15:48 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll

2016-08-19 21:44 - 2016-06-21 15:48 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2016-08-19 21:44 - 2016-06-21 15:48 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2016-08-19 21:44 - 2016-06-21 15:48 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2016-08-19 21:44 - 2016-06-21 15:48 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2016-08-19 21:44 - 2016-06-21 15:48 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2016-08-19 21:44 - 2016-06-21 15:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

2016-08-19 21:44 - 2016-06-21 15:48 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic(106).dll

2016-08-19 21:44 - 2016-06-21 15:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

2016-08-19 21:44 - 2016-06-03 19:11 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll

2016-08-19 21:44 - 2016-06-03 19:11 - 00472576 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc(127).dll

2016-08-19 21:13 - 2016-06-25 20:13 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll

2016-08-19 21:13 - 2016-06-25 20:13 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\inetpp(115).dll

2016-08-19 21:13 - 2016-06-25 18:24 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll

2016-08-19 21:13 - 2016-06-25 18:15 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll

2016-08-19 21:13 - 2016-06-25 18:15 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\localspl(116).dll

2016-08-19 21:13 - 2016-06-25 18:13 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll

2016-08-19 21:13 - 2016-06-25 18:13 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl(135).dll

2016-08-19 21:13 - 2016-06-25 18:05 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll

2016-08-19 21:13 - 2016-01-30 21:50 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll

2016-08-19 21:13 - 2016-01-30 21:00 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll

2016-08-19 21:13 - 2016-01-30 20:48 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll

2016-08-19 21:13 - 2016-01-30 20:18 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll

2016-08-19 21:13 - 2016-01-30 19:48 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll

2016-08-19 21:13 - 2016-01-30 19:41 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll

2016-08-19 13:17 - 2016-08-19 13:17 - 00000919 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Protection.lnk
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2016-09-18 20:01 - 2015-04-18 16:42 - 00000000 ____D C:\Users\Leon\AppData\Local\ClassicShell

2016-09-18 19:49 - 2016-04-24 08:32 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2016-09-18 19:37 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp

2016-09-18 19:36 - 2015-04-18 19:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2016-09-18 19:27 - 2015-04-18 12:58 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2880619619-2121856950-3395575582-1001

2016-09-18 19:24 - 2016-07-20 19:14 - 00000000 ____D C:\Users\Leon\Documents\Youcam

2016-09-18 19:22 - 2016-04-24 08:32 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2016-09-18 19:22 - 2015-04-18 12:59 - 00000000 __RDO C:\Users\Leon\OneDrive

2016-09-18 19:18 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2016-09-18 19:13 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\setup

2016-09-18 19:13 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\setup

2016-09-18 19:13 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf

2016-09-18 19:07 - 2015-12-04 19:14 - 00000000 ____D C:\Windows\system32\MRT

2016-09-18 19:07 - 2015-05-03 22:45 - 00000000 ____D C:\ProgramData\MFAData

2016-09-18 18:55 - 2015-12-04 19:14 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

2016-09-18 18:45 - 2013-08-22 16:44 - 00386344 _____ C:\Windows\system32\FNTCACHE.DAT

2016-09-18 18:42 - 2016-03-22 08:52 - 00000000 ____D C:\Program Files (x86)\OXXOGames

2016-09-18 18:42 - 2015-12-05 10:31 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2016-09-18 18:42 - 2015-12-05 10:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2016-09-18 18:08 - 2014-03-18 11:38 - 00000000 ____D C:\Windows\ShellNew

2016-09-18 17:47 - 2015-04-26 21:06 - 00000000 ____D C:\ProgramData\Skype

2016-09-18 16:56 - 2015-12-21 09:47 - 00000000 ____D C:\Users\Leon\AppData\Roaming\HpUpdate

2016-09-18 16:56 - 2015-05-03 22:15 - 00000000 ____D C:\Users\Leon\AppData\Local\Microsoft Help

2016-09-18 16:56 - 2015-04-26 21:06 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Skype

2016-09-18 16:40 - 2014-09-03 15:52 - 00800954 _____ C:\Windows\system32\perfh007.dat

2016-09-18 16:40 - 2014-09-03 15:52 - 00174458 _____ C:\Windows\system32\perfc007.dat

2016-09-18 16:40 - 2014-03-18 11:53 - 01921090 _____ C:\Windows\system32\PerfStringBackup.INI

2016-09-18 12:50 - 2015-06-12 21:32 - 00000000 ____D C:\Users\Leon\AppData\Roaming\vlc

2016-09-18 11:50 - 2016-04-24 08:33 - 00002174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2016-09-18 11:17 - 2015-12-20 07:57 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

2016-09-18 11:01 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM

2016-09-18 10:56 - 2015-04-18 12:49 - 00000000 ____D C:\Users\Leon

2016-09-18 10:52 - 2013-08-22 17:36 - 00000000 __RSD C:\Windows\Media

2016-09-18 10:52 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData

2016-09-18 10:52 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions

2016-09-18 10:52 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer

2016-09-18 10:51 - 2016-02-27 14:09 - 00000000 ___SD C:\Windows\system32\GWX

2016-09-18 10:51 - 2015-12-20 11:20 - 00000000 ____D C:\Program Files\WinRAR

2016-09-18 10:51 - 2015-04-18 19:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2016-09-18 10:51 - 2014-09-03 07:22 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard

2016-09-18 10:51 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\Sysprep

2016-09-18 10:44 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps

2016-09-18 10:34 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed

2016-09-18 10:34 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\registration

2016-09-18 10:33 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\Macromed

2016-09-18 10:31 - 2015-12-04 20:01 - 00000000 ____D C:\Program Files\Common Files\AV

2016-09-18 06:03 - 2015-12-19 13:38 - 00000000 ____D C:\Users\Leon\AppData\Roaming\UseNeXT

2016-09-17 15:49 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI

2016-09-15 21:00 - 2015-04-18 19:23 - 00000000 ____D C:\Users\Leon\AppData\Local\Adobe

2016-09-13 21:43 - 2015-04-18 13:10 - 00003766 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{003F1F49-3F9C-4DB0-A793-493FA420D1ED}

2016-09-13 12:36 - 2015-04-18 19:23 - 00003636 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2016-09-12 16:23 - 2015-05-03 22:48 - 00000000 ___HD C:\$AVG

2016-09-11 09:10 - 2016-07-31 07:23 - 00000338 _____ C:\Windows\Tasks\HPCeeScheduleForLeon.job

2016-09-07 03:11 - 2013-08-22 17:38 - 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2016-09-07 03:11 - 2013-08-22 17:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2016-08-29 22:27 - 2016-04-19 05:49 - 00000000 ____D C:\Users\Leon\AppData\Roaming\Abelssoft

2016-08-29 22:27 - 2016-04-19 05:49 - 00000000 ____D C:\Users\Leon\AppData\Local\Abelssoft

2016-08-26 18:40 - 2015-12-25 15:37 - 00000000 ____D C:\Program Files\iTunes

2016-08-26 18:35 - 2015-12-25 15:33 - 00000000 ____D C:\Program Files\Common Files\Apple

2016-08-26 18:34 - 2014-12-10 18:18 - 00000000 ____D C:\ProgramData\Apple

2016-08-26 17:53 - 2015-12-19 18:44 - 00000000 ____D C:\Users\Leon\AppData\Roaming\WindSolutions

2016-08-26 17:53 - 2015-12-19 18:44 - 00000000 ____D C:\ProgramData\WindSolutions

2016-08-25 07:37 - 2015-05-12 13:34 - 00000000 ____D C:\Windows\system32\appraiser

2016-08-25 06:47 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\SecureBootUpdates

2016-08-24 09:08 - 2015-12-19 11:24 - 00002545 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk

2016-08-22 19:06 - 2015-12-23 17:22 - 00017601 _____ C:\Users\Leon\Documents\Leon - Gehalt an Landratsamt Meiningen.tmd

2016-08-22 18:54 - 2015-12-23 17:22 - 00017601 _____ C:\Users\Leon\Documents\Leon - Gehalt an Landratsamt Meiningen.bak

2016-08-19 20:45 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI(109)

2016-08-19 16:35 - 2015-12-19 11:24 - 00053008 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe

2016-08-19 13:29 - 2015-05-03 22:48 - 00000000 ____D C:\ProgramData\AVG2015

2016-08-19 13:23 - 2015-12-19 11:24 - 00000000 ____D C:\Users\Leon\AppData\Roaming\AVG

2016-08-19 13:23 - 2015-12-19 11:21 - 00000000 ____D C:\Users\Leon\AppData\Local\AvgSetupLog

2016-08-19 13:23 - 2015-05-03 22:48 - 00000000 ____D C:\Program Files (x86)\AVG

2016-08-19 13:22 - 2015-06-12 10:39 - 00000000 ____D C:\Users\Leon\AppData\Local\Avg

2016-08-19 13:17 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\ELAMBKUP

2016-08-19 13:14 - 2015-12-19 11:21 - 00000000 ____D C:\ProgramData\Avg
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2016-01-17 09:51 - 2016-01-17 09:51 - 0099384 _____ () C:\Users\Leon\AppData\Roaming\inst.exe

2016-01-17 09:51 - 2016-01-17 09:51 - 0007859 _____ () C:\Users\Leon\AppData\Roaming\pcouffin.cat

2016-01-17 09:51 - 2016-01-17 09:51 - 0001167 _____ () C:\Users\Leon\AppData\Roaming\pcouffin.inf

2016-01-17 09:51 - 2016-01-17 09:51 - 0000055 _____ () C:\Users\Leon\AppData\Roaming\pcouffin.log

2016-01-17 09:51 - 2016-01-17 09:51 - 0082816 _____ (VSO Software) C:\Users\Leon\AppData\Roaming\pcouffin.sys

2016-09-18 00:52 - 2016-09-18 00:52 - 0000036 _____ () C:\Users\Leon\AppData\Local\housecall.guid.cache

2016-09-17 22:53 - 2016-09-17 22:53 - 0007608 _____ () C:\Users\Leon\AppData\Local\Resmon.ResmonCfg

2015-12-21 09:45 - 2015-12-21 09:45 - 0000057 _____ () C:\ProgramData\Ament.ini

2016-01-06 21:43 - 2016-01-06 21:43 - 0005035 _____ () C:\ProgramData\eaapqbsg.gfr

2016-01-06 21:43 - 2016-01-06 21:43 - 0000016 _____ () C:\ProgramData\mntemp
 

Einige Dateien in TEMP:

====================

C:\Users\Leon\AppData\Local\Temp\gkey.exe

C:\Users\Leon\AppData\Local\Temp\pkeyui.exe

C:\Users\Leon\AppData\Local\Temp\Uninstall.exe

C:\Users\Leon\AppData\Local\Temp\wabk.exe
 
 

==================== Bamital & volsnap =================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\Windows\system32\winlogon.exe => Datei ist digital signiert

C:\Windows\system32\wininit.exe => Datei ist digital signiert

C:\Windows\explorer.exe => Datei ist digital signiert

C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert

C:\Windows\system32\svchost.exe => Datei ist digital signiert

C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert

C:\Windows\system32\services.exe => Datei ist digital signiert

C:\Windows\system32\User32.dll => Datei ist digital signiert

C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert

C:\Windows\system32\userinit.exe => Datei ist digital signiert

C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert

C:\Windows\system32\rpcss.dll => Datei ist digital signiert

C:\Windows\system32\dnsapi.dll => Datei ist digital signiert

C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
 

LastRegBack: 2015-12-04 19:07
 

==================== Ende von FRST.txt ============================

[CODE]Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-09-2016
durchgeführt von Leon (18-09-2016 20:05:16)
Gestartet von C:\Users\Leon\Desktop
Windows 8.1 Connected (Update) (X64) (2015-04-18 10:51:34)
Start-Modus: Normal
==========================================================

==================== Konten: =============================

Administrator (S-1-5-21-2880619619-2121856950-3395575582-500 - Administrator - Disabled)
Gast (S-1-5-21-2880619619-2121856950-3395575582-501 - Limited - Disabled)
Leon (S-1-5-21-2880619619-2121856950-3395575582-1001 - Administrator - Enabled) => C:\Users\Leon

