Trojaner-Board - Notebook gehackt? Antivirusprogramm simuliert / deaktiviert

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Notebook gehackt? Antivirusprogramm simuliert / deaktiviert (https://www.trojaner-board.de/167068-notebook-gehackt-antivirusprogramm-simuliert-deaktiviert.html)

Notebook gehackt? Antivirusprogramm simuliert / deaktiviert

Hallo, hoffentlich kann mir hier jemand helfen.

Seit längerer Zeit habe ich in größeren Abständen die Meldung erhalten, dass mein Antivirusprogramm (Avira free) und meine Windows Firewall deaktiviert sind. Wenn ich auf das Feld "aktivieren" bei der Meldung klickte, passierte nichts. Wenn ich dagegen das (Avira) Sicherheitscenter geöffnet habe, erschien die Meldung, dass mein PC sicher ist und die Scans regelmäßig durchgeführt wurden.

Beim Scannen des ganzen Systems mit Avira free wurden immer nur ca 91% überprüft.

Dann ist mir vor einigen Tagen aufgefallen, dass, bevor ich überhaupt online gegangen war und erst wenige Sekunden das Notebook hochgefahren hatte, bereits ein Update an diesem Tag durchgeführt worden sein sollte.

Beim Scan mit Avira wurden, im Gegensatz zu früher immer, keine Gefahren entdeckt bzw isoliert.

Die Verknüpfung zum Avira Wartungscenter auf dem Desktop konnte ich nicht mehr öffnen.

Dann verschwand eine der Verknüpfungen (avira) auf dem Desktop und erschien an anderer Stelle mit einer anderen Unterschrift, während ich online war.

Dann habe ich malwarebytes runtergeladen und durchgeführt. Es wurde nichts gefunden. Es sah so aus als würde das wirklich funktionieren. Als ich allerdings geguckt habe, wann der letzte Scan gemacht wurde, stand dort, dass 0 Scans durchgeführt wurden.

Ich habe Avira free deinstalliert und wollte es neu runterladen. Dies hat aber nicht funktioniert. Bzw runterladen ging, aber speichern konnte ich das Programm nicht. Ich hätte dazu auch den log file.

Auf meiner Taskleiste erschienen (chinesische?) Schriftzeichen während ich online war.

Ich hatte außerdem zwischendurch das Gefühl, dass beim Tippen das Notebook gemacht hat, was es wollte. Das hat sich aber immer nach max. 30 Sekunden wieder gelegt.

Ich habe leider nicht viel Ahnung. ich denke mir aber, dass mein System gehackt wurde und ferngesteuert wird?

Ich habe nun das mcAfee Antivirusprogramm (über gmx). Allerdings hat das nichts gefunden. Und ich zweifele, dass das tatsächlich richtig das System gescannt hat.

Ich danke sehr für Hilfe!!

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Vielen Dank!

Hier FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-05-2015
Ran by drogba (administrator) on GEORGE on 22-05-2015 13:49:17
Running from C:\Users\drogba\Downloads
Loaded Profiles: drogba (Available profiles: drogba)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.3.374.0\McCSPServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\CommonBuild\McCBEntAndInstru.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\UserAccountBroker.exe
(McAfee, Inc.) C:\Program Files\McAfee\VUL\McVulCtr.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcods.exe
(Microsoft Corporation) C:\Windows\System32\SrTasks.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [391128 2013-10-01] (Intel Corporation)
HKLM-x32\...\Run: [HotKeysCmds] => C:\WINDOWS\system32\hkcmd.exe [771032 2013-10-01] (Intel Corporation)
HKLM-x32\...\Run: [Persistence] => C:\WINDOWS\system32\igfxpers.exe [769496 2013-10-01] (Intel Corporation)
HKLM-x32\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13632216 2013-07-23] (Realtek Semiconductor)
HKLM-x32\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-04] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2014-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [643064 2015-02-09] (McAfee, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2651605502-3585297421-3202817343-1001\...\Run: [lollipop_01261731] => lollipop_01261731
HKU\S-1-5-21-2651605502-3585297421-3202817343-1001\...\RunOnce: [Adobe Speed Launcher] => 1432282249
AppInit_DLLs: c:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL => c:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL File Not Found
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled
ProxyServer: [.DEFAULT] => http=127.0.0.1:49280;https=127.0.0.1:49280
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2651605502-3585297421-3202817343-1001 -> DefaultScope {41F20EDA-B136-4FBB-A04B-1043DEA4D09F} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE674D20150507&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2651605502-3585297421-3202817343-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2651605502-3585297421-3202817343-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
SearchScopes: HKU\S-1-5-21-2651605502-3585297421-3202817343-1001 -> {41F20EDA-B136-4FBB-A04B-1043DEA4D09F} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE674D20150507&p={SearchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
Toolbar: HKU\S-1-5-21-2651605502-3585297421-3202817343-1001 -> No Name - {41564952-412D-5637-4300-7A786E7484D7} - No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2014-06-30] (McAfee, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-02-27] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-02-27] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 83.169.185.161 83.169.185.225

FireFox:
========
FF ProfilePath: C:\Users\drogba\AppData\Roaming\Mozilla\Firefox\Profiles\i3ziz9pc.default-1426507441497
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Sichere Suche
FF Homepage: chrome://unitedtb/content/newtab/startpage.xhtml
FF Keyword.URL: https://de.search.yahoo.com/search?fr=mcafee&type=B114DE674D20150507&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-22] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-02-27] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-22] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-02-27] ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2651605502-3585297421-3202817343-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-05-18]
FF Extension: GMX MailCheck - C:\Users\drogba\AppData\Roaming\Mozilla\Firefox\Profiles\i3ziz9pc.default-1426507441497\Extensions\toolbar@gmx.net [2015-05-20]
FF Extension: NoScript - C:\Users\drogba\AppData\Roaming\Mozilla\Firefox\Profiles\i3ziz9pc.default-1426507441497\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-05-08]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-22]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-05-07]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-05-18]

Chrome:
=======
CHR Profile: C:\Users\drogba\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-05-18]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-05-18]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 0010971431963810mcinstcleanup; C:\WINDOWS\TEMP\001097~1.EXE [883024 2015-04-06] (McAfee, Inc.)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-06-19] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [156904 2014-09-16] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2015-02-27] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.374.0\McCSPServiceHost.exe [422632 2015-01-22] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [601864 2015-02-27] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69392 2013-08-08] (ASUS Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-21] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S1 wStLibG64; system32\drivers\wStLibG64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-22 13:49 - 2015-05-22 13:50 - 00020359 _____ () C:\Users\drogba\Downloads\FRST.txt
2015-05-22 13:49 - 2015-05-22 13:49 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-05-22 13:49 - 2015-05-22 13:49 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-22 13:48 - 2015-05-22 13:49 - 00000000 ____D () C:\FRST
2015-05-22 13:46 - 2015-05-22 13:46 - 02108416 _____ (Farbar) C:\Users\drogba\Downloads\FRST64.exe
2015-05-22 10:25 - 2015-05-22 10:26 - 00000115 ____H () C:\Users\drogba\Documents\.~lock.Music.odt#
2015-05-20 14:50 - 2015-05-22 12:00 - 00003474 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update1
2015-05-20 14:42 - 2015-05-20 14:42 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-20 14:42 - 2015-05-20 14:42 - 00001125 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-20 14:42 - 2015-05-20 14:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-18 17:39 - 2015-05-18 17:39 - 00021697 _____ () C:\Users\drogba\Documents\Avira log file.odt
2015-05-18 17:36 - 2015-05-18 17:36 - 00001938 _____ () C:\Users\Public\Desktop\McAfee Internet Security.lnk
2015-05-18 17:36 - 2015-05-18 17:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-05-18 17:36 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2015-05-18 17:34 - 2015-05-18 17:34 - 00000000 ____D () C:\Program Files (x86)\McAfee.com
2015-05-18 17:33 - 2015-05-18 17:36 - 00000000 ____D () C:\Program Files\McAfee
2015-05-18 17:33 - 2015-05-18 17:33 - 00000000 ____D () C:\Program Files\McAfee.com
2015-05-18 17:23 - 2015-05-18 17:36 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2015-05-18 17:23 - 2014-10-01 12:18 - 00189920 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
2015-05-18 17:22 - 2015-05-18 17:22 - 05315120 _____ (McAfee, Inc.) C:\Users\drogba\Downloads\McAfeeSetup-Serial(1).exe
2015-05-18 17:13 - 2015-05-18 17:13 - 04737144 _____ (Avira Operations GmbH & Co. KG) C:\Users\drogba\Downloads\avira_de_av_554b47ab46300__ws.exe
2015-05-07 15:30 - 2015-05-18 17:43 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-05-07 15:20 - 2015-05-07 15:20 - 05315120 _____ (McAfee, Inc.) C:\Users\drogba\Downloads\McAfeeSetup-Serial.exe
2015-05-07 13:39 - 2015-05-07 13:39 - 01203488 _____ () C:\Users\drogba\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2015-05-03 13:24 - 2015-05-04 01:07 - 00000000 ____D () C:\Users\drogba\Documents\Rethinking international tax law
2015-04-27 17:38 - 2015-04-27 17:38 - 00025741 _____ () C:\Users\drogba\Documents\Rezepte.odt
2015-04-27 14:48 - 2015-05-20 20:08 - 00000000 ____D () C:\Users\drogba\Documents\Literatur Downloads, Hörbücher
2015-04-24 13:34 - 2015-04-24 13:34 - 00023244 _____ () C:\Users\drogba\Documents\Arbeitszeugnis Formulierungen.odt
2015-04-23 00:44 - 2015-04-29 00:40 - 00013677 _____ () C:\Users\drogba\Documents\lesens- und sehenswert.odt
2015-04-22 16:03 - 2015-05-20 14:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-22 13:50 - 2013-04-26 01:15 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-22 13:46 - 2014-01-30 00:22 - 01852200 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-22 13:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-22 12:00 - 2013-11-21 16:52 - 00003464 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update2
2015-05-22 10:57 - 2013-12-25 16:42 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2651605502-3585297421-3202817343-1001
2015-05-22 10:26 - 2014-12-12 20:26 - 00016184 _____ () C:\Users\drogba\Documents\Music.odt
2015-05-22 10:13 - 2014-01-30 01:01 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8AF272E8-EBB8-4989-A117-9196340E9353}
2015-05-22 10:12 - 2013-12-24 15:53 - 00000064 _____ () C:\Users\drogba\AppData\Roaming\sp_data.sys
2015-05-21 19:09 - 2015-02-06 22:44 - 00000000 ____D () C:\Users\drogba\Documents\WZR
2015-05-21 10:41 - 2014-12-15 14:36 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-20 20:36 - 2014-12-26 02:47 - 00000000 ____D () C:\Users\drogba\Documents\Schreiben
2015-05-20 20:30 - 2013-11-14 09:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-20 20:30 - 2013-11-14 09:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-05-20 20:30 - 2013-11-14 09:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-05-20 20:29 - 2013-08-22 16:46 - 00293209 _____ () C:\WINDOWS\setupact.log
2015-05-20 17:17 - 2013-04-26 01:18 - 00000000 ____D () C:\ProgramData\McAfee
2015-05-20 15:26 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-18 17:44 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-05-18 17:41 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-18 17:40 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-18 17:34 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-05-18 17:14 - 2014-02-23 02:48 - 00000000 ____D () C:\ProgramData\Avira
2015-05-18 17:14 - 2014-02-23 02:48 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-05-18 17:01 - 2013-11-14 00:18 - 00394418 _____ () C:\WINDOWS\PFRO.log
2015-05-18 16:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-07 23:53 - 2014-10-26 16:20 - 00013235 _____ () C:\Users\drogba\Documents\Gesundheit - Angst.odt
2015-05-07 23:10 - 2014-12-26 02:37 - 00000000 ____D () C:\Users\drogba\Documents\Bewerbung
2015-05-07 13:47 - 2014-12-15 14:36 - 00001080 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-07 13:47 - 2014-12-15 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-07 13:47 - 2014-12-15 14:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-06 00:21 - 2015-01-14 01:10 - 00000000 ____D () C:\Users\drogba\Documents\Referendariat
2015-05-03 16:08 - 2014-12-26 02:30 - 00000000 ____D () C:\Users\drogba\Documents\FFE
2015-05-02 23:46 - 2015-01-02 18:46 - 00032218 _____ () C:\Users\drogba\Documents\Tagebuch über alles - Gegenwart.odt
2015-04-27 14:49 - 2014-10-11 23:58 - 00023588 _____ () C:\Users\drogba\Documents\Literaturkanon.odt
2015-04-23 20:19 - 2015-04-19 22:38 - 00000000 ____D () C:\Users\drogba\Documents\Sprüche
2015-04-23 20:19 - 2014-10-11 23:58 - 00021400 _____ () C:\Users\drogba\Documents\Filmkanon.odt
2015-04-23 00:37 - 2014-09-01 21:18 - 00020624 _____ () C:\Users\drogba\Documents\Der TAG.odt

==================== Files in the root of some directories =======

2013-12-24 15:53 - 2015-05-22 10:12 - 0000064 _____ () C:\Users\drogba\AppData\Roaming\sp_data.sys
2014-01-30 00:00 - 2014-01-30 00:00 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-04-26 01:15 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-04-26 01:15 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-04-26 01:15 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS

Some files in TEMP:
====================
C:\Users\drogba\AppData\Local\Temp\0318531431963194mcinst.exe
C:\Users\drogba\AppData\Local\Temp\avgnt.exe
C:\Users\drogba\AppData\Local\Temp\i4jdel0.exe
C:\Users\drogba\AppData\Local\Temp\mccspuninstall.exe
C:\Users\drogba\AppData\Local\Temp\Offercast_AVIRAV7_.exe
C:\Users\drogba\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-03-18 16:44

==================== End of log ============================

Hier Addition.txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-05-2015
Ran by drogba at 2015-05-22 13:52:32
Running from C:\Users\drogba\Downloads
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2651605502-3585297421-3202817343-500 - Administrator - Disabled)
drogba (S-1-5-21-2651605502-3585297421-3202817343-1001 - Administrator - Enabled) => C:\Users\drogba
Gast (S-1-5-21-2651605502-3585297421-3202817343-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.3 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.4 - ASUS)
ASUS Screen Saver (HKLM\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.2.2 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0018 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5230.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5230.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.309 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0030 - ASUS)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 13.6.1599 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.210 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2651605502-3585297421-3202817343-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.14.327.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6976 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.27038 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
VideoPlayer v2.0.6 (HKLM-x32\...\VideoPlayer) (Version: v2.0.6 - TUGUU SL) <==== ATTENTION
Windows Driver Package - ASUS (ATP) Mouse (07/16/2013 1.0.0.181) (HKLM\...\16D5A24C881B7CEE31FBA6DD5EC1C194C188F85A) (Version: 07/16/2013 1.0.0.181 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
yEd Graph Editor 3.13 (HKLM-x32\...\3309-7404-0599-8908) (Version: 3.13 - yWorks GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2651605502-3585297421-3202817343-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\drogba\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2651605502-3585297421-3202817343-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\drogba\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2651605502-3585297421-3202817343-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\drogba\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2651605502-3585297421-3202817343-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\drogba\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

27-03-2015 10:06:33 Windows Update
10-04-2015 18:34:51 Windows Update
17-04-2015 15:01:16 Windows Update
20-04-2015 18:54:26 Windows Update
22-05-2015 13:46:58 McAfee Vulnerability Scanner

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08235B57-BB79-4D84-9B01-D47361842C9B} - System32\Tasks\RegistryDr_Popup => C:\Program Files (x86)\Registry Dr\Splash.exe <==== ATTENTION
Task: {0FEDDB03-3085-4F95-9440-CC7DFC9D709F} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-06-19] (ASUS)
Task: {23FD23CB-D0DF-4421-B752-96A4AFA83F47} - System32\Tasks\{D2206A7A-4FB0-446D-8653-111BA28053C8} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Config\uninstinethnfd.exe"
Task: {2BCC02F1-148F-41DE-98E4-AE9181DB645B} - System32\Tasks\RegistryDr_Start => C:\Program Files (x86)\Registry Dr\RegistryDr.exe <==== ATTENTION
Task: {2CE020FA-FC2F-454E-B43A-EF4479D771A4} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-08-16] (ASUSTeK Computer Inc.)
Task: {404C120A-118A-480F-B51A-0F1A1D093998} - System32\Tasks\{AC4EF202-3190-405D-9597-BE16B3D3FF6C} => pcalua.exe -a "C:\Program Files (x86)\Mobogenie\uninst.exe"
Task: {54497648-D250-4BBF-B62E-08D70D8029F9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-20] (Microsoft Corporation)
Task: {5A82E9BE-60D0-4FA9-90D7-DA209A3EE5E2} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-08-08] (AsusTek)
Task: {63A8990A-D572-4002-90A9-54D6BD2547B2} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {77262A0C-8A00-479C-AF69-273A6F6FD154} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {7AB216A2-8EA1-445C-8473-2634FBE4F3C2} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {89626661-2A20-4E4C-87AA-BA838FB91E84} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-22] (Adobe Systems Incorporated)
Task: {9785C634-314E-4A12-994F-DB7ECC4D089D} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-05-21] (ASUSTeK Computer Inc.)
Task: {9DA0C5BF-F9B8-42AB-BD51-B4B073A8FB6C} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-01-04] ()
Task: {A43C7D3E-C756-43D7-8CB8-466CCD6E30E7} - System32\Tasks\{8D67A477-DAB2-470F-AAD0-C239C08CF3C4} => pcalua.exe -a C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_287_Plugin.exe -c -maintain plugin
Task: {BAF6CE82-F098-4308-BB26-5C45E17599A9} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-08-19] (ASUS)
Task: {BCBCC049-ADE6-4CEC-914B-F4A4A05596C0} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION
Task: {C0EB8DCF-23F4-4A3B-A00A-73F90F8003BB} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {D838225E-8BE7-4566-9034-137CF3263618} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-05-21] (ASUSTeK Computer Inc.)
Task: {E655D3B8-2557-492C-B637-B42793173D5F} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {E6BDA84F-1BEF-4CED-98FE-3412E62FFFC3} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2012-12-19 08:10 - 2012-12-19 08:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2013-06-19 22:49 - 2013-06-19 22:49 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2013-10-01 14:02 - 2013-10-01 14:02 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2013-11-21 16:40 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-08-16 12:03 - 2013-08-16 12:03 - 00023040 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2013-08-19 19:16 - 2013-08-19 19:16 - 00015440 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-08-13 10:27 - 2014-08-13 10:27 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
2014-07-29 14:34 - 2014-07-29 14:34 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll
2013-04-27 12:24 - 2013-04-27 12:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2651605502-3585297421-3202817343-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\drogba\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Fotogalerie-Hintergrundbild.jpg
DNS Servers: 83.169.185.161 - 83.169.185.225

==================== MSCONFIG/TASK MANAGER Error getting ==

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2651605502-3585297421-3202817343-1001\...\StartupApproved\StartupFolder: => "MyPC Backup.lnk"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4969B981-091A-4065-8DD4-7F06B85BFF68}] => (Allow) C:\ProgramData\EmailNotifier\EmailNotifier.exe
FirewallRules: [{F890936C-49A1-4F9C-A3E4-93E261506364}] => (Allow) C:\ProgramData\EmailNotifier\EmailNotifier.exe
FirewallRules: [{51F27DFA-70C0-443D-B7BA-09E1436339AD}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
FirewallRules: [{53449BF5-1DCD-4E99-BAAB-AC911480348F}] => (Allow) C:\Program Files (x86)\mystarttb\ToolbarCleaner.exe
FirewallRules: [{057FEFA2-3430-45B6-A880-6ED2E0F69CD6}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{893EFA70-94A6-4F6C-B36E-14E394DB42E2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{08DF9207-336B-4D4F-B1FD-122BC45D324B}] => (Allow) LPort=1900
FirewallRules: [{CACDB418-5466-44CB-97EB-234638B11E8D}] => (Allow) LPort=2869
FirewallRules: [{8F742722-EB63-4B60-8280-435B83C49A8F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [TCP Query User{6951955A-1EED-4FC2-BFB5-29064C543E81}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{B83E9775-DEAF-4D73-8D2F-2B8133946097}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{DC17AEC2-1112-40D6-B819-A3DCEFAEAB72}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (05/22/2015 01:54:34 PM) (Source: MsiInstaller) (EventID: 1002) (User: george)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".

Error: (05/22/2015 01:50:55 PM) (Source: MsiInstaller) (EventID: 1002) (User: george)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".

Error: (05/22/2015 10:11:28 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/21/2015 10:29:04 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/20/2015 02:38:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17416, Zeitstempel: 0x5452eed9
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x14d4
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (05/18/2015 05:04:49 PM) (Source: MsiInstaller) (EventID: 1002) (User: george)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".

Error: (05/08/2015 11:55:10 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (05/08/2015 11:12:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.17667, Zeitstempel: 0x54c6f7c2
Name des fehlerhaften Moduls: UIRibbonRes.dll, Version: 6.3.9600.17415, Zeitstempel: 0x545055c1
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000605c0
ID des fehlerhaften Prozesses: 0x16bc
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (05/08/2015 11:12:54 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Explorer.EXE
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 00007FFDAB2B05C0

Error: (05/08/2015 10:46:28 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

System errors:
=============
Error: (05/21/2015 04:24:28 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet:
%%1

Error: (05/20/2015 05:11:54 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (05/20/2015 02:37:12 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet:
%%1

Error: (05/18/2015 05:48:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet:
%%1

Error: (05/18/2015 05:34:00 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "McAfee Proxy Service" ist von folgendem Dienst abhängig: mfefire. Dieser Dienst ist möglicherweise nicht installiert.

Error: (05/18/2015 05:00:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Validation Trust Protection Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (05/18/2015 04:58:46 PM) (Source: DCOM) (EventID: 10010) (User: george)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (05/18/2015 04:58:16 PM) (Source: DCOM) (EventID: 10010) (User: george)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (05/17/2015 07:04:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet:
%%1

Error: (05/16/2015 06:52:09 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet:
%%1

Microsoft Office:
=========================
Error: (05/22/2015 01:54:34 PM) (Source: MsiInstaller) (EventID: 1002) (User: george)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)

Error: (05/22/2015 01:50:55 PM) (Source: MsiInstaller) (EventID: 1002) (User: george)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)

Error: (05/22/2015 10:11:28 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/21/2015 10:29:04 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (05/20/2015 02:38:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.174165452eed9unknown0.0.0.000000000c00004090000000014d401d092f9e7cab628C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEunknown2d396351-feed-11e4-beac-bcee7bba226e

Error: (05/18/2015 05:04:49 PM) (Source: MsiInstaller) (EventID: 1002) (User: george)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)

Error: (05/08/2015 11:55:10 AM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883

Error: (05/08/2015 11:12:56 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.3.9600.1766754c6f7c2UIRibbonRes.dll6.3.9600.17415545055c1c000000500000000000605c016bc01d08969abf801e9C:\WINDOWS\Explorer.EXEC:\WINDOWS\S YSTEM32\UIRibbonRes.dll698e0705-f562-11e4-beaa-bcee7bba226e

Error: (05/08/2015 11:12:54 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Explorer.EXE
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 00007FFDAB2B05C0

Error: (05/08/2015 10:46:28 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-3217U CPU @ 1.80GHz
Percentage of memory in use: 62%
Total physical RAM: 3981.7 MB
Available physical RAM: 1475.34 MB
Total Pagefile: 4685.7 MB
Available Pagefile: 2289.65 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.96 GB) (Free:141.55 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:258.34 GB) (Free:258.22 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 57788C0B)

Partition: GPT Partition Type.

==================== End of log ============================

Was meinst Du mit - #-Symbol im Eingabefenster der Webseite anklicken - ? Soll ich ausser dem posten noch etwas machen?

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

http://www.trojaner-board.de/picture...&pictureid=307

Lade Dir bitte von hier

Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.

Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den Programmen:

VideoPlayer v2.0.6
Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Ich bin jetzt bei dem Schritt mit Malwarebytes Anti Root Kit das System zu scannen. Irgendwo mittendrin hat sich ca. 2 Stunden nichts getan - also keine Benachrichtigungen über den Fortschritt. Und nun steht dort "scan interrupted". Wenn ich mit dem Zeiger drauf gehe, kann ich nichts anklicken, weil der Pfeil "laden" symbolisiert - blauer Kreis.
Was tue ich nun am besten?

Über den Taskmanager abschiessen, nochmal versuchen. Sicherstellen dass das AV Programm aus ist.

Ich habe es jetzt 4x mal probiert. Der Scan wird nie zuende ausgeführt. Das Antivirenprogramm habe ich deinstalliert und den Windows Defender / Firewall ausgeschaltet. Gibt es noch etwas anderes, was ich beachten muss?

Danke!

Funktioniert TDSSKiller?