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Ashampoo Office 2012 (HKLM-x32\...\{8EBB8452-274B-465D-8324-00B0832FBB02}) (Version: 12.0.960 - ashampoo GmbH & Co. KG)
AVG (Version: 16.111.7797 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.4483 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4656 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.52.2.34122 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.52.2 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.111.7797 - AVG Technologies)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Classic Shell (HKLM\...\{D4B3454F-7529-4F5F-851D-2C36933F7D64}) (Version: 4.2.5 - IvoSoft)
CrystalDiskInfo 6.8.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.8.1 - Crystal Dew World)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.4.4218 - CyberLink Corp.)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
FMW 1 (Version: 1.123.1 - AVG Technologies) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.6.321 - Foxit Software Inc.)
Freemake Video Converter Version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{90CE78B2-4F84-4BE8-B55C-ED85759C8445}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ENVY 5640 series - Grundlegende Software für das Gerät (HKLM\...\{459B0D45-7AC9-4C63-8875-9A9B744E861F}) (Version: 34.0.50.48729 - Hewlett-Packard Co.)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.3.34.7 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{B1AD4FFB-DD17-43EC-8C30-B9E71EAD9132}) (Version: 12.5.32.37 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Utility Center (HKLM\...\{E8F2076D-1885-4A0F-83D8-77B1F9D384CE}) (Version: 2.5.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.70.305.16316 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Jigsaw Tour 2 1.00 (HKLM-x32\...\Jigsaw Tour 2 1.00) (Version: 1.00 - BigFish)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Online Video Hunter Professional v 2.3.0.0 (HKLM-x32\...\Online Video Hunter Professional_is1) (Version: - Gskstudio.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29080 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7272 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.33 - REALTEK Semiconductor Corp.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.9 - Synaptics Incorporated)
The Far Kingdoms - Sacred Grove Solitaire 1.00 (HKLM-x32\...\The Far Kingdoms - Sacred Grove Solitaire 1.00) (Version: 1.00 - BigFish)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.75 - VSO Software)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Zwangs-Update-Killer (HKLM-x32\...\{8E446BC1-620B-47AE-A0B1-ED592A4A758C}_is1) (Version: 1.0.0.0 - pXc-coding.com)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - \Microsoft\Windows\Application Experience\AitAgent -> Keine Datei <==== ACHTUNG
Task: {1274336E-AB06-46B6-A48C-0671C5557CC6} - \Microsoft\Windows\TaskScheduler\Maintenance Configurator -> Keine Datei <==== ACHTUNG
Task: {1687544D-7247-4F5A-965A-A6E920E55278} - \Microsoft\Windows\TaskScheduler\Manual Maintenance -> Keine Datei <==== ACHTUNG
Task: {3864A97E-D351-448D-B4B1-34CEBB76D5ED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {4E5DFFF6-2B20-416B-9A64-A354346E0FEE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-09-18] (Microsoft Corporation)
Task: {63F53AF8-CC93-4779-86C8-9C2F1E1EDF73} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2016-08-19] (AVG Technologies CZ, s.r.o.)
Task: {6F02587F-8A2B-4552-97F6-DEEF229E335B} - \Microsoft\Windows\TaskScheduler\Idle Maintenance -> Keine Datei <==== ACHTUNG
Task: {7F330BDB-C0EC-4504-AB8A-AD35F167D9F6} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-08-18] (HP Inc.)
Task: {83FD6594-E024-4C09-B871-E5EAEB824AF3} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-06-18] (CyberLink Corp.)
Task: {A17F61C6-626A-49DA-AE8F-735FC60416E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {A4D3C75C-3694-4284-B956-A6FEC820709A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)
Task: {B7992938-01F1-4F40-A0EC-0D23D2F0F152} - \Microsoft\Windows\TaskScheduler\Regular Maintenance -> Keine Datei <==== ACHTUNG
Task: {C62B97B5-5DBF-405B-99D1-C0339ADC97E7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {C7620762-AE71-495D-A10B-73391719837F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-24] (Google Inc.)
Task: {C89CAFEE-559B-4AAE-AB3C-2779E2CB7DF0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {CD5590BF-194D-48BC-BFA9-65308EF1DAB1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - \Microsoft\Windows\SettingSync\BackupTask -> Keine Datei <==== ACHTUNG
Task: {E076E663-E5AA-4C04-9DD7-69591A050A6D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13] (Adobe Systems Incorporated)
Task: {E7A4E79E-027C-447A-B555-9DB826726D74} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-24] (Google Inc.)
Task: {FABB09D7-AB21-4FA3-8824-CE8B733D2529} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-05-13] (Piriform Ltd)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForLeon.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-05 15:23 - 2016-07-05 15:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-01-06 13:29 - 2016-01-19 17:51 - 00073216 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2016-09-18 11:50 - 2016-09-14 04:52 - 02280264 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libglesv2.dll
2016-09-18 11:50 - 2016-09-14 04:52 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.116\libegl.dll
2015-12-19 11:21 - 2016-04-07 15:21 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Leon\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "MyStart Anti-phishing Domain Advisor"
HKU\S-1-5-21-2880619619-2121856950-3395575582-1001\...\StartupApproved\Run: => "AshSnap"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{DBAE3C8B-32BC-4EAD-9FC5-BB0CA1A2F6E8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C6B08CE3-2BB3-41A0-8A58-64DB3304AD2E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7978F8A3-AC7C-4A90-9681-26E4F45911E3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{64FE7246-4D0A-457B-8AFC-3F5D2546FEE9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1BDC40D0-0278-44A3-B053-4B8753D11776}] => (Allow) C:\Program Files\HP\HP ENVY 5640 series\Bin\DeviceSetup.exe
FirewallRules: [{455A4ABC-CDAD-4C57-8758-A5B28A2286D5}] => (Allow) LPort=5357
FirewallRules: [{5D1F0FE4-D5FF-4F59-9107-70289F358C8A}] => (Allow) C:\Program Files\HP\HP ENVY 5640 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{0F2F97B5-DE01-41A3-8D9D-4EDDA368692B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{1898FBA3-C2DA-4265-A534-F384818F03A6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{AFBE6028-AAD4-4F25-89E9-AA3395F138EF}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{E034A5A2-76F0-4B79-9A29-B5EF4B167FC5}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{F88B500C-9D08-46CA-8ABC-F81FA7F62593}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{2E99DC1B-F849-414A-835B-D2542765219D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{CE7044F3-D94F-48D5-B520-393E99F26B04}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{2964BFAA-420A-49F4-9FC8-FBBD89F06DE1}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{54E375A9-7F91-4A10-B2E9-A1818000058F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

13-09-2016 23:22:49 Removed Skype™ 7.26
16-09-2016 17:42:54 chip 1-click download service wurde entfernt.
18-09-2016 10:21:03 Wiederherstellungsvorgang

==================== Fehlerhafte Geräte im Gerätemanager =============

==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/18/2016 11:00:00 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1500) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Windows\system32\SRU\SRU022B4.log.

Error: (09/18/2016 10:56:30 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Removed Skype™ 7.26). Zusätzliche Informationen: 0xc0000022.

Error: (09/18/2016 12:06:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SDScan.exe, Version: 2.6.44.181, Zeitstempel: 0x56efed8f
Name des fehlerhaften Moduls: SDScanLibrary.dll_unloaded, Version: 2.6.44.134, Zeitstempel: 0x56efe6de
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002ae274
ID des fehlerhaften Prozesses: 0x4ac
Startzeit der fehlerhaften Anwendung: 0x01d21129279df5da
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Pfad des fehlerhaften Moduls: SDScanLibrary.dll
Berichtskennung: ff439b7f-7d22-11e6-82ad-d0bf9c11e11c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/17/2016 11:44:27 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext: Anwendung, SystemIndex Katalog

Error: (09/16/2016 04:23:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: chip 1-click installer.exe, Version: 3.6.9.0, Zeitstempel: 0x57c44a10
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18264, Zeitstempel: 0x56e1bd71
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000008a5c
ID des fehlerhaften Prozesses: 0x10f4
Startzeit der fehlerhaften Anwendung: 0x01d21025e8b2879f
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll
Berichtskennung: 279e1cbd-7c19-11e6-82ac-d0bf9c11e11c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/16/2016 04:23:36 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: chip 1-click installer.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei System.Net.Sockets.TcpListener.AcceptTcpClient()
bei chip_1_click_installer.chip1click.createListener()
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Threading.ThreadHelper.ThreadStart()

Error: (09/11/2016 05:51:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 48.0.2.6079, Zeitstempel: 0x57bd3628
Name des fehlerhaften Moduls: mozglue.dll, Version: 48.0.2.6079, Zeitstempel: 0x57bd2857
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000efe5
ID des fehlerhaften Prozesses: 0x62b0
Startzeit der fehlerhaften Anwendung: 0x01d20c2d1f870908
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
Berichtskennung: 9b4be130-7837-11e6-82ab-d0bf9c11e11c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/09/2016 11:14:24 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 48.0.2.6079 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 35d8

Startzeit: 01d20a71b1484598

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: c970d2f6-766d-11e6-82ab-d0bf9c11e11c

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/09/2016 11:14:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 48.0.2.6079, Zeitstempel: 0x57bd3628
Name des fehlerhaften Moduls: mozglue.dll, Version: 48.0.2.6079, Zeitstempel: 0x57bd2857
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000efe5
ID des fehlerhaften Prozesses: 0x40d8
Startzeit der fehlerhaften Anwendung: 0x01d20a794e5b3dc6
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
Berichtskennung: c9fee29b-766d-11e6-82ab-d0bf9c11e11c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/09/2016 12:19:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcroRd32.exe, Version: 15.17.20050.61080, Zeitstempel: 0x5774facd
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18233, Zeitstempel: 0x56bb4e1d
Ausnahmecode: 0xc0000008
Fehleroffset: 0x0003c31c
ID des fehlerhaften Prozesses: 0x45f8
Startzeit der fehlerhaften Anwendung: 0x01d20a1eff89343c
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: 486eb9ce-7612-11e6-82ab-d0bf9c11e11c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Systemfehler:
=============
Error: (09/18/2016 07:20:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
Das angegebene Modul wurde nicht gefunden.

Error: (09/18/2016 06:53:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Sicherheitsupdate für Microsoft Office Excel 2007 (KB3115459)

Error: (09/18/2016 06:53:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Sicherheitsupdate für Microsoft Office 2007 suites (KB3118300)

Error: (09/18/2016 06:53:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Sicherheitsupdate für Microsoft Office Compatibility Pack Service Pack 3 (KB3115462)

Error: (09/18/2016 06:52:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Sicherheitsupdate für Microsoft Office PowerPoint 2007 (KB3114744)

Error: (09/18/2016 06:52:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Windows-Tool zum Entfernen bösartiger Software für Windows 8, 8.1, 10 und Windows Server 2012, 2012 R2 x64 Edition - September 2016 (KB890830)

Error: (09/18/2016 06:48:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
Das angegebene Modul wurde nicht gefunden.

Error: (09/18/2016 06:09:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Update für Windows 8.1 für x64-Systeme (KB3162835)

Error: (09/18/2016 06:09:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Update für Windows 8.1 für x64-Systeme (KB3177723)

Error: (09/18/2016 06:09:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073701 fehlgeschlagen: Update für Windows 8.1 für x64-Systeme (KB3179574)

CodeIntegrity:
===================================
Date: 2016-09-18 13:20:53.667
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-09-16 06:15:43.008
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\205D.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-09-16 05:46:34.913
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\293E.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-09-16 05:37:27.912
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\293E.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-09-16 05:10:41.256
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\293E.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2016-09-16 05:01:12.030
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\293E.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Speicherinformationen ===========================

Prozessor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Prozentuale Nutzung des RAM: 57%
Installierter physikalischer RAM: 3982.27 MB
Verfügbarer physikalischer RAM: 1680.55 MB
Summe virtueller Speicher: 4686.27 MB
Verfügbarer virtueller Speicher: 2208.76 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:443.02 GB) (Free:293.03 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:21.73 GB) (Free:2.43 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: E6DC802C)

Partition: GPT.

[CODE]

Code:

20:38:51.0243 0x08e8  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31

20:38:51.0243 0x08e8  UEFI system

20:38:59.0516 0x08e8  ============================================================

20:38:59.0516 0x08e8  Current date / time: 2016/09/18 20:38:59.0516

20:38:59.0516 0x08e8  SystemInfo:

20:38:59.0516 0x08e8  

20:38:59.0516 0x08e8  OS Version: 6.3.9600 ServicePack: 0.0

20:38:59.0516 0x08e8  Product type: Workstation

20:38:59.0516 0x08e8  ComputerName: LEON

20:38:59.0516 0x08e8  UserName: Leon

20:38:59.0516 0x08e8  Windows directory: C:\Windows

20:38:59.0516 0x08e8  System windows directory: C:\Windows

20:38:59.0516 0x08e8  Running under WOW64

20:38:59.0516 0x08e8  Processor architecture: Intel x64

20:38:59.0516 0x08e8  Number of processors: 2

20:38:59.0516 0x08e8  Page size: 0x1000

20:38:59.0516 0x08e8  Boot type: Normal boot

20:38:59.0516 0x08e8  CodeIntegrityOptions = 0x00000001

20:38:59.0516 0x08e8  ============================================================

20:39:00.0313 0x08e8  KLMD registered as C:\Windows\system32\drivers\92562368.sys

20:39:00.0313 0x08e8  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18438, osProperties = 0x19

20:39:01.0861 0x08e8  System UUID: {66550F60-8132-6A03-606E-8138078458B6}

20:39:04.0208 0x08e8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

20:39:04.0255 0x08e8  ============================================================

20:39:04.0255 0x08e8  \Device\Harddisk0\DR0:

20:39:04.0255 0x08e8  GPT partitions:

20:39:04.0255 0x08e8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {84CB656D-7142-4F0E-A1C1-4633123E9B66}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x145000

20:39:04.0255 0x08e8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {DB0D3098-EBB7-4CDA-B7A7-166DA0117338}, Name: EFI system partition, StartLBA 0x145800, BlocksNum 0x82000

20:39:04.0255 0x08e8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {2FE812DD-DA13-46DE-8431-BC21FEBA1D25}, Name: Microsoft reserved partition, StartLBA 0x1C7800, BlocksNum 0x40000

20:39:04.0270 0x08e8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D50E158B-F391-40F1-B792-F6BC494DA45F}, Name: Basic data partition, StartLBA 0x207800, BlocksNum 0x37608000

20:39:04.0270 0x08e8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6F4AAEFD-0D1B-4A3F-A836-9BD473736B11}, Name: Basic data partition, StartLBA 0x3780F800, BlocksNum 0x2B74000

20:39:04.0270 0x08e8  MBR partitions:

20:39:04.0270 0x08e8  ============================================================

20:39:04.0317 0x08e8  C: <-> \Device\Harddisk0\DR0\Partition4

20:39:04.0395 0x08e8  D: <-> \Device\Harddisk0\DR0\Partition5

20:39:04.0395 0x08e8  ============================================================

20:39:04.0395 0x08e8  Initialize success

20:39:04.0395 0x08e8  ============================================================

20:40:51.0042 0x1378  ============================================================

20:40:51.0042 0x1378  Scan started

20:40:51.0042 0x1378  Mode: Manual; SigCheck; TDLFS; 

20:40:51.0042 0x1378  ============================================================

20:40:51.0042 0x1378  KSN ping started

20:40:51.0230 0x1378  KSN ping finished: true

20:40:53.0254 0x1378  ================ Scan system memory ========================

20:40:53.0255 0x1378  System memory - ok

20:40:53.0255 0x1378  ================ Scan services =============================

20:40:53.0458 0x1378  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys

20:40:53.0591 0x1378  1394ohci - ok

20:40:53.0640 0x1378  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys

20:40:53.0686 0x1378  3ware - ok

20:40:53.0764 0x1378  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\Windows\system32\drivers\ACPI.sys

20:40:53.0811 0x1378  ACPI - ok

20:40:53.0826 0x1378  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys

20:40:53.0858 0x1378  acpiex - ok

20:40:53.0873 0x1378  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys

20:40:53.0904 0x1378  acpipagr - ok

20:40:53.0904 0x1378  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys

20:40:53.0951 0x1378  AcpiPmi - ok

20:40:53.0951 0x1378  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys

20:40:53.0983 0x1378  acpitime - ok

20:40:54.0092 0x1378  [ A0CAC4F3F998173A8DC1E67E7E0345EF, D0C2F504A5059691EDBBA917D0C6260450A554A365C12E7747E48EE1668C51A5 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

20:40:54.0154 0x1378  AdobeARMservice - ok

20:40:54.0296 0x1378  [ 8FC33A20D54FB5CC7FBBA814B4E42A22, 707F61F0CEB9467D9BD1782868403BD53DB46EAB0342772661F370E5174AAD8C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

20:40:54.0337 0x1378  AdobeFlashPlayerUpdateSvc - ok

20:40:54.0391 0x1378  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS

20:40:54.0447 0x1378  ADP80XX - ok

20:40:54.0492 0x1378  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

20:40:54.0534 0x1378  AeLookupSvc - ok

20:40:54.0610 0x1378  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE

20:40:54.0671 0x1378  AERTFilters - ok

20:40:54.0764 0x1378  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\Windows\system32\drivers\afd.sys

20:40:54.0812 0x1378  AFD - ok

20:40:54.0858 0x1378  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys

20:40:54.0897 0x1378  agp440 - ok

20:40:54.0934 0x1378  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys

20:40:55.0037 0x1378  ahcache - ok

20:40:55.0066 0x1378  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\Windows\System32\alg.exe

20:40:55.0104 0x1378  ALG - ok

20:40:55.0228 0x1378  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys

20:40:55.0289 0x1378  AmdK8 - ok

20:40:55.0414 0x1378  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys

20:40:55.0492 0x1378  AmdPPM - ok

20:40:55.0570 0x1378  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

20:40:55.0664 0x1378  amdsata - ok

20:40:55.0930 0x1378  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys

20:40:56.0000 0x1378  amdsbs - ok

20:40:56.0015 0x1378  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys

20:40:56.0031 0x1378  amdxata - ok

20:40:56.0109 0x1378  [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll

20:40:56.0187 0x1378  AppHostSvc - ok

20:40:56.0344 0x1378  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys

20:40:56.0453 0x1378  AppID - ok

20:40:56.0547 0x1378  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll

20:40:56.0609 0x1378  AppIDSvc - ok

20:40:56.0750 0x1378  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\Windows\System32\appinfo.dll

20:40:56.0890 0x1378  Appinfo - ok

20:40:57.0344 0x1378  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

20:40:57.0422 0x1378  Apple Mobile Device Service - ok

20:40:57.0688 0x1378  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\Windows\system32\AppReadiness.dll

20:40:57.0750 0x1378  AppReadiness - ok

20:40:58.0204 0x1378  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll

20:40:58.0438 0x1378  AppXSvc - ok

20:40:58.0594 0x1378  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys

20:40:58.0688 0x1378  arcsas - ok

20:40:58.0860 0x1378  [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

20:40:58.0907 0x1378  aspnet_state - ok

20:40:58.0938 0x1378  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

20:40:58.0969 0x1378  AsyncMac - ok

20:40:58.0985 0x1378  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys

20:40:59.0000 0x1378  atapi - ok

20:40:59.0204 0x1378  [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr            C:\Windows\system32\DRIVERS\athw8x.sys

20:40:59.0438 0x1378  athr - ok

20:40:59.0485 0x1378  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll

20:40:59.0532 0x1378  AudioEndpointBuilder - ok

20:40:59.0594 0x1378  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll

20:40:59.0657 0x1378  Audiosrv - ok

20:40:59.0807 0x1378  [ 5834364BED846E6C8FFCC9D2B5D11F1A, 49F38D83215666E15CF984F49688DE65291EF1A0C94956E29A0D11F5DA3FEFDF ] AvgAMPS         C:\Program Files (x86)\AVG\Av\avgamps.exe

20:40:59.0886 0x1378  AvgAMPS - ok

20:40:59.0917 0x1378  [ 344B89E8D91B1F25239310DCC7337ED0, CF57BD6AAA2A1527957DA4BA4FFC8072D4BE071C95A8741690CA051727B4E30C ] Avgboota        C:\Windows\system32\DRIVERS\avgboota.sys

20:40:59.0948 0x1378  Avgboota - ok

20:41:00.0011 0x1378  [ EBE91430DEC70E1F81D1C48B31160CAE, DFFF9663D797D7E289EEB5591ACFED49454FAEB9840CBCB319B60043CD989550 ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys

20:41:00.0042 0x1378  Avgdiska - ok

20:41:00.0073 0x1378  [ 25BD83F5A01FECA19B75F8FF75B3D9DB, 637E883324BD295346EBFBC8872ED3344380C0DB1C39EFFEFDC5471C42EAEE67 ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6a.sys

20:41:00.0120 0x1378  Avgfwfd - ok

20:41:00.0245 0x1378  [ B85800922431F8D21ADEECA3CBE017AA, 1DA91974EDC53FE6FE83D205CCE37CDA413F074CDEE08DC628982B70A0F482E4 ] avgfws          C:\Program Files (x86)\AVG\Av\avgfwsa.exe

20:41:00.0339 0x1378  avgfws - ok

20:41:00.0620 0x1378  [ 3E3E75ACF3AC9C5B5820CC0CC8A132B6, 5CBAA9AC4DD964E9D50E9C9B97096F1A93BAA40AB2FE32948F0C2B4345425B15 ] AVGIDSAgent     C:\Program Files (x86)\AVG\Av\avgidsagenta.exe

20:41:00.0839 0x1378  AVGIDSAgent - ok

20:41:00.0948 0x1378  [ 381FB91B6FD4AD81659ECA806C0FB0A4, CB195F19601332D9CA3CADC7C7E2B87797F881B33AA5B86D5CE985191B4E8BF3 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys

20:41:01.0011 0x1378  AVGIDSDriver - ok

20:41:01.0042 0x1378  [ 89C52A9E784C390474FED7FF340DC917, C192789D0186ABADFC866DD6BD5A09E3951809A8ED448667143D58FF3658654B ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys

20:41:01.0089 0x1378  AVGIDSHA - ok

20:41:01.0120 0x1378  [ 65E62E92584319747183FA54C08C0330, 26F3D9C36254499DC0A43B5FF4A6B35784BC49143CDAED7E0257A6C527BF2EE5 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys

20:41:01.0167 0x1378  Avgldx64 - ok

20:41:01.0183 0x1378  [ 301E95F388C93D3C73EE35E3693C6A97, 512BA2905EDCC900B12037701A120EE527A14894BF562610F3CF57A65D20FCD5 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys

20:41:01.0230 0x1378  Avgloga - ok

20:41:01.0276 0x1378  [ B3FCE2E7EBC30E9A3506C1FA4FF858EF, 587643C7D09DDC5F18C17DBF0F433EAEFA3717049BB464ED2F61CF25C665E59D ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys

20:41:01.0308 0x1378  Avgmfx64 - ok

20:41:01.0323 0x1378  [ 2A0D6982D0492BF6266E64F25C23EAE8, 7400F85784C0658B4DF6C7424E3ACDCF421D8293D247E80D6AEE14FA91EBFBDC ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys

20:41:01.0355 0x1378  Avgrkx64 - ok

20:41:01.0495 0x1378  [ F740A8CD551DC8373A7CB9B507C847E6, FD960CA1F35190F1D801897ED43439BBEAD0079F944AC629543B36B86698BE8C ] avgsvc          C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe

20:41:01.0558 0x1378  avgsvc - ok

20:41:01.0605 0x1378  [ 1EEB894456B375A486950D343F6DB81F, C5D6EBAC49A4AABE360EE2FA791628C164608FAF5CF37049368CE061D8ABFC10 ] avguniva        C:\Windows\system32\DRIVERS\avguniva.sys

20:41:01.0620 0x1378  avguniva - ok

20:41:01.0745 0x1378  [ D06ED6BF86CD5A0E930FD71760FB6CE4, 1DCABF02E04A8A2172D23494986FA4F80CF901E0CDC379289FE4CFC9635BE05C ] avgwd           C:\Program Files (x86)\AVG\Av\avgwdsvca.exe

20:41:01.0792 0x1378  avgwd - ok

20:41:01.0854 0x1378  [ B7C9C5FD9406605A0449160FF17AF1A6, CDB07896591FC8316ACB50CF28D3CB523BD09AE2D89C3A30E36F9673594C0869 ] Avgwfpa         C:\Windows\system32\DRIVERS\avgwfpa.sys

20:41:01.0886 0x1378  Avgwfpa - ok

20:41:01.0917 0x1378  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\Windows\System32\AxInstSV.dll

20:41:01.0948 0x1378  AxInstSV - ok

20:41:01.0995 0x1378  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys

20:41:02.0042 0x1378  b06bdrv - ok

20:41:02.0089 0x1378  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys

20:41:02.0167 0x1378  BasicDisplay - ok

20:41:02.0183 0x1378  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys

20:41:02.0214 0x1378  BasicRender - ok

20:41:02.0261 0x1378  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys

20:41:02.0276 0x1378  bcmfn2 - ok

20:41:02.0323 0x1378  [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC          C:\Windows\System32\bdesvc.dll

20:41:02.0370 0x1378  BDESVC - ok

20:41:02.0386 0x1378  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys

20:41:02.0401 0x1378  Beep - ok

20:41:02.0479 0x1378  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\Windows\System32\bfe.dll

20:41:02.0542 0x1378  BFE - ok

20:41:02.0652 0x1378  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\Windows\System32\qmgr.dll

20:41:02.0730 0x1378  BITS - ok

20:41:02.0761 0x1378  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

20:41:02.0808 0x1378  bowser - ok

20:41:02.0855 0x1378  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll

20:41:02.0892 0x1378  BrokerInfrastructure - ok

20:41:02.0923 0x1378  [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser         C:\Windows\System32\browser.dll

20:41:02.0986 0x1378  Browser - ok

20:41:03.0001 0x1378  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys

20:41:03.0033 0x1378  BthAvrcpTg - ok

20:41:03.0064 0x1378  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys

20:41:03.0126 0x1378  BthHFEnum - ok

20:41:03.0142 0x1378  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys

20:41:03.0173 0x1378  bthhfhid - ok

20:41:03.0220 0x1378  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll

20:41:03.0267 0x1378  BthHFSrv - ok

20:41:03.0298 0x1378  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys

20:41:03.0330 0x1378  BTHMODEM - ok

20:41:03.0376 0x1378  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\Windows\system32\bthserv.dll