Hier der gespeicherte Logfile von TDSSKiller:

Code:

ÿþ1#7#:#2#4#:#4#6#.#0#5#1#0# #0#x#0#c#e#4# # #T#D#S#S# #r#o#o#t#k#i#t# #r#e#m#o#v#i#n#g# #t#o#o#l# #3#.#0#.#0#.#4#4# #J#a#n# #2#2# #2#0#1#5# #0#8#:#2#7#:#0#4#n#i#q#u#e#G#U#I#D#:# #{#D#3#B#8#0#B#0#7#-#2#8#6#C#-#4#8#6#C#-#A#B#9#0#-#0#3#9#9#B#6#2#2#B#6#E#8#}#,# #N#a#m#e#:# #M#i#c#r#o#s#o#f#t# #r#e#s#e#r#v#e#d# #p#a#r#t#i#t#i#o#n#,# #S#t#a#r#t#L#B#A# #0#x#1#F#4#8#0#0#,# #B#l#o#c#k#s#N#u#m# #0#x#4#0#0#0#0#x#0#f#8#0# # #[# #E#1#8#3#2#B#D#9#F#D#7#E#0#F#C#2#D#C#9#F#A#5#9#3#5#D#E#3#E#8#C#1#,# #4#1#F#F#7#4#1#8#8#8#7#A#F#C#8#B#9#C#9#6#E#F#2#1#C#5#9#5#0#D#D#3#4#2#C#C#9#E#3#C#0#D#8#7#A#F#D#6#0#A#0#5#B#9#8#8#C#1#D#6#C#C#2#3# #]# #1#3#9#4#o#h#c#i# # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#1#3#9#4#o#h#c#i#.#s#y#s#

 #9#9#4#6#C#8#4#7#7#1#0#4#E#E#C#7#D#B#1#9#7#E#2#2#2#2#F#9#9#0#5#3#0#7#F#1#0#1#C#3#9#8#C#C#E#D#4#B#5#F#D#0#F#8#6#A#5#6#2#2#C#7#9#1# #]# #a#c#p#i#p#a#g#r# # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#a#c#p#i#p#a#g#r#.#s#y#s#1#F#D#F#1#B#4#8#2#9#8#C#B#A#7#C#E#4#B#D#D#4#9#7#8#9#5#1#A#D#,# #8#0#F#4#D#5#3#6#E#1#2#3#1#B#3#0#E#8#3#6#F#7#2#A#D#C#8#8#1#4#A#E#6#A#A#9#F#E#C#5#7#3#F#B#5#F#3#F#9#6#5#F#A#C#8#A#B#C#C#A#F#0#F#8# #]# #A#D#P#8#0#X#X# # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#A#D#P#8#0#X#X#.#S#Y#S#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#a#m#d#s#a#t#a#.#s#y#s#

 #0#x#0#f#8#0# # #a#r#c#s#a#s# #-# #o#k#k#e#r# #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#A#u#d#i#o#E#n#d#p#o#i#n#t#B#u#i#l#d#e#r#.#d#l#l#f#8#0# # #[# #4#8#5#5#4#9#9#4#2#7#9#B#F#E#1#7#A#3#D#2#B#0#0#0#7#6#D#0#C#B#1#A#,# #6#5#2#1#B#1#E#C#0#B#C#6#B#0#1#F#6#3#9#7#6#3#7#0#D#8#9#F#E#7#D#C#2#E#7#4#0#4#8#9#9#F#6#8#B#6#F#A#C#3#7#A#9#1#7#3#B#9#C#5#D#4#8#9# #]# #B#I#T#S# # # # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#q#m#g#r#.#d#l#l#

 #-# #o#k#8#E#C#1#7#2#2#8#3#5#6# #]# #b#t#h#s#e#r#v# # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#b#t#h#s#e#r#v#.#d#l#l#y#s#t#e#m#3#2#\#D#r#i#v#e#r#s#\#c#n#g#.#s#y#s#

 #]# #d#e#f#r#a#g#s#v#c# # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#d#e#f#r#a#g#s#v#c#.#d#l#l#

#1#7#:#2#5#:#4#6#.#0#0#5#9# #0#x#0#f#8#0# # #[# #A#0#3#F#3#6#2#C#5#5#5#7#E#2#3#8#C#B#F#A#9#1#4#6#8#9#C#7#7#2#4#8#,# #B#A#D#0#A#1#1#2#4#E#6#A#3#8#4#C#1#5#0#2#8#F#B#E#1#2#1#A#D#F#6#5#0#F#7#7#1#6#4#4#2#5#5#5#A#D#3#7#3#7#B#9#E#A#1#F#5#8#A#6#9#2#4#6# #]# #D#f#s#c# # # # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#D#r#i#v#e#r#s#\#d#f#s#c#.#s#y#s# # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#d#x#g#k#r#n#l#.#s#y#s#C#4#6#3#9#A#7#C#C#C#C#F#5#4#4#C#6#B#A#6#1#7#7#B#2#,# #B#7#5#C#D#D#5#2#F#D#3#8#9#0#B#3#0#0#8#E#0#6#C#5#0#3#9#4#5#D#1#E#3#6#4#7#8#F#0#E#C#5#E#0#6#7#C#8#D#B#C#2#8#2#2#D#7#9#3#5#D#2#4#B# #]# #F#a#x# # # # # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#f#x#s#s#v#c#.#e#x#e#

 #0#x#0#f#8#0# # #f#d#c# #-# #o#k#3#2#\#F#n#t#C#a#c#h#e#.#d#l#l#p#s#v#c# #-# #o#k#

 #0#x#0#f#8#0# # #h#i#d#s#e#r#v# #-# #o#k#2#B#6#7#6#3#7#6#C#A#D#D#D#6#6#0#7#E#C#A#B#E#C#9#2#5#5#F# #]# #H#o#m#e#G#r#o#u#p#L#i#s#t#e#n#e#r# #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#L#i#s#t#S#v#c#.#d#l#l#3#2#\#d#r#i#v#e#r#s#\#i#a#L#P#S#S#i#_#I#2#C#.#s#y#s#8#0#8#8#2#A#C#4# #]# #I#n#t#c#D#A#u#d# # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#D#R#I#V#E#R#S#\#I#n#t#c#D#A#u#d#.#s#y#s#

 #0#x#0#f#8#0# # #[# #C#9#9#F#8#E#9#0#D#E#4#B#8#F#0#C#7#F#E#1#5#B#B#1#C#B#C#D#2#9#D#C#,# #F#7#9#1#E#E#1#0#1#E#E#F#8#B#9#F#4#8#1#0#2#B#6#C#6#3#A#8#9#B#7#8#F#7#C#0#0#4#1#C#7#5#0#C#4#F#4#C#0#D#1#6#D#5#4#B#5#8#3#B#7#B#5#C# #]# #I#n#t#e#l#(#R#)# #C#a#p#a#b#i#l#i#t#y# #L#i#c#e#n#s#i#n#g# #S#e#r#v#i#c#e# #I#n#t#e#r#f#a#c#e# #C#:#\#P#r#o#g#r#a#m# #F#i#l#e#s#\#I#n#t#e#l#\#i#C#L#S# #C#l#i#e#n#t#\#H#e#c#i#S#e#r#v#e#r#.#e#x#e#E#9#1#1#0#7#F#6#E#9#4#6#A#9#3#D#9#D#4#E#F#D#,# #D#5#D#A#3#C#0#2#C#5#C#5#A#3#4#3#7#8#5#7#4#5#E#F#6#9#8#3#C#C#9#B#5#F#B#D#3#F#B#8#D#4#9#F#E#9#B#4#5#0#5#2#3#E#5#0#2#1#2#D#1#A#3#2# #]# #I#P#N#A#T# # # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#i#p#n#a#t#.#s#y#s#6#7#9#D#8#0#C#8#4#5#C#D#F#B#F#B#B#C#7#0#B#E#8#1#8#F#8#9#9#F#3#3#3#6#B#B#B#5#4#A#3#F#F#B# #]# #k#d#n#i#c# # # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#D#R#I#V#E#R#S#\#k#d#n#i#c#.#s#y#s#

 #0#x#0#f#8#0# # #[# #C#1#5#9#1#A#6#6#0#2#8#C#7#1#1#4#7#A#3#E#2#E#A#B#0#B#1#C#C#B#7#E#,# #8#2#F#3#D#5#D#C#C#1#6#1#4#3#9#8#A#1#4#4#D#9#7#9#1#E#4#B#A#A#8#1#4#D#B#A#9#1#1#2#6#7#7#3#4#1#F#D#5#7#D#5#E#9#8#3#4#C#E#D#E#B#4#1# #]# #K#t#m#R#m# # # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#m#s#d#t#c#k#r#m#.#d#l#l#:#5#0#.#0#2#4#6# #0#x#0#f#8#0# # #l#l#t#d#i#o# #-# #o#k#1# #0#x#0#f#8#0# # #[# #E#9#C#D#0#5#8#C#7#9#E#A#1#5#B#4#A#A#9#3#E#2#5#9#F#A#7#1#3#B#0#7#,# #2#B#0#9#F#6#5#1#8#8#D#8#7#8#2#F#9#C#7#9#7#5#4#5#F#2#F#7#9#1#E#C#7#E#A#B#8#5#D#8#9#1#4#B#2#C#0#B#3#0#B#D#8#6#9#C#4#1#2#E#3#9#8#0# #]# #M#B#A#M#S#w#i#s#s#A#r#m#y# # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#M#B#A#M#S#w#i#s#s#A#r#m#y#.#s#y#s#

 #]# #m#f#e#v#t#p# # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#m#f#e#v#t#p#s#.#e#x#e#2#E#9#,# #9#0#4#8#B#E#C#7#A#D#6#A#3#F#4#B#6#4#0#E#9#9#B#1#F#0#3#6#5#A#C#9#A#4#6#7#4#0#B#1#8#8#7#5#8#F#B#B#2#C#1#6#0#E#F#3#0#A#D#6#E#6#4#B# #]# #M#M#C#S#S# # # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#m#m#c#s#s#.#d#l#l#8#F#6#7#8# #]# #M#R#x#D#A#V# # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#m#r#x#d#a#v#.#s#y#s#i#d#u#m#d#f# #-# #o#k#

 #7#3#A#2#7#E#8#8#7#7#4#C#6#9#2#9#3#2#8#E#6#C#9#F#C#9#C#3#8#9#F#4#D#F#7#6#D#4#D#4#D#5#C#B#F#C#4#F#5#1#6#5#1#C#C#3#0#8#8#2#9#6#2#8# #]# #M#s#L#l#d#p# # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#D#R#I#V#E#R#S#\#m#s#l#l#d#p#.#s#y#s#4#1#0#B#5#E#,# #F#9#4#D#D#1#A#3#5#6#6#C#7#C#8#D#0#A#7#6#D#6#E#1#E#2#5#3#0#5#5#2#A#9#B#7#F#9#9#C#5#D#A#0#D#E#1#1#8#2#9#3#2#5#E#A#B#9#F#8#B#7#E#D# #]# #M#T#C#o#n#f#i#g# # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#M#T#C#o#n#f#i#g#.#s#y#s#V#E#R#S#\#n#d#i#s#c#a#p#.#s#y#s#

 # #[# #3#0#8#3#9#2#6#D#1#C#C#5#B#5#6#E#A#0#7#8#6#5#2#7#B#5#5#7#D#D#1#B#,# #3#C#3#F#0#C#A#0#D#4#3#3#9#8#5#7#6#D#B#E#8#F#6#7#7#B#3#5#3#A#D#D#A#7#E#8#F#5#6#8#2#9#8#7#4#9#5#8#C#E#6#6#8#E#3#1#2#6#1#C#1#5#9#0# #]# #N#d#u# # # # # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#N#d#u#.#s#y#s#5#:#5#2#.#0#4#0#3# #0#x#0#f#8#0# # #[# #0#2#1#7#5#3#2#E#1#9#A#7#4#8#F#0#E#5#D#5#6#9#3#0#7#3#6#3#D#5#F#D#,# #C#4#0#C#2#E#7#A#F#A#2#7#6#0#5#7#E#7#3#2#7#A#7#B#B#1#7#3#1#2#2#6#8#9#D#6#C#E#C#9#A#E#4#4#3#C#3#8#5#0#C#3#F#9#4#A#F#0#3#D#F#B#F#5# #]# #N#e#t#B#T# # # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#D#R#I#V#E#R#S#\#n#e#t#b#t#.#s#y#s#8#7#D#2#F#A#9#8#A#0#0#E#F#9#1#B#6#1#C#4#4#A#4#C#8#B#8#2# #]# #n#s#i# # # # # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#n#s#i#s#v#c#.#d#l#l#.#0#2#0#0# #0#x#0#f#8#0# # #[# #B#A#F#F#6#1#2#2#C#F#C#9#F#9#5#C#A#1#7#5#A#D#8#C#3#4#8#1#7#9#A#4#,# #0#7#9#A#9#1#2#D#9#5#1#D#F#6#A#5#7#B#C#1#B#D#B#0#D#1#8#2#9#7#7#E#E#9#5#9#2#7#5#1#E#C#9#D#D#C#D#A#2#9#3#2#B#D#E#D#B#3#3#3#8#5#0#C# #]# #p#a#r#t#m#g#r# # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#p#a#r#t#m#g#r#.#s#y#s#

 #2#0#E#4#1#A#3#8#0#6#7#3#9#5#D#0#3#1#8#4#9#3#8#9#8#3#A#9#B#E#4#5#9#7#1#7#A#1#9#4#1#3#5#2#9#7#2#D#B#C#2#8#D#8#3#D#5#4#2#3#1#9#E#C# #]# #p#c#i# # # # # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#p#c#i#.#s#y#s# #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#p#l#a#.#d#l#l#4#C#2#C#7#F#B#6#7#C#5#,# #7#E#C#8#C#6#0#3#B#D#9#2#6#9#9#A#C#3#5#B#D#C#D#2#9#4#F#1#3#B#E#E#9#0#D#5#C#2#C#1#9#5#F#D#9#3#A#3#F#1#6#9#2#8#B#F#C#F#5#3#C#A#9#3# #]# #Q#W#A#V#E# # # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#q#w#a#v#e#.#d#l#l#

 #]# #r#d#b#s#s# # # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#D#R#I#V#E#R#S#\#r#d#b#s#s#.#s#y#s#s#\#r#d#p#v#i#d#e#o#m#i#n#i#p#o#r#t#.#s#y#s#3#3#D#2#8#4#1#4#A#6#B#,# #8#7#A#D#4#0#5#6#F#6#C#6#7#0#5#2#4#3#3#A#3#6#6#B#2#0#0#B#7#5#6#1#3#1#4#8#B#6#9#B#9#B#9#D#5#0#2#A#D#9#2#6#A#7#F#7#F#0#3#7#B#8#D#E# #]# #R#T#L#8#1#6#8# # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#D#R#I#V#E#R#S#\#R#t#6#3#0#x#6#4#.#s#y#s#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#s#d#b#u#s#.#s#y#s#

 # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#s#d#s#t#o#r#.#s#y#s#F#1#C#A#E#4#F#8#1#D#6#0#F#C#E#6#0#B#B#0#0#6#5#A#3#4#B#4#F#8#9#7#E#8#1#0#5#D#F#1#7#B#6#D#A#A#3#3#4#9#3#8#C#D#2#5#A#5#6# #]# #s#e#r#m#o#u#s#e# # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#s#e#r#m#o#u#s#e#.#s#y#s#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#s#n#m#p#t#r#a#p#.#e#x#e#

 #0#x#0#f#8#0# # #s#r#v# #-# #o#k#D#8#D#A#B#7#2#4#0#2#1#E#6#5#1#3#B#4#4#7#4#B#D#3#4#F#C#E#D#F#4#7#7#6#9#B#1#D#2#7#A#C#7#5#5#1#F#C#A#0#0#2#F#8# #]# #s#t#e#x#s#t#o#r# # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#s#t#e#x#s#t#o#r#.#s#y#s#:#5#7#.#0#2#0#0# #0#x#0#f#8#0# # #s#w#p#r#v# #-# #o#k#

 #0#x#0#f#8#0# # #[# #C#5#0#9#9#7#E#2#8#2#5#7#6#D#A#4#9#2#E#B#A#6#6#B#0#5#9#D#4#1#9#6#,# #E#B#D#7#9#3#C#B#3#9#6#F#9#5#0#3#3#7#6#2#0#7#F#A#6#0#3#5#3#F#5#6#7#2#D#E#D#B#6#2#0#C#8#E#0#1#C#8#D#6#A#E#0#0#3#0#B#3#B#0#3#3#3#9# #]# #T#e#r#m#S#e#r#v#i#c#e# # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#t#e#r#m#s#r#v#.#d#l#l#e#m#3#2#\#D#R#I#V#E#R#S#\#t#u#n#n#e#l#.#s#y#s#4#3#6#D#9#C#5#E#8#F#D#9#,# #9#2#A#D#7#A#F#9#1#1#8#4#C#2#4#4#A#7#E#3#9#2#F#4#9#6#6#3#1#4#3#1#9#3#A#8#0#D#5#D#8#1#1#1#4#5#4#6#A#0#0#F#1#8#2#2#7#D#E#3#1#D#2#3# #]# #U#m#R#d#p#S#e#r#v#i#c#e# # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#u#m#r#d#p#.#d#l#l#

 # #u#s#b#c#c#g#p# #-# #o#k#6#E#B#5#E#9#4#9#A#5#1#6# #]# #u#s#b#p#r#i#n#t# # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#u#s#b#p#r#i#n#t#.#s#y#s# #-# #o#k#

 #-# #o#k#9#4#3#D#8#C#B#E#E#6#C#0#1#D#4#F#0# #]# #v#m#i#c#v#s#s# # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#I#C#S#v#c#.#d#l#l#

#1#7#:#2#5#:#5#9#.#0#9#3#4# #0#x#0#f#8#0# # #[# #6#5#E#D#7#B#9#C#F#E#A#8#9#3#D#F#7#7#4#8#D#5#F#F#6#9#2#6#9#0#D#E#,# #7#3#A#B#9#D#8#B#B#9#2#8#B#3#2#4#7#B#D#F#C#7#B#B#4#7#A#D#7#F#C#A#7#6#3#B#3#7#5#D#C#2#5#0#C#2#5#1#D#B#4#E#0#5#7#3#5#3#1#0#4#0#E#8# #]# #v#w#i#f#i#m#p# # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#D#R#I#V#E#R#S#\#v#w#i#f#i#m#p#.#s#y#s#C#6#9#6#1#A#D#8#8#4# #]# #W#d#f#0#1#0#0#0# # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#W#d#f#0#1#0#0#0#.#s#y#s#

 #0#x#0#f#8#0# # #[# #F#5#8#1#F#9#C#9#D#6#9#5#3#F#A#B#F#A#2#4#E#6#7#1#0#5#F#0#B#6#1#4#,# #5#A#7#B#B#7#2#5#2#3#D#1#C#5#3#B#B#E#6#8#7#0#0#5#3#7#D#7#A#E#0#D#1#5#0#B#C#7#E#4#B#8#2#2#7#A#9#1#6#B#2#E#2#9#E#E#4#C#A#2#6#7#A#9# #]# #W#d#i#S#y#s#t#e#m#H#o#s#t# # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#w#d#i#.#d#l#l#0#.#0#6#8#4# #0#x#0#f#8#0# # #W#e#r#S#v#c# #-# #o#k#D#B#0#0#5#,# #5#A#2#9#E#B#B#6#D#A#0#3#6#E#3#0#3#6#1#1#E#B#1#3#0#4#1#9#2#6#5#5#0#2#1#4#0#5#B#B#0#5#4#5#2#F#D#3#7#8#8#6#D#D#E#6#0#4#F#F#0#D#9#D# #]# #w#m#i#A#p#S#r#v# # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#w#b#e#m#\#W#m#i#A#p#S#r#v#.#e#x#e#

 #0#x#0#f#8#0# # #W#p#d#U#p#F#l#t#r# #-# #o#k#0#B#C#2#6#A#5#A#5#B#0#3#0#C#A#A#6#6#9#2#8#A#6#B#B#B#7#B#7#D#C#4#3#C#5#C#1#9#9#E#D#C# #]# #W#S#S#e#r#v#i#c#e# # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#W#S#S#e#r#v#i#c#e#.#d#l#l#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#w#i#n#s#r#v#.#d#l#l#.#0#9#3#5# #0#x#0#f#8#0# # #[# #4#B#9#D#4#4#9#E#D#9#8#8#0#4#7#7#D#E#F#B#A#8#5#D#5#1#2#E#0#5#F#9#,# #B#5#0#C#5#8#9#A#1#F#8#9#5#3#6#1#7#F#A#D#9#6#1#3#6#3#C#A#3#5#3#8#F#6#C#0#5#3#9#F#A#0#6#D#7#F#A#A#2#E#A#8#8#3#2#0#4#1#0#C#7#F#4#3# #]# #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#h#k#c#m#d#.#e#x#e#

 #0#x#0#f#8#0# # #P#e#r#s#i#s#t#e#n#c#e# #-# #o#k#f#o#r# #K#S#N# #r#e#q#u#e#s#t#s# #c#o#m#p#l#e#t#i#o#n#.# #I#n# #q#u#e#u#e#:# #9#4#C#7#D#B#1#9#7#E#2#2#2#2#F#9#9#0#5#3#0#7#F#1#0#1#C#3#9#8#C#C#E#D#4#B#5#F#D#0#F#8#6#A#5#6#2#2#C#7#9#1# #]# #a#c#p#i#p#a#g#r# # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#a#c#p#i#p#a#g#r#.#s#y#s#

 # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#A#D#P#8#0#X#X#.#S#Y#S#7#4#0#4#4#E#8#9#B#B#2#E#B#6#0#A#5#2#1#B#A#A#1#1#1#A#1#2#2#9#F#A#7#B#2#D# #]# #a#h#c#a#c#h#e# # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#D#R#I#V#E#R#S#\#a#h#c#a#c#h#e#.#s#y#s# #A#p#p#I#D#S#v#c# #-# #o#k# #o#k#

#2#C#3#C#3#D#9# #]# #a#t#a#p#i# # # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#a#t#a#p#i#.#s#y#s#8#C#C#7#F#7#E#4#A#F#C#B#A#6#0#5#9#2#1#B#1#3#7#E#D#7#9#9#2#C#6#8#,# #7#1#4#0#6#E#6#D#6#E#9#9#6#4#7#4#0#A#6#D#9#0#B#0#5#3#2#9#D#5#4#9#2#B#B#9#0#A#F#4#0#E#0#6#3#0#C#F#2#F#B#F#4#B#A#4#B#A#1#4#F#2#D#D# #]# #B#a#s#i#c#D#i#s#p#l#a#y# # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#B#a#s#i#c#D#i#s#p#l#a#y#.#s#y#s# # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#b#r#o#w#s#e#r#.#d#l#l#

 #0#A#C#3#D#8#B#7#9#E#D#A#6#D#A#2#3#2#F#A#4#E#1#C#A#F#6#5#9#2#4#2#0#A#9#E#D#E#9#6#3#5#0#D#1#F#0#5#0#4#C#2#4#3#4#2#6#1#6#8#4#F#0#B# #]# #B#T#H#M#O#D#E#M# # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#b#t#h#m#o#d#e#m#.#s#y#s#m#3#2#\#D#R#I#V#E#R#S#\#c#d#f#s#.#s#y#s#2#6#5# #0#x#0#2#f#c# # #[# #6#3#2#4#F#0#D#1#8#F#B#5#2#8#3#3#B#A#6#4#B#C#8#2#8#E#2#9#0#5#4#C#,# #0#4#1#1#8#F#A#1#B#D#F#C#5#1#2#F#7#6#E#4#A#8#1#F#E#F#3#4#C#7#8#B#6#B#D#9#8#4#2#9#D#B#1#D#6#5#1#2#3#B#6#8#0#2#B#4#A#1#E#3#0#5#8#4# #]# #C#r#y#p#t#S#v#c# # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#c#r#y#p#t#s#v#c#.#d#l#l#

 #0#x#0#2#f#c# # #d#i#s#k# #-# #o#k# # # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#d#m#v#s#c#.#s#y#s# #E#E#0#0#7#6#D#9#6#F#7#F#3#C#F#2#9#8#8#4#A#C#7#A#6#7#C#0#8#A#4#2#9#1#1#5#A#7#2#0#1#3#5#4#A#1#F#B#5#D#E#4#5#F#D#6#3#A#B#B#4#9#6#0# #]# #E#h#S#t#o#r#C#l#a#s#s# # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#E#h#S#t#o#r#C#l#a#s#s#.#s#y#s#.#d#l#l#

 #8#5#7#9#6#D#8#9#9#4#3#D#D#6#F#E#3#9#3#2#C#1#E#D#6#C#F#0#1#4#7#0#C#1#B#4#D#F#D#2#4#3#C#3#9#0#B#0#7#0#5#5#F#F#D#A#3#C#2#3#1#5#5#1# #]# #f#l#p#y#d#i#s#k# # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#f#l#p#y#d#i#s#k#.#s#y#s#8#2#8# #0#x#0#2#f#c# # #[# #F#1#5#2#D#5#5#E#4#9#7#E#1#2#2#5#6#2#9#0#C#4#3#B#3#1#C#7#D#0#C#E#,# #F#F#C#5#4#B#1#4#C#C#F#B#C#1#5#4#8#9#4#8#C#0#7#F#B#3#8#6#6#E#4#0#A#1#1#D#0#C#0#5#A#C#3#5#2#B#D#0#0#0#E#7#1#C#E#F#0#5#3#F#6#A#6#E# #]# #f#v#e#v#o#l# # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#D#R#I#V#E#R#S#\#f#v#e#v#o#l#.#s#y#s#D#1#F#7#4#0#B#3#C#1#B#7#8#0#9#B#9#4#2#7#B#7#6#7# #]# #h#i#d#i#2#c# # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#h#i#d#i#2#c#.#s#y#s#

 #-# #o#k#f#c# # #H#T#T#P# #-# #o#k#7#0#6#7#B#3#7#5#D#A#D#6#C#F#2#3#D#,# #E#3#1#2#D#D#0#6#8#E#5#1#D#B#F#9#6#A#8#2#3#2#D#7#D#1#C#9#F#1#5#8#6#5#2#F#D#A#2#3#6#4#9#6#5#5#F#1#1#0#2#9#2#8#B#3#2#0#7#9#5#0#9#1# #]# #I#C#C#S# # # # # # # # # # # # #C#:#\#P#r#o#g#r#a#m# #F#i#l#e#s# #(#x#8#6#)#\#I#n#t#e#l#\#I#n#t#e#l#(#R#)# #I#n#t#e#g#r#a#t#e#d# #C#l#o#c#k# #C#o#n#t#r#o#l#l#e#r# #S#e#r#v#i#c#e#\#I#C#C#P#r#o#x#y#.#e#x#e#0#B#F#8#D#A#E#A#E#5#E#0#0#8#5#0#0#B#A#6#7#C#E#8#9#B#2#1#3#8#8#5#9#2#8#1#1#2#7#4#3#3#1#E#E#3#9#C#A#C#1#0#4#3#A#0#0# #]# #i#n#t#e#l#i#d#e# # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#i#n#t#e#l#i#d#e#.#s#y#s#

 #]# #i#n#t#e#l#p#p#m# # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#i#n#t#e#l#p#p#m#.#s#y#s#\#S#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#m#s#i#s#c#s#i#.#s#y#s#K#S#e#c#P#k#g# #-# #o#k#

#3#2#8#6#9#0#0#4#C#6#8#6#B# #]# #l#l#t#d#s#v#c# # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#l#l#t#d#s#v#c#.#d#l#l#D#1#A#C#A#C#1#5#5#2#8#7#2#9#1#F#E#1#B#D#0#B#6#5#3#9#5#3#A#D#C#9#4#2#7#9#A#7#4#D#0#1#5#2#0#8#8#D#6#9#8#F#A#A#7#9#6#4#6#0#F# #]# #L#S#I#_#S#A#S# # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#l#s#i#_#s#a#s#.#s#y#s#0#8#9#3#7#A#F#F#F#1#2#1#4#1#B#3#8#6#3#4#A#F#3#A#5#6#F#5#A#C#5#F#F#3#E#F#0#3#9#4#1#8#0#2#B#9#8#4#1#D#E#C#5#5#9#4#6#9# #]# #m#e#g#a#s#r# # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#m#e#g#a#s#r#.#s#y#s#s#y#s#

 #o#k#.#0#3#1#2# #0#x#0#2#f#c# # #[# #F#3#C#0#6#0#4#4#4#7#7#7#A#5#9#F#C#6#3#D#9#2#0#7#1#9#E#4#3#C#C#D#,# #8#7#6#6#A#2#7#4#6#E#3#D#F#B#0#7#4#9#E#9#0#2#F#4#5#8#1#4#1#2#6#9#3#3#5#C#A#6#F#0#C#E#D#C#A#3#D#5#F#8#C#2#0#4#6#3#7#C#1#9#E#7#8#3# #]# #M#s#B#r#i#d#g#e# # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#D#R#I#V#E#R#S#\#b#r#i#d#g#e#.#s#y#s#E#8#8#7#7#4#C#6#9#2#9#3#2#8#E#6#C#9#F#C#9#C#3#8#9#F#4#D#F#7#6#D#4#D#4#D#5#C#B#F#C#4#F#5#1#6#5#1#C#C#3#0#8#8#2#9#6#2#8# #]# #M#s#L#l#d#p# # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#D#R#I#V#E#R#S#\#m#s#l#l#d#p#.#s#y#s#