20:41:03.0439 0x1378  bthserv - ok

20:41:03.0470 0x1378  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

20:41:03.0501 0x1378  cdfs - ok

20:41:03.0517 0x1378  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys

20:41:03.0548 0x1378  cdrom - ok

20:41:03.0579 0x1378  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\Windows\System32\certprop.dll

20:41:03.0626 0x1378  CertPropSvc - ok

20:41:03.0642 0x1378  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys

20:41:03.0673 0x1378  circlass - ok

20:41:03.0736 0x1378  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\Windows\system32\drivers\CLFS.sys

20:41:03.0783 0x1378  CLFS - ok

20:41:03.0825 0x1378  [ 9731DAFDC7B690B2C7752FDFF045BFD8, 9DDBDC4FE519AF38993EAB2F16602B2B71CF8675BDD1F651F22DFA8C5C2C80F7 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys

20:41:03.0836 0x1378  clwvd - ok

20:41:03.0852 0x1378  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys

20:41:03.0883 0x1378  CmBatt - ok

20:41:03.0930 0x1378  [ 5CBF8B3E27D824D2AA2A34AFB406F1D0, 955AF1307C02D2B4DEEB150F37F77B8631C0F3C450037C233E9E27D6571B0265 ] CNG             C:\Windows\system32\Drivers\cng.sys

20:41:03.0992 0x1378  CNG - ok

20:41:04.0024 0x1378  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys

20:41:04.0039 0x1378  CompositeBus - ok

20:41:04.0055 0x1378  COMSysApp - ok

20:41:04.0070 0x1378  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys

20:41:04.0086 0x1378  condrv - ok

20:41:04.0180 0x1378  [ 8525856F890D71FEC9953C34DE74B92A, 31701D5D2958547BBEA4A0F037F2C17B13D17D5E2B91AFC2A71C2CD5F83A08F3 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe

20:41:04.0227 0x1378  cphs - ok

20:41:04.0258 0x1378  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\Windows\system32\cryptsvc.dll

20:41:04.0305 0x1378  CryptSvc - ok

20:41:04.0321 0x1378  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys

20:41:04.0336 0x1378  dam - ok

20:41:04.0430 0x1378  [ E4220FD9C7F1579D9C5F9DFB00427841, 77740122A01A08F18CC82A4BB3F00EC59F29EE10779092F872572C264F6728D0 ] DcomLaunch      C:\Windows\system32\rpcss.dll

20:41:04.0477 0x1378  DcomLaunch - ok

20:41:04.0524 0x1378  [ AF3FF97AC2A73E70F8A8D11FB694175B, 3AA25BF9DED08056F52ACF246118C13C8816B5E8AA4D8606DB7DAB4E4E6A9169 ] defragsvc       C:\Windows\System32\defragsvc.dll

20:41:04.0555 0x1378  defragsvc - ok

20:41:04.0602 0x1378  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\Windows\system32\das.dll

20:41:04.0633 0x1378  DeviceAssociationService - ok

20:41:04.0680 0x1378  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll

20:41:04.0727 0x1378  DeviceInstall - ok

20:41:04.0774 0x1378  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys

20:41:04.0820 0x1378  Dfsc - ok

20:41:04.0852 0x1378  [ D722BC26F7431A4DA9A183E56CA9FEE3, 86AB717431CB3DDAF6213A1CFE8DF3684080BAAD569731A90AA1AA198E97506D ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys

20:41:04.0883 0x1378  dg_ssudbus - ok

20:41:04.0978 0x1378  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\Windows\system32\dhcpcore.dll

20:41:05.0041 0x1378  Dhcp - ok

20:41:05.0181 0x1378  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\Windows\system32\diagtrack.dll

20:41:05.0259 0x1378  DiagTrack - ok

20:41:05.0306 0x1378  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\Windows\system32\drivers\disk.sys

20:41:05.0337 0x1378  disk - ok

20:41:05.0369 0x1378  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys

20:41:05.0400 0x1378  dmvsc - ok

20:41:05.0447 0x1378  [ 561CBB163EB3C8221D9B1D7D1E5CA477, 4D235E73CC127769A257B31A92180552276EC8DDD991F1106815FADEF385E72D ] Dnscache        C:\Windows\System32\dnsrslvr.dll

20:41:05.0494 0x1378  Dnscache - ok

20:41:05.0556 0x1378  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\Windows\System32\dot3svc.dll

20:41:05.0603 0x1378  dot3svc - ok

20:41:05.0641 0x1378  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\Windows\system32\dps.dll

20:41:05.0698 0x1378  DPS - ok

20:41:05.0729 0x1378  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

20:41:05.0776 0x1378  drmkaud - ok

20:41:05.0823 0x1378  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll

20:41:05.0870 0x1378  DsmSvc - ok

20:41:05.0983 0x1378  [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

20:41:06.0077 0x1378  DXGKrnl - ok

20:41:06.0108 0x1378  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\Windows\System32\eapsvc.dll

20:41:06.0139 0x1378  Eaphost - ok

20:41:06.0374 0x1378  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys

20:41:06.0593 0x1378  ebdrv - ok

20:41:06.0640 0x1378  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe

20:41:06.0672 0x1378  EFS - ok

20:41:06.0687 0x1378  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys

20:41:06.0718 0x1378  EhStorClass - ok

20:41:06.0734 0x1378  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys

20:41:06.0765 0x1378  EhStorTcgDrv - ok

20:41:06.0781 0x1378  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys

20:41:06.0797 0x1378  ErrDev - ok

20:41:06.0953 0x1378  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\Windows\system32\es.dll

20:41:06.0984 0x1378  EventSystem - ok

20:41:07.0000 0x1378  ewusbnet - ok

20:41:07.0031 0x1378  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys

20:41:07.0062 0x1378  exfat - ok

20:41:07.0094 0x1378  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys

20:41:07.0125 0x1378  fastfat - ok

20:41:07.0219 0x1378  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\Windows\system32\fxssvc.exe

20:41:07.0266 0x1378  Fax - ok

20:41:07.0297 0x1378  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys

20:41:07.0312 0x1378  fdc - ok

20:41:07.0344 0x1378  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\Windows\system32\fdPHost.dll

20:41:07.0375 0x1378  fdPHost - ok

20:41:07.0390 0x1378  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\Windows\system32\fdrespub.dll

20:41:07.0422 0x1378  FDResPub - ok

20:41:07.0437 0x1378  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\Windows\system32\fhsvc.dll

20:41:07.0469 0x1378  fhsvc - ok

20:41:07.0484 0x1378  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

20:41:07.0500 0x1378  FileInfo - ok

20:41:07.0515 0x1378  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

20:41:07.0547 0x1378  Filetrace - ok

20:41:07.0578 0x1378  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys

20:41:07.0594 0x1378  flpydisk - ok

20:41:07.0625 0x1378  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

20:41:07.0672 0x1378  FltMgr - ok

20:41:07.0782 0x1378  [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache       C:\Windows\system32\FntCache.dll

20:41:07.0861 0x1378  FontCache - ok

20:41:07.0919 0x1378  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

20:41:07.0981 0x1378  FontCache3.0.0.0 - ok

20:41:08.0013 0x1378  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

20:41:08.0059 0x1378  FsDepends - ok

20:41:08.0075 0x1378  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

20:41:08.0106 0x1378  Fs_Rec - ok

20:41:08.0153 0x1378  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

20:41:08.0216 0x1378  fvevol - ok

20:41:08.0231 0x1378  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys

20:41:08.0247 0x1378  FxPPM - ok

20:41:08.0278 0x1378  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

20:41:08.0294 0x1378  gagp30kx - ok

20:41:08.0309 0x1378  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys

20:41:08.0325 0x1378  gencounter - ok

20:41:08.0372 0x1378  [ A7528907E163E60EFEBFC76C42868E9B, DA00B98532622562AE7370352F84CDB1AD5676DEF13AEA35FD4A54AE69142257 ] GPIO            C:\Windows\System32\drivers\iaiogpioe.sys

20:41:08.0434 0x1378  GPIO - ok

20:41:08.0466 0x1378  [ EF3AE7773394DF49CE74AF78A1C8D23D, CB12FF004C460A89F12AFF2467512B479A07CA10D4280CD4E624A5A9CDAB9C1B ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys

20:41:08.0528 0x1378  GPIOClx0101 - ok

20:41:08.0638 0x1378  [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc           C:\Windows\System32\gpsvc.dll

20:41:08.0731 0x1378  gpsvc - ok

20:41:08.0810 0x1378  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:41:08.0872 0x1378  gupdate - ok

20:41:08.0888 0x1378  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

20:41:08.0904 0x1378  gupdatem - ok

20:41:08.0966 0x1378  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

20:41:09.0013 0x1378  HdAudAddService - ok

20:41:09.0044 0x1378  [ 498288DD5CA42C2D36D125893E968C53, 03B62FA51F9195D77170DCEFF3A93A6898AA96FB610044DDAE83767DA12745C5 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys

20:41:09.0091 0x1378  HDAudBus - ok

20:41:09.0107 0x1378  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys

20:41:09.0138 0x1378  HidBatt - ok

20:41:09.0169 0x1378  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys

20:41:09.0247 0x1378  HidBth - ok

20:41:09.0263 0x1378  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys

20:41:09.0310 0x1378  hidi2c - ok

20:41:09.0325 0x1378  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys

20:41:09.0357 0x1378  HidIr - ok

20:41:09.0388 0x1378  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\Windows\system32\hidserv.dll

20:41:09.0419 0x1378  hidserv - ok

20:41:09.0450 0x1378  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys

20:41:09.0482 0x1378  HidUsb - ok

20:41:09.0497 0x1378  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\Windows\system32\kmsvc.dll

20:41:09.0528 0x1378  hkmsvc - ok

20:41:09.0575 0x1378  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\Windows\system32\ListSvc.dll

20:41:09.0622 0x1378  HomeGroupListener - ok

20:41:09.0685 0x1378  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

20:41:09.0747 0x1378  HomeGroupProvider - ok

20:41:09.0857 0x1378  [ 7B7DE6B3DC30F3246958F42C67A6F7BB, 4B66B90CFEC2231B905B21DECC4EC7C6500E546F080A452EF67E724EDF37ADD9 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

20:41:09.0919 0x1378  hpqwmiex - ok

20:41:09.0935 0x1378  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

20:41:09.0966 0x1378  HpSAMD - ok

20:41:10.0134 0x1378  HPSLPSVC - ok

20:41:10.0197 0x1378  [ 02F1253476B7F5F818364443DFED3264, 645F51A6781E9DEB381694718EDEF38B02F5345ADCE8860EC2D9483F7C1C7CC2 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe

20:41:10.0259 0x1378  HPSupportSolutionsFrameworkService - ok

20:41:10.0384 0x1378  [ 316CE4F4D31F105534DA16B83F6A44C1, 6CD64E9E1EE8101BB4858C27AD70F0F7FEB65932ADDC7A01331472835085FFD0 ] HPWMISVC        c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe

20:41:10.0431 0x1378  HPWMISVC - ok

20:41:10.0588 0x1378  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

20:41:10.0666 0x1378  HTTP - ok

20:41:10.0666 0x1378  hwdatacard - ok

20:41:10.0697 0x1378  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

20:41:10.0728 0x1378  hwpolicy - ok

20:41:10.0744 0x1378  hwusbdev - ok

20:41:10.0775 0x1378  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys

20:41:10.0791 0x1378  hyperkbd - ok

20:41:10.0806 0x1378  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys

20:41:10.0822 0x1378  HyperVideo - ok

20:41:10.0869 0x1378  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys

20:41:10.0900 0x1378  i8042prt - ok

20:41:10.0916 0x1378  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys

20:41:10.0931 0x1378  iaLPSSi_GPIO - ok

20:41:10.0963 0x1378  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys

20:41:10.0978 0x1378  iaLPSSi_I2C - ok

20:41:11.0041 0x1378  [ 4558F084BCB7EFA3E8321C95B4EE736F, 4E088E1A9F9CE9F3FCA9CA2954CA7969135D4A42F632E495070FBAC4051148C2 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys

20:41:11.0088 0x1378  iaStorA - ok

20:41:11.0134 0x1378  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys

20:41:11.0166 0x1378  iaStorAV - ok

20:41:11.0213 0x1378  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

20:41:11.0264 0x1378  iaStorV - ok

20:41:11.0327 0x1378  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe

20:41:11.0389 0x1378  ICCS - ok

20:41:11.0389 0x1378  IEEtwCollectorService - ok

20:41:11.0639 0x1378  [ E786FA74AA145ECB7FA3467A362B1AF5, 4A84AA3595ADC586EB03526750735219B16629C9372B4A606F352424656AE6D3 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys

20:41:11.0905 0x1378  igfx - ok

20:41:11.0983 0x1378  [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT          C:\Windows\System32\ikeext.dll

20:41:12.0045 0x1378  IKEEXT - ok

20:41:12.0092 0x1378  [ F0F581A2299CB2BAB1DF2597BCDDB80F, EE485AF3049C87666BC6D6BFFC8A0EB4B95831D9061EB81848ECEE29C4232BF4 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys

20:41:12.0108 0x1378  intaud_WaveExtensible - ok

20:41:12.0342 0x1378  [ F121B8C45FE6550D9E2DBC40C0A2E408, 08010538C876ABA196C546D603893339E7A117B5F98C0C2AF9451B627EEB4FE7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

20:41:12.0624 0x1378  IntcAzAudAddService - ok

20:41:12.0764 0x1378  [ EC80E6B9E27DC3E22ED5B2E0E75A39C0, 8EEC89F88AE79DA256BB651983397773F6B25139006C8A7C8F77960F47774CF5 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys

20:41:12.0827 0x1378  IntcDAud - ok

20:41:12.0968 0x1378  [ 768DD5CB66952BC4A3BD474757AEE34F, 5A1F91FC8028D84FD83591D60CB7E3B24425C3B0FFF5A9BB0F7CE2E17AAB92D4 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe

20:41:13.0030 0x1378  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )

20:41:13.0266 0x1378  Detect skipped due to KSN trusted

20:41:13.0266 0x1378  Intel(R) Capability Licensing Service Interface - ok

20:41:13.0406 0x1378  [ 7C9ED65324CF268ACBA8024257F782D8, 1DC43DBA3612E26454D7786DEB0538B44A736B67EC99642B4CC574D8A03E0DC7 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe

20:41:13.0453 0x1378  Intel(R) Capability Licensing Service TCP IP Interface - ok

20:41:13.0484 0x1378  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys

20:41:13.0500 0x1378  intelide - ok

20:41:13.0531 0x1378  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys

20:41:13.0547 0x1378  intelpep - ok

20:41:13.0578 0x1378  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys

20:41:13.0609 0x1378  intelppm - ok

20:41:13.0625 0x1378  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

20:41:13.0656 0x1378  IpFilterDriver - ok

20:41:13.0734 0x1378  [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

20:41:13.0797 0x1378  iphlpsvc - ok

20:41:13.0828 0x1378  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys

20:41:13.0906 0x1378  IPMIDRV - ok

20:41:13.0953 0x1378  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

20:41:14.0031 0x1378  IPNAT - ok

20:41:14.0047 0x1378  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys

20:41:14.0078 0x1378  IRENUM - ok

20:41:14.0094 0x1378  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys

20:41:14.0109 0x1378  isapnp - ok

20:41:14.0156 0x1378  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys

20:41:14.0203 0x1378  iScsiPrt - ok

20:41:14.0234 0x1378  [ C2BC9AC9C6514230A481BDCA6A24BEFD, 84E41675D11EF2EEECED23C8469503C8D12810A2C6B6743D7AA322EB6DF7E68D ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys

20:41:14.0250 0x1378  iwdbus - ok

20:41:14.0281 0x1378  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys

20:41:14.0312 0x1378  kbdclass - ok

20:41:14.0328 0x1378  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys

20:41:14.0375 0x1378  kbdhid - ok

20:41:14.0391 0x1378  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys

20:41:14.0422 0x1378  kdnic - ok

20:41:14.0457 0x1378  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe

20:41:14.0478 0x1378  KeyIso - ok

20:41:14.0510 0x1378  [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

20:41:14.0541 0x1378  KSecDD - ok

20:41:14.0572 0x1378  [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

20:41:14.0633 0x1378  KSecPkg - ok

20:41:14.0656 0x1378  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

20:41:14.0678 0x1378  ksthunk - ok

20:41:14.0725 0x1378  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\Windows\system32\msdtckrm.dll

20:41:14.0771 0x1378  KtmRm - ok

20:41:14.0803 0x1378  [ 46378ECCB4A29AA81BF296641C2501EF, 5AB79BD824C00EF1338FDB8450692318AB14E0AE4145C30B37136767DFC1E4F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll

20:41:14.0850 0x1378  LanmanServer - ok

20:41:14.0896 0x1378  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

20:41:14.0943 0x1378  LanmanWorkstation - ok

20:41:15.0006 0x1378  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll

20:41:15.0053 0x1378  lfsvc - ok

20:41:15.0085 0x1378  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

20:41:15.0147 0x1378  lltdio - ok

20:41:15.0194 0x1378  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\Windows\System32\lltdsvc.dll

20:41:15.0245 0x1378  lltdsvc - ok

20:41:15.0245 0x1378  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\Windows\System32\lmhsvc.dll

20:41:15.0276 0x1378  lmhosts - ok

20:41:15.0292 0x1378  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

20:41:15.0323 0x1378  LSI_SAS - ok

20:41:15.0339 0x1378  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys

20:41:15.0370 0x1378  LSI_SAS2 - ok

20:41:15.0370 0x1378  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys

20:41:15.0401 0x1378  LSI_SAS3 - ok

20:41:15.0401 0x1378  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys

20:41:15.0433 0x1378  LSI_SSS - ok

20:41:15.0495 0x1378  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll

20:41:15.0573 0x1378  LSM - ok

20:41:15.0620 0x1378  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys

20:41:15.0651 0x1378  luafv - ok

20:41:15.0683 0x1378  [ DE585D1D266805E5EEDAE911FDD16F38, D954C1795D98653F1FB0AE8650FF0DEDDAA730B98C9449E6F608154D573DAB27 ] ManyCam         C:\Windows\system32\DRIVERS\mcvidrv_x64.sys

20:41:15.0714 0x1378  ManyCam - ok

20:41:15.0745 0x1378  MBAMSwissArmy - ok

20:41:15.0792 0x1378  [ 0D3CF8B876F55291B137B972891C1575, 2E7D0A54D5B2211D340EB56F3D5FCB8362E75415A3C75F553643BA55888DC690 ] MBI             C:\Windows\system32\drivers\MBI.sys

20:41:15.0855 0x1378  MBI - ok

20:41:15.0901 0x1378  [ 5858C4ABE87D0A842A941D6BD08038F1, FA082135752ECE107AC5E94066541F07FC1D56CE070CE8476A30375308F290A9 ] mcaudrv_simple  C:\Windows\system32\drivers\mcaudrv_x64.sys

20:41:15.0979 0x1378  mcaudrv_simple - ok

20:41:15.0995 0x1378  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys

20:41:16.0026 0x1378  megasas - ok

20:41:16.0073 0x1378  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys

20:41:16.0120 0x1378  megasr - ok

20:41:16.0151 0x1378  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\Windows\system32\mmcss.dll

20:41:16.0183 0x1378  MMCSS - ok

20:41:16.0214 0x1378  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys

20:41:16.0235 0x1378  Modem - ok

20:41:16.0251 0x1378  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys

20:41:16.0282 0x1378  monitor - ok

20:41:16.0329 0x1378  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys

20:41:16.0360 0x1378  mouclass - ok

20:41:16.0376 0x1378  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys

20:41:16.0391 0x1378  mouhid - ok

20:41:16.0438 0x1378  [ 24DABC0A77FAFDC0E379AB3B30F61BB6, E66624ABBF1D742879035F9161F9D3713DE7B759B3D3CF8B96C9E397A02FCF82 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

20:41:16.0469 0x1378  mountmgr - ok

20:41:16.0501 0x1378  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

20:41:16.0532 0x1378  mpsdrv - ok

20:41:16.0610 0x1378  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\Windows\system32\mpssvc.dll

20:41:16.0673 0x1378  MpsSvc - ok

20:41:16.0719 0x1378  [ D2AC8F07995CE6CD18848C129435B481, 839B04116B49A757950E049150F6AADE41335914CC699ED73BE886BECAC39D36 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

20:41:16.0782 0x1378  MRxDAV - ok

20:41:16.0844 0x1378  [ 3AF30CEB99E581E2FADA0B5FC4B551D8, 59BDE83C10D6F31E13B81FC317F1DE0E00793FBA288EAF844E29CFA0EB184502 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

20:41:16.0907 0x1378  mrxsmb - ok

20:41:16.0938 0x1378  [ 15D7AF1A26CCEBA32DF21A8E2098F463, 84390806AD3A9651DAB803E9257EEE851B898ED2AB56D8936E8C9F6B41967243 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

20:41:16.0969 0x1378  mrxsmb10 - ok

20:41:17.0001 0x1378  [ 0790EEB1EC199F8BE8259E47B373ED23, F9330F43B40675CCB60804182EF04BFBA3837ED14C798788A4B27D65A646D1C7 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

20:41:17.0032 0x1378  mrxsmb20 - ok

20:41:17.0063 0x1378  [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys

20:41:17.0110 0x1378  MsBridge - ok

20:41:17.0141 0x1378  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\Windows\System32\msdtc.exe

20:41:17.0173 0x1378  MSDTC - ok

20:41:17.0204 0x1378  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys

20:41:17.0235 0x1378  Msfs - ok

20:41:17.0251 0x1378  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys

20:41:17.0266 0x1378  msgpiowin32 - ok

20:41:17.0291 0x1378  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

20:41:17.0306 0x1378  mshidkmdf - ok

20:41:17.0306 0x1378  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys

20:41:17.0338 0x1378  mshidumdf - ok

20:41:17.0353 0x1378  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

20:41:17.0369 0x1378  msisadrv - ok

20:41:17.0400 0x1378  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

20:41:17.0447 0x1378  MSiSCSI - ok

20:41:17.0447 0x1378  msiserver - ok

20:41:17.0478 0x1378  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

20:41:17.0509 0x1378  MSKSSRV - ok

20:41:17.0541 0x1378  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys

20:41:17.0556 0x1378  MsLldp - ok

20:41:17.0572 0x1378  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

20:41:17.0588 0x1378  MSPCLOCK - ok

20:41:17.0603 0x1378  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

20:41:17.0619 0x1378  MSPQM - ok

20:41:17.0682 0x1378  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

20:41:17.0745 0x1378  MsRPC - ok

20:41:17.0808 0x1378  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys

20:41:17.0839 0x1378  mssmbios - ok

20:41:17.0854 0x1378  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

20:41:17.0885 0x1378  MSTEE - ok

20:41:17.0885 0x1378  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys

20:41:17.0917 0x1378  MTConfig - ok

20:41:17.0932 0x1378  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys

20:41:17.0948 0x1378  Mup - ok

20:41:17.0964 0x1378  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys

20:41:17.0979 0x1378  mvumis - ok

20:41:18.0026 0x1378  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\Windows\system32\qagentRT.dll

20:41:18.0073 0x1378  napagent - ok

20:41:18.0120 0x1378  [ 78514B073CC5775800A65BFB82A0D66B, DCD18E277569F23921E899F508860F89ABD417C74A7776152A4463284A989488 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

20:41:18.0167 0x1378  NativeWifiP - ok

20:41:18.0210 0x1378  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\Windows\System32\ncasvc.dll

20:41:18.0251 0x1378  NcaSvc - ok

20:41:18.0267 0x1378  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\Windows\System32\ncbservice.dll

20:41:18.0298 0x1378  NcbService - ok

20:41:18.0329 0x1378  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll

20:41:18.0376 0x1378  NcdAutoSetup - ok

20:41:18.0486 0x1378  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\Windows\system32\drivers\ndis.sys

20:41:18.0564 0x1378  NDIS - ok

20:41:18.0595 0x1378  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

20:41:18.0642 0x1378  NdisCap - ok

20:41:18.0658 0x1378  [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys

20:41:18.0798 0x1378  NdisImPlatform - ok

20:41:18.0814 0x1378  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

20:41:18.0845 0x1378  NdisTapi - ok

20:41:18.0861 0x1378  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

20:41:18.0876 0x1378  Ndisuio - ok

20:41:18.0923 0x1378  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys

20:41:18.0954 0x1378  NdisVirtualBus - ok

20:41:18.0986 0x1378  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

20:41:19.0017 0x1378  NdisWan - ok

20:41:19.0033 0x1378  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys

20:41:19.0064 0x1378  NdisWanLegacy - ok

20:41:19.0079 0x1378  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

20:41:19.0111 0x1378  NDProxy - ok

20:41:19.0126 0x1378  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\Windows\system32\drivers\Ndu.sys

20:41:19.0158 0x1378  Ndu - ok

20:41:19.0173 0x1378  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

20:41:19.0204 0x1378  NetBIOS - ok

20:41:19.0251 0x1378  [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

20:41:19.0304 0x1378  NetBT - ok

20:41:19.0309 0x1378  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe

20:41:19.0340 0x1378  Netlogon - ok

20:41:19.0387 0x1378  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\Windows\System32\netman.dll

20:41:19.0418 0x1378  Netman - ok

20:41:19.0465 0x1378  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\Windows\System32\netprofmsvc.dll

20:41:19.0512 0x1378  netprofm - ok

20:41:19.0590 0x1378  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

20:41:19.0715 0x1378  NetTcpPortSharing - ok

20:41:19.0737 0x1378  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\Windows\system32\DRIVERS\netvsc63.sys

20:41:19.0766 0x1378  netvsc - ok

20:41:19.0812 0x1378  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll

20:41:19.0890 0x1378  NlaSvc - ok

20:41:19.0906 0x1378  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

20:41:19.0953 0x1378  Npfs - ok

20:41:19.0969 0x1378  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys

20:41:20.0031 0x1378  npsvctrig - ok

20:41:20.0062 0x1378  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\Windows\system32\nsisvc.dll

20:41:20.0094 0x1378  nsi - ok

20:41:20.0109 0x1378  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

20:41:20.0174 0x1378  nsiproxy - ok

20:41:20.0403 0x1378  [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

20:41:20.0530 0x1378  Ntfs - ok

20:41:20.0561 0x1378  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys

20:41:20.0593 0x1378  Null - ok

20:41:20.0608 0x1378  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys

20:41:20.0639 0x1378  nvraid - ok

20:41:20.0639 0x1378  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

20:41:20.0680 0x1378  nvstor - ok

20:41:20.0690 0x1378  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

20:41:20.0716 0x1378  nv_agp - ok

20:41:20.0797 0x1378  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

20:41:20.0834 0x1378  odserv - ok

20:41:20.0874 0x1378  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

20:41:20.0917 0x1378  ose - ok

20:41:20.0979 0x1378  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

20:41:21.0045 0x1378  p2pimsvc - ok

20:41:21.0081 0x1378  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\Windows\system32\p2psvc.dll

20:41:21.0122 0x1378  p2psvc - ok

20:41:21.0143 0x1378  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys

20:41:21.0170 0x1378  Parport - ok

20:41:21.0185 0x1378  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\Windows\system32\drivers\partmgr.sys

20:41:21.0208 0x1378  partmgr - ok

20:41:21.0264 0x1378  [ 0A2DF1055FEEA30DFF73DAC0DA45FDE4, 497B2AE591ABBCFA8FC571D9C1D750006212F2D2DDF12F5A9E7FFA811CD707A3 ] PcaSvc          C:\Windows\System32\pcasvc.dll

20:41:21.0321 0x1378  PcaSvc - ok

20:41:21.0352 0x1378  [ 275AFE3FA35E8D78BE97695DF49817C6, 447CEBB16285AE073B4251D2DA71399306EF2DCB7F56286ABE2F0BD6C83EB489 ] pci             C:\Windows\system32\drivers\pci.sys

20:41:21.0391 0x1378  pci - ok

20:41:21.0403 0x1378  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys

20:41:21.0419 0x1378  pciide - ok

20:41:21.0450 0x1378  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

20:41:21.0482 0x1378  pcmcia - ok

20:41:21.0497 0x1378  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys

20:41:21.0529 0x1378  pcw - ok

20:41:21.0560 0x1378  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys

20:41:21.0591 0x1378  pdc - ok

20:41:21.0638 0x1378  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

20:41:21.0685 0x1378  PEAUTH - ok

20:41:21.0763 0x1378  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe

20:41:21.0828 0x1378  PerfHost - ok

20:41:21.0937 0x1378  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\Windows\system32\pla.dll

20:41:22.0031 0x1378  pla - ok

20:41:22.0063 0x1378  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

20:41:22.0094 0x1378  PlugPlay - ok

20:41:22.0125 0x1378  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

20:41:22.0141 0x1378  PNRPAutoReg - ok

20:41:22.0172 0x1378  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

20:41:22.0219 0x1378  PNRPsvc - ok

20:41:22.0281 0x1378  [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

20:41:22.0312 0x1378  PolicyAgent - ok

20:41:22.0344 0x1378  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\Windows\system32\umpo.dll

20:41:22.0391 0x1378  Power - ok

20:41:22.0422 0x1378  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

20:41:22.0469 0x1378  PptpMiniport - ok

20:41:22.0704 0x1378  [ 346F352E17EA5793C726D3F6582BA855, 5CD830CDCC73335EDC58D26D1BC8B8830DA885CA6D1E21BB7EE763354B5C35EA ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll

20:41:22.0954 0x1378  PrintNotify - ok

20:41:22.0985 0x1378  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys

20:41:23.0016 0x1378  Processor - ok

20:41:23.0063 0x1378  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\Windows\system32\profsvc.dll

20:41:23.0110 0x1378  ProfSvc - ok

20:41:23.0126 0x1378  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

20:41:23.0157 0x1378  Psched - ok

20:41:23.0219 0x1378  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\Windows\system32\qwave.dll

20:41:23.0267 0x1378  QWAVE - ok

20:41:23.0282 0x1378  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

20:41:23.0326 0x1378  QWAVEdrv - ok

20:41:23.0331 0x1378  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

20:41:23.0373 0x1378  RasAcd - ok

20:41:23.0404 0x1378  [ D5ECE7E7F349EB3C4B152AFF3577280D, 3A5D3E440D1ED72D654BBFE30A73667F055C0AD04375C22C202F21BF75B612B2 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

20:41:23.0447 0x1378  RasAgileVpn - ok

20:41:23.0494 0x1378  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\Windows\System32\rasauto.dll

20:41:23.0541 0x1378  RasAuto - ok

20:41:23.0588 0x1378  [ 235624C147E3CB4C288D5D3D8E8D64A2, B3F182019DBAD9C761FE9F62EAED34AD5902B41A13A766D814FC3E2EA29D8D92 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

20:41:23.0635 0x1378  Rasl2tp - ok

20:41:23.0729 0x1378  [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan          C:\Windows\System32\rasmans.dll

20:41:23.0807 0x1378  RasMan - ok

20:41:23.0830 0x1378  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

20:41:23.0862 0x1378  RasPppoe - ok

20:41:23.0877 0x1378  [ 2B0F1677CDD08967005F34488559BC6F, FFF168EBD171C0B85A448AD1A04F66534E889AE1DC128F68EA3F35D5996C8D39 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

20:41:23.0908 0x1378  RasSstp - ok

20:41:23.0940 0x1378  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

20:41:24.0002 0x1378  rdbss - ok

20:41:24.0018 0x1378  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys

20:41:24.0049 0x1378  rdpbus - ok

20:41:24.0089 0x1378  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys

20:41:24.0114 0x1378  RDPDR - ok

20:41:24.0161 0x1378  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

20:41:24.0193 0x1378  RdpVideoMiniport - ok

20:41:24.0239 0x1378  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

20:41:24.0271 0x1378  rdyboost - ok

20:41:24.0318 0x1378  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\Windows\system32\drivers\ReFS.sys

20:41:24.0380 0x1378  ReFS - ok

20:41:24.0443 0x1378  [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess    C:\Windows\System32\mprdim.dll

20:41:24.0489 0x1378  RemoteAccess - ok

20:41:24.0536 0x1378  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\Windows\system32\regsvc.dll

20:41:24.0583 0x1378  RemoteRegistry - ok

20:41:24.0599 0x1378  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

20:41:24.0630 0x1378  RpcEptMapper - ok

20:41:24.0661 0x1378  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\Windows\system32\locator.exe

20:41:24.0693 0x1378  RpcLocator - ok

20:41:24.0786 0x1378  [ E4220FD9C7F1579D9C5F9DFB00427841, 77740122A01A08F18CC82A4BB3F00EC59F29EE10779092F872572C264F6728D0 ] RpcSs           C:\Windows\system32\rpcss.dll

20:41:24.0849 0x1378  RpcSs - ok

20:41:24.0896 0x1378  [ FA7EFA65CD06FDA96943F26D8279D897, 13BC39B3BFD840B14F59C36D89433F69FD5C8948131043F2D59F1CCEAADD7A1E ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys

20:41:24.0927 0x1378  RSP2STOR - ok

20:41:24.0958 0x1378  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

20:41:25.0005 0x1378  rspndr - ok

20:41:25.0091 0x1378  [ F1D20C2B36F78863530B251DF504CC51, A3C71BDB45B1DB321BC2D9889CB25CF7840E145DFB769882748B7D507A605A42 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

20:41:25.0154 0x1378  RtkAudioService - ok

20:41:25.0216 0x1378  [ 48E042D6AAB285409AF06200966EA655, 64FD4305C4EBEC25AA7BC2058952BCB79DB0A054CF46F2413CC54FB1E550D5F4 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys

20:41:25.0296 0x1378  RTL8168 - ok

20:41:25.0548 0x1378  [ 81836A7CD9E1E7B679FD904AEBE862BF, 3570EDB69EC75F56918F20EA2527E93ECC09D3F637136C1B54F3D97E67C5B963 ] RTWlanE         C:\Windows\system32\DRIVERS\rtwlane.sys

20:41:25.0736 0x1378  RTWlanE - ok

20:41:25.0799 0x1378  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys

20:41:25.0846 0x1378  s3cap - ok

20:41:25.0892 0x1378  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe

20:41:25.0939 0x1378  SamSs - ok

20:41:25.0955 0x1378  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

20:41:25.0986 0x1378  sbp2port - ok

20:41:26.0002 0x1378  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\Windows\System32\SCardSvr.dll

20:41:26.0049 0x1378  SCardSvr - ok

20:41:26.0064 0x1378  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll

20:41:26.0095 0x1378  ScDeviceEnum - ok

20:41:26.0111 0x1378  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

20:41:26.0127 0x1378  scfilter - ok

20:41:26.0278 0x1378  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\Windows\system32\schedsvc.dll

20:41:26.0340 0x1378  Schedule - ok

20:41:26.0387 0x1378  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\Windows\System32\certprop.dll

20:41:26.0434 0x1378  SCPolicySvc - ok

20:41:26.0481 0x1378  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys

20:41:26.0497 0x1378  sdbus - ok

20:41:26.0528 0x1378  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys

20:41:26.0559 0x1378  sdstor - ok

20:41:26.0575 0x1378  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys

20:41:26.0659 0x1378  secdrv - ok

20:41:26.0706 0x1378  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\Windows\system32\seclogon.dll

20:41:26.0768 0x1378  seclogon - ok

20:41:26.0800 0x1378  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\Windows\System32\sens.dll

20:41:26.0847 0x1378  SENS - ok

20:41:26.0862 0x1378  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\Windows\system32\sensrsvc.dll

20:41:26.0909 0x1378  SensrSvc - ok

20:41:26.0925 0x1378  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys

20:41:26.0956 0x1378  SerCx - ok

20:41:26.0972 0x1378  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys

20:41:27.0003 0x1378  SerCx2 - ok

20:41:27.0018 0x1378  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys

20:41:27.0034 0x1378  Serenum - ok

20:41:27.0065 0x1378  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys

20:41:27.0081 0x1378  Serial - ok

20:41:27.0112 0x1378  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys

20:41:27.0159 0x1378  sermouse - ok

20:41:27.0206 0x1378  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\Windows\system32\sessenv.dll

20:41:27.0269 0x1378  SessionEnv - ok

20:41:27.0293 0x1378  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys

20:41:27.0315 0x1378  sfloppy - ok

20:41:27.0378 0x1378  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\Windows\System32\ipnathlp.dll

20:41:27.0409 0x1378  SharedAccess - ok

20:41:27.0472 0x1378  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

20:41:27.0550 0x1378  ShellHWDetection - ok

20:41:27.0581 0x1378  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys

20:41:27.0597 0x1378  SiSRaid2 - ok

20:41:27.0612 0x1378  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

20:41:27.0628 0x1378  SiSRaid4 - ok

20:41:27.0659 0x1378  [ D33A17CB35F7EF7FF332B2650ED1614F, C0FBD4AD06EAAB8870512074BEB3F74454A3FFDD8FC75A697FAD699EE2FDFCE6 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys

20:41:27.0659 0x1378  SmbDrvI - ok

20:41:27.0691 0x1378  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll

20:41:27.0737 0x1378  smphost - ok

20:41:27.0769 0x1378  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

20:41:27.0816 0x1378  SNMPTRAP - ok

20:41:27.0863 0x1378  [ B45AE0970B2D66CCE756DE6989E23EEC, 8393CF2DC4F65CD48D4D7B3C8C2D29E26728593B652D6CEAB65B50AEDA0884B7 ] spaceport       C:\Windows\system32\drivers\spaceport.sys

20:41:27.0909 0x1378  spaceport - ok

20:41:27.0925 0x1378  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys

20:41:27.0941 0x1378  SpbCx - ok

20:41:27.0988 0x1378  [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler         C:\Windows\System32\spoolsv.exe