 #]# #M#S#T#E#E# # # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#M#S#T#E#E#.#s#y#s#R#T#.#d#l#l#3#5#D#8#E#9#3#A#0#D#C#5#3#5#C#F#E#,# #D#6#5#6#1#9#A#6#C#4#B#1#7#4#7#F#8#B#0#5#D#A#0#8#A#4#4#E#F#0#E#4#6#B#5#C#C#3#8#4#8#8#0#E#0#4#E#4#7#5#5#A#2#B#A#6#C#D#B#3#C#4#E#A# #]# #N#d#i#s#V#i#r#t#u#a#l#B#u#s# # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#N#d#i#s#V#i#r#t#u#a#l#B#u#s#.#s#y#s#

 #]# #n#e#t#p#r#o#f#m# # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#n#e#t#p#r#o#f#m#s#v#c#.#d#l#l#.#0#6#4#1# #0#x#0#2#f#c# # #[# #B#C#6#B#5#9#4#2#A#F#F#2#5#E#B#A#F#6#2#D#E#4#3#C#3#8#0#7#E#D#F#8#,# #C#B#0#F#A#1#9#4#0#8#4#B#8#C#3#0#9#0#3#9#D#5#7#1#B#5#7#6#0#F#D#A#8#0#0#E#9#5#3#1#B#8#6#6#0#C#4#9#9#B#4#F#9#9#7#7#B#A#5#C#3#6#D#5# #]# #n#v#r#a#i#d# # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#n#v#r#a#i#d#.#s#y#s# # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#p#c#i#i#d#e#.#s#y#s#

 #0#x#0#2#f#c# # #P#E#A#U#T#H# #-# #o#k#A#3#4#9#C#7#9#B#4#3#D#C#D#D#9#E#F#5#2#5#5#C#5#E#E#9#7#3#E#F#B#8#4#4#2#3#5#B#8#0#8#B#5#E#F#9#B#6#3#A#5#1#F#F#0#0#A#A# #]# #P#o#l#i#c#y#A#g#e#n#t# # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#i#p#s#e#c#s#v#c#.#d#l#l#t#o#.#d#l#l#

 #0#x#0#2#f#c# # #[# #0#C#F#7#C#B#5#6#B#F#2#D#5#E#9#D#B#C#E#E#0#1#8#5#C#B#6#2#6#F#A#D#,# #2#B#D#2#E#2#F#B#1#D#2#E#A#D#D#1#F#7#0#E#F#5#5#E#8#5#2#3#C#3#5#3#F#9#5#D#4#F#E#B#1#B#A#D#5#0#1#7#F#A#4#D#9#4#F#7#9#0#F#2#7#8#2#5# #]# #R#e#m#o#t#e#A#c#c#e#s#s# # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#m#p#r#d#i#m#.#d#l#l#A#1#8#4#0#A#E#7#,# #C#C#1#F#F#C#2#7#1#3#9#1#0#2#1#1#F#8#A#6#A#D#5#3#2#D#B#B#9#2#5#3#A#C#D#1#8#8#C#B#D#7#8#4#F#1#B#E#6#6#1#3#D#F#3#8#2#8#2#5#A#3#C#1# #]# #R#e#m#o#t#e#R#e#g#i#s#t#r#y# # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#r#e#g#s#v#c#.#d#l#l#s#\#s#b#p#2#p#o#r#t#.#s#y#s#8#7#F#B#9#2#A#3#D#1#5#F#3#1#2#F#0#B#9#C#4#2#3#E#F#8#5#1#0#6#1#A#9#4#4#B#0#1#3#E#5#6#6#8#D#8#C#9#A#4#4#1#B#4#D#C#0#E#B#6#9#0#A#F# #]# #S#E#N#S# # # # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#s#e#n#s#.#d#l#l#

 #9#5#B#8#A#9#4#B#A#9#E#F#7#7#0#F#2#9#A#C#D#5#B#2#3#D#4#4#7#E#C#2#B#6#C#F#1#C#B#3#D#0#0#3#0#3#4#3#B#A#1#5#5#0#A#C#3#1#F#6#E#2#A#5# #]# #S#e#r#C#x#2# # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#S#e#r#C#x#2#.#s#y#s#1#7#:#2#8#:#5#1#.#0#5#1#6# #0#x#0#2#f#c# # #S#h#a#r#e#d#A#c#c#e#s#s# #-# #o#k#9#8#7#8#4#6#5#,# #8#B#8#6#F#3#7#D#E#F#C#B#E#5#5#D#E#5#0#7#D#8#3#0#E#C#4#9#8#0#E#B#B#3#9#B#3#C#C#A#3#0#C#2#B#3#E#7#6#B#5#8#8#A#A#B#2#8#2#A#5#0#F#C# #]# #s#p#p#s#v#c# # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#s#p#p#s#v#c#.#e#x#e#

#E#6#9# #]# #s#t#i#s#v#c# # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#w#i#a#s#e#r#v#c#.#d#l#l#9#E#B#D#7#B#A#E#1#E#2#A#D#4#3#1#1#5#3#F#D#C#0#1#6#7#4#2#F#7#A#8#D#8#2#4#7#1#6#E#A#B#1#A#4#C#A#8#7#E#B#B#D#2#1#D#6#1#D#E#C#D# #]# #T#a#p#i#S#r#v# # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#t#a#p#i#s#r#v#.#d#l#l#l#l#

 # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#t#r#k#w#k#s#.#d#l#l#B#9#7#A#C#5#D#0#B#,# #0#C#0#A#1#C#2#C#7#6#1#5#D#E#B#2#9#8#A#D#3#0#7#3#3#4#0#F#D#1#B#F#9#1#F#E#B#E#6#1#1#F#1#3#3#E#3#B#4#8#D#9#9#4#A#6#E#A#A#8#3#6#9#F# #]# #u#d#f#s# # # # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#D#R#I#V#E#R#S#\#u#d#f#s#.#s#y#s#c#g#p# # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#u#s#b#c#c#g#p#.#s#y#s#

 #]# #u#s#b#p#r#i#n#t# # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#u#s#b#p#r#i#n#t#.#s#y#s#k#4#3#D#8#C#B#E#E#6#C#0#1#D#4#F#0# #]# #v#m#i#c#g#u#e#s#t#i#n#t#e#r#f#a#c#e# #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#I#C#S#v#c#.#d#l#l#.#0#1#7#2# #0#x#0#2#f#c# # #[# #E#F#3#1#7#1#3#E#E#4#C#7#C#C#F#E#4#0#4#9#F#7#E#7#F#1#5#6#4#5#A#2#,# #3#5#D#1#9#8#D#3#F#1#0#6#1#E#1#9#A#7#E#F#8#9#F#A#1#E#7#5#3#7#7#0#4#9#C#D#6#B#C#A#9#7#0#2#F#8#0#7#6#B#9#F#9#5#B#B#8#7#3#7#E#0#D#4# #]# #v#p#c#i# # # # # #

 # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#v#p#c#i#.#s#y#s#9#C#C#8#3#6#F#B# #]# #w#b#e#n#g#i#n#e# # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#w#b#e#n#g#i#n#e#.#e#x#e#3#6#0# #0#x#0#2#f#c# # #[# #9#F#4#D#F#0#0#4#3#9#6#5#8#0#8#9#7#3#0#2#3#A#9#B#5#1#A#1#1#1#3#6#,# #3#A#7#9#9#1#2#5#C#B#C#5#C#2#1#4#D#9#F#B#B#9#1#C#3#4#8#B#3#9#5#6#3#B#1#F#D#B#7#4#0#3#B#5#2#0#2#7#0#7#5#2#E#9#A#1#7#7#4#6#4#7#2#3# #]# #W#d#N#i#s#D#r#v# # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#D#r#i#v#e#r#s#\#W#d#N#i#s#D#r#v#.#s#y#s#

 #]# #w#e#r#c#p#l#s#u#p#p#o#r#t# # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#w#e#r#c#p#l#s#u#p#p#o#r#t#.#d#l#l#C#3#A#0#0#,# #F#1#3#9#B#8#7#8#6#6#8#E#C#F#3#8#F#E#5#9#8#3#1#E#8#5#9#5#A#2#0#7#D#5#C#E#E#E#7#6#C#6#F#F#D#A#8#C#9#F#7#3#5#4#3#5#E#6#0#1#A#7#6#3# #]# #W#i#n#H#t#t#p#A#u#t#o#P#r#o#x#y#S#v#c# #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#w#i#n#h#t#t#p#.#d#l#l#5# #]# #w#p#c#f#l#t#r# # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#s#y#s#t#e#m#3#2#\#D#R#I#V#E#R#S#\#w#p#c#f#l#t#r#.#s#y#s#

 #0#x#0#2#f#c# # #[# #D#7#B#4#8#5#9#2#2#7#B#0#2#B#C#C#1#0#5#5#B#2#7#9#A#6#3#C#9#3#7#F#,# #8#2#C#9#9#8#4#4#C#C#5#9#6#C#2#7#2#3#5#2#3#B#1#B#9#8#5#7#3#4#8#8#F#F#2#3#3#3#7#9#4#7#B#7#8#A#A#0#4#B#A#2#1#E#5#8#3#9#4#B#B#7#5#1# #]# #W#U#D#F#R#d# # # # # # # # # # #C#:#\#W#I#N#D#O#W#S#\#S#y#s#t#e#m#3#2#\#d#r#i#v#e#r#s#\#W#U#D#F#R#d#.#s#y#s#P#a#r#t#i#t#i#o#n#1#6#4#.#e#x#e#

 #0#x#0#2#f#c# # #R#e#m#o#t#e#C#o#n#t#r#o#l#1#0# #-# #o#k#

Ich weiß nicht, ob Du das auch brauchst - der Report von TDSSKiller:
(1. Teil)

Code:

17:24:46.0510 0x0ce4  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04

17:24:46.0510 0x0ce4  UEFI system

17:25:04.0920 0x0ce4  ============================================================

17:25:04.0920 0x0ce4  Current date / time: 2015/05/29 17:25:04.0920

17:25:04.0920 0x0ce4  SystemInfo:

17:25:04.0920 0x0ce4  

17:25:04.0920 0x0ce4  OS Version: 6.3.9600 ServicePack: 0.0

17:25:04.0920 0x0ce4  Product type: Workstation

17:25:04.0920 0x0ce4  ComputerName: GEORGE

17:25:04.0920 0x0ce4  UserName: drogba

17:25:04.0920 0x0ce4  Windows directory: C:\WINDOWS

17:25:04.0920 0x0ce4  System windows directory: C:\WINDOWS

17:25:04.0920 0x0ce4  Running under WOW64

17:25:04.0920 0x0ce4  Processor architecture: Intel x64

17:25:04.0920 0x0ce4  Number of processors: 4

17:25:04.0920 0x0ce4  Page size: 0x1000

17:25:04.0920 0x0ce4  Boot type: Normal boot

17:25:04.0921 0x0ce4  ============================================================

17:25:05.0187 0x0ce4  KLMD registered as C:\WINDOWS\system32\drivers\71500566.sys

17:25:05.0783 0x0ce4  System UUID: {F748D1B0-AAAE-68A1-6727-5BA3CC20D628}

17:25:06.0603 0x0ce4  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

17:25:06.0608 0x0ce4  ============================================================

17:25:06.0608 0x0ce4  \Device\Harddisk0\DR0:

17:25:06.0608 0x0ce4  GPT partitions:

17:25:06.0608 0x0ce4  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {22DC5FB0-CDD8-463C-8E41-92E4795A3160}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000

17:25:06.0608 0x0ce4  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BA0B1FE6-FF09-49E1-9D4E-CA9C1DC945D8}, Name: Basic data partition, StartLBA 0x32800, BlocksNum 0x1C2000

17:25:06.0609 0x0ce4  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {D3B80B07-286C-486C-AB90-0399B622B6E8}, Name: Microsoft reserved partition, StartLBA 0x1F4800, BlocksNum 0x40000

17:25:06.0609 0x0ce4  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {4A3F6317-2475-49F5-8F12-E03B00398DE1}, Name: Basic data partition, StartLBA 0x234800, BlocksNum 0x173ED000

17:25:06.0609 0x0ce4  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5DEFD1B3-DEA7-49B0-BF2E-D53356B71E70}, Name: , StartLBA 0x17621800, BlocksNum 0xAF000

17:25:06.0609 0x0ce4  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {19399632-76F5-4E5F-9B5B-6B13C8A1CF4A}, Name: Basic data partition, StartLBA 0x176D0800, BlocksNum 0x204B0800

17:25:06.0609 0x0ce4  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A8D87FDF-5C62-44CA-A5A4-E6C3392F240B}, Name: Basic data partition, StartLBA 0x37B81000, BlocksNum 0x2805000

17:25:06.0609 0x0ce4  MBR partitions:

17:25:06.0609 0x0ce4  ============================================================

17:25:06.0629 0x0ce4  C: <-> \Device\Harddisk0\DR0\Partition4

17:25:06.0657 0x0ce4  D: <-> \Device\Harddisk0\DR0\Partition6

17:25:06.0657 0x0ce4  ============================================================

17:25:06.0657 0x0ce4  Initialize success

17:25:06.0657 0x0ce4  ============================================================

17:25:39.0246 0x0f80  ============================================================

17:25:39.0246 0x0f80  Scan started

17:25:39.0246 0x0f80  Mode: Manual; 

17:25:39.0246 0x0f80  ============================================================

17:25:39.0246 0x0f80  KSN ping started

17:25:41.0668 0x0f80  KSN ping finished: true

17:25:42.0387 0x0f80  ================ Scan system memory ========================

17:25:42.0387 0x0f80  System memory - ok

17:25:42.0387 0x0f80  ================ Scan services =============================

17:25:42.0543 0x0f80  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys

17:25:42.0559 0x0f80  1394ohci - ok

17:25:42.0605 0x0f80  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys

17:25:42.0605 0x0f80  3ware - ok

17:25:42.0652 0x0f80  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys

17:25:42.0668 0x0f80  ACPI - ok

17:25:42.0684 0x0f80  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys

17:25:42.0684 0x0f80  acpiex - ok

17:25:42.0715 0x0f80  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys

17:25:42.0715 0x0f80  acpipagr - ok

17:25:42.0746 0x0f80  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys

17:25:42.0746 0x0f80  AcpiPmi - ok

17:25:42.0746 0x0f80  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys

17:25:42.0746 0x0f80  acpitime - ok

17:25:42.0809 0x0f80  [ 929593D76589294BA3F74540298D1B3E, 3D1C1772579141BD1040363BD65F2A2D78BF42EC85AE96317AE397E3D5267145 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

17:25:42.0809 0x0f80  AdobeARMservice - ok

17:25:42.0871 0x0f80  [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

17:25:42.0871 0x0f80  AdobeFlashPlayerUpdateSvc - ok

17:25:42.0918 0x0f80  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS

17:25:42.0934 0x0f80  ADP80XX - ok

17:25:42.0965 0x0f80  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll

17:25:42.0980 0x0f80  AeLookupSvc - ok

17:25:43.0059 0x0f80  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys

17:25:43.0074 0x0f80  AFD - ok

17:25:43.0105 0x0f80  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys

17:25:43.0105 0x0f80  agp440 - ok

17:25:43.0137 0x0f80  [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys

17:25:43.0137 0x0f80  ahcache - ok

17:25:43.0168 0x0f80  [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger       C:\WINDOWS\system32\DRIVERS\AiCharger.sys

17:25:43.0168 0x0f80  AiCharger - ok

17:25:43.0184 0x0f80  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe

17:25:43.0199 0x0f80  ALG - ok

17:25:43.0215 0x0f80  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys

17:25:43.0215 0x0f80  AmdK8 - ok

17:25:43.0246 0x0f80  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys

17:25:43.0262 0x0f80  AmdPPM - ok

17:25:43.0262 0x0f80  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys

17:25:43.0277 0x0f80  amdsata - ok

17:25:43.0293 0x0f80  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys

17:25:43.0293 0x0f80  amdsbs - ok

17:25:43.0309 0x0f80  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys

17:25:43.0309 0x0f80  amdxata - ok

17:25:43.0340 0x0f80  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys

17:25:43.0340 0x0f80  AppID - ok

17:25:43.0371 0x0f80  [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll

17:25:43.0371 0x0f80  AppIDSvc - ok

17:25:43.0402 0x0f80  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\WINDOWS\System32\appinfo.dll

17:25:43.0402 0x0f80  Appinfo - ok

17:25:43.0449 0x0f80  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll

17:25:43.0465 0x0f80  AppReadiness - ok

17:25:43.0527 0x0f80  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll

17:25:43.0559 0x0f80  AppXSvc - ok

17:25:43.0590 0x0f80  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys

17:25:43.0590 0x0f80  arcsas - ok

17:25:43.0684 0x0f80  [ DC2BA6926FA0CDCE273CC9897F05584A, CF35A55511C6241679FDB9D48DC43B61D86D071B974E7A668495E2021098E912 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

17:25:43.0684 0x0f80  ASLDRService - ok

17:25:43.0699 0x0f80  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

17:25:43.0699 0x0f80  ASMMAP64 - ok

17:25:43.0762 0x0f80  [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn  C:\Program Files\ASUS\P4G\InsOnSrv.exe

17:25:43.0762 0x0f80  ASUS InstantOn - ok

17:25:43.0824 0x0f80  [ AAE374280DDC307061A43ED9FAD1AD57, BFBE60D67B4283868D148C38502689FFE52CC7F13F4294E21F47B37D14FB5821 ] Asus WebStorage Windows Service C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe

17:25:43.0824 0x0f80  Asus WebStorage Windows Service - ok

17:25:43.0840 0x0f80  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys

17:25:43.0840 0x0f80  atapi - ok

17:25:43.0996 0x0f80  [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr            C:\WINDOWS\system32\DRIVERS\athw8x.sys

17:25:44.0074 0x0f80  athr - ok

17:25:44.0105 0x0f80  [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

17:25:44.0105 0x0f80  ATKGFNEXSrv - ok

17:25:44.0137 0x0f80  [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys

17:25:44.0137 0x0f80  ATKWMIACPIIO - ok

17:25:44.0168 0x0f80  [ A751FA39AEC7DBA5DCE0D64BB0E3E331, F0D7AE1E6EAD2DAC7EA4E37B4AB30E6ACE8F21CE3C49D2D01B854F36E72F77B5 ] ATP             C:\WINDOWS\System32\drivers\AsusTP.sys

17:25:44.0168 0x0f80  ATP - ok

17:25:44.0199 0x0f80  [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll

17:25:44.0215 0x0f80  AudioEndpointBuilder - ok

17:25:44.0262 0x0f80  [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll

17:25:44.0293 0x0f80  Audiosrv - ok

17:25:44.0324 0x0f80  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll

17:25:44.0324 0x0f80  AxInstSV - ok

17:25:44.0371 0x0f80  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys

17:25:44.0387 0x0f80  b06bdrv - ok

17:25:44.0402 0x0f80  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys

17:25:44.0402 0x0f80  BasicDisplay - ok

17:25:44.0449 0x0f80  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys

17:25:44.0449 0x0f80  BasicRender - ok

17:25:44.0481 0x0f80  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys

17:25:44.0481 0x0f80  bcmfn2 - ok

17:25:44.0527 0x0f80  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\WINDOWS\System32\bdesvc.dll

17:25:44.0527 0x0f80  BDESVC - ok

17:25:44.0559 0x0f80  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

17:25:44.0574 0x0f80  Beep - ok

17:25:44.0605 0x0f80  [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE             C:\WINDOWS\System32\bfe.dll

17:25:44.0637 0x0f80  BFE - ok

17:25:44.0699 0x0f80  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll

17:25:44.0715 0x0f80  BITS - ok

17:25:44.0730 0x0f80  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys

17:25:44.0746 0x0f80  bowser - ok

17:25:44.0777 0x0f80  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll

17:25:44.0793 0x0f80  BrokerInfrastructure - ok

17:25:44.0824 0x0f80  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll

17:25:44.0824 0x0f80  Browser - ok

17:25:44.0856 0x0f80  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys

17:25:44.0856 0x0f80  BthAvrcpTg - ok

17:25:44.0887 0x0f80  [ 67343511D80BF3D6D9EEDB5BA8D0B06B, 28436B2E62762686C4FF4FA3F9E7ABB56DA9D6884B6C924ACC544161400593DD ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys

17:25:44.0887 0x0f80  BthHFEnum - ok

17:25:44.0902 0x0f80  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys

17:25:44.0902 0x0f80  bthhfhid - ok

17:25:44.0934 0x0f80  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll

17:25:44.0965 0x0f80  BthHFSrv - ok

17:25:44.0981 0x0f80  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys

17:25:44.0996 0x0f80  BTHMODEM - ok

17:25:45.0012 0x0f80  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll

17:25:45.0027 0x0f80  bthserv - ok

17:25:45.0106 0x0f80  [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

17:25:45.0152 0x0f80  c2cautoupdatesvc - ok

17:25:45.0231 0x0f80  [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

17:25:45.0277 0x0f80  c2cpnrsvc - ok

17:25:45.0309 0x0f80  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys

17:25:45.0309 0x0f80  cdfs - ok

17:25:45.0324 0x0f80  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys

17:25:45.0324 0x0f80  cdrom - ok

17:25:45.0356 0x0f80  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll

17:25:45.0371 0x0f80  CertPropSvc - ok

17:25:45.0402 0x0f80  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys

17:25:45.0402 0x0f80  circlass - ok

17:25:45.0434 0x0f80  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys

17:25:45.0449 0x0f80  CLFS - ok

17:25:45.0481 0x0f80  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys

17:25:45.0481 0x0f80  CmBatt - ok

17:25:45.0512 0x0f80  [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys

17:25:45.0527 0x0f80  CNG - ok

17:25:45.0543 0x0f80  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys

17:25:45.0543 0x0f80  CompositeBus - ok

17:25:45.0559 0x0f80  COMSysApp - ok

17:25:45.0574 0x0f80  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys

17:25:45.0574 0x0f80  condrv - ok

17:25:45.0652 0x0f80  [ F9693D45B0F1B346CCDEEC1F341AD389, 342C81EFB434EAC29865F8BB049051635C644D7EF355D0F5FB3ADD9DDCE55D82 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

17:25:45.0762 0x0f80  cphs - ok

17:25:45.0793 0x0f80  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll

17:25:45.0793 0x0f80  CryptSvc - ok

17:25:45.0809 0x0f80  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys

17:25:45.0824 0x0f80  dam - ok

17:25:45.0871 0x0f80  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

17:25:45.0902 0x0f80  DcomLaunch - ok

17:25:45.0934 0x0f80  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll

17:25:45.0949 0x0f80  defragsvc - ok

17:25:45.0981 0x0f80  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll

17:25:45.0996 0x0f80  DeviceAssociationService - ok

17:25:46.0027 0x0f80  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll

17:25:46.0027 0x0f80  DeviceInstall - ok

17:25:46.0059 0x0f80  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys

17:25:46.0059 0x0f80  Dfsc - ok

17:25:46.0121 0x0f80  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll

17:25:46.0121 0x0f80  Dhcp - ok

17:25:46.0152 0x0f80  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys

17:25:46.0168 0x0f80  disk - ok

17:25:46.0184 0x0f80  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys

17:25:46.0184 0x0f80  dmvsc - ok

17:25:46.0231 0x0f80  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

17:25:46.0231 0x0f80  Dnscache - ok

17:25:46.0262 0x0f80  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll

17:25:46.0277 0x0f80  dot3svc - ok

17:25:46.0293 0x0f80  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll

17:25:46.0309 0x0f80  DPS - ok

17:25:46.0324 0x0f80  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

17:25:46.0324 0x0f80  drmkaud - ok

17:25:46.0356 0x0f80  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll

17:25:46.0356 0x0f80  DsmSvc - ok

17:25:46.0434 0x0f80  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys

17:25:46.0481 0x0f80  DXGKrnl - ok

17:25:46.0512 0x0f80  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll

17:25:46.0512 0x0f80  Eaphost - ok

17:25:46.0652 0x0f80  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys

17:25:46.0731 0x0f80  ebdrv - ok

17:25:46.0762 0x0f80  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe

17:25:46.0762 0x0f80  EFS - ok

17:25:46.0793 0x0f80  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys

17:25:46.0793 0x0f80  EhStorClass - ok

17:25:46.0809 0x0f80  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys

17:25:46.0824 0x0f80  EhStorTcgDrv - ok

17:25:46.0840 0x0f80  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys

17:25:46.0840 0x0f80  ErrDev - ok

17:25:46.0887 0x0f80  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll

17:25:46.0902 0x0f80  EventSystem - ok

17:25:46.0918 0x0f80  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys

17:25:46.0918 0x0f80  exfat - ok

17:25:46.0949 0x0f80  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys

17:25:46.0965 0x0f80  fastfat - ok

17:25:47.0012 0x0f80  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe

17:25:47.0027 0x0f80  Fax - ok

17:25:47.0059 0x0f80  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys

17:25:47.0059 0x0f80  fdc - ok

17:25:47.0074 0x0f80  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll

17:25:47.0090 0x0f80  fdPHost - ok

17:25:47.0106 0x0f80  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll

17:25:47.0106 0x0f80  FDResPub - ok

17:25:47.0137 0x0f80  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll

17:25:47.0153 0x0f80  fhsvc - ok

17:25:47.0184 0x0f80  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys

17:25:47.0184 0x0f80  FileInfo - ok

17:25:47.0199 0x0f80  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys

17:25:47.0199 0x0f80  Filetrace - ok

17:25:47.0215 0x0f80  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys

17:25:47.0215 0x0f80  flpydisk - ok

17:25:47.0246 0x0f80  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

17:25:47.0262 0x0f80  FltMgr - ok

17:25:47.0324 0x0f80  [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache       C:\WINDOWS\system32\FntCache.dll

17:25:47.0371 0x0f80  FontCache - ok

17:25:47.0465 0x0f80  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

17:25:47.0465 0x0f80  FontCache3.0.0.0 - ok

17:25:47.0496 0x0f80  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys

17:25:47.0496 0x0f80  FsDepends - ok

17:25:47.0528 0x0f80  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

17:25:47.0528 0x0f80  Fs_Rec - ok

17:25:47.0574 0x0f80  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys

17:25:47.0590 0x0f80  fvevol - ok

17:25:47.0606 0x0f80  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys

17:25:47.0606 0x0f80  FxPPM - ok

17:25:47.0621 0x0f80  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys

17:25:47.0621 0x0f80  gagp30kx - ok

17:25:47.0653 0x0f80  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys

17:25:47.0653 0x0f80  gencounter - ok

17:25:47.0684 0x0f80  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys

17:25:47.0684 0x0f80  GPIOClx0101 - ok

17:25:47.0762 0x0f80  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll

17:25:47.0793 0x0f80  gpsvc - ok

17:25:47.0824 0x0f80  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys

17:25:47.0824 0x0f80  HDAudBus - ok

17:25:47.0840 0x0f80  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys

17:25:47.0840 0x0f80  HidBatt - ok

17:25:47.0871 0x0f80  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys

17:25:47.0887 0x0f80  HidBth - ok

17:25:47.0887 0x0f80  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys

17:25:47.0887 0x0f80  hidi2c - ok

17:25:47.0918 0x0f80  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys

17:25:47.0918 0x0f80  HidIr - ok

17:25:47.0949 0x0f80  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll

17:25:47.0949 0x0f80  hidserv - ok

17:25:47.0981 0x0f80  [ A9F2301B8D28BB4D887F5AEBB55ACB3A, 886B04224CA0A90B4FD0B9F8D243EED4FBA367D078FB1CAF99EE671FE1FCEC27 ] HIDSwitch       C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys

17:25:47.0981 0x0f80  HIDSwitch - ok

17:25:48.0012 0x0f80  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys

17:25:48.0012 0x0f80  HidUsb - ok

17:25:48.0043 0x0f80  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll

17:25:48.0043 0x0f80  hkmsvc - ok

17:25:48.0090 0x0f80  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll

17:25:48.0106 0x0f80  HomeGroupListener - ok

17:25:48.0153 0x0f80  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll

17:25:48.0168 0x0f80  HomeGroupProvider - ok

17:25:48.0199 0x0f80  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys

17:25:48.0199 0x0f80  HpSAMD - ok

17:25:48.0262 0x0f80  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys

17:25:48.0278 0x0f80  HTTP - ok

17:25:48.0309 0x0f80  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys

17:25:48.0309 0x0f80  hwpolicy - ok

17:25:48.0324 0x0f80  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys

17:25:48.0324 0x0f80  hyperkbd - ok

17:25:48.0340 0x0f80  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys

17:25:48.0340 0x0f80  HyperVideo - ok

17:25:48.0371 0x0f80  [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys

17:25:48.0371 0x0f80  i8042prt - ok

17:25:48.0387 0x0f80  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys

17:25:48.0387 0x0f80  iaLPSSi_GPIO - ok

17:25:48.0403 0x0f80  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys

17:25:48.0418 0x0f80  iaLPSSi_I2C - ok

17:25:48.0465 0x0f80  [ 0A34D806EF2767E62CAFEA1A150A8830, 2C5C9C0924C6AE379E3CD071E6687885006843A17742B083CE14719F666F7FE6 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys

17:25:48.0481 0x0f80  iaStorA - ok

17:25:48.0543 0x0f80  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys

17:25:48.0559 0x0f80  iaStorAV - ok

17:25:48.0574 0x0f80  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys

17:25:48.0590 0x0f80  iaStorV - ok

17:25:48.0653 0x0f80  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe

17:25:48.0653 0x0f80  ICCS - ok

17:25:48.0668 0x0f80  IEEtwCollectorService - ok

17:25:48.0809 0x0f80  [ 16D939A13CFB82DEE0B9DB12E45C7B4E, D09C57DE3EF7F6BEDD354FEEDB46260FDCF9F9A0F2D096FFD518509AD041AAC5 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys

17:25:48.0903 0x0f80  igfx - ok

17:25:48.0965 0x0f80  [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll

17:25:48.0996 0x0f80  IKEEXT - ok

17:25:49.0043 0x0f80  [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys

17:25:49.0043 0x0f80  intaud_WaveExtensible - ok

17:25:49.0168 0x0f80  [ 24709D61F21838470F1FCC8C9710A14B, 9C63EE2DCD97F27BC251F2B4337B6FE7963B086E435D12F9947D173AE678CA29 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys

17:25:49.0246 0x0f80  IntcAzAudAddService - ok

17:25:49.0293 0x0f80  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys

17:25:49.0309 0x0f80  IntcDAud - ok

17:25:49.0387 0x0f80  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe

17:25:49.0403 0x0f80  Intel(R) Capability Licensing Service Interface - ok

17:25:49.0434 0x0f80  [ 9656F8E29F6C3161A3E99BCD3A472FF9, 30AD00B53CCB2E4121508729F3471D3C0568F1C32324C398382C97E8BC43ECF0 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

17:25:49.0449 0x0f80  Intel(R) ME Service - ok

17:25:49.0465 0x0f80  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys

17:25:49.0465 0x0f80  intelide - ok

17:25:49.0481 0x0f80  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys

17:25:49.0481 0x0f80  intelpep - ok

17:25:49.0512 0x0f80  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys

17:25:49.0512 0x0f80  intelppm - ok

17:25:49.0528 0x0f80  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

17:25:49.0543 0x0f80  IpFilterDriver - ok

17:25:49.0590 0x0f80  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll

17:25:49.0621 0x0f80  iphlpsvc - ok

17:25:49.0653 0x0f80  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys

17:25:49.0653 0x0f80  IPMIDRV - ok

17:25:49.0684 0x0f80  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys

17:25:49.0684 0x0f80  IPNAT - ok

17:25:49.0700 0x0f80  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys

17:25:49.0700 0x0f80  IRENUM - ok

17:25:49.0731 0x0f80  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys

17:25:49.0731 0x0f80  isapnp - ok

17:25:49.0778 0x0f80  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys

17:25:49.0778 0x0f80  iScsiPrt - ok

17:25:49.0809 0x0f80  [ 2C04ACF9070282AC9AA837C52CA3C128, 2C68FE2E876E5089F27021038E868E21288F694F3ED0390AED5B4712CC7567EC ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys

17:25:49.0809 0x0f80  iwdbus - ok

17:25:49.0856 0x0f80  [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

17:25:49.0856 0x0f80  jhi_service - ok

17:25:49.0887 0x0f80  [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys

17:25:49.0887 0x0f80  kbdclass - ok

17:25:49.0903 0x0f80  [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys

17:25:49.0903 0x0f80  kbdhid - ok

17:25:49.0903 0x0f80  [ A8080BEBCDB7A16495CE1205921DCAC5, D4B0EF97B75BF75934A0BEEE48CACD20E8F505600C3A07243DF7627680EE8552 ] kbfiltr         C:\WINDOWS\System32\drivers\kbfiltr.sys

17:25:49.0918 0x0f80  kbfiltr - ok

17:25:49.0934 0x0f80  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys

17:25:49.0934 0x0f80  kdnic - ok

17:25:49.0950 0x0f80  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe

17:25:49.0950 0x0f80  KeyIso - ok

17:25:49.0981 0x0f80  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys

17:25:49.0981 0x0f80  KSecDD - ok

17:25:50.0012 0x0f80  [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys

17:25:50.0028 0x0f80  KSecPkg - ok

17:25:50.0028 0x0f80  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys

17:25:50.0028 0x0f80  ksthunk - ok

17:25:50.0059 0x0f80  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll

17:25:50.0075 0x0f80  KtmRm - ok

17:25:50.0106 0x0f80  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll

17:25:50.0121 0x0f80  LanmanServer - ok

17:25:50.0153 0x0f80  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll

17:25:50.0168 0x0f80  LanmanWorkstation - ok

17:25:50.0200 0x0f80  [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll

17:25:50.0215 0x0f80  lfsvc - ok

17:25:50.0246 0x0f80  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys

17:25:50.0246 0x0f80  lltdio - ok

17:25:50.0278 0x0f80  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll

17:25:50.0293 0x0f80  lltdsvc - ok

17:25:50.0340 0x0f80  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll

17:25:50.0340 0x0f80  lmhosts - ok

17:25:50.0356 0x0f80  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

17:25:50.0371 0x0f80  LMS - ok

17:25:50.0403 0x0f80  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys

17:25:50.0403 0x0f80  LSI_SAS - ok

17:25:50.0418 0x0f80  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys

17:25:50.0418 0x0f80  LSI_SAS2 - ok

17:25:50.0434 0x0f80  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys

17:25:50.0434 0x0f80  LSI_SAS3 - ok

17:25:50.0450 0x0f80  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys

17:25:50.0450 0x0f80  LSI_SSS - ok

17:25:50.0512 0x0f80  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll

17:25:50.0528 0x0f80  LSM - ok

17:25:50.0559 0x0f80  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys

17:25:50.0575 0x0f80  luafv - ok

17:25:50.0575 0x0f80  mbamchameleon - ok

17:25:50.0621 0x0f80  [ E9CD058C79EA15B4AA93E259FA713B07, 2B09F65188D8782F9C797545F2F791EC7EAB85D8914B2C0B30BD869C412E3980 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys

17:25:50.0621 0x0f80  MBAMSwissArmy - ok

17:25:50.0668 0x0f80  [ 1D51C3DFE16003D418A077711BAA70A1, CC4665951BFC424369D2FD9940D0FD1062F4B26E9DED76F6BA5DB75CAF4CCE2D ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe

17:25:50.0668 0x0f80  McAfee SiteAdvisor Service - ok

17:25:50.0731 0x0f80  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys

17:25:50.0731 0x0f80  megasas - ok

17:25:50.0778 0x0f80  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys

17:25:50.0778 0x0f80  megasr - ok

17:25:50.0825 0x0f80  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys

17:25:50.0825 0x0f80  MEIx64 - ok

17:25:50.0856 0x0f80  [ 1A0C96A38A888838DF9523C973E3FE87, 9C41EDBFA21DF2684EED81AD56FC440AED002FB5C760DECFF1A454835273637B ] mfeapfk         C:\WINDOWS\system32\drivers\mfeapfk.sys

17:25:50.0856 0x0f80  mfeapfk - ok

17:25:50.0903 0x0f80  [ 29D0483A9EBB01DB2036A52E3BF23D6B, D4D6FDE489E937634BEA2C2F5DF65C560E5160AD9EA85088A59AE88FD9C06B2E ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys

17:25:50.0918 0x0f80  mfehidk - ok

17:25:50.0950 0x0f80  [ 4B34DFBC138C5C8FAC6F814575E41376, 584F76A0EA8ADAC415D118796E7B08969ABE717CB0FCC2D3B505BF86450D4E40 ] mfencrk         C:\WINDOWS\system32\DRIVERS\mfencrk.sys

17:25:50.0950 0x0f80  mfencrk - ok

17:25:50.0981 0x0f80  [ 9A642F163F1FB12DE395A6010A9AD687, A86E092417C0C40E6FB9F6206D82391CEE4495FFA6F8A442BE50D349ACBA44B9 ] mfevtp          C:\WINDOWS\system32\mfevtps.exe

17:25:50.0981 0x0f80  mfevtp - ok

17:25:51.0012 0x0f80  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll

17:25:51.0028 0x0f80  MMCSS - ok

17:25:51.0059 0x0f80  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys

17:25:51.0059 0x0f80  Modem - ok

17:25:51.0075 0x0f80  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys

17:25:51.0075 0x0f80  monitor - ok

17:25:51.0106 0x0f80  [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys

17:25:51.0106 0x0f80  mouclass - ok

17:25:51.0137 0x0f80  [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys

17:25:51.0137 0x0f80  mouhid - ok

17:25:51.0153 0x0f80  [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys

17:25:51.0168 0x0f80  mountmgr - ok

17:25:51.0200 0x0f80  [ DD370A8148862150BA81A3F5C56A1E40, F56B84297BDC32266CB69D10FB2D66B8B332D60CAB7E64E4E3AC2BB749BBD31B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

17:25:51.0200 0x0f80  MozillaMaintenance - ok

17:25:51.0215 0x0f80  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys

17:25:51.0215 0x0f80  mpsdrv - ok

17:25:51.0278 0x0f80  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll

17:25:51.0309 0x0f80  MpsSvc - ok

17:25:51.0325 0x0f80  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys

17:25:51.0325 0x0f80  MRxDAV - ok

17:25:51.0371 0x0f80  [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

17:25:51.0371 0x0f80  mrxsmb - ok

17:25:51.0418 0x0f80  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys

17:25:51.0418 0x0f80  mrxsmb10 - ok

17:25:51.0450 0x0f80  [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys

17:25:51.0450 0x0f80  mrxsmb20 - ok

17:25:51.0496 0x0f80  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys

17:25:51.0496 0x0f80  MsBridge - ok

17:25:51.0528 0x0f80  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe

17:25:51.0528 0x0f80  MSDTC - ok

17:25:51.0559 0x0f80  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

17:25:51.0559 0x0f80  Msfs - ok

17:25:51.0590 0x0f80  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys

17:25:51.0590 0x0f80  msgpiowin32 - ok

17:25:51.0606 0x0f80  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys

17:25:51.0606 0x0f80  mshidkmdf - ok

17:25:51.0621 0x0f80  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys

17:25:51.0621 0x0f80  mshidumdf - ok

17:25:51.0653 0x0f80  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys

17:25:51.0653 0x0f80  msisadrv - ok

17:25:51.0684 0x0f80  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll

17:25:51.0684 0x0f80  MSiSCSI - ok

17:25:51.0684 0x0f80  msiserver - ok

17:25:51.0700 0x0f80  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

17:25:51.0700 0x0f80  MSKSSRV - ok

17:25:51.0731 0x0f80  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys

17:25:51.0731 0x0f80  MsLldp - ok

17:25:51.0731 0x0f80  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

17:25:51.0731 0x0f80  MSPCLOCK - ok

17:25:51.0746 0x0f80  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

17:25:51.0746 0x0f80  MSPQM - ok

17:25:51.0778 0x0f80  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys

17:25:51.0778 0x0f80  MsRPC - ok

17:25:51.0793 0x0f80  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys

17:25:51.0793 0x0f80  mssmbios - ok

17:25:51.0793 0x0f80  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys

17:25:51.0809 0x0f80  MSTEE - ok

17:25:51.0809 0x0f80  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys

17:25:51.0809 0x0f80  MTConfig - ok

17:25:51.0825 0x0f80  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys

17:25:51.0825 0x0f80  Mup - ok

17:25:51.0840 0x0f80  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys

17:25:51.0840 0x0f80  mvumis - ok

17:25:51.0872 0x0f80  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll

17:25:51.0887 0x0f80  napagent - ok

17:25:51.0918 0x0f80  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys

17:25:51.0934 0x0f80  NativeWifiP - ok

17:25:51.0965 0x0f80  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll

17:25:51.0981 0x0f80  NcaSvc - ok

17:25:52.0012 0x0f80  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll

17:25:52.0012 0x0f80  NcbService - ok

17:25:52.0043 0x0f80  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll

17:25:52.0043 0x0f80  NcdAutoSetup - ok

17:25:52.0106 0x0f80  [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys

17:25:52.0122 0x0f80  NDIS - ok

17:25:52.0153 0x0f80  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys

17:25:52.0153 0x0f80  NdisCap - ok

17:25:52.0184 0x0f80  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys

17:25:52.0184 0x0f80  NdisImPlatform - ok

17:25:52.0200 0x0f80  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

17:25:52.0200 0x0f80  NdisTapi - ok

17:25:52.0231 0x0f80  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

17:25:52.0231 0x0f80  Ndisuio - ok

17:25:52.0247 0x0f80  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys

17:25:52.0247 0x0f80  NdisVirtualBus - ok

17:25:52.0262 0x0f80  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

17:25:52.0262 0x0f80  NdisWan - ok

17:25:52.0278 0x0f80  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys

17:25:52.0278 0x0f80  NdisWanLegacy - ok

17:25:52.0309 0x0f80  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

17:25:52.0325 0x0f80  NDProxy - ok

17:25:52.0340 0x0f80  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys

17:25:52.0356 0x0f80  Ndu - ok

17:25:52.0372 0x0f80  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

17:25:52.0387 0x0f80  NetBIOS - ok

17:25:52.0403 0x0f80  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

17:25:52.0418 0x0f80  NetBT - ok

17:25:52.0434 0x0f80  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe

17:25:52.0434 0x0f80  Netlogon - ok

17:25:52.0481 0x0f80  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll

17:25:52.0481 0x0f80  Netman - ok

17:25:52.0512 0x0f80  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll

17:25:52.0528 0x0f80  netprofm - ok

17:25:52.0590 0x0f80  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:25:52.0590 0x0f80  NetTcpPortSharing - ok

17:25:52.0622 0x0f80  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys

17:25:52.0622 0x0f80  netvsc - ok

17:25:52.0653 0x0f80  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll

17:25:52.0668 0x0f80  NlaSvc - ok

17:25:52.0684 0x0f80  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

17:25:52.0700 0x0f80  Npfs - ok

17:25:52.0715 0x0f80  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys

17:25:52.0715 0x0f80  npsvctrig - ok

17:25:52.0747 0x0f80  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll

17:25:52.0747 0x0f80  nsi - ok

17:25:52.0778 0x0f80  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys

17:25:52.0778 0x0f80  nsiproxy - ok

17:25:52.0872 0x0f80  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

17:25:52.0918 0x0f80  Ntfs - ok

17:25:52.0950 0x0f80  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys

17:25:52.0950 0x0f80  Null - ok

17:25:52.0965 0x0f80  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys

17:25:52.0965 0x0f80  nvraid - ok

17:25:52.0981 0x0f80  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys

17:25:52.0997 0x0f80  nvstor - ok

17:25:53.0012 0x0f80  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys

17:25:53.0012 0x0f80  nv_agp - ok

17:25:53.0059 0x0f80  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll

17:25:53.0075 0x0f80  p2pimsvc - ok

17:25:53.0137 0x0f80  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll

17:25:53.0153 0x0f80  p2psvc - ok

17:25:53.0168 0x0f80  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys

17:25:53.0184 0x0f80  Parport - ok

17:25:53.0200 0x0f80  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys

17:25:53.0216 0x0f80  partmgr - ok

17:25:53.0247 0x0f80  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll

17:25:53.0262 0x0f80  PcaSvc - ok

17:25:53.0293 0x0f80  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys

17:25:53.0293 0x0f80  pci - ok

17:25:53.0309 0x0f80  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys

17:25:53.0309 0x0f80  pciide - ok

17:25:53.0340 0x0f80  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys

17:25:53.0340 0x0f80  pcmcia - ok

17:25:53.0356 0x0f80  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys

17:25:53.0372 0x0f80  pcw - ok

17:25:53.0403 0x0f80  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys

17:25:53.0403 0x0f80  pdc - ok

17:25:53.0450 0x0f80  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys

17:25:53.0465 0x0f80  PEAUTH - ok

17:25:53.0528 0x0f80  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe

17:25:53.0528 0x0f80  PerfHost - ok

17:25:53.0606 0x0f80  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll

17:25:53.0653 0x0f80  pla - ok

17:25:53.0684 0x0f80  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll

17:25:53.0700 0x0f80  PlugPlay - ok

17:25:53.0715 0x0f80  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll

17:25:53.0715 0x0f80  PNRPAutoReg - ok

17:25:53.0747 0x0f80  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll

17:25:53.0747 0x0f80  PNRPsvc - ok

17:25:53.0793 0x0f80  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll

17:25:53.0793 0x0f80  PolicyAgent - ok

17:25:53.0825 0x0f80  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll

17:25:53.0840 0x0f80  Power - ok

17:25:53.0981 0x0f80  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll

17:25:54.0184 0x0f80  PrintNotify - ok

17:25:54.0200 0x0f80  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys

17:25:54.0200 0x0f80  Processor - ok

17:25:54.0231 0x0f80  [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll

17:25:54.0247 0x0f80  ProfSvc - ok

17:25:54.0262 0x0f80  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys

17:25:54.0262 0x0f80  Psched - ok

17:25:54.0294 0x0f80  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll

17:25:54.0309 0x0f80  QWAVE - ok

17:25:54.0325 0x0f80  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys

17:25:54.0325 0x0f80  QWAVEdrv - ok

17:25:54.0340 0x0f80  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

17:25:54.0340 0x0f80  RasAcd - ok

17:25:54.0372 0x0f80  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

17:25:54.0387 0x0f80  RasAuto - ok

17:25:54.0419 0x0f80  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\WINDOWS\System32\rasmans.dll

17:25:54.0434 0x0f80  RasMan - ok

17:25:54.0465 0x0f80  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

17:25:54.0465 0x0f80  RasPppoe - ok

17:25:54.0512 0x0f80  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

17:25:54.0512 0x0f80  rdbss - ok

17:25:54.0544 0x0f80  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys

17:25:54.0544 0x0f80  rdpbus - ok

17:25:54.0559 0x0f80  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys

17:25:54.0559 0x0f80  RDPDR - ok

17:25:54.0606 0x0f80  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys

17:25:54.0606 0x0f80  RdpVideoMiniport - ok

17:25:54.0637 0x0f80  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys

17:25:54.0653 0x0f80  rdyboost - ok

17:25:54.0700 0x0f80  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys

17:25:54.0731 0x0f80  ReFS - ok

17:25:54.0762 0x0f80  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

17:25:54.0762 0x0f80  RemoteAccess - ok

17:25:54.0809 0x0f80  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll

17:25:54.0809 0x0f80  RemoteRegistry - ok

17:25:54.0840 0x0f80  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll

17:25:54.0840 0x0f80  RpcEptMapper - ok

17:25:54.0872 0x0f80  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe

17:25:54.0872 0x0f80  RpcLocator - ok

17:25:54.0919 0x0f80  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\WINDOWS\system32\rpcss.dll

17:25:54.0934 0x0f80  RpcSs - ok

17:25:54.0965 0x0f80  [ 3E5E130354998D12A3AED76D10112813, FE28A3B5D7B8F18679AF16B9320B372FF0770D9FECA6A0FB4358642B7936433A ] RSBASTOR        C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys

17:25:54.0981 0x0f80  RSBASTOR - ok

17:25:54.0997 0x0f80  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys

17:25:55.0012 0x0f80  rspndr - ok

17:25:55.0044 0x0f80  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys

17:25:55.0059 0x0f80  RTL8168 - ok

17:25:55.0075 0x0f80  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys

17:25:55.0075 0x0f80  s3cap - ok

17:25:55.0106 0x0f80  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe

17:25:55.0106 0x0f80  SamSs - ok

17:25:55.0122 0x0f80  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys

17:25:55.0122 0x0f80  sbp2port - ok

17:25:55.0169 0x0f80  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll

17:25:55.0169 0x0f80  SCardSvr - ok

17:25:55.0200 0x0f80  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll

17:25:55.0200 0x0f80  ScDeviceEnum - ok

17:25:55.0231 0x0f80  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys

17:25:55.0231 0x0f80  scfilter - ok

17:25:55.0294 0x0f80  [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll

17:25:55.0325 0x0f80  Schedule - ok

17:25:55.0356 0x0f80  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll

17:25:55.0372 0x0f80  SCPolicySvc - ok

17:25:55.0387 0x0f80  [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys

17:25:55.0387 0x0f80  sdbus - ok

17:25:55.0419 0x0f80  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys

17:25:55.0419 0x0f80  sdstor - ok

17:25:55.0450 0x0f80  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys

17:25:55.0450 0x0f80  secdrv - ok

17:25:55.0481 0x0f80  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\WINDOWS\system32\seclogon.dll

17:25:55.0481 0x0f80  seclogon - ok

17:25:55.0512 0x0f80  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll

17:25:55.0512 0x0f80  SENS - ok

17:25:55.0544 0x0f80  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll

17:25:55.0559 0x0f80  SensrSvc - ok

17:25:55.0575 0x0f80  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys

17:25:55.0575 0x0f80  SerCx - ok

17:25:55.0606 0x0f80  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys

17:25:55.0622 0x0f80  SerCx2 - ok

17:25:55.0622 0x0f80  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys

17:25:55.0622 0x0f80  Serenum - ok

17:25:55.0653 0x0f80  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys

17:25:55.0653 0x0f80  Serial - ok

17:25:55.0684 0x0f80  [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys

17:25:55.0684 0x0f80  sermouse - ok

17:25:55.0715 0x0f80  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll

17:25:55.0731 0x0f80  SessionEnv - ok

17:25:55.0762 0x0f80  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys

17:25:55.0762 0x0f80  sfloppy - ok

17:25:55.0778 0x0f80  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

17:25:55.0794 0x0f80  SharedAccess - ok

17:25:55.0856 0x0f80  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

17:25:55.0872 0x0f80  ShellHWDetection - ok

17:25:55.0887 0x0f80  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys

17:25:55.0887 0x0f80  SiSRaid2 - ok

17:25:55.0903 0x0f80  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys

17:25:55.0903 0x0f80  SiSRaid4 - ok

17:25:55.0965 0x0f80  [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

17:25:55.0981 0x0f80  SkypeUpdate - ok

17:25:56.0012 0x0f80  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll

17:25:56.0028 0x0f80  smphost - ok

17:25:56.0044 0x0f80  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe

17:25:56.0044 0x0f80  SNMPTRAP - ok

17:25:56.0075 0x0f80  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys

17:25:56.0090 0x0f80  spaceport - ok

17:25:56.0106 0x0f80  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys

17:25:56.0122 0x0f80  SpbCx - ok

17:25:56.0169 0x0f80  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe

17:25:56.0184 0x0f80  Spooler - ok

17:25:56.0419 0x0f80  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe

17:25:56.0559 0x0f80  sppsvc - ok

17:25:56.0653 0x0f80  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys

17:25:56.0653 0x0f80  srv - ok

17:25:56.0700 0x0f80  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys

17:25:56.0715 0x0f80  srv2 - ok

17:25:56.0762 0x0f80  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys

17:25:56.0762 0x0f80  srvnet - ok

17:25:56.0809 0x0f80  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

17:25:56.0809 0x0f80  SSDPSRV - ok

17:25:56.0841 0x0f80  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll

17:25:56.0856 0x0f80  SstpSvc - ok

17:25:56.0872 0x0f80  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys

17:25:56.0872 0x0f80  stexstor - ok

17:25:56.0934 0x0f80  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll

17:25:56.0950 0x0f80  stisvc - ok

17:25:56.0966 0x0f80  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys

17:25:56.0966 0x0f80  storahci - ok

17:25:56.0997 0x0f80  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys

17:25:56.0997 0x0f80  storflt - ok

17:25:57.0028 0x0f80  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys

17:25:57.0028 0x0f80  stornvme - ok

17:25:57.0044 0x0f80  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll

17:25:57.0059 0x0f80  StorSvc - ok

17:25:57.0091 0x0f80  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys

17:25:57.0091 0x0f80  storvsc - ok

17:25:57.0106 0x0f80  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll

17:25:57.0106 0x0f80  svsvc - ok

17:25:57.0137 0x0f80  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys

17:25:57.0137 0x0f80  swenum - ok

17:25:57.0184 0x0f80  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll

17:25:57.0200 0x0f80  swprv - ok

17:25:57.0262 0x0f80  [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain         C:\WINDOWS\system32\sysmain.dll

17:25:57.0294 0x0f80  SysMain - ok

17:25:57.0325 0x0f80  [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll

17:25:57.0341 0x0f80  SystemEventsBroker - ok

17:25:57.0372 0x0f80  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll

17:25:57.0372 0x0f80  TabletInputService - ok

17:25:57.0403 0x0f80  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

17:25:57.0419 0x0f80  TapiSrv - ok

17:25:57.0512 0x0f80  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys

17:25:57.0575 0x0f80  Tcpip - ok

17:25:57.0637 0x0f80  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys

17:25:57.0700 0x0f80  TCPIP6 - ok

17:25:57.0731 0x0f80  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys

17:25:57.0731 0x0f80  tcpipreg - ok

17:25:57.0762 0x0f80  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys

17:25:57.0762 0x0f80  tdx - ok

17:25:57.0794 0x0f80  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys

17:25:57.0794 0x0f80  terminpt - ok

17:25:57.0856 0x0f80  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll

17:25:57.0887 0x0f80  TermService - ok

17:25:57.0919 0x0f80  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll

17:25:57.0919 0x0f80  Themes - ok

17:25:57.0950 0x0f80  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll

17:25:57.0950 0x0f80  THREADORDER - ok

17:25:57.0981 0x0f80  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll

17:25:57.0981 0x0f80  TimeBroker - ok

17:25:58.0012 0x0f80  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys

17:25:58.0012 0x0f80  TPM - ok

17:25:58.0028 0x0f80  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll

17:25:58.0044 0x0f80  TrkWks - ok

17:25:58.0075 0x0f80  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe

17:25:58.0075 0x0f80  TrustedInstaller - ok

17:25:58.0106 0x0f80  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys

17:25:58.0106 0x0f80  TsUsbFlt - ok

17:25:58.0137 0x0f80  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys

17:25:58.0137 0x0f80  TsUsbGD - ok

17:25:58.0184 0x0f80  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys

17:25:58.0184 0x0f80  tunnel - ok

17:25:58.0200 0x0f80  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys

17:25:58.0216 0x0f80  uagp35 - ok

17:25:58.0231 0x0f80  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys

17:25:58.0231 0x0f80  UASPStor - ok

17:25:58.0247 0x0f80  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys

17:25:58.0262 0x0f80  UCX01000 - ok

17:25:58.0278 0x0f80  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys

17:25:58.0294 0x0f80  udfs - ok

17:25:58.0309 0x0f80  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys

17:25:58.0309 0x0f80  UEFI - ok

17:25:58.0341 0x0f80  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe

17:25:58.0341 0x0f80  UI0Detect - ok

17:25:58.0356 0x0f80  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys

17:25:58.0356 0x0f80  uliagpkx - ok

17:25:58.0403 0x0f80  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys

17:25:58.0403 0x0f80  umbus - ok

17:25:58.0419 0x0f80  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys

17:25:58.0419 0x0f80  UmPass - ok

17:25:58.0450 0x0f80  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll

17:25:58.0466 0x0f80  UmRdpService - ok

17:25:58.0544 0x0f80  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

17:25:58.0559 0x0f80  UNS - ok

17:25:58.0591 0x0f80  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll

17:25:58.0606 0x0f80  upnphost - ok

17:25:58.0622 0x0f80  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys

17:25:58.0637 0x0f80  usbccgp - ok

17:25:58.0653 0x0f80  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys

17:25:58.0669 0x0f80  usbcir - ok

17:25:58.0700 0x0f80  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys

17:25:58.0700 0x0f80  usbehci - ok

17:25:58.0731 0x0f80  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys

17:25:58.0731 0x0f80  usbhub - ok

17:25:58.0778 0x0f80  [ FAA564A13576F9284546BF016D27B551, 1D2CD13DC0B02DD40657EE4F93F4A13C78D2F2EF91685E563D78E217C96DF544 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys

17:25:58.0778 0x0f80  USBHUB3 - ok

17:25:58.0856 0x0f80  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys

17:25:58.0856 0x0f80  usbohci - ok

17:25:58.0888 0x0f80  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys

17:25:58.0888 0x0f80  usbprint - ok

17:25:58.0903 0x0f80  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS

17:25:58.0919 0x0f80  USBSTOR - ok

17:25:58.0934 0x0f80  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys

17:25:58.0934 0x0f80  usbuhci - ok

17:25:58.0966 0x0f80  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys

17:25:58.0966 0x0f80  usbvideo - ok

17:25:58.0997 0x0f80  [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS

17:25:59.0012 0x0f80  USBXHCI - ok

17:25:59.0028 0x0f80  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe

17:25:59.0028 0x0f80  VaultSvc - ok

17:25:59.0059 0x0f80  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys

17:25:59.0059 0x0f80  vdrvroot - ok

17:25:59.0106 0x0f80  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe

17:25:59.0137 0x0f80  vds - ok

17:25:59.0184 0x0f80  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys

17:25:59.0184 0x0f80  VerifierExt - ok

17:25:59.0216 0x0f80  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys

17:25:59.0231 0x0f80  vhdmp - ok

17:25:59.0263 0x0f80  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys

17:25:59.0263 0x0f80  viaide - ok

17:25:59.0294 0x0f80  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys

17:25:59.0294 0x0f80  vmbus - ok

17:25:59.0294 0x0f80  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys

17:25:59.0294 0x0f80  VMBusHID - ok

17:25:59.0341 0x0f80  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll

17:25:59.0356 0x0f80  vmicguestinterface - ok

17:25:59.0388 0x0f80  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll

17:25:59.0388 0x0f80  vmicheartbeat - ok

17:25:59.0419 0x0f80  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll

17:25:59.0419 0x0f80  vmickvpexchange - ok

17:25:59.0450 0x0f80  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll

17:25:59.0450 0x0f80  vmicrdv - ok

17:25:59.0481 0x0f80  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll

17:25:59.0481 0x0f80  vmicshutdown - ok

17:25:59.0513 0x0f80  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll

17:25:59.0513 0x0f80  vmictimesync - ok

17:25:59.0544 0x0f80  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll

17:25:59.0544 0x0f80  vmicvss - ok

17:25:59.0575 0x0f80  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys

17:25:59.0575 0x0f80  volmgr - ok

17:25:59.0606 0x0f80  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys

17:25:59.0622 0x0f80  volmgrx - ok

17:25:59.0653 0x0f80  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys

17:25:59.0669 0x0f80  volsnap - ok

17:25:59.0685 0x0f80  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys

17:25:59.0685 0x0f80  vpci - ok

17:25:59.0700 0x0f80  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys

17:25:59.0700 0x0f80  vsmraid - ok

17:25:59.0778 0x0f80  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\WINDOWS\system32\vssvc.exe

17:25:59.0809 0x0f80  VSS - ok

17:25:59.0841 0x0f80  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys

17:25:59.0856 0x0f80  VSTXRAID - ok

17:25:59.0888 0x0f80  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys

17:25:59.0888 0x0f80  vwifibus - ok

17:25:59.0919 0x0f80  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys

17:25:59.0919 0x0f80  vwififlt - ok

17:25:59.0934 0x0f80  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys

17:25:59.0934 0x0f80  vwifimp - ok

17:25:59.0981 0x0f80  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll

17:25:59.0981 0x0f80  W32Time - ok

17:26:00.0013 0x0f80  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys

17:26:00.0013 0x0f80  WacomPen - ok

17:26:00.0075 0x0f80  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\WINDOWS\system32\wbengine.exe

17:26:00.0122 0x0f80  wbengine - ok

17:26:00.0169 0x0f80  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll

17:26:00.0184 0x0f80  WbioSrvc - ok

17:26:00.0216 0x0f80  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll

17:26:00.0216 0x0f80  Wcmsvc - ok

17:26:00.0263 0x0f80  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll

17:26:00.0278 0x0f80  wcncsvc - ok

17:26:00.0309 0x0f80  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll

17:26:00.0309 0x0f80  WcsPlugInService - ok

17:26:00.0325 0x0f80  [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys

17:26:00.0325 0x0f80  WdBoot - ok

17:26:00.0372 0x0f80  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys

17:26:00.0388 0x0f80  Wdf01000 - ok

17:26:00.0419 0x0f80  [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys

17:26:00.0419 0x0f80  WdFilter - ok

17:26:00.0450 0x0f80  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll

17:26:00.0450 0x0f80  WdiServiceHost - ok

17:26:00.0450 0x0f80  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll

17:26:00.0466 0x0f80  WdiSystemHost - ok

17:26:00.0481 0x0f80  [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys

17:26:00.0481 0x0f80  WdNisDrv - ok

17:26:00.0513 0x0f80  WdNisSvc - ok

17:26:00.0544 0x0f80  [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient       C:\WINDOWS\System32\webclnt.dll

17:26:00.0559 0x0f80  WebClient - ok

17:26:00.0591 0x0f80  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll

17:26:00.0591 0x0f80  Wecsvc - ok

17:26:00.0606 0x0f80  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll

17:26:00.0622 0x0f80  WEPHOSTSVC - ok

17:26:00.0653 0x0f80  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll

17:26:00.0653 0x0f80  wercplsupport - ok

17:26:00.0669 0x0f80  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll

17:26:00.0684 0x0f80  WerSvc - ok

17:26:00.0716 0x0f80  [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys

17:26:00.0716 0x0f80  WFPLWFS - ok

17:26:00.0731 0x0f80  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll

17:26:00.0731 0x0f80  WiaRpc - ok

17:26:00.0763 0x0f80  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys

17:26:00.0763 0x0f80  WIMMount - ok

17:26:00.0763 0x0f80  WinDefend - ok

17:26:00.0809 0x0f80  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll

17:26:00.0841 0x0f80  WinHttpAutoProxySvc - ok

17:26:00.0903 0x0f80  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

17:26:00.0919 0x0f80  Winmgmt - ok

17:26:01.0013 0x0f80  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll

17:26:01.0106 0x0f80  WinRM - ok

17:26:01.0184 0x0f80  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll

17:26:01.0231 0x0f80  WlanSvc - ok

17:26:01.0309 0x0f80  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll

17:26:01.0356 0x0f80  wlidsvc - ok

17:26:01.0388 0x0f80  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys

17:26:01.0388 0x0f80  WmiAcpi - ok

17:26:01.0419 0x0f80  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe

17:26:01.0419 0x0f80  wmiApSrv - ok

17:26:01.0434 0x0f80  WMPNetworkSvc - ok

17:26:01.0466 0x0f80  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys

17:26:01.0466 0x0f80  Wof - ok

17:26:01.0559 0x0f80  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll

17:26:01.0606 0x0f80  workfolderssvc - ok

17:26:01.0638 0x0f80  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys

17:26:01.0638 0x0f80  wpcfltr - ok

17:26:01.0653 0x0f80  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll

17:26:01.0653 0x0f80  WPCSvc - ok

17:26:01.0685 0x0f80  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll

17:26:01.0685 0x0f80  WPDBusEnum - ok

17:26:01.0716 0x0f80  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys

17:26:01.0716 0x0f80  WpdUpFltr - ok

17:26:01.0731 0x0f80  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys

17:26:01.0731 0x0f80  ws2ifsl - ok

17:26:01.0763 0x0f80  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll

17:26:01.0763 0x0f80  wscsvc - ok

17:26:01.0763 0x0f80  WSearch - ok

17:26:01.0888 0x0f80  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll

17:26:02.0013 0x0f80  WSService - ok

17:26:02.0013 0x0f80  wStLibG64 - ok

17:26:02.0153 0x0f80  [ 5F3D70B19BCAC985DA90F22CA2FF45E4, BBD82BAEF0DCA2C6361F8D1ADF5BED36D0F1AB1A2AEADB0E4526B917F40C2E52 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll

17:26:02.0278 0x0f80  wuauserv - ok

17:26:02.0325 0x0f80  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys

17:26:02.0325 0x0f80  WudfPf - ok

17:26:02.0356 0x0f80  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys

17:26:02.0372 0x0f80  WUDFRd - ok

17:26:02.0372 0x0f80  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\WINDOWS\System32\drivers\WUDFRd.sys

17:26:02.0388 0x0f80  WUDFSensorLP - ok

17:26:02.0419 0x0f80  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll

17:26:02.0419 0x0f80  wudfsvc - ok

17:26:02.0435 0x0f80  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys

17:26:02.0435 0x0f80  WUDFWpdFs - ok

17:26:02.0481 0x0f80  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll

17:26:02.0497 0x0f80  WwanSvc - ok

17:26:02.0513 0x0f80  ================ Scan global ===============================

Und hier der 2. Teil:

Code:

17:26:02.0528 0x0f80  [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\WINDOWS\system32\basesrv.dll

17:26:02.0560 0x0f80  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll

17:26:02.0591 0x0f80  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll

17:26:02.0622 0x0f80  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe

17:26:02.0638 0x0f80  [ Global ] - ok

17:26:02.0638 0x0f80  ================ Scan MBR ==================================

17:26:02.0638 0x0f80  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0

17:26:02.0653 0x0f80  \Device\Harddisk0\DR0 - ok

17:26:02.0653 0x0f80  ================ Scan VBR ==================================

17:26:02.0653 0x0f80  [ 4AD23A8B3485171601796748A15F1F89 ] \Device\Harddisk0\DR0\Partition1

17:26:02.0653 0x0f80  \Device\Harddisk0\DR0\Partition1 - ok

17:26:02.0669 0x0f80  [ 97FAE432868BFCEAA2A704CF9253F80E ] \Device\Harddisk0\DR0\Partition2

17:26:02.0685 0x0f80  \Device\Harddisk0\DR0\Partition2 - ok

17:26:02.0700 0x0f80  [ 446ED579EBDF5303BCD1FE047B41C988 ] \Device\Harddisk0\DR0\Partition3

17:26:02.0700 0x0f80  \Device\Harddisk0\DR0\Partition3 - ok

17:26:02.0716 0x0f80  [ 3B2F2B0B846B1A423D747994B58D4E4C ] \Device\Harddisk0\DR0\Partition4

17:26:02.0731 0x0f80  \Device\Harddisk0\DR0\Partition4 - ok

17:26:02.0747 0x0f80  [ D9F75A237CEE735492776EDCFAA69C2F ] \Device\Harddisk0\DR0\Partition5

17:26:02.0763 0x0f80  \Device\Harddisk0\DR0\Partition5 - ok

17:26:02.0778 0x0f80  [ A3B0E0C4386BB0627328FA6AFE0E18D0 ] \Device\Harddisk0\DR0\Partition6

17:26:02.0778 0x0f80  \Device\Harddisk0\DR0\Partition6 - ok

17:26:02.0810 0x0f80  [ 90E5997C4615E856E92770C18D24F4F9 ] \Device\Harddisk0\DR0\Partition7

17:26:02.0825 0x0f80  \Device\Harddisk0\DR0\Partition7 - ok

17:26:02.0825 0x0f80  ================ Scan generic autorun ======================

17:26:02.0888 0x0f80  [ CFF4C979AA720C73EC93918D9730B9E9, 0DC04ACD258DD5FC4A7EA81AC3F8876675424EC35F7ECB996B7C132BAB430A33 ] C:\WINDOWS\system32\igfxtray.exe

17:26:02.0903 0x0f80  IgfxTray - ok

17:26:02.0935 0x0f80  [ 4B9D449ED9880477DEFBA85D512E05F9, B50C589A1F8953617FAD961363CA3538F6C0539FA06D7FAA2EA88320410C7F43 ] C:\WINDOWS\system32\hkcmd.exe

17:26:02.0950 0x0f80  HotKeysCmds - ok

17:26:03.0013 0x0f80  [ 2498449B5CA65A640125164EE0019B14, F4EF4EA34A656984C83DB3BFCD8390ACD76C922A1C253335104C31D371EEDA17 ] C:\WINDOWS\system32\igfxpers.exe

17:26:03.0028 0x0f80  Persistence - ok

17:26:03.0560 0x0f80  [ F6CA3885B1CFE9487C6B17846C5EEB3F, F75D12F8B8795223FE69C2487D9DDE642A073DF75238289B20900060F46E7957 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

17:26:04.0060 0x0f80  RTHDVCPL - ok

17:26:04.0185 0x0f80  [ 977B0D97F30D5AB240361FC972C40898, 7C7526B75B420C2EBAE95C9F7F969D8BE8E086DE0A8001EBEB133E476E661A37 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

17:26:04.0216 0x0f80  RtHDVBg - ok

17:26:04.0232 0x0f80  Adobe Reader Speed Launcher - ok

17:26:04.0372 0x0f80  [ 2362B857693DA580E04ECE28F7D67E7E, EABF4B6502A06B94D07E25D78D8CEF8862B7FE5D117F7F145268B95688A02E62 ] C:\Program Files (x86)\ASUS\APRP\APRP.EXE

17:26:04.0482 0x0f80  ASUSPRP - ok

17:26:04.0653 0x0f80  [ B15880A58755DA0FADB15923013A7957, 4090342AF93538C5F3157605164CF5EC051B6D767B1B7FCCF3265F1D426E88AA ] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe

17:26:04.0732 0x0f80  ASUSWebStorage - ok

17:26:04.0794 0x0f80  [ C049C40CAEE8900130BD5F80B594CC7B, F54FC31662A9B8032B380793D534F34A0C63FED9C84DE313D17A61612EB31DC4 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

17:26:04.0794 0x0f80  RemoteControl10 - ok

17:26:04.0794 0x0f80  mobilegeni daemon - ok

17:26:04.0841 0x0f80  [ A55FB42F0642DBF4817543A58E97721F, A4A8986EA050B1216D85749AB705EB36FE9D0FE0E833281DC63732B1FD4E4687 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

17:26:04.0857 0x0f80  SunJavaUpdateSched - ok

17:26:04.0857 0x0f80  lollipop_01261731 - ok

17:26:04.0857 0x0f80  Waiting for KSN requests completion. In queue: 94

17:26:05.0872 0x0f80  Waiting for KSN requests completion. In queue: 94

17:26:06.0888 0x0f80  Waiting for KSN requests completion. In queue: 94

17:26:07.0904 0x0f80  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x61100 ( enabled : updated )

17:26:07.0950 0x0f80  Win FW state via NFP2: enabled

17:26:10.0294 0x0f80  ============================================================

17:26:10.0294 0x0f80  Scan finished

17:26:10.0294 0x0f80  ============================================================

17:26:10.0294 0x07b0  Detected object count: 0

17:26:10.0294 0x07b0  Actual detected object count: 0

17:28:30.0030 0x02fc  ============================================================

17:28:30.0030 0x02fc  Scan started

17:28:30.0030 0x02fc  Mode: Manual; SigCheck; TDLFS; 

17:28:30.0030 0x02fc  ============================================================

17:28:30.0030 0x02fc  KSN ping started

17:28:32.0343 0x02fc  KSN ping finished: true

17:28:32.0843 0x02fc  ================ Scan system memory ========================

17:28:32.0843 0x02fc  System memory - ok

17:28:32.0843 0x02fc  ================ Scan services =============================

17:28:32.0999 0x02fc  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys

17:28:33.0062 0x02fc  1394ohci - ok

17:28:33.0093 0x02fc  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys

17:28:33.0109 0x02fc  3ware - ok

17:28:33.0156 0x02fc  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys

17:28:33.0187 0x02fc  ACPI - ok

17:28:33.0202 0x02fc  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys

17:28:33.0218 0x02fc  acpiex - ok

17:28:33.0249 0x02fc  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys

17:28:33.0265 0x02fc  acpipagr - ok

17:28:33.0296 0x02fc  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys

17:28:33.0312 0x02fc  AcpiPmi - ok

17:28:33.0327 0x02fc  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys

17:28:33.0327 0x02fc  acpitime - ok

17:28:33.0390 0x02fc  [ 929593D76589294BA3F74540298D1B3E, 3D1C1772579141BD1040363BD65F2A2D78BF42EC85AE96317AE397E3D5267145 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

17:28:33.0406 0x02fc  AdobeARMservice - ok

17:28:33.0452 0x02fc  [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

17:28:33.0468 0x02fc  AdobeFlashPlayerUpdateSvc - ok

17:28:33.0531 0x02fc  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS

17:28:33.0562 0x02fc  ADP80XX - ok

17:28:33.0593 0x02fc  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll

17:28:33.0640 0x02fc  AeLookupSvc - ok

17:28:33.0702 0x02fc  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys

17:28:33.0718 0x02fc  AFD - ok

17:28:33.0749 0x02fc  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys

17:28:33.0765 0x02fc  agp440 - ok

17:28:33.0796 0x02fc  [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys

17:28:33.0796 0x02fc  ahcache - ok

17:28:33.0843 0x02fc  [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger       C:\WINDOWS\system32\DRIVERS\AiCharger.sys

17:28:33.0843 0x02fc  AiCharger - ok

17:28:33.0874 0x02fc  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe

17:28:33.0906 0x02fc  ALG - ok

17:28:33.0921 0x02fc  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys

17:28:33.0937 0x02fc  AmdK8 - ok

17:28:33.0984 0x02fc  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys

17:28:33.0999 0x02fc  AmdPPM - ok

17:28:34.0031 0x02fc  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys

17:28:34.0031 0x02fc  amdsata - ok

17:28:34.0062 0x02fc  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys

17:28:34.0077 0x02fc  amdsbs - ok

17:28:34.0093 0x02fc  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys

17:28:34.0109 0x02fc  amdxata - ok

17:28:34.0140 0x02fc  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys

17:28:34.0156 0x02fc  AppID - ok

17:28:34.0171 0x02fc  [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll

17:28:34.0187 0x02fc  AppIDSvc - ok

17:28:34.0218 0x02fc  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\WINDOWS\System32\appinfo.dll

17:28:34.0249 0x02fc  Appinfo - ok

17:28:34.0296 0x02fc  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll

17:28:34.0328 0x02fc  AppReadiness - ok

17:28:34.0390 0x02fc  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll

17:28:34.0468 0x02fc  AppXSvc - ok

17:28:34.0499 0x02fc  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys

17:28:34.0515 0x02fc  arcsas - ok

17:28:34.0593 0x02fc  [ DC2BA6926FA0CDCE273CC9897F05584A, CF35A55511C6241679FDB9D48DC43B61D86D071B974E7A668495E2021098E912 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe

17:28:34.0609 0x02fc  ASLDRService - ok

17:28:34.0609 0x02fc  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

17:28:34.0624 0x02fc  ASMMAP64 - ok

17:28:34.0671 0x02fc  [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn  C:\Program Files\ASUS\P4G\InsOnSrv.exe

17:28:34.0687 0x02fc  ASUS InstantOn - ok

17:28:34.0734 0x02fc  [ AAE374280DDC307061A43ED9FAD1AD57, BFBE60D67B4283868D148C38502689FFE52CC7F13F4294E21F47B37D14FB5821 ] Asus WebStorage Windows Service C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe

17:28:34.0749 0x02fc  Asus WebStorage Windows Service - detected UnsignedFile.Multi.Generic ( 1 )

17:28:34.0749 0x02fc  Detect skipped due to KSN trusted

17:28:34.0749 0x02fc  Asus WebStorage Windows Service - ok

17:28:34.0765 0x02fc  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys

17:28:34.0781 0x02fc  atapi - ok

17:28:34.0921 0x02fc  [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr            C:\WINDOWS\system32\DRIVERS\athw8x.sys

17:28:35.0046 0x02fc  athr - ok

17:28:35.0062 0x02fc  [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe

17:28:35.0062 0x02fc  ATKGFNEXSrv - ok

17:28:35.0093 0x02fc  [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys

17:28:35.0093 0x02fc  ATKWMIACPIIO - ok

17:28:35.0124 0x02fc  [ A751FA39AEC7DBA5DCE0D64BB0E3E331, F0D7AE1E6EAD2DAC7EA4E37B4AB30E6ACE8F21CE3C49D2D01B854F36E72F77B5 ] ATP             C:\WINDOWS\System32\drivers\AsusTP.sys

17:28:35.0124 0x02fc  ATP - ok

17:28:35.0171 0x02fc  [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll

17:28:35.0218 0x02fc  AudioEndpointBuilder - ok

17:28:35.0281 0x02fc  [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll

17:28:35.0312 0x02fc  Audiosrv - ok

17:28:35.0343 0x02fc  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll

17:28:35.0374 0x02fc  AxInstSV - ok

17:28:35.0421 0x02fc  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys

17:28:35.0437 0x02fc  b06bdrv - ok

17:28:35.0468 0x02fc  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys

17:28:35.0468 0x02fc  BasicDisplay - ok

17:28:35.0515 0x02fc  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys

17:28:35.0531 0x02fc  BasicRender - ok

17:28:35.0562 0x02fc  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys

17:28:35.0578 0x02fc  bcmfn2 - ok

17:28:35.0609 0x02fc  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\WINDOWS\System32\bdesvc.dll

17:28:35.0656 0x02fc  BDESVC - ok

17:28:35.0687 0x02fc  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

17:28:35.0703 0x02fc  Beep - ok

17:28:35.0749 0x02fc  [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE             C:\WINDOWS\System32\bfe.dll

17:28:35.0781 0x02fc  BFE - ok

17:28:35.0843 0x02fc  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll

17:28:35.0921 0x02fc  BITS - ok

17:28:35.0937 0x02fc  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys

17:28:35.0953 0x02fc  bowser - ok

17:28:35.0984 0x02fc  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll

17:28:36.0031 0x02fc  BrokerInfrastructure - ok

17:28:36.0062 0x02fc  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll

17:28:36.0093 0x02fc  Browser - ok

17:28:36.0140 0x02fc  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys

17:28:36.0156 0x02fc  BthAvrcpTg - ok

17:28:36.0187 0x02fc  [ 67343511D80BF3D6D9EEDB5BA8D0B06B, 28436B2E62762686C4FF4FA3F9E7ABB56DA9D6884B6C924ACC544161400593DD ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys

17:28:36.0203 0x02fc  BthHFEnum - ok

17:28:36.0203 0x02fc  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys

17:28:36.0234 0x02fc  bthhfhid - ok

17:28:36.0265 0x02fc  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll

17:28:36.0312 0x02fc  BthHFSrv - ok

17:28:36.0343 0x02fc  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys

17:28:36.0374 0x02fc  BTHMODEM - ok

17:28:36.0390 0x02fc  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll

17:28:36.0421 0x02fc  bthserv - ok

17:28:36.0515 0x02fc  [ 1F79342D9EB530A48742F651E570983A, 99E0B613C23FA8591E248DFA6FF2D3EE19E262BE6E070A0E43E256B69687017F ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

17:28:36.0562 0x02fc  c2cautoupdatesvc - ok

17:28:36.0640 0x02fc  [ E4938E0A376CF0B9D989EE5C0A146891, 9DF6AB5781CD60862D9664CA9A8AF0696A1FB6D09D804CD8DE9630F40DE59E90 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

17:28:36.0703 0x02fc  c2cpnrsvc - ok

17:28:36.0734 0x02fc  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys

17:28:36.0750 0x02fc  cdfs - ok

17:28:36.0765 0x02fc  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys

17:28:36.0781 0x02fc  cdrom - ok

17:28:36.0812 0x02fc  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll

17:28:36.0843 0x02fc  CertPropSvc - ok

17:28:36.0875 0x02fc  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys

17:28:36.0890 0x02fc  circlass - ok

17:28:36.0921 0x02fc  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys

17:28:36.0953 0x02fc  CLFS - ok

17:28:36.0984 0x02fc  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys

17:28:36.0984 0x02fc  CmBatt - ok

17:28:37.0031 0x02fc  [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys

17:28:37.0062 0x02fc  CNG - ok

17:28:37.0078 0x02fc  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys

17:28:37.0109 0x02fc  CompositeBus - ok

17:28:37.0109 0x02fc  COMSysApp - ok

17:28:37.0125 0x02fc  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys

17:28:37.0140 0x02fc  condrv - ok

17:28:37.0218 0x02fc  [ F9693D45B0F1B346CCDEEC1F341AD389, 342C81EFB434EAC29865F8BB049051635C644D7EF355D0F5FB3ADD9DDCE55D82 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

17:28:37.0234 0x02fc  cphs - ok

17:28:37.0265 0x02fc  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll

17:28:37.0312 0x02fc  CryptSvc - ok

17:28:37.0328 0x02fc  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys

17:28:37.0343 0x02fc  dam - ok

17:28:37.0390 0x02fc  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

17:28:37.0453 0x02fc  DcomLaunch - ok

17:28:37.0484 0x02fc  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll

17:28:37.0515 0x02fc  defragsvc - ok

17:28:37.0562 0x02fc  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll

17:28:37.0593 0x02fc  DeviceAssociationService - ok

17:28:37.0625 0x02fc  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll

17:28:37.0671 0x02fc  DeviceInstall - ok

17:28:37.0687 0x02fc  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys

17:28:37.0703 0x02fc  Dfsc - ok

17:28:37.0750 0x02fc  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll

17:28:37.0796 0x02fc  Dhcp - ok

17:28:37.0812 0x02fc  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys

17:28:37.0828 0x02fc  disk - ok

17:28:37.0859 0x02fc  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys

17:28:37.0875 0x02fc  dmvsc - ok

17:28:37.0906 0x02fc  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

17:28:37.0937 0x02fc  Dnscache - ok

17:28:37.0968 0x02fc  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll

17:28:38.0000 0x02fc  dot3svc - ok

17:28:38.0031 0x02fc  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll

17:28:38.0062 0x02fc  DPS - ok

17:28:38.0078 0x02fc  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

17:28:38.0093 0x02fc  drmkaud - ok

17:28:38.0125 0x02fc  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll

17:28:38.0140 0x02fc  DsmSvc - ok

17:28:38.0218 0x02fc  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys

17:28:38.0281 0x02fc  DXGKrnl - ok

17:28:38.0312 0x02fc  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll

17:28:38.0343 0x02fc  Eaphost - ok

17:28:38.0484 0x02fc  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys

17:28:38.0593 0x02fc  ebdrv - ok

17:28:38.0625 0x02fc  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe

17:28:38.0640 0x02fc  EFS - ok

17:28:38.0671 0x02fc  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys

17:28:38.0687 0x02fc  EhStorClass - ok

17:28:38.0703 0x02fc  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys

17:28:38.0703 0x02fc  EhStorTcgDrv - ok

17:28:38.0718 0x02fc  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys

17:28:38.0750 0x02fc  ErrDev - ok

17:28:38.0796 0x02fc  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll

17:28:38.0843 0x02fc  EventSystem - ok

17:28:38.0875 0x02fc  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys

17:28:38.0906 0x02fc  exfat - ok

17:28:38.0953 0x02fc  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys

17:28:38.0968 0x02fc  fastfat - ok

17:28:39.0015 0x02fc  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe

17:28:39.0062 0x02fc  Fax - ok

17:28:39.0078 0x02fc  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys

17:28:39.0109 0x02fc  fdc - ok

17:28:39.0125 0x02fc  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll

17:28:39.0172 0x02fc  fdPHost - ok

17:28:39.0187 0x02fc  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll

17:28:39.0203 0x02fc  FDResPub - ok

17:28:39.0234 0x02fc  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll

17:28:39.0281 0x02fc  fhsvc - ok

17:28:39.0312 0x02fc  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys

17:28:39.0328 0x02fc  FileInfo - ok

17:28:39.0343 0x02fc  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys

17:28:39.0375 0x02fc  Filetrace - ok

17:28:39.0390 0x02fc  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys

17:28:39.0406 0x02fc  flpydisk - ok

17:28:39.0437 0x02fc  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

17:28:39.0468 0x02fc  FltMgr - ok

17:28:39.0531 0x02fc  [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache       C:\WINDOWS\system32\FntCache.dll

17:28:39.0593 0x02fc  FontCache - ok

17:28:39.0687 0x02fc  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

17:28:39.0703 0x02fc  FontCache3.0.0.0 - ok

17:28:39.0734 0x02fc  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys

17:28:39.0734 0x02fc  FsDepends - ok

17:28:39.0781 0x02fc  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

17:28:39.0781 0x02fc  Fs_Rec - ok

17:28:39.0828 0x02fc  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys

17:28:39.0859 0x02fc  fvevol - ok

17:28:39.0875 0x02fc  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys

17:28:39.0890 0x02fc  FxPPM - ok

17:28:39.0922 0x02fc  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys

17:28:39.0937 0x02fc  gagp30kx - ok

17:28:39.0953 0x02fc  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys

17:28:39.0984 0x02fc  gencounter - ok

17:28:40.0000 0x02fc  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys

17:28:40.0015 0x02fc  GPIOClx0101 - ok

17:28:40.0093 0x02fc  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll

17:28:40.0156 0x02fc  gpsvc - ok

17:28:40.0187 0x02fc  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys

17:28:40.0218 0x02fc  HDAudBus - ok

17:28:40.0250 0x02fc  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys

17:28:40.0265 0x02fc  HidBatt - ok

17:28:40.0297 0x02fc  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys

17:28:40.0312 0x02fc  HidBth - ok

17:28:40.0328 0x02fc  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys

17:28:40.0343 0x02fc  hidi2c - ok

17:28:40.0375 0x02fc  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys

17:28:40.0390 0x02fc  HidIr - ok

17:28:40.0406 0x02fc  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll

17:28:40.0453 0x02fc  hidserv - ok

17:28:40.0500 0x02fc  [ A9F2301B8D28BB4D887F5AEBB55ACB3A, 886B04224CA0A90B4FD0B9F8D243EED4FBA367D078FB1CAF99EE671FE1FCEC27 ] HIDSwitch       C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys

17:28:40.0500 0x02fc  HIDSwitch - ok

17:28:40.0531 0x02fc  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys

17:28:40.0547 0x02fc  HidUsb - ok

17:28:40.0578 0x02fc  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll

17:28:40.0640 0x02fc  hkmsvc - ok

17:28:40.0687 0x02fc  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll

17:28:40.0734 0x02fc  HomeGroupListener - ok

17:28:40.0765 0x02fc  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll

17:28:40.0797 0x02fc  HomeGroupProvider - ok

17:28:40.0828 0x02fc  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys

17:28:40.0843 0x02fc  HpSAMD - ok

17:28:40.0890 0x02fc  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys

17:28:40.0937 0x02fc  HTTP - ok

17:28:40.0969 0x02fc  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys

17:28:40.0969 0x02fc  hwpolicy - ok

17:28:40.0984 0x02fc  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys

17:28:41.0015 0x02fc  hyperkbd - ok

17:28:41.0031 0x02fc  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys

17:28:41.0062 0x02fc  HyperVideo - ok

17:28:41.0094 0x02fc  [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys

17:28:41.0109 0x02fc  i8042prt - ok

17:28:41.0109 0x02fc  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys

17:28:41.0125 0x02fc  iaLPSSi_GPIO - ok

17:28:41.0140 0x02fc  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys

17:28:41.0140 0x02fc  iaLPSSi_I2C - ok

17:28:41.0203 0x02fc  [ 0A34D806EF2767E62CAFEA1A150A8830, 2C5C9C0924C6AE379E3CD071E6687885006843A17742B083CE14719F666F7FE6 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys

17:28:41.0234 0x02fc  iaStorA - ok

17:28:41.0281 0x02fc  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys

17:28:41.0312 0x02fc  iaStorAV - ok

17:28:41.0343 0x02fc  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys

17:28:41.0359 0x02fc  iaStorV - ok

17:28:41.0437 0x02fc  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe

17:28:41.0453 0x02fc  ICCS - ok

17:28:41.0453 0x02fc  IEEtwCollectorService - ok

17:28:41.0594 0x02fc  [ 16D939A13CFB82DEE0B9DB12E45C7B4E, D09C57DE3EF7F6BEDD354FEEDB46260FDCF9F9A0F2D096FFD518509AD041AAC5 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys

17:28:41.0734 0x02fc  igfx - ok

17:28:41.0812 0x02fc  [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll

17:28:41.0844 0x02fc  IKEEXT - ok

17:28:41.0890 0x02fc  [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys

17:28:41.0890 0x02fc  intaud_WaveExtensible - ok

17:28:42.0015 0x02fc  [ 24709D61F21838470F1FCC8C9710A14B, 9C63EE2DCD97F27BC251F2B4337B6FE7963B086E435D12F9947D173AE678CA29 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys

17:28:42.0125 0x02fc  IntcAzAudAddService - ok

17:28:42.0172 0x02fc  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys

17:28:42.0187 0x02fc  IntcDAud - ok

17:28:42.0281 0x02fc  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe

17:28:42.0297 0x02fc  Intel(R) Capability Licensing Service Interface - ok

17:28:42.0344 0x02fc  [ 9656F8E29F6C3161A3E99BCD3A472FF9, 30AD00B53CCB2E4121508729F3471D3C0568F1C32324C398382C97E8BC43ECF0 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe

17:28:42.0359 0x02fc  Intel(R) ME Service - ok

17:28:42.0375 0x02fc  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys

17:28:42.0390 0x02fc  intelide - ok

17:28:42.0406 0x02fc  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys

17:28:42.0422 0x02fc  intelpep - ok

17:28:42.0453 0x02fc  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys

17:28:42.0469 0x02fc  intelppm - ok

17:28:42.0484 0x02fc  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

17:28:42.0500 0x02fc  IpFilterDriver - ok

17:28:42.0547 0x02fc  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll

17:28:42.0594 0x02fc  iphlpsvc - ok

17:28:42.0609 0x02fc  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys

17:28:42.0625 0x02fc  IPMIDRV - ok

17:28:42.0656 0x02fc  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys

17:28:42.0672 0x02fc  IPNAT - ok

17:28:42.0703 0x02fc  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys

17:28:42.0719 0x02fc  IRENUM - ok

17:28:42.0750 0x02fc  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys

17:28:42.0765 0x02fc  isapnp - ok

17:28:42.0797 0x02fc  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys

17:28:42.0812 0x02fc  iScsiPrt - ok

17:28:42.0844 0x02fc  [ 2C04ACF9070282AC9AA837C52CA3C128, 2C68FE2E876E5089F27021038E868E21288F694F3ED0390AED5B4712CC7567EC ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys

17:28:42.0859 0x02fc  iwdbus - ok

17:28:42.0890 0x02fc  [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

17:28:42.0906 0x02fc  jhi_service - ok

17:28:42.0937 0x02fc  [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys

17:28:42.0953 0x02fc  kbdclass - ok

17:28:42.0984 0x02fc  [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys

17:28:43.0000 0x02fc  kbdhid - ok

17:28:43.0031 0x02fc  [ A8080BEBCDB7A16495CE1205921DCAC5, D4B0EF97B75BF75934A0BEEE48CACD20E8F505600C3A07243DF7627680EE8552 ] kbfiltr         C:\WINDOWS\System32\drivers\kbfiltr.sys

17:28:43.0031 0x02fc  kbfiltr - ok

17:28:43.0062 0x02fc  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys

17:28:43.0078 0x02fc  kdnic - ok

17:28:43.0094 0x02fc  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe

17:28:43.0109 0x02fc  KeyIso - ok

17:28:43.0140 0x02fc  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys

17:28:43.0156 0x02fc  KSecDD - ok

17:28:43.0187 0x02fc  [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys

17:28:43.0203 0x02fc  KSecPkg - ok

17:28:43.0203 0x02fc  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys

17:28:43.0219 0x02fc  ksthunk - ok

17:28:43.0250 0x02fc  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll

17:28:43.0281 0x02fc  KtmRm - ok

17:28:43.0312 0x02fc  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll

17:28:43.0344 0x02fc  LanmanServer - ok

17:28:43.0375 0x02fc  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll

17:28:43.0406 0x02fc  LanmanWorkstation - ok

17:28:43.0453 0x02fc  [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll

17:28:43.0515 0x02fc  lfsvc - ok

17:28:43.0547 0x02fc  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys

17:28:43.0578 0x02fc  lltdio - ok

17:28:43.0609 0x02fc  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll

17:28:43.0640 0x02fc  lltdsvc - ok

17:28:43.0656 0x02fc  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll

17:28:43.0703 0x02fc  lmhosts - ok

17:28:43.0734 0x02fc  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

17:28:43.0812 0x02fc  LMS - ok

17:28:43.0859 0x02fc  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys

17:28:43.0875 0x02fc  LSI_SAS - ok

17:28:43.0922 0x02fc  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys

17:28:43.0937 0x02fc  LSI_SAS2 - ok

17:28:43.0953 0x02fc  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys

17:28:43.0969 0x02fc  LSI_SAS3 - ok

17:28:43.0984 0x02fc  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys

17:28:44.0000 0x02fc  LSI_SSS - ok

17:28:44.0047 0x02fc  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll

17:28:44.0109 0x02fc  LSM - ok

17:28:44.0156 0x02fc  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys

17:28:44.0172 0x02fc  luafv - ok

17:28:44.0172 0x02fc  mbamchameleon - ok

17:28:44.0219 0x02fc  [ E9CD058C79EA15B4AA93E259FA713B07, 2B09F65188D8782F9C797545F2F791EC7EAB85D8914B2C0B30BD869C412E3980 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys

17:28:44.0234 0x02fc  MBAMSwissArmy - ok

17:28:44.0281 0x02fc  [ 1D51C3DFE16003D418A077711BAA70A1, CC4665951BFC424369D2FD9940D0FD1062F4B26E9DED76F6BA5DB75CAF4CCE2D ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe

17:28:44.0297 0x02fc  McAfee SiteAdvisor Service - ok

17:28:44.0312 0x02fc  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys

17:28:44.0328 0x02fc  megasas - ok

17:28:44.0359 0x02fc  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys

17:28:44.0391 0x02fc  megasr - ok

17:28:44.0422 0x02fc  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys

17:28:44.0437 0x02fc  MEIx64 - ok

17:28:44.0453 0x02fc  [ 1A0C96A38A888838DF9523C973E3FE87, 9C41EDBFA21DF2684EED81AD56FC440AED002FB5C760DECFF1A454835273637B ] mfeapfk         C:\WINDOWS\system32\drivers\mfeapfk.sys

17:28:44.0469 0x02fc  mfeapfk - ok

17:28:44.0516 0x02fc  [ 29D0483A9EBB01DB2036A52E3BF23D6B, D4D6FDE489E937634BEA2C2F5DF65C560E5160AD9EA85088A59AE88FD9C06B2E ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys

17:28:44.0547 0x02fc  mfehidk - ok

17:28:44.0578 0x02fc  [ 4B34DFBC138C5C8FAC6F814575E41376, 584F76A0EA8ADAC415D118796E7B08969ABE717CB0FCC2D3B505BF86450D4E40 ] mfencrk         C:\WINDOWS\system32\DRIVERS\mfencrk.sys

17:28:44.0578 0x02fc  mfencrk - ok

17:28:44.0609 0x02fc  [ 9A642F163F1FB12DE395A6010A9AD687, A86E092417C0C40E6FB9F6206D82391CEE4495FFA6F8A442BE50D349ACBA44B9 ] mfevtp          C:\WINDOWS\system32\mfevtps.exe

17:28:44.0625 0x02fc  mfevtp - ok

17:28:44.0656 0x02fc  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll

17:28:44.0687 0x02fc  MMCSS - ok

17:28:44.0719 0x02fc  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys

17:28:44.0750 0x02fc  Modem - ok

17:28:44.0750 0x02fc  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys

17:28:44.0766 0x02fc  monitor - ok

17:28:44.0797 0x02fc  [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys

17:28:44.0812 0x02fc  mouclass - ok

17:28:44.0844 0x02fc  [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys

17:28:44.0859 0x02fc  mouhid - ok

17:28:44.0891 0x02fc  [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys

17:28:44.0906 0x02fc  mountmgr - ok

17:28:44.0937 0x02fc  [ DD370A8148862150BA81A3F5C56A1E40, F56B84297BDC32266CB69D10FB2D66B8B332D60CAB7E64E4E3AC2BB749BBD31B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

17:28:44.0937 0x02fc  MozillaMaintenance - ok

17:28:44.0969 0x02fc  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys

17:28:44.0984 0x02fc  mpsdrv - ok

17:28:45.0031 0x02fc  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll

17:28:45.0078 0x02fc  MpsSvc - ok

17:28:45.0109 0x02fc  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys

17:28:45.0125 0x02fc  MRxDAV - ok

17:28:45.0156 0x02fc  [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

17:28:45.0187 0x02fc  mrxsmb - ok

17:28:45.0219 0x02fc  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys

17:28:45.0234 0x02fc  mrxsmb10 - ok

17:28:45.0266 0x02fc  [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys

17:28:45.0281 0x02fc  mrxsmb20 - ok

17:28:45.0312 0x02fc  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys

17:28:45.0328 0x02fc  MsBridge - ok

17:28:45.0359 0x02fc  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe

17:28:45.0375 0x02fc  MSDTC - ok

17:28:45.0406 0x02fc  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

17:28:45.0422 0x02fc  Msfs - ok

17:28:45.0453 0x02fc  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys

17:28:45.0469 0x02fc  msgpiowin32 - ok

17:28:45.0484 0x02fc  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys

17:28:45.0500 0x02fc  mshidkmdf - ok

17:28:45.0516 0x02fc  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys

17:28:45.0531 0x02fc  mshidumdf - ok

17:28:45.0547 0x02fc  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys

17:28:45.0562 0x02fc  msisadrv - ok

17:28:45.0594 0x02fc  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll

17:28:45.0609 0x02fc  MSiSCSI - ok

17:28:45.0609 0x02fc  msiserver - ok

17:28:45.0641 0x02fc  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

17:28:45.0672 0x02fc  MSKSSRV - ok

17:28:45.0687 0x02fc  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys

17:28:45.0703 0x02fc  MsLldp - ok

17:28:45.0734 0x02fc  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

17:28:45.0750 0x02fc  MSPCLOCK - ok

17:28:45.0750 0x02fc  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

17:28:45.0781 0x02fc  MSPQM - ok

17:28:45.0812 0x02fc  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys

17:28:45.0828 0x02fc  MsRPC - ok

17:28:45.0859 0x02fc  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys

17:28:45.0859 0x02fc  mssmbios - ok

17:28:45.0875 0x02fc  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys

17:28:45.0906 0x02fc  MSTEE - ok

17:28:45.0906 0x02fc  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys

17:28:45.0937 0x02fc  MTConfig - ok

17:28:45.0953 0x02fc  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys

17:28:45.0953 0x02fc  Mup - ok

17:28:45.0984 0x02fc  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys

17:28:46.0000 0x02fc  mvumis - ok

17:28:46.0031 0x02fc  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll

17:28:46.0078 0x02fc  napagent - ok

17:28:46.0109 0x02fc  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys

17:28:46.0141 0x02fc  NativeWifiP - ok

17:28:46.0187 0x02fc  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll

17:28:46.0219 0x02fc  NcaSvc - ok

17:28:46.0250 0x02fc  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll

17:28:46.0297 0x02fc  NcbService - ok

17:28:46.0328 0x02fc  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll

17:28:46.0375 0x02fc  NcdAutoSetup - ok

17:28:46.0422 0x02fc  [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys

17:28:46.0484 0x02fc  NDIS - ok

17:28:46.0516 0x02fc  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys

17:28:46.0531 0x02fc  NdisCap - ok

17:28:46.0547 0x02fc  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys

17:28:46.0563 0x02fc  NdisImPlatform - ok

17:28:46.0578 0x02fc  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

17:28:46.0594 0x02fc  NdisTapi - ok

17:28:46.0609 0x02fc  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

17:28:46.0625 0x02fc  Ndisuio - ok

17:28:46.0641 0x02fc  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys

17:28:46.0672 0x02fc  NdisVirtualBus - ok

17:28:46.0688 0x02fc  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

17:28:46.0719 0x02fc  NdisWan - ok

17:28:46.0719 0x02fc  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys

17:28:46.0750 0x02fc  NdisWanLegacy - ok

17:28:46.0766 0x02fc  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

17:28:46.0781 0x02fc  NDProxy - ok

17:28:46.0813 0x02fc  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys

17:28:46.0828 0x02fc  Ndu - ok

17:28:46.0859 0x02fc  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

17:28:46.0891 0x02fc  NetBIOS - ok

17:28:46.0906 0x02fc  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

17:28:46.0922 0x02fc  NetBT - ok

17:28:46.0938 0x02fc  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe

17:28:46.0953 0x02fc  Netlogon - ok

17:28:46.0984 0x02fc  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll

17:28:47.0016 0x02fc  Netman - ok

17:28:47.0047 0x02fc  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll

17:28:47.0078 0x02fc  netprofm - ok

17:28:47.0125 0x02fc  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:28:47.0141 0x02fc  NetTcpPortSharing - ok

17:28:47.0156 0x02fc  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys

17:28:47.0172 0x02fc  netvsc - ok

17:28:47.0219 0x02fc  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll

17:28:47.0250 0x02fc  NlaSvc - ok

17:28:47.0266 0x02fc  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

17:28:47.0297 0x02fc  Npfs - ok

17:28:47.0328 0x02fc  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys

17:28:47.0328 0x02fc  npsvctrig - ok

17:28:47.0359 0x02fc  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll

17:28:47.0375 0x02fc  nsi - ok

17:28:47.0391 0x02fc  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys

17:28:47.0422 0x02fc  nsiproxy - ok

17:28:47.0516 0x02fc  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

17:28:47.0594 0x02fc  Ntfs - ok

17:28:47.0609 0x02fc  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys

17:28:47.0625 0x02fc  Null - ok

17:28:47.0641 0x02fc  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys

17:28:47.0656 0x02fc  nvraid - ok

17:28:47.0672 0x02fc  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys

17:28:47.0688 0x02fc  nvstor - ok

17:28:47.0719 0x02fc  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys

17:28:47.0734 0x02fc  nv_agp - ok

17:28:47.0781 0x02fc  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll

17:28:47.0828 0x02fc  p2pimsvc - ok

17:28:47.0875 0x02fc  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll

17:28:47.0906 0x02fc  p2psvc - ok

17:28:47.0938 0x02fc  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys

17:28:47.0953 0x02fc  Parport - ok

17:28:47.0984 0x02fc  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys

17:28:48.0000 0x02fc  partmgr - ok

17:28:48.0031 0x02fc  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll

17:28:48.0078 0x02fc  PcaSvc - ok

17:28:48.0125 0x02fc  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys

17:28:48.0141 0x02fc  pci - ok

17:28:48.0156 0x02fc  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys

17:28:48.0156 0x02fc  pciide - ok

17:28:48.0188 0x02fc  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys

17:28:48.0203 0x02fc  pcmcia - ok

17:28:48.0219 0x02fc  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys

17:28:48.0234 0x02fc  pcw - ok

17:28:48.0266 0x02fc  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys

17:28:48.0281 0x02fc  pdc - ok

17:28:48.0328 0x02fc  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys

17:28:48.0359 0x02fc  PEAUTH - ok

17:28:48.0406 0x02fc  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe

17:28:48.0438 0x02fc  PerfHost - ok

17:28:48.0531 0x02fc  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll

17:28:48.0578 0x02fc  pla - ok

17:28:48.0609 0x02fc  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll

17:28:48.0625 0x02fc  PlugPlay - ok

17:28:48.0641 0x02fc  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll

17:28:48.0656 0x02fc  PNRPAutoReg - ok

17:28:48.0688 0x02fc  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll

17:28:48.0719 0x02fc  PNRPsvc - ok

17:28:48.0750 0x02fc  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll

17:28:48.0781 0x02fc  PolicyAgent - ok

17:28:48.0813 0x02fc  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll

17:28:48.0844 0x02fc  Power - ok

17:28:48.0985 0x02fc  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll

17:28:49.0094 0x02fc  PrintNotify - ok

17:28:49.0110 0x02fc  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys

17:28:49.0141 0x02fc  Processor - ok

17:28:49.0188 0x02fc  [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll

17:28:49.0235 0x02fc  ProfSvc - ok

17:28:49.0250 0x02fc  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys

17:28:49.0266 0x02fc  Psched - ok

17:28:49.0297 0x02fc  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll

17:28:49.0328 0x02fc  QWAVE - ok

17:28:49.0360 0x02fc  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys

17:28:49.0360 0x02fc  QWAVEdrv - ok

17:28:49.0375 0x02fc  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

17:28:49.0391 0x02fc  RasAcd - ok

17:28:49.0422 0x02fc  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

17:28:49.0453 0x02fc  RasAuto - ok

17:28:49.0485 0x02fc  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\WINDOWS\System32\rasmans.dll

17:28:49.0516 0x02fc  RasMan - ok

17:28:49.0531 0x02fc  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

17:28:49.0563 0x02fc  RasPppoe - ok

17:28:49.0594 0x02fc  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

17:28:49.0625 0x02fc  rdbss - ok

17:28:49.0656 0x02fc  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys

17:28:49.0672 0x02fc  rdpbus - ok

17:28:49.0688 0x02fc  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys

17:28:49.0703 0x02fc  RDPDR - ok

17:28:49.0735 0x02fc  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys

17:28:49.0750 0x02fc  RdpVideoMiniport - ok

17:28:49.0781 0x02fc  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys

17:28:49.0813 0x02fc  rdyboost - ok

17:28:49.0844 0x02fc  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys

17:28:49.0891 0x02fc  ReFS - ok

17:28:49.0938 0x02fc  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

17:28:49.0953 0x02fc  RemoteAccess - ok

17:28:49.0985 0x02fc  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll

17:28:50.0016 0x02fc  RemoteRegistry - ok

17:28:50.0047 0x02fc  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll

17:28:50.0063 0x02fc  RpcEptMapper - ok

17:28:50.0078 0x02fc  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe

17:28:50.0125 0x02fc  RpcLocator - ok

17:28:50.0172 0x02fc  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\WINDOWS\system32\rpcss.dll

17:28:50.0219 0x02fc  RpcSs - ok

17:28:50.0235 0x02fc  [ 3E5E130354998D12A3AED76D10112813, FE28A3B5D7B8F18679AF16B9320B372FF0770D9FECA6A0FB4358642B7936433A ] RSBASTOR        C:\WINDOWS\system32\DRIVERS\RtsBaStor.sys

17:28:50.0250 0x02fc  RSBASTOR - ok

17:28:50.0281 0x02fc  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys

17:28:50.0313 0x02fc  rspndr - ok

17:28:50.0344 0x02fc  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys

17:28:50.0375 0x02fc  RTL8168 - ok

17:28:50.0375 0x02fc  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys

17:28:50.0391 0x02fc  s3cap - ok

17:28:50.0422 0x02fc  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe

17:28:50.0438 0x02fc  SamSs - ok

17:28:50.0453 0x02fc  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys

17:28:50.0469 0x02fc  sbp2port - ok

17:28:50.0500 0x02fc  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll

17:28:50.0516 0x02fc  SCardSvr - ok

17:28:50.0547 0x02fc  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll

17:28:50.0578 0x02fc  ScDeviceEnum - ok

17:28:50.0610 0x02fc  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys

17:28:50.0625 0x02fc  scfilter - ok

17:28:50.0672 0x02fc  [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll

17:28:50.0735 0x02fc  Schedule - ok

17:28:50.0781 0x02fc  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll

17:28:50.0797 0x02fc  SCPolicySvc - ok

17:28:50.0813 0x02fc  [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys

17:28:50.0828 0x02fc  sdbus - ok

17:28:50.0860 0x02fc  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys

17:28:50.0875 0x02fc  sdstor - ok

17:28:50.0906 0x02fc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys

17:28:50.0922 0x02fc  secdrv - ok

17:28:50.0938 0x02fc  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\WINDOWS\system32\seclogon.dll

17:28:50.0969 0x02fc  seclogon - ok

17:28:51.0000 0x02fc  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll

17:28:51.0016 0x02fc  SENS - ok

17:28:51.0047 0x02fc  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll

17:28:51.0078 0x02fc  SensrSvc - ok

17:28:51.0110 0x02fc  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys

17:28:51.0125 0x02fc  SerCx - ok

17:28:51.0157 0x02fc  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys

17:28:51.0172 0x02fc  SerCx2 - ok

17:28:51.0203 0x02fc  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys

17:28:51.0203 0x02fc  Serenum - ok

17:28:51.0235 0x02fc  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys

17:28:51.0250 0x02fc  Serial - ok

17:28:51.0297 0x02fc  [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys

17:28:51.0313 0x02fc  sermouse - ok

17:28:51.0360 0x02fc  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll

17:28:51.0407 0x02fc  SessionEnv - ok

17:28:51.0438 0x02fc  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys

17:28:51.0453 0x02fc  sfloppy - ok

17:28:51.0469 0x02fc  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

17:28:51.0516 0x02fc  SharedAccess - ok

17:28:51.0563 0x02fc  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

17:28:51.0610 0x02fc  ShellHWDetection - ok

17:28:51.0641 0x02fc  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys

17:28:51.0657 0x02fc  SiSRaid2 - ok

17:28:51.0688 0x02fc  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys

17:28:51.0703 0x02fc  SiSRaid4 - ok

17:28:51.0766 0x02fc  [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

17:28:51.0782 0x02fc  SkypeUpdate - ok

17:28:51.0813 0x02fc  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll

17:28:51.0828 0x02fc  smphost - ok

17:28:51.0860 0x02fc  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe

17:28:51.0875 0x02fc  SNMPTRAP - ok

17:28:51.0907 0x02fc  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys

17:28:51.0938 0x02fc  spaceport - ok

17:28:51.0953 0x02fc  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys

17:28:51.0969 0x02fc  SpbCx - ok

17:28:52.0016 0x02fc  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe

17:28:52.0094 0x02fc  Spooler - ok

17:28:52.0344 0x02fc  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe

17:28:52.0594 0x02fc  sppsvc - ok

17:28:52.0657 0x02fc  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys

17:28:52.0688 0x02fc  srv - ok

17:28:52.0735 0x02fc  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys

17:28:52.0766 0x02fc  srv2 - ok

17:28:52.0813 0x02fc  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys

17:28:52.0860 0x02fc  srvnet - ok

17:28:52.0891 0x02fc  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

17:28:52.0922 0x02fc  SSDPSRV - ok

17:28:52.0938 0x02fc  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll

17:28:52.0969 0x02fc  SstpSvc - ok

17:28:52.0985 0x02fc  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys

17:28:53.0000 0x02fc  stexstor - ok

17:28:53.0063 0x02fc  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll

17:28:53.0110 0x02fc  stisvc - ok

17:28:53.0125 0x02fc  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys

17:28:53.0141 0x02fc  storahci - ok

17:28:53.0157 0x02fc  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys

17:28:53.0172 0x02fc  storflt - ok

17:28:53.0204 0x02fc  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys

17:28:53.0219 0x02fc  stornvme - ok

17:28:53.0235 0x02fc  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll

17:28:53.0282 0x02fc  StorSvc - ok

17:28:53.0313 0x02fc  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys

17:28:53.0328 0x02fc  storvsc - ok

17:28:53.0344 0x02fc  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll

17:28:53.0360 0x02fc  svsvc - ok

17:28:53.0407 0x02fc  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys

17:28:53.0407 0x02fc  swenum - ok

17:28:53.0453 0x02fc  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll

17:28:53.0500 0x02fc  swprv - ok

17:28:53.0563 0x02fc  [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain         C:\WINDOWS\system32\sysmain.dll

17:28:53.0625 0x02fc  SysMain - ok

17:28:53.0657 0x02fc  [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll

17:28:53.0704 0x02fc  SystemEventsBroker - ok

17:28:53.0750 0x02fc  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll

17:28:53.0797 0x02fc  TabletInputService - ok

17:28:53.0829 0x02fc  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

17:28:53.0875 0x02fc  TapiSrv - ok

17:28:53.0985 0x02fc  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys

17:28:54.0079 0x02fc  Tcpip - ok

17:28:54.0141 0x02fc  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys

17:28:54.0235 0x02fc  TCPIP6 - ok

17:28:54.0313 0x02fc  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys

17:28:54.0329 0x02fc  tcpipreg - ok

17:28:54.0360 0x02fc  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys

17:28:54.0375 0x02fc  tdx - ok

17:28:54.0391 0x02fc  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys

17:28:54.0407 0x02fc  terminpt - ok

17:28:54.0469 0x02fc  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll

17:28:54.0516 0x02fc  TermService - ok

17:28:54.0547 0x02fc  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll

17:28:54.0563 0x02fc  Themes - ok

17:28:54.0594 0x02fc  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll

17:28:54.0594 0x02fc  THREADORDER - ok

17:28:54.0625 0x02fc  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll

17:28:54.0719 0x02fc  TimeBroker - ok

17:28:54.0750 0x02fc  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys

17:28:54.0766 0x02fc  TPM - ok

17:28:54.0797 0x02fc  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll

17:28:54.0813 0x02fc  TrkWks - ok

17:28:54.0844 0x02fc  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe

17:28:54.0891 0x02fc  TrustedInstaller - ok

17:28:54.0907 0x02fc  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys

17:28:54.0922 0x02fc  TsUsbFlt - ok

17:28:54.0938 0x02fc  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys

17:28:54.0954 0x02fc  TsUsbGD - ok

17:28:54.0985 0x02fc  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys

17:28:55.0000 0x02fc  tunnel - ok

17:28:55.0032 0x02fc  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys

17:28:55.0047 0x02fc  uagp35 - ok

17:28:55.0063 0x02fc  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys

17:28:55.0079 0x02fc  UASPStor - ok

17:28:55.0094 0x02fc  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys

17:28:55.0110 0x02fc  UCX01000 - ok

17:28:55.0141 0x02fc  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys

17:28:55.0188 0x02fc  udfs - ok

17:28:55.0188 0x02fc  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys

17:28:55.0204 0x02fc  UEFI - ok

17:28:55.0235 0x02fc  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe

17:28:55.0250 0x02fc  UI0Detect - ok

17:28:55.0266 0x02fc  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys

17:28:55.0282 0x02fc  uliagpkx - ok

17:28:55.0313 0x02fc  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys

17:28:55.0329 0x02fc  umbus - ok

17:28:55.0344 0x02fc  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys

17:28:55.0375 0x02fc  UmPass - ok

17:28:55.0407 0x02fc  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll

17:28:55.0454 0x02fc  UmRdpService - ok

17:28:55.0547 0x02fc  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

17:28:55.0563 0x02fc  UNS - ok

17:28:55.0594 0x02fc  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll

17:28:55.0625 0x02fc  upnphost - ok

17:28:55.0641 0x02fc  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys

17:28:55.0657 0x02fc  usbccgp - ok

17:28:55.0688 0x02fc  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys

17:28:55.0704 0x02fc  usbcir - ok

17:28:55.0735 0x02fc  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys

17:28:55.0750 0x02fc  usbehci - ok

17:28:55.0782 0x02fc  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys

17:28:55.0797 0x02fc  usbhub - ok

17:28:55.0829 0x02fc  [ FAA564A13576F9284546BF016D27B551, 1D2CD13DC0B02DD40657EE4F93F4A13C78D2F2EF91685E563D78E217C96DF544 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys

17:28:55.0860 0x02fc  USBHUB3 - ok

17:28:55.0907 0x02fc  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys

17:28:55.0938 0x02fc  usbohci - ok

17:28:55.0969 0x02fc  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys

17:28:55.0969 0x02fc  usbprint - ok

17:28:56.0016 0x02fc  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS

17:28:56.0032 0x02fc  USBSTOR - ok

17:28:56.0063 0x02fc  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys

17:28:56.0126 0x02fc  usbuhci - ok

17:28:56.0141 0x02fc  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys

17:28:56.0157 0x02fc  usbvideo - ok

17:28:56.0219 0x02fc  [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS

17:28:56.0235 0x02fc  USBXHCI - ok

17:28:56.0251 0x02fc  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe

17:28:56.0266 0x02fc  VaultSvc - ok

17:28:56.0282 0x02fc  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys

17:28:56.0297 0x02fc  vdrvroot - ok

17:28:56.0360 0x02fc  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe

17:28:56.0422 0x02fc  vds - ok

17:28:56.0454 0x02fc  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys

17:28:56.0469 0x02fc  VerifierExt - ok

17:28:56.0516 0x02fc  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys

17:28:56.0547 0x02fc  vhdmp - ok

17:28:56.0579 0x02fc  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys

17:28:56.0594 0x02fc  viaide - ok

17:28:56.0610 0x02fc  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys

17:28:56.0626 0x02fc  vmbus - ok

17:28:56.0641 0x02fc  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys

17:28:56.0641 0x02fc  VMBusHID - ok

17:28:56.0688 0x02fc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll

17:28:56.0719 0x02fc  vmicguestinterface - ok

17:28:56.0735 0x02fc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll

17:28:56.0766 0x02fc  vmicheartbeat - ok

17:28:56.0782 0x02fc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll

17:28:56.0813 0x02fc  vmickvpexchange - ok

17:28:56.0829 0x02fc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll

17:28:56.0860 0x02fc  vmicrdv - ok

17:28:56.0891 0x02fc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll

17:28:56.0922 0x02fc  vmicshutdown - ok

17:28:56.0938 0x02fc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll

17:28:56.0969 0x02fc  vmictimesync - ok

17:28:56.0985 0x02fc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll

17:28:57.0001 0x02fc  vmicvss - ok

17:28:57.0032 0x02fc  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys

17:28:57.0047 0x02fc  volmgr - ok

17:28:57.0079 0x02fc  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys

17:28:57.0094 0x02fc  volmgrx - ok

17:28:57.0126 0x02fc  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys

17:28:57.0141 0x02fc  volsnap - ok

17:28:57.0172 0x02fc  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys

17:28:57.0188 0x02fc  vpci - ok

17:28:57.0204 0x02fc  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys

17:28:57.0219 0x02fc  vsmraid - ok

17:28:57.0282 0x02fc  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\WINDOWS\system32\vssvc.exe

17:28:57.0344 0x02fc  VSS - ok

17:28:57.0376 0x02fc  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys

17:28:57.0407 0x02fc  VSTXRAID - ok

17:28:57.0454 0x02fc  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys

17:28:57.0485 0x02fc  vwifibus - ok

17:28:57.0516 0x02fc  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys

17:28:57.0532 0x02fc  vwififlt - ok

17:28:57.0547 0x02fc  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys

17:28:57.0547 0x02fc  vwifimp - ok

17:28:57.0594 0x02fc  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll

17:28:57.0641 0x02fc  W32Time - ok

17:28:57.0657 0x02fc  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys

17:28:57.0672 0x02fc  WacomPen - ok

17:28:57.0751 0x02fc  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\WINDOWS\system32\wbengine.exe

17:28:57.0813 0x02fc  wbengine - ok

17:28:57.0860 0x02fc  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll

17:28:57.0907 0x02fc  WbioSrvc - ok

17:28:57.0938 0x02fc  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll

17:28:57.0969 0x02fc  Wcmsvc - ok

17:28:58.0001 0x02fc  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll

17:28:58.0032 0x02fc  wcncsvc - ok

17:28:58.0048 0x02fc  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll

17:28:58.0094 0x02fc  WcsPlugInService - ok

17:28:58.0126 0x02fc  [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys

17:28:58.0126 0x02fc  WdBoot - ok

17:28:58.0172 0x02fc  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys

17:28:58.0204 0x02fc  Wdf01000 - ok

17:28:58.0235 0x02fc  [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys

17:28:58.0251 0x02fc  WdFilter - ok

17:28:58.0266 0x02fc  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll

17:28:58.0298 0x02fc  WdiServiceHost - ok

17:28:58.0313 0x02fc  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll

17:28:58.0329 0x02fc  WdiSystemHost - ok

17:28:58.0360 0x02fc  [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys

17:28:58.0360 0x02fc  WdNisDrv - ok

17:28:58.0391 0x02fc  WdNisSvc - ok

17:28:58.0423 0x02fc  [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient       C:\WINDOWS\System32\webclnt.dll

17:28:58.0469 0x02fc  WebClient - ok

17:28:58.0501 0x02fc  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll

17:28:58.0516 0x02fc  Wecsvc - ok

17:28:58.0532 0x02fc  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll

17:28:58.0563 0x02fc  WEPHOSTSVC - ok

17:28:58.0579 0x02fc  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll

17:28:58.0610 0x02fc  wercplsupport - ok

17:28:58.0641 0x02fc  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll

17:28:58.0673 0x02fc  WerSvc - ok

17:28:58.0704 0x02fc  [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys

17:28:58.0719 0x02fc  WFPLWFS - ok

17:28:58.0735 0x02fc  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll

17:28:58.0766 0x02fc  WiaRpc - ok

17:28:58.0782 0x02fc  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys

17:28:58.0798 0x02fc  WIMMount - ok

17:28:58.0798 0x02fc  WinDefend - ok

17:28:58.0844 0x02fc  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll

17:28:58.0891 0x02fc  WinHttpAutoProxySvc - ok

17:28:58.0923 0x02fc  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

17:28:58.0954 0x02fc  Winmgmt - ok

17:28:59.0063 0x02fc  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll

17:28:59.0173 0x02fc  WinRM - ok

17:28:59.0235 0x02fc  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll

17:28:59.0298 0x02fc  WlanSvc - ok

17:28:59.0376 0x02fc  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll

17:28:59.0438 0x02fc  wlidsvc - ok

17:28:59.0469 0x02fc  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys

17:28:59.0485 0x02fc  WmiAcpi - ok

17:28:59.0516 0x02fc  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe

17:28:59.0532 0x02fc  wmiApSrv - ok

17:28:59.0563 0x02fc  WMPNetworkSvc - ok

17:28:59.0579 0x02fc  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys

17:28:59.0594 0x02fc  Wof - ok

17:28:59.0673 0x02fc  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll

17:28:59.0751 0x02fc  workfolderssvc - ok

17:28:59.0782 0x02fc  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys

17:28:59.0798 0x02fc  wpcfltr - ok

17:28:59.0813 0x02fc  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll

17:28:59.0829 0x02fc  WPCSvc - ok

17:28:59.0860 0x02fc  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll

17:28:59.0876 0x02fc  WPDBusEnum - ok

17:28:59.0907 0x02fc  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys

17:28:59.0907 0x02fc  WpdUpFltr - ok

17:28:59.0923 0x02fc  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys

17:28:59.0954 0x02fc  ws2ifsl - ok

17:28:59.0985 0x02fc  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll

17:29:00.0016 0x02fc  wscsvc - ok

17:29:00.0032 0x02fc  WSearch - ok

17:29:00.0157 0x02fc  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll

17:29:00.0282 0x02fc  WSService - ok

17:29:00.0298 0x02fc  wStLibG64 - ok

17:29:00.0438 0x02fc  [ 5F3D70B19BCAC985DA90F22CA2FF45E4, BBD82BAEF0DCA2C6361F8D1ADF5BED36D0F1AB1A2AEADB0E4526B917F40C2E52 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll

17:29:00.0563 0x02fc  wuauserv - ok

17:29:00.0594 0x02fc  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys

17:29:00.0610 0x02fc  WudfPf - ok

17:29:00.0657 0x02fc  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys

17:29:00.0673 0x02fc  WUDFRd - ok

17:29:00.0673 0x02fc  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\WINDOWS\System32\drivers\WUDFRd.sys

17:29:00.0704 0x02fc  WUDFSensorLP - ok

17:29:00.0735 0x02fc  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll

17:29:00.0766 0x02fc  wudfsvc - ok

17:29:00.0782 0x02fc  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys

17:29:00.0798 0x02fc  WUDFWpdFs - ok

17:29:00.0829 0x02fc  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll

17:29:00.0860 0x02fc  WwanSvc - ok

17:29:00.0876 0x02fc  ================ Scan global ===============================

17:29:00.0891 0x02fc  [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\WINDOWS\system32\basesrv.dll

17:29:00.0923 0x02fc  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll

17:29:00.0938 0x02fc  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll

17:29:00.0985 0x02fc  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe

17:29:01.0001 0x02fc  [ Global ] - ok

17:29:01.0001 0x02fc  ================ Scan MBR ==================================

17:29:01.0016 0x02fc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0

17:29:01.0079 0x02fc  \Device\Harddisk0\DR0 - ok

17:29:01.0079 0x02fc  ================ Scan VBR ==================================

17:29:01.0110 0x02fc  [ 4AD23A8B3485171601796748A15F1F89 ] \Device\Harddisk0\DR0\Partition1

17:29:01.0126 0x02fc  \Device\Harddisk0\DR0\Partition1 - ok

17:29:01.0126 0x02fc  [ 97FAE432868BFCEAA2A704CF9253F80E ] \Device\Harddisk0\DR0\Partition2

17:29:01.0157 0x02fc  \Device\Harddisk0\DR0\Partition2 - ok

17:29:01.0157 0x02fc  [ 446ED579EBDF5303BCD1FE047B41C988 ] \Device\Harddisk0\DR0\Partition3

17:29:01.0157 0x02fc  \Device\Harddisk0\DR0\Partition3 - ok

17:29:01.0173 0x02fc  [ 3B2F2B0B846B1A423D747994B58D4E4C ] \Device\Harddisk0\DR0\Partition4

17:29:01.0188 0x02fc  \Device\Harddisk0\DR0\Partition4 - ok

17:29:01.0204 0x02fc  [ D9F75A237CEE735492776EDCFAA69C2F ] \Device\Harddisk0\DR0\Partition5

17:29:01.0220 0x02fc  \Device\Harddisk0\DR0\Partition5 - ok

17:29:01.0235 0x02fc  [ A3B0E0C4386BB0627328FA6AFE0E18D0 ] \Device\Harddisk0\DR0\Partition6

17:29:01.0251 0x02fc  \Device\Harddisk0\DR0\Partition6 - ok

17:29:01.0266 0x02fc  [ 90E5997C4615E856E92770C18D24F4F9 ] \Device\Harddisk0\DR0\Partition7

17:29:01.0282 0x02fc  \Device\Harddisk0\DR0\Partition7 - ok

17:29:01.0282 0x02fc  ================ Scan generic autorun ======================

17:29:01.0345 0x02fc  [ CFF4C979AA720C73EC93918D9730B9E9, 0DC04ACD258DD5FC4A7EA81AC3F8876675424EC35F7ECB996B7C132BAB430A33 ] C:\WINDOWS\system32\igfxtray.exe

17:29:01.0376 0x02fc  IgfxTray - ok

17:29:01.0407 0x02fc  [ 4B9D449ED9880477DEFBA85D512E05F9, B50C589A1F8953617FAD961363CA3538F6C0539FA06D7FAA2EA88320410C7F43 ] C:\WINDOWS\system32\hkcmd.exe

17:29:01.0438 0x02fc  HotKeysCmds - ok

17:29:01.0485 0x02fc  [ 2498449B5CA65A640125164EE0019B14, F4EF4EA34A656984C83DB3BFCD8390ACD76C922A1C253335104C31D371EEDA17 ] C:\WINDOWS\system32\igfxpers.exe

17:29:01.0516 0x02fc  Persistence - ok

17:29:02.0001 0x02fc  [ F6CA3885B1CFE9487C6B17846C5EEB3F, F75D12F8B8795223FE69C2487D9DDE642A073DF75238289B20900060F46E7957 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

17:29:02.0376 0x02fc  RTHDVCPL - ok

17:29:02.0470 0x02fc  [ 977B0D97F30D5AB240361FC972C40898, 7C7526B75B420C2EBAE95C9F7F969D8BE8E086DE0A8001EBEB133E476E661A37 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

17:29:02.0516 0x02fc  RtHDVBg - ok

17:29:02.0516 0x02fc  Adobe Reader Speed Launcher - ok

17:29:02.0657 0x02fc  [ 2362B857693DA580E04ECE28F7D67E7E, EABF4B6502A06B94D07E25D78D8CEF8862B7FE5D117F7F145268B95688A02E62 ] C:\Program Files (x86)\ASUS\APRP\APRP.EXE

17:29:02.0751 0x02fc  ASUSPRP - ok

17:29:02.0923 0x02fc  [ B15880A58755DA0FADB15923013A7957, 4090342AF93538C5F3157605164CF5EC051B6D767B1B7FCCF3265F1D426E88AA ] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe

17:29:03.0016 0x02fc  ASUSWebStorage - ok

17:29:03.0063 0x02fc  [ C049C40CAEE8900130BD5F80B594CC7B, F54FC31662A9B8032B380793D534F34A0C63FED9C84DE313D17A61612EB31DC4 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

17:29:03.0079 0x02fc  RemoteControl10 - ok

17:29:03.0079 0x02fc  mobilegeni daemon - ok

17:29:03.0142 0x02fc  [ A55FB42F0642DBF4817543A58E97721F, A4A8986EA050B1216D85749AB705EB36FE9D0FE0E833281DC63732B1FD4E4687 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

17:29:03.0157 0x02fc  SunJavaUpdateSched - ok

17:29:03.0157 0x02fc  lollipop_01261731 - ok

17:29:03.0157 0x02fc  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x61100 ( enabled : updated )

17:29:03.0157 0x02fc  Win FW state via NFP2: enabled

17:29:05.0517 0x02fc  ============================================================

17:29:05.0517 0x02fc  Scan finished

17:29:05.0517 0x02fc  ============================================================

17:29:05.0517 0x0790  Detected object count: 0

17:29:05.0517 0x0790  Actual detected object count: 0

Hallo Schrauber!
Noch eine weitere Info. Ich kann nun das Antivirenprogramm (McAfee) nicht mehr installieren. Es wird gemeldet, dass eine potentielle Bedrohung besteht, die möglicherweise Konflikte bei der Installation verursachen.

Viele Grüße

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Hat alles geklappt! Hier die Daten.

AdwCleaner(S0).txt:

Code:

# AdwCleaner v4.205 - Bericht erstellt 31/05/2015 um 22:28:15

# Aktualisiert 21/05/2015 von Xplode

# Datenbank : 2015-05-31.1 [Server]

# Betriebssystem : Windows 8.1  (x64)

# Benutzername : drogba - GEORGE

# Gestarted von : C:\Users\drogba\Downloads\AdwCleaner_4.205.exe

# Option : Löschen
 

***** [ Dienste ] *****
 

[#] Dienst Gelöscht : wStLibG64
 

***** [ Dateien / Ordner ] *****
 

Ordner Gelöscht : C:\ProgramData\apn

Ordner Gelöscht : C:\ProgramData\Search Protection

Ordner Gelöscht : C:\ProgramData\5eae840b08b3dbf5

Ordner Gelöscht : C:\Program Files (x86)\AmiExt

Ordner Gelöscht : C:\Program Files (x86)\Conduit

Ordner Gelöscht : C:\Program Files (x86)\Registry Dr

Ordner Gelöscht : C:\Program Files (x86)\MediaPlayerV1

Ordner Gelöscht : C:\Program Files (x86)\MediaViewerV1

Ordner Gelöscht : C:\Program Files (x86)\MediaViewV1

Ordner Gelöscht : C:\Program Files (x86)\RichMediaViewV1

Ordner Gelöscht : C:\Users\drogba\AppData\Local\Temp\apn

Ordner Gelöscht : C:\Program Files\Conduit

Ordner Gelöscht : C:\Users\drogba\AppData\Local\Conduit

Ordner Gelöscht : C:\Users\drogba\AppData\Local\genienext

Ordner Gelöscht : C:\Users\drogba\AppData\Local\Mobogenie

Ordner Gelöscht : C:\Users\drogba\AppData\Local\RegistryDr

Ordner Gelöscht : C:\Users\drogba\AppData\Roaming\337Games

Ordner Gelöscht : C:\Users\drogba\Documents\RegistryDr

Datei Gelöscht : C:\END

Datei Gelöscht : C:\Users\drogba\daemonprocess.txt
 

***** [ Geplante Tasks ] *****
 

Task Gelöscht : LaunchApp

Task Gelöscht : RegistryDr_Popup

Task Gelöscht : RegistryDr_Start
 

***** [ Verknüpfungen ] *****
 

Verknüpfung Desinfiziert : C:\Users\drogba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

Verknüpfung Desinfiziert : C:\Users\drogba\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

Verknüpfung Desinfiziert : C:\Users\drogba\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
 

***** [ Registrierungsdatenbank ] *****
 

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com

Schlüssel Gelöscht : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd

Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]

Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm

Schlüssel Gelöscht : HKCU\Software\Mozilla\Extends

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322122255}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355125555}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366126655}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344124455}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322122255}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355125555}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366126655}

Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}

Schlüssel Gelöscht : HKCU\Software\AmiExt

Schlüssel Gelöscht : HKCU\Software\Conduit

Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions

Schlüssel Gelöscht : HKCU\Software\lollipop

Schlüssel Gelöscht : HKCU\Software\OCS

Schlüssel Gelöscht : HKCU\Software\RegistryDrLanguage

Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Schlüssel Gelöscht : HKLM\SOFTWARE\AmiExt

Schlüssel Gelöscht : HKLM\SOFTWARE\Email Notifier

Schlüssel Gelöscht : HKLM\SOFTWARE\IePlugin

Schlüssel Gelöscht : HKLM\SOFTWARE\Lightspark Team

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ads.wajam.com

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ixquick.de

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mystart.com

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\nationzoom.com

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\portaldosites.com

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\snappyimage.surfcanyon.com

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\surfcanyon.com

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\v9.com

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\wajam.com

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.nationzoom.com

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.portaldosites.com

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.v9.com

Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:49280;hxxps=127.0.0.1:49280

Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1

Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
 

***** [ Internetbrowser ] *****
 

-\\ Internet Explorer v11.0.9600.17416
 
 

-\\ Mozilla Firefox v38.0.1 (x86 de)
 

[i3ziz9pc.default-1426507441497\prefs.js] - Zeile Gelöscht : user_pref("browser.newtab.url", "chrome://unitedtb/content/newtab/newtab-page.xhtml");

[i3ziz9pc.default-1426507441497\prefs.js] - Zeile Gelöscht : user_pref("extensions.unitedinternet.email.runonceNewUsersShown", true);
 

-\\ Google Chrome v
 

[C:\Users\drogba\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Gelöscht [Extension] : dcpfhaghaadpjpgocojgnlhjcieeooel
 

*************************
 

AdwCleaner[R0].txt - [9182 Bytes] - [31/05/2015 22:25:19]

AdwCleaner[S0].txt - [8545 Bytes] - [31/05/2015 22:28:15]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8604  Bytes] ##########

mbam.txt:

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 

Suchlauf Datum: 31.05.2015

Suchlauf-Zeit: 19:50:24

Logdatei: mbam.txt

Administrator: Ja
 

Version: 2.01.6.1022

Malware Datenbank: v2015.05.31.01

Rootkit Datenbank: v2015.05.24.01

Lizenz: Kostenlos

Malware Schutz: Deaktiviert

Bösartiger Webseiten Schutz: Deaktiviert

Selbstschutz: Deaktiviert
 

Betriebssystem: Windows 8.1

CPU: x64

Dateisystem: NTFS

Benutzer: drogba
 

Suchlauf-Art: Bedrohungs-Suchlauf

Ergebnis: Abgeschlossen

Durchsuchte Objekte: 379277

Verstrichene Zeit: 30 Min, 0 Sek
 

Speicher: Aktiviert

Autostart: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Deaktiviert

Heuristik: Aktiviert

PUP: Aktiviert

PUM: Aktiviert
 

Prozesse: 0

(Keine schädliche Elemente gefunden)
 

Module: 0

(Keine schädliche Elemente gefunden)
 

Registrierungsschlüssel: 3

PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, In Quarantäne, [72bb1387d7b30e289208245ab05501ff], 

PUP.Optional.MyStartToolbar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\${IEUTILSLIGHTELEVATIONPOLICYID}, In Quarantäne, [0c213763d8b279bd34f048358a7b58a8], 

PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, In Quarantäne, [82ab1783e3a7b185ff9b2658d035d52b], 
 

Registrierungswerte: 3

PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, In Quarantäne, [72bb1387d7b30e289208245ab05501ff]

PUP.Optional.MyStartToolbar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\${IEUTILSLIGHTELEVATIONPOLICYID}|AppPath, C:\Program Files (x86)\mystarttb, In Quarantäne, [0c213763d8b279bd34f048358a7b58a8]

PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, In Quarantäne, [82ab1783e3a7b185ff9b2658d035d52b]
 

Registrierungsdaten: 0

(Keine schädliche Elemente gefunden)
 

Ordner: 1

PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, In Quarantäne, [26071f7b90faae8875665b86cf34649c], 
 

Dateien: 1

PUP.Optional.APNToolBar.A, C:\Users\drogba\AppData\Local\Temp\Offercast_AVIRAV7_.exe, In Quarantäne, [9697cad01872211575e4451e23df7090], 
 

Physische Sektoren: 0

(Keine schädliche Elemente gefunden)
 
 

(end)

JRT - Editor:

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.8.6 (05.31.2015:1)

OS: Windows 8.1 x64

Ran by drogba on 31.05.2015 at 22:44:36,55

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Tasks
 
 
 

~~~ Registry Values
 

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{41564952-412D-5637-4300-7A786E7484D7}
 
 
 

~~~ Registry Keys
 
 
 

~~~ Files
 
 
 

~~~ Folders
 

Successfully deleted: [Folder] C:\WINDOWS\syswow64\ai_recyclebin
 
 
 

~~~ FireFox
 

Successfully deleted: [Folder] C:\Users\drogba\AppData\Roaming\mozilla\firefox\profiles\i3ziz9pc.default-1426507441497\extensions\toolbar@gmx.net

Successfully deleted the following from C:\Users\drogba\AppData\Roaming\mozilla\firefox\profiles\i3ziz9pc.default-1426507441497\prefs.js
 

user_pref(browser.newtab.url, chrome://unitedtb/content/newtab/newtab-page.xhtml);

user_pref(extensions.unitedinternet.email.runonceNewUsersShown, true);
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 31.05.2015 at 22:46:53,92

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Fast vergessen. Hier FRST - Editor:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015

Ran by drogba (administrator) on GEORGE on 01-06-2015 09:27:27

Running from C:\Users\drogba\Downloads

Loaded Profiles: drogba (Available Profiles: drogba)

Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11 (Default browser: FF)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe

(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saui.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

(Farbar) C:\Users\drogba\Downloads\FRST64(1).exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13632216 2013-07-23] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-04] (Realtek Semiconductor)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)

HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)

Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-2651605502-3585297421-3202817343-1001\...\Run: [lollipop_01261731] => lollipop_01261731

ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled

ProxyServer: [.DEFAULT] => http=127.0.0.1:49280;https=127.0.0.1:49280

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-2651605502-3585297421-3202817343-1001 -> {41F20EDA-B136-4FBB-A04B-1043DEA4D09F} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE674D20150507&p={SearchTerms}

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)

BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-04-17] (McAfee, Inc.)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-22] (Oracle Corporation)

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-04-17] (McAfee, Inc.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-22] (Oracle Corporation)

Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-04-17] (McAfee, Inc.)

Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-04-17] (McAfee, Inc.)

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-04-17] (McAfee, Inc.)

Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-04-17] (McAfee, Inc.)

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-04-17] (McAfee, Inc.)

Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-04-17] (McAfee, Inc.)

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 83.169.185.161 83.169.185.225
 

FireFox:

========

FF ProfilePath: C:\Users\drogba\AppData\Roaming\Mozilla\Firefox\Profiles\i3ziz9pc.default-1426507441497

FF SearchEngineOrder.1: Sichere Suche

FF SelectedSearchEngine: Sichere Suche

FF Homepage: chrome://unitedtb/content/newtab/startpage.xhtml

FF Keyword.URL: https://de.search.yahoo.com/search?fr=mcafee&type=B114DE674D20150507&p=

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-22] ()

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-22] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-22] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-22] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-2651605502-3585297421-3202817343-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-05-18]

FF Extension: NoScript - C:\Users\drogba\AppData\Roaming\Mozilla\Firefox\Profiles\i3ziz9pc.default-1426507441497\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-05-08]

FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-22]

FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor

FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-05-07]

FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
 

Chrome: 

=======

CHR Profile: C:\Users\drogba\AppData\Local\Google\Chrome\User Data\Default

CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-05-23]

CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-05-23]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

S2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-06-19] (ASUS)

S2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)

S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)

R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [154856 2015-05-04] (McAfee, Inc.)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69392 2013-08-08] (ASUS Corporation)

R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )

S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [107736 2015-04-14] (Malwarebytes Corporation)

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)

S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-31] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)

S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)

R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 

==================== One Month Created files and folders ========
 

(If an entry is included in the fixlist, the file/folder will be moved.)
 

2015-06-01 09:26 - 2015-06-01 09:27 - 02108928 _____ (Farbar) C:\Users\drogba\Downloads\FRST64(1).exe

2015-05-31 22:53 - 2015-05-31 22:53 - 00001278 _____ () C:\JRT-Editor.txt

2015-05-31 22:46 - 2015-05-31 22:46 - 00001278 _____ () C:\Users\drogba\Desktop\JRT.txt

2015-05-31 22:44 - 2015-05-31 22:44 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-GEORGE-Windows-8.1-(64-bit).dat

2015-05-31 22:44 - 2015-05-31 22:44 - 00000000 ____D () C:\RegBackup

2015-05-31 22:42 - 2015-05-31 22:43 - 02947675 _____ (Thisisu) C:\Users\drogba\Downloads\JRT.exe

2015-05-31 22:25 - 2015-05-31 22:39 - 00000000 ____D () C:\AdwCleaner

2015-05-31 22:20 - 2015-05-31 22:20 - 02222592 _____ () C:\Users\drogba\Downloads\AdwCleaner_4.205.exe

2015-05-31 22:19 - 2015-05-31 22:19 - 00002366 _____ () C:\Users\drogba\Desktop\mbam.txt

2015-05-31 20:26 - 2015-05-31 20:26 - 00002397 _____ () C:\malwarebytes gespeichertes Ergebnis.txt

2015-05-31 19:48 - 2015-05-31 19:48 - 00001080 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-05-31 19:48 - 2015-05-31 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-05-31 19:48 - 2015-05-31 19:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-05-31 19:48 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys

2015-05-31 19:48 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2015-05-31 19:48 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2015-05-31 19:39 - 2015-05-31 19:40 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\drogba\Downloads\mbam-setup-2.1.6.1022.exe

2015-05-30 12:11 - 2015-05-30 12:11 - 05315120 _____ (McAfee, Inc.) C:\Users\drogba\Downloads\McAfeeSetup-Serial(3).exe

2015-05-30 09:26 - 2015-05-30 09:27 - 05315120 _____ (McAfee, Inc.) C:\Users\drogba\Downloads\McAfeeSetup-Serial(2).exe

2015-05-29 17:24 - 2015-05-29 17:24 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\drogba\Downloads\tdsskiller.exe

2015-05-28 20:53 - 2015-05-31 22:15 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2015-05-28 20:52 - 2015-05-28 21:08 - 00000000 ____D () C:\Users\drogba\Desktop\mbar

2015-05-27 12:06 - 2015-05-31 22:08 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2015-05-27 11:59 - 2015-05-27 12:00 - 16502728 _____ (Malwarebytes Corp.) C:\Users\drogba\Downloads\mbar-1.09.1.1004.exe

2015-05-27 11:52 - 2015-05-27 11:52 - 00001246 _____ () C:\Users\drogba\Desktop\Revo Uninstaller.lnk

2015-05-27 11:52 - 2015-05-27 11:52 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2015-05-27 11:51 - 2015-05-27 11:51 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\drogba\Downloads\revosetup95.exe

2015-05-24 10:29 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2015-05-24 10:29 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2015-05-24 10:29 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys

2015-05-24 10:29 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS

2015-05-24 10:29 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys

2015-05-24 10:29 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll

2015-05-24 10:29 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll

2015-05-24 10:28 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll

2015-05-24 10:28 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll

2015-05-24 10:28 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll

2015-05-24 10:28 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll

2015-05-24 10:28 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll

2015-05-24 10:28 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll

2015-05-24 10:28 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys

2015-05-24 10:28 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll

2015-05-24 10:28 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll

2015-05-24 10:28 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll

2015-05-24 10:28 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll

2015-05-24 10:27 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe

2015-05-24 10:27 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe

2015-05-24 10:27 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll

2015-05-24 10:27 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll

2015-05-24 10:26 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys

2015-05-24 10:26 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys

2015-05-24 10:26 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml

2015-05-24 10:26 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll

2015-05-24 10:26 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll

2015-05-22 14:06 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

2015-05-22 14:06 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2015-05-22 13:55 - 2015-05-22 13:55 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2015-05-22 13:55 - 2015-05-22 13:55 - 00000000 ____D () C:\ProgramData\Sun

2015-05-22 13:55 - 2015-05-22 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2015-05-22 13:54 - 2015-05-22 13:54 - 00000000 ____D () C:\ProgramData\Oracle

2015-05-22 13:54 - 2015-05-22 13:54 - 00000000 ____D () C:\Program Files (x86)\Java

2015-05-22 13:53 - 2015-05-22 14:12 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

2015-05-22 13:53 - 2015-05-22 13:53 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2015-05-22 13:53 - 2015-05-22 13:53 - 00002029 _____ () C:\Users\Public\Desktop\Acrobat Reader DC.lnk

2015-05-22 13:52 - 2015-05-22 13:55 - 00026008 _____ () C:\Users\drogba\Downloads\Addition.txt

2015-05-22 13:49 - 2015-06-01 09:27 - 00014713 _____ () C:\Users\drogba\Downloads\FRST.txt

2015-05-22 13:49 - 2015-05-31 22:30 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2015-05-22 13:49 - 2015-05-22 13:49 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2015-05-22 13:48 - 2015-06-01 09:27 - 00000000 ____D () C:\FRST

2015-05-22 13:46 - 2015-05-22 13:46 - 02108416 _____ (Farbar) C:\Users\drogba\Downloads\FRST64.exe

2015-05-20 15:29 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll

2015-05-20 15:29 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll

2015-05-20 15:29 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2015-05-20 15:29 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2015-05-20 15:29 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec

2015-05-20 15:29 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2015-05-20 15:29 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll

2015-05-20 15:29 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2015-05-20 15:29 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2015-05-20 15:29 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2015-05-20 15:29 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll

2015-05-20 15:29 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2015-05-20 15:29 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec

2015-05-20 15:29 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2015-05-20 15:29 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll

2015-05-20 15:29 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2015-05-20 15:29 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2015-05-20 15:29 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll

2015-05-20 15:29 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2015-05-20 15:29 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll

2015-05-20 15:29 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2015-05-20 15:29 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2015-05-20 15:29 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2015-05-20 15:29 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2015-05-20 15:29 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2015-05-20 15:29 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2015-05-20 15:29 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll

2015-05-20 15:29 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2015-05-20 15:29 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll

2015-05-20 15:29 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2015-05-20 15:29 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll

2015-05-20 15:29 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2015-05-20 15:29 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2015-05-20 15:29 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2015-05-20 15:29 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2015-05-20 15:29 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2015-05-20 15:29 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2015-05-20 15:29 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2015-05-20 15:29 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2015-05-20 15:29 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2015-05-20 15:29 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2015-05-20 15:29 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2015-05-20 15:29 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll

2015-05-20 15:29 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll

2015-05-20 15:29 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll

2015-05-20 15:29 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe

2015-05-20 15:29 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2015-05-20 15:29 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll

2015-05-20 15:29 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll

2015-05-20 15:29 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2015-05-20 14:50 - 2015-05-31 15:10 - 00003474 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update1

2015-05-20 14:42 - 2015-05-20 14:42 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2015-05-20 14:42 - 2015-05-20 14:42 - 00001125 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2015-05-20 14:42 - 2015-05-20 14:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2015-05-18 17:39 - 2015-05-18 17:39 - 00021697 _____ () C:\Users\drogba\Documents\Avira log file.odt

2015-05-18 17:23 - 2015-05-31 19:11 - 00000000 ____D () C:\Program Files\Common Files\McAfee

2015-05-18 17:22 - 2015-05-18 17:22 - 05315120 _____ (McAfee, Inc.) C:\Users\drogba\Downloads\McAfeeSetup-Serial(1).exe

2015-05-18 17:13 - 2015-05-18 17:13 - 04737144 _____ (Avira Operations GmbH & Co. KG) C:\Users\drogba\Downloads\avira_de_av_554b47ab46300__ws.exe

2015-05-07 15:30 - 2015-05-28 14:11 - 00000000 ____D () C:\Program Files (x86)\McAfee

2015-05-07 15:20 - 2015-05-07 15:20 - 05315120 _____ (McAfee, Inc.) C:\Users\drogba\Downloads\McAfeeSetup-Serial.exe

2015-05-07 13:39 - 2015-05-07 13:39 - 01203488 _____ () C:\Users\drogba\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe

2015-05-03 13:24 - 2015-05-04 01:07 - 00000000 ____D () C:\Users\drogba\Documents\Rethinking international tax law
 

==================== One Month Modified files and folders ========
 

(If an entry is included in the fixlist, the file/folder will be moved.)
 

2015-06-01 09:20 - 2014-01-30 00:22 - 01451142 _____ () C:\WINDOWS\WindowsUpdate.log

2015-06-01 09:13 - 2013-12-25 16:42 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2651605502-3585297421-3202817343-1001

2015-06-01 09:11 - 2014-01-30 01:01 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8AF272E8-EBB8-4989-A117-9196340E9353}

2015-06-01 09:09 - 2013-12-24 15:53 - 00000064 _____ () C:\Users\drogba\AppData\Roaming\sp_data.sys

2015-06-01 09:09 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2015-06-01 09:08 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2015-05-31 22:29 - 2013-11-14 00:18 - 00401958 _____ () C:\WINDOWS\PFRO.log

2015-05-31 22:29 - 2013-08-22 16:46 - 00293594 _____ () C:\WINDOWS\setupact.log

2015-05-31 22:29 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2015-05-31 22:28 - 2014-01-30 00:04 - 00000000 ____D () C:\Users\drogba

2015-05-31 22:28 - 2013-12-24 15:53 - 00001011 _____ () C:\Users\drogba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2015-05-31 20:27 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI

2015-05-31 20:25 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Resources

2015-05-31 19:12 - 2013-08-22 16:44 - 00362760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2015-05-31 18:09 - 2015-02-06 22:44 - 00000000 ____D () C:\Users\drogba\Documents\WZR

2015-05-31 15:10 - 2013-11-21 16:52 - 00003464 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update2

2015-05-30 14:01 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel

2015-05-30 14:00 - 2015-04-10 18:35 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX

2015-05-30 14:00 - 2015-04-10 18:35 - 00000000 ___SD () C:\WINDOWS\system32\GWX

2015-05-30 13:58 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp

2015-05-30 09:44 - 2013-04-26 01:18 - 00000000 ____D () C:\ProgramData\McAfee

2015-05-29 14:51 - 2015-01-02 18:46 - 00032716 _____ () C:\Users\drogba\Documents\Tagebuch über alles - Gegenwart.odt

2015-05-28 20:54 - 2014-12-15 14:36 - 00000000 ____D () C:\ProgramData\Malwarebytes

2015-05-28 14:09 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP

2015-05-27 00:32 - 2014-12-26 02:37 - 00000000 ____D () C:\Users\drogba\Documents\Bewerbung

2015-05-26 09:38 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2015-05-25 20:50 - 2013-11-14 09:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2015-05-25 20:50 - 2013-11-14 09:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat

2015-05-25 20:50 - 2013-11-14 09:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat

2015-05-23 00:47 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers

2015-05-22 23:32 - 2014-10-06 17:40 - 00000000 ____D () C:\Users\drogba\AppData\Local\Adobe

2015-05-22 14:00 - 2013-11-14 09:13 - 00000000 ____D () C:\Program Files\Windows Journal

2015-05-22 13:59 - 2013-12-27 00:16 - 00000000 ____D () C:\WINDOWS\system32\MRT

2015-05-22 13:56 - 2013-12-27 00:16 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2015-05-22 13:52 - 2013-04-26 01:15 - 00000000 ____D () C:\ProgramData\Adobe

2015-05-22 13:52 - 2013-04-26 01:15 - 00000000 ____D () C:\Program Files (x86)\Adobe

2015-05-22 10:26 - 2014-12-12 20:26 - 00016184 _____ () C:\Users\drogba\Documents\Music.odt

2015-05-20 20:36 - 2014-12-26 02:47 - 00000000 ____D () C:\Users\drogba\Documents\Schreiben

2015-05-20 20:08 - 2015-04-27 14:48 - 00000000 ____D () C:\Users\drogba\Documents\Literatur Downloads, Hörbücher

2015-05-20 14:42 - 2015-04-22 16:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2015-05-18 17:14 - 2014-02-23 02:48 - 00000000 ____D () C:\ProgramData\Avira

2015-05-18 17:14 - 2014-02-23 02:48 - 00000000 ____D () C:\Program Files (x86)\Avira

2015-05-07 23:53 - 2014-10-26 16:20 - 00013235 _____ () C:\Users\drogba\Documents\Gesundheit - Angst.odt

2015-05-06 00:21 - 2015-01-14 01:10 - 00000000 ____D () C:\Users\drogba\Documents\Referendariat

2015-05-05 19:59 - 2015-03-16 01:04 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2015-05-05 19:59 - 2015-03-16 01:04 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-05-03 16:08 - 2014-12-26 02:30 - 00000000 ____D () C:\Users\drogba\Documents\FFE
 

==================== Files in the root of some directories =======
 

2013-12-24 15:53 - 2015-06-01 09:09 - 0000064 _____ () C:\Users\drogba\AppData\Roaming\sp_data.sys

2014-01-30 00:00 - 2014-01-30 00:00 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

2013-04-26 01:15 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd

2013-04-26 01:15 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe

2013-04-26 01:15 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
 

Files to move or delete:

====================

C:\ProgramData\SetStretch.exe

C:\ProgramData\SetStretch.VBS
 
 

Some files in TEMP:

====================

C:\Users\drogba\AppData\Local\Temp\avgnt.exe

C:\Users\drogba\AppData\Local\Temp\i4jdel0.exe

C:\Users\drogba\AppData\Local\Temp\mccspuninstall.exe

C:\Users\drogba\AppData\Local\Temp\Quarantine.exe

C:\Users\drogba\AppData\Local\Temp\SkypeSetup.exe

C:\Users\drogba\AppData\Local\Temp\sqlite3.dll
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-03-18 16:44
 

==================== End of log ============================

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Hallo Schrauber, hier die Textdateien.

FRST:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015

Ran by drogba (administrator) on GEORGE on 02-06-2015 11:57:08

Running from C:\Users\drogba\Downloads

Loaded Profiles: drogba (Available Profiles: drogba)

Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11 (Default browser: FF)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe

(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe

(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saui.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe

(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe

(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe

(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin

(Microsoft Corporation) C:\Windows\splwow64.exe

(Farbar) C:\Users\drogba\Downloads\FRST64(1).exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13632216 2013-07-23] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-07-04] (Realtek Semiconductor)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)

HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)

Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-2651605502-3585297421-3202817343-1001\...\Run: [lollipop_01261731] => lollipop_01261731

ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)

ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled

ProxyServer: [.DEFAULT] => http=127.0.0.1:49280;https=127.0.0.1:49280

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-2651605502-3585297421-3202817343-1001 -> {41F20EDA-B136-4FBB-A04B-1043DEA4D09F} URL = https://de.search.yahoo.com/search?fr=mcafee&type=B011DE674D20150507&p={SearchTerms}

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)

BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-04-17] (McAfee, Inc.)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-22] (Oracle Corporation)

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-04-17] (McAfee, Inc.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-22] (Oracle Corporation)

Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-04-17] (McAfee, Inc.)

Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-04-17] (McAfee, Inc.)

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-04-17] (McAfee, Inc.)

Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-04-17] (McAfee, Inc.)

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-04-17] (McAfee, Inc.)

Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-04-17] (McAfee, Inc.)

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 83.169.185.161 83.169.185.225
 

FireFox:

========

FF ProfilePath: C:\Users\drogba\AppData\Roaming\Mozilla\Firefox\Profiles\i3ziz9pc.default-1426507441497

FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml

FF SearchEngineOrder.1: Sichere Suche

FF SelectedSearchEngine: Sichere Suche

FF Homepage: chrome://unitedtb/content/newtab/startpage.xhtml

FF Keyword.URL: https://de.search.yahoo.com/search?fr=mcafee&type=B114DE674D20150507&p=

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-22] ()

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-22] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-22] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-22] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-2651605502-3585297421-3202817343-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-05-18]

FF Extension: GMX MailCheck - C:\Users\drogba\AppData\Roaming\Mozilla\Firefox\Profiles\i3ziz9pc.default-1426507441497\Extensions\mailcheck@gmx.net [2015-06-01]

FF Extension: NoScript - C:\Users\drogba\AppData\Roaming\Mozilla\Firefox\Profiles\i3ziz9pc.default-1426507441497\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-05-08]

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-04-22]

FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor

FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-05-07]

FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
 

Chrome: 

=======

CHR Profile: C:\Users\drogba\AppData\Local\Google\Chrome\User Data\Default

CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-05-23]

CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-05-23]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

S2 0069411433229929mcinstcleanup; C:\WINDOWS\TEMP\006941~1.EXE [883024 2015-05-04] (McAfee, Inc.)

S2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-06-19] (ASUS)

S2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [File not signed]

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)

S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)

R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [154856 2015-05-04] (McAfee, Inc.)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69392 2013-08-08] (ASUS Corporation)

R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )

S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [107736 2015-04-14] (Malwarebytes Corporation)

R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)

S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-31] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)

S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)

R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
 

==================== NetSvcs (Whitelisted) ===================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 

==================== One Month Created files and folders ========
 

(If an entry is included in the fixlist, the file/folder will be moved.)
 

2015-06-02 11:51 - 2015-06-02 11:52 - 00852639 _____ () C:\Users\drogba\Desktop\SecurityCheck.exe

2015-06-02 08:50 - 2015-06-02 08:50 - 00000000 ____D () C:\Program Files (x86)\ESET

2015-06-02 08:47 - 2015-06-02 08:48 - 02347384 _____ (ESET) C:\Users\drogba\Desktop\esetsmartinstaller_deu.exe

2015-06-01 09:26 - 2015-06-01 09:27 - 02108928 _____ (Farbar) C:\Users\drogba\Downloads\FRST64(1).exe

2015-05-31 22:53 - 2015-05-31 22:53 - 00001278 _____ () C:\JRT-Editor.txt

2015-05-31 22:46 - 2015-05-31 22:46 - 00001278 _____ () C:\Users\drogba\Desktop\JRT.txt

2015-05-31 22:44 - 2015-05-31 22:44 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-GEORGE-Windows-8.1-(64-bit).dat

2015-05-31 22:44 - 2015-05-31 22:44 - 00000000 ____D () C:\RegBackup

2015-05-31 22:42 - 2015-05-31 22:43 - 02947675 _____ (Thisisu) C:\Users\drogba\Downloads\JRT.exe

2015-05-31 22:25 - 2015-05-31 22:39 - 00000000 ____D () C:\AdwCleaner

2015-05-31 22:20 - 2015-05-31 22:20 - 02222592 _____ () C:\Users\drogba\Downloads\AdwCleaner_4.205.exe

2015-05-31 22:19 - 2015-05-31 22:19 - 00002366 _____ () C:\Users\drogba\Desktop\mbam.txt

2015-05-31 20:26 - 2015-05-31 20:26 - 00002397 _____ () C:\malwarebytes gespeichertes Ergebnis.txt

2015-05-31 19:48 - 2015-05-31 19:48 - 00001080 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-05-31 19:48 - 2015-05-31 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-05-31 19:48 - 2015-05-31 19:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-05-31 19:48 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys

2015-05-31 19:48 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2015-05-31 19:48 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2015-05-31 19:39 - 2015-05-31 19:40 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\drogba\Downloads\mbam-setup-2.1.6.1022.exe

2015-05-30 12:11 - 2015-05-30 12:11 - 05315120 _____ (McAfee, Inc.) C:\Users\drogba\Downloads\McAfeeSetup-Serial(3).exe

2015-05-30 09:26 - 2015-05-30 09:27 - 05315120 _____ (McAfee, Inc.) C:\Users\drogba\Downloads\McAfeeSetup-Serial(2).exe

2015-05-29 17:24 - 2015-05-29 17:24 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\drogba\Downloads\tdsskiller.exe

2015-05-28 20:53 - 2015-05-31 22:15 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2015-05-28 20:52 - 2015-05-28 21:08 - 00000000 ____D () C:\Users\drogba\Desktop\mbar

2015-05-27 12:06 - 2015-05-31 22:08 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2015-05-27 11:59 - 2015-05-27 12:00 - 16502728 _____ (Malwarebytes Corp.) C:\Users\drogba\Downloads\mbar-1.09.1.1004.exe

2015-05-27 11:52 - 2015-05-27 11:52 - 00001246 _____ () C:\Users\drogba