20:41:28.0050 0x1378  Spooler - ok

20:41:28.0425 0x1378  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe

20:41:28.0832 0x1378  sppsvc - ok

20:41:28.0879 0x1378  [ 36B082C7A764A34FB1DC72D975870B61, 572CB632D9FDC1183F7BF8BFCBC51765C647945E0C13D1C91ADE3D0E76DF83BC ] srv             C:\Windows\system32\DRIVERS\srv.sys

20:41:28.0925 0x1378  srv - ok

20:41:28.0972 0x1378  [ F5849909D4B29B4E3D4445F943E5C7E3, 3FCA1423753716FE1AFDD27EE1E13C4D779A3C976185B5C998EF1A9A39BFC186 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

20:41:29.0019 0x1378  srv2 - ok

20:41:29.0066 0x1378  [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

20:41:29.0097 0x1378  srvnet - ok

20:41:29.0129 0x1378  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

20:41:29.0191 0x1378  SSDPSRV - ok

20:41:29.0207 0x1378  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\Windows\system32\sstpsvc.dll

20:41:29.0238 0x1378  SstpSvc - ok

20:41:29.0285 0x1378  [ 36C3697CA09B23C77BDF95A6B0B57310, DAEF9CFBDE444A80FB41DA0BC5C3C4E1E4B535497A5EDA43EC8768A6EC42E4EA ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys

20:41:29.0324 0x1378  ssudmdm - ok

20:41:29.0355 0x1378  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys

20:41:29.0387 0x1378  stexstor - ok

20:41:29.0418 0x1378  [ 2A997C64F9B2584D81FA6749FE36A887, D26F5BC591ED46B96B2ACFDF555C2BF42F4915A22B12E4139ACEF7DE7AC303A7 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys

20:41:29.0480 0x1378  StillCam - ok

20:41:29.0543 0x1378  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\Windows\System32\wiaservc.dll

20:41:29.0590 0x1378  stisvc - ok

20:41:29.0621 0x1378  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys

20:41:29.0652 0x1378  storahci - ok

20:41:29.0668 0x1378  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys

20:41:29.0699 0x1378  storflt - ok

20:41:29.0715 0x1378  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys

20:41:29.0746 0x1378  stornvme - ok

20:41:29.0777 0x1378  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\Windows\system32\storsvc.dll

20:41:29.0809 0x1378  StorSvc - ok

20:41:29.0824 0x1378  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys

20:41:29.0840 0x1378  storvsc - ok

20:41:29.0855 0x1378  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\Windows\system32\svsvc.dll

20:41:29.0887 0x1378  svsvc - ok

20:41:29.0902 0x1378  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\Windows\System32\drivers\swenum.sys

20:41:29.0918 0x1378  swenum - ok

20:41:29.0980 0x1378  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\Windows\System32\swprv.dll

20:41:30.0059 0x1378  swprv - ok

20:41:30.0105 0x1378  [ 217ADAA2DBD690C6F2AB2C236C8A1163, 24C8053D26752EDDBFCE8E3E6908CD27F807D7693E83F2D9AB0F76EBD123A197 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys

20:41:30.0137 0x1378  SynTP - ok

20:41:30.0184 0x1378  [ FAFE2E35BC2063068EBFA924535CE3BC, 08F5FDE2CCB66FC6518D82C202276821320F6A8B5015DFA2BCEDC979E38BBA14 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe

20:41:30.0230 0x1378  SynTPEnhService - ok

20:41:30.0340 0x1378  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\Windows\system32\sysmain.dll

20:41:30.0418 0x1378  SysMain - ok

20:41:30.0496 0x1378  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll

20:41:30.0543 0x1378  SystemEventsBroker - ok

20:41:30.0574 0x1378  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\Windows\System32\TabSvc.dll

20:41:30.0606 0x1378  TabletInputService - ok

20:41:30.0637 0x1378  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys

20:41:30.0668 0x1378  tap0901 - ok

20:41:30.0684 0x1378  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\Windows\System32\tapisrv.dll

20:41:30.0731 0x1378  TapiSrv - ok

20:41:30.0871 0x1378  [ 1C8560E3A37A9D4F25B7769C3E3D4163, 3246F3CD6C9EA2BD874822D594A0FAC68A9DE0612C0893B50B8A3D5F1E9B0B33 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

20:41:31.0012 0x1378  Tcpip - ok

20:41:31.0106 0x1378  [ 1C8560E3A37A9D4F25B7769C3E3D4163, 3246F3CD6C9EA2BD874822D594A0FAC68A9DE0612C0893B50B8A3D5F1E9B0B33 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

20:41:31.0315 0x1378  TCPIP6 - ok

20:41:31.0347 0x1378  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

20:41:31.0441 0x1378  tcpipreg - ok

20:41:31.0487 0x1378  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

20:41:31.0534 0x1378  tdx - ok

20:41:31.0550 0x1378  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys

20:41:31.0581 0x1378  terminpt - ok

20:41:31.0675 0x1378  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\Windows\System32\termsrv.dll

20:41:31.0737 0x1378  TermService - ok

20:41:31.0784 0x1378  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\Windows\system32\themeservice.dll

20:41:31.0831 0x1378  Themes - ok

20:41:31.0862 0x1378  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\Windows\system32\mmcss.dll

20:41:31.0894 0x1378  THREADORDER - ok

20:41:31.0925 0x1378  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll

20:41:31.0972 0x1378  TimeBroker - ok

20:41:32.0003 0x1378  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\Windows\system32\drivers\tpm.sys

20:41:32.0050 0x1378  TPM - ok

20:41:32.0081 0x1378  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\Windows\System32\trkwks.dll

20:41:32.0112 0x1378  TrkWks - ok

20:41:32.0159 0x1378  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

20:41:32.0206 0x1378  TrustedInstaller - ok

20:41:32.0237 0x1378  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

20:41:32.0284 0x1378  TsUsbFlt - ok

20:41:32.0284 0x1378  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys

20:41:32.0315 0x1378  TsUsbGD - ok

20:41:32.0660 0x1378  [ 1ABABD876BFFA4F2A6D3E5A39082F186, CDEA2CB8A64B33F053A1EC73724F1D6EC99328AEB4EEC93C38FC9CF10809DE41 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe

20:41:32.0832 0x1378  TuneUp.UtilitiesSvc - ok

20:41:32.0899 0x1378  [ 9B5C98C9F9EF5E62806DCD58B0D8EACE, B4B8A3F943C2C401CA1ED05BDA0C6D631106B258FB40C433AC856DCA7E8D7F7A ] TuneUpUtilitiesDrv C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys

20:41:32.0946 0x1378  TuneUpUtilitiesDrv - ok

20:41:32.0993 0x1378  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

20:41:33.0039 0x1378  tunnel - ok

20:41:33.0071 0x1378  [ E624283C1A2F9BB4688A002914CC00A7, B6908C1FFDD6BCFFC5C2FC0C429FC3E237E340F891F80CFD737BE41E5EF7E328 ] TXEIx64         C:\Windows\System32\drivers\TXEIx64.sys

20:41:33.0086 0x1378  TXEIx64 - ok

20:41:33.0130 0x1378  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys

20:41:33.0151 0x1378  uagp35 - ok

20:41:33.0183 0x1378  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys

20:41:33.0214 0x1378  UASPStor - ok

20:41:33.0245 0x1378  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys

20:41:33.0292 0x1378  UCX01000 - ok

20:41:33.0329 0x1378  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

20:41:33.0376 0x1378  udfs - ok

20:41:33.0407 0x1378  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys

20:41:33.0439 0x1378  UEFI - ok

20:41:33.0485 0x1378  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

20:41:33.0532 0x1378  UI0Detect - ok

20:41:33.0548 0x1378  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

20:41:33.0579 0x1378  uliagpkx - ok

20:41:33.0612 0x1378  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys

20:41:33.0643 0x1378  umbus - ok

20:41:33.0643 0x1378  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys

20:41:33.0674 0x1378  UmPass - ok

20:41:33.0706 0x1378  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\Windows\System32\umrdp.dll

20:41:33.0737 0x1378  UmRdpService - ok

20:41:33.0768 0x1378  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\Windows\System32\upnphost.dll

20:41:33.0815 0x1378  upnphost - ok

20:41:33.0846 0x1378  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys

20:41:33.0862 0x1378  USBAAPL64 - ok

20:41:33.0899 0x1378  [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys

20:41:33.0941 0x1378  usbccgp - ok

20:41:33.0962 0x1378  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\Windows\System32\drivers\usbcir.sys

20:41:34.0007 0x1378  usbcir - ok

20:41:34.0038 0x1378  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\Windows\System32\drivers\usbehci.sys

20:41:34.0054 0x1378  usbehci - ok

20:41:34.0101 0x1378  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\Windows\System32\drivers\usbhub.sys

20:41:34.0158 0x1378  usbhub - ok

20:41:34.0196 0x1378  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys

20:41:34.0227 0x1378  USBHUB3 - ok

20:41:34.0274 0x1378  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\Windows\System32\drivers\usbohci.sys

20:41:34.0316 0x1378  usbohci - ok

20:41:34.0351 0x1378  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys

20:41:34.0376 0x1378  usbprint - ok

20:41:34.0410 0x1378  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS

20:41:34.0439 0x1378  USBSTOR - ok

20:41:34.0467 0x1378  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys

20:41:34.0497 0x1378  usbuhci - ok

20:41:34.0517 0x1378  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys

20:41:34.0557 0x1378  usbvideo - ok

20:41:34.0594 0x1378  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS

20:41:34.0627 0x1378  USBXHCI - ok

20:41:34.0652 0x1378  [ 3CAAB947B1F247A570DE15983BEDEBCF, 81480D999F67A1755D5C21CE046FB439F0FBD743F73D23C19BC8C4DEB78A4F91 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys

20:41:34.0685 0x1378  usb_rndisx - ok

20:41:34.0702 0x1378  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe

20:41:34.0727 0x1378  VaultSvc - ok

20:41:34.0743 0x1378  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

20:41:34.0774 0x1378  vdrvroot - ok

20:41:34.0907 0x1378  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\Windows\System32\vds.exe

20:41:34.0966 0x1378  vds - ok

20:41:35.0008 0x1378  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys

20:41:35.0036 0x1378  VerifierExt - ok

20:41:35.0132 0x1378  [ 34CAF69BF4166AB40BFF0ED068FF6F91, BF5DA4F85A2C537DD76A3271956EC5BDB9ABC495FAA9371037F608152BE2725D ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys

20:41:35.0183 0x1378  vhdmp - ok

20:41:35.0199 0x1378  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys

20:41:35.0214 0x1378  viaide - ok

20:41:35.0230 0x1378  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\Windows\system32\drivers\vmbus.sys

20:41:35.0246 0x1378  vmbus - ok

20:41:35.0261 0x1378  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys

20:41:35.0292 0x1378  VMBusHID - ok

20:41:35.0330 0x1378  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\Windows\System32\ICSvc.dll

20:41:35.0367 0x1378  vmicguestinterface - ok

20:41:35.0383 0x1378  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll

20:41:35.0430 0x1378  vmicheartbeat - ok

20:41:35.0446 0x1378  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\Windows\System32\ICSvc.dll

20:41:35.0492 0x1378  vmickvpexchange - ok

20:41:35.0508 0x1378  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\Windows\System32\ICSvc.dll

20:41:35.0555 0x1378  vmicrdv - ok

20:41:35.0571 0x1378  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\Windows\System32\ICSvc.dll

20:41:35.0617 0x1378  vmicshutdown - ok

20:41:35.0649 0x1378  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\Windows\System32\ICSvc.dll

20:41:35.0680 0x1378  vmictimesync - ok

20:41:35.0711 0x1378  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\Windows\System32\ICSvc.dll

20:41:35.0742 0x1378  vmicvss - ok

20:41:35.0790 0x1378  [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

20:41:35.0805 0x1378  volmgr - ok

20:41:35.0837 0x1378  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

20:41:35.0884 0x1378  volmgrx - ok

20:41:35.0931 0x1378  [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap         C:\Windows\system32\drivers\volsnap.sys

20:41:35.0977 0x1378  volsnap - ok

20:41:36.0009 0x1378  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\Windows\System32\drivers\vpci.sys

20:41:36.0040 0x1378  vpci - ok

20:41:36.0071 0x1378  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

20:41:36.0118 0x1378  vsmraid - ok

20:41:36.0290 0x1378  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\Windows\system32\vssvc.exe

20:41:36.0352 0x1378  VSS - ok

20:41:36.0399 0x1378  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys

20:41:36.0439 0x1378  VSTXRAID - ok

20:41:36.0485 0x1378  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys

20:41:36.0516 0x1378  vwifibus - ok

20:41:36.0541 0x1378  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys

20:41:36.0565 0x1378  vwififlt - ok

20:41:36.0584 0x1378  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys

20:41:36.0599 0x1378  vwifimp - ok

20:41:36.0650 0x1378  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\Windows\system32\w32time.dll

20:41:36.0692 0x1378  W32Time - ok

20:41:36.0732 0x1378  [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc        C:\Windows\system32\inetsrv\w3logsvc.dll

20:41:36.0760 0x1378  w3logsvc - ok

20:41:36.0776 0x1378  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys

20:41:36.0823 0x1378  WacomPen - ok

20:41:36.0838 0x1378  [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys

20:41:36.0869 0x1378  Wanarp - ok

20:41:36.0885 0x1378  [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

20:41:36.0916 0x1378  Wanarpv6 - ok

20:41:36.0948 0x1378  [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll

20:41:36.0994 0x1378  WAS - ok

20:41:37.0088 0x1378  [ 139D842E5FB75A1E2F0212FBD7B0E457, F29F73B56865C5EBBE89B8F92AEFE2DB19E5C29A94D2E006A23243C23A41AE79 ] wbengine        C:\Windows\system32\wbengine.exe

20:41:37.0166 0x1378  wbengine - ok

20:41:37.0213 0x1378  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

20:41:37.0260 0x1378  WbioSrvc - ok

20:41:37.0291 0x1378  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll

20:41:37.0338 0x1378  Wcmsvc - ok

20:41:37.0370 0x1378  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\Windows\System32\wcncsvc.dll

20:41:37.0401 0x1378  wcncsvc - ok

20:41:37.0432 0x1378  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

20:41:37.0463 0x1378  WcsPlugInService - ok

20:41:37.0495 0x1378  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys

20:41:37.0542 0x1378  WdBoot - ok

20:41:37.0604 0x1378  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

20:41:37.0651 0x1378  Wdf01000 - ok

20:41:37.0682 0x1378  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys

20:41:37.0713 0x1378  WdFilter - ok

20:41:37.0745 0x1378  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\Windows\system32\wdi.dll

20:41:37.0791 0x1378  WdiServiceHost - ok

20:41:37.0791 0x1378  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\Windows\system32\wdi.dll

20:41:37.0840 0x1378  WdiSystemHost - ok

20:41:37.0855 0x1378  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys

20:41:37.0886 0x1378  WdNisDrv - ok

20:41:37.0934 0x1378  WdNisSvc - ok

20:41:37.0982 0x1378  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\Windows\System32\webclnt.dll

20:41:38.0015 0x1378  WebClient - ok

20:41:38.0036 0x1378  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\Windows\system32\wecsvc.dll

20:41:38.0066 0x1378  Wecsvc - ok

20:41:38.0082 0x1378  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll

20:41:38.0127 0x1378  WEPHOSTSVC - ok

20:41:38.0127 0x1378  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

20:41:38.0174 0x1378  wercplsupport - ok

20:41:38.0201 0x1378  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\Windows\System32\WerSvc.dll

20:41:38.0219 0x1378  WerSvc - ok

20:41:38.0250 0x1378  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys

20:41:38.0297 0x1378  WFPLWFS - ok

20:41:38.0312 0x1378  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\Windows\System32\wiarpc.dll

20:41:38.0344 0x1378  WiaRpc - ok

20:41:38.0359 0x1378  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

20:41:38.0375 0x1378  WIMMount - ok

20:41:38.0390 0x1378  WinDefend - ok

20:41:38.0469 0x1378  [ 310388D06C11C507226CD7C2D21D5ACE, E8158111566D553B8F0E86C33B5F75AF3A4A3405503927822B80DF64D8DEFB05 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll

20:41:38.0515 0x1378  WinHttpAutoProxySvc - ok

20:41:38.0567 0x1378  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

20:41:38.0629 0x1378  Winmgmt - ok

20:41:38.0801 0x1378  [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM           C:\Windows\system32\WsmSvc.dll

20:41:38.0911 0x1378  WinRM - ok

20:41:38.0949 0x1378  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

20:41:38.0996 0x1378  WinUsb - ok

20:41:39.0012 0x1378  [ 4F2A80D65AE6F845776E2F06AE6782ED, 2455537C048115435D9EDE4B18F9F54C43912076AEF36BDEFEC35AF2140B8B2E ] WirelessButtonDriver C:\Windows\System32\drivers\WirelessButtonDriver64.sys

20:41:39.0028 0x1378  WirelessButtonDriver - ok

20:41:39.0161 0x1378  [ EF252510DB6C3511E30418BD2AC95A2D, 75B496F5C611129D9D19B382503830FDB0E2E61D4880D2821AE381DF578C5E56 ] WlanSvc         C:\Windows\System32\wlansvc.dll

20:41:39.0239 0x1378  WlanSvc - ok

20:41:39.0386 0x1378  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\Windows\system32\wlidsvc.dll

20:41:39.0488 0x1378  wlidsvc - ok

20:41:39.0501 0x1378  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys

20:41:39.0530 0x1378  WmiAcpi - ok

20:41:39.0551 0x1378  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

20:41:39.0586 0x1378  wmiApSrv - ok

20:41:39.0604 0x1378  WMPNetworkSvc - ok

20:41:39.0634 0x1378  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys

20:41:39.0672 0x1378  Wof - ok

20:41:39.0799 0x1378  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll

20:41:39.0877 0x1378  workfolderssvc - ok

20:41:39.0924 0x1378  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys

20:41:39.0955 0x1378  wpcfltr - ok

20:41:39.0986 0x1378  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll

20:41:40.0018 0x1378  WPCSvc - ok

20:41:40.0033 0x1378  [ DBDCE2378F65F0A07D4644AC103037E7, 99714F0CD31297C9831BAF04768F467F6E0BF710C859CEDCA83069226BF1A68A ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

20:41:40.0080 0x1378  WPDBusEnum - ok

20:41:40.0111 0x1378  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys

20:41:40.0173 0x1378  WpdUpFltr - ok

20:41:40.0184 0x1378  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

20:41:40.0201 0x1378  ws2ifsl - ok

20:41:40.0248 0x1378  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\Windows\System32\wscsvc.dll

20:41:40.0279 0x1378  wscsvc - ok

20:41:40.0311 0x1378  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys

20:41:40.0358 0x1378  WSDPrintDevice - ok

20:41:40.0403 0x1378  [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys

20:41:40.0466 0x1378  WSDScan - ok

20:41:40.0466 0x1378  WSearch - ok

20:41:40.0654 0x1378  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\Windows\System32\WSService.dll

20:41:40.0826 0x1378  WSService - ok

20:41:41.0030 0x1378  [ 020F47C655ED1F63BBA834AA53575D5C, 7E36BB83B937CEA8B5D1EAF1DF63D32D64CA8045DA377DF5237D2F4DC16574CC ] wuauserv        C:\Windows\system32\wuaueng.dll

20:41:41.0214 0x1378  wuauserv - ok

20:41:41.0245 0x1378  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

20:41:41.0276 0x1378  WudfPf - ok

20:41:41.0308 0x1378  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys

20:41:41.0339 0x1378  WUDFRd - ok

20:41:41.0354 0x1378  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

20:41:41.0386 0x1378  wudfsvc - ok

20:41:41.0401 0x1378  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys

20:41:41.0432 0x1378  WUDFWpdFs - ok

20:41:41.0448 0x1378  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys

20:41:41.0464 0x1378  WUDFWpdMtp - ok

20:41:41.0526 0x1378  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\Windows\System32\wwansvc.dll

20:41:41.0573 0x1378  WwanSvc - ok

20:41:41.0604 0x1378  ================ Scan global ===============================

20:41:41.0667 0x1378  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll

20:41:41.0714 0x1378  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\Windows\system32\winsrv.dll

20:41:41.0745 0x1378  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\system32\sxssrv.dll

20:41:41.0823 0x1378  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe

20:41:41.0839 0x1378  [ Global ] - ok

20:41:41.0839 0x1378  ================ Scan MBR ==================================

20:41:41.0854 0x1378  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0

20:41:41.0932 0x1378  \Device\Harddisk0\DR0 - ok

20:41:41.0948 0x1378  ================ Scan VBR ==================================

20:41:41.0948 0x1378  [ 6DA01939CB494FE64564861269D9F63A ] \Device\Harddisk0\DR0\Partition1

20:41:41.0964 0x1378  \Device\Harddisk0\DR0\Partition1 - ok

20:41:41.0995 0x1378  [ 34A5C8F2E0C6A1C37611001ED419DA9A ] \Device\Harddisk0\DR0\Partition2

20:41:41.0995 0x1378  \Device\Harddisk0\DR0\Partition2 - ok

20:41:42.0042 0x1378  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3

20:41:42.0042 0x1378  \Device\Harddisk0\DR0\Partition3 - ok

20:41:42.0057 0x1378  [ C05F94ABEA6EABA8B7B3C82DAC44F698 ] \Device\Harddisk0\DR0\Partition4

20:41:42.0073 0x1378  \Device\Harddisk0\DR0\Partition4 - ok

20:41:42.0124 0x1378  [ 2690B8F2A59B86FB05D66126F370F809 ] \Device\Harddisk0\DR0\Partition5

20:41:42.0124 0x1378  \Device\Harddisk0\DR0\Partition5 - ok

20:41:42.0124 0x1378  ================ Scan generic autorun ======================

20:41:42.0171 0x1378  [ 0B091BD3E8F6BD5F985DE8E3DF17D837, 7082AFB9EE8EE2EAAAFA0DB129505117E2BA1D7059B193E0DEF514080F77D1BE ] C:\Windows\system32\igfxtray.exe

20:41:42.0218 0x1378  IgfxTray - ok

20:41:42.0265 0x1378  [ 1ECC8D5528F535EC6CECFB824B349418, 4035CD388A437F1564C6E4E86787756CF196CD0DFDDAD4DAFABDB583D370FF4F ] C:\Windows\system32\hkcmd.exe

20:41:42.0296 0x1378  HotKeysCmds - ok

20:41:42.0358 0x1378  [ 1B8C1C4B77BE157E322A05118A2E25E1, 978C8A511544DE5BC7BCB31B675356E8E764EFC435BCCDF360C8635668D6B072 ] C:\Windows\system32\igfxpers.exe

20:41:42.0405 0x1378  Persistence - ok

20:41:42.0765 0x1378  [ EA7D234FDFED4C9297CF18E893D2BB0A, BF1F42EE1A513F937E763DFBBB6968669BF917582FDF5F15BC129CEADBD60538 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

20:41:43.0030 0x1378  RTHDVCPL - ok

20:41:43.0108 0x1378  [ C64DF38DEC404F9AE07B7691774595E1, 63803D3D54EF65737468968E32E8306DC41ED2482E1A39C77F10BDEA20A60AF4 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

20:41:43.0186 0x1378  RtHDVBg - ok

20:41:43.0186 0x1378  SynTPEnh - ok

20:41:43.0249 0x1378  [ 889E56C58F5AC4242E395E3AD5F7780C, 35AA891112BE86C28C6AF8DF44BFEE342BAB7BDA877917C9B6466204091B9ADE ] C:\Program Files\Classic Shell\ClassicStartMenu.exe

20:41:43.0296 0x1378  Classic Start Menu - ok

20:41:43.0359 0x1378  [ B62BECFBE0CE87CA4E44F81B9815406A, C7088991FBF29E6DC8CA99897D1885BBAC446BE9015D20E7EFCE7AEF8B39D917 ] C:\Program Files (x86)\AVG\Av\avuirunnerx.exe

20:41:43.0406 0x1378  AVG_UI - ok

20:41:43.0468 0x1378  [ C055411BF5412576E0191A61854C3671, 1D8FA9A922C6C954D8DB48344D7DC391EBD6DD5A19F8AF639569C6AE151AF1E7 ] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe

20:41:43.0500 0x1378  HPMessageService - ok

20:41:43.0578 0x1378  [ 14217E357A0FF2B4D27E78D057DEFFF5, 1CCE7423C9AD09D2A744EC5F076A53B9A77848E881330975D3A4B997E067AD7F ] C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe

20:41:43.0625 0x1378  AvgUi - ok

20:41:43.0687 0x1378  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

20:41:43.0750 0x1378  HP Software Update - ok

20:41:43.0750 0x1378  Waiting for KSN requests completion. In queue: 158

20:41:44.0813 0x1378  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )

20:41:44.0860 0x1378  AV detected via SS2: AVG Internet Security, C:\Program Files (x86)\AVG\Av\avgwsc.exe ( 16.111.0.7797 ), 0x41000 ( enabled : updated )

20:41:44.0860 0x1378  FW detected via SS2: AVG Internet Security, C:\Program Files (x86)\AVG\Av\avgwsc.exe ( 16.111.0.7797 ), 0x41010 ( enabled )

20:41:45.0079 0x1378  ============================================================

20:41:45.0079 0x1378  Scan finished

20:41:45.0079 0x1378  ============================================================

20:41:45.0110 0x0ae0  Detected object count: 0

20:41:45.0110 0x0ae0  Actual detected object count: 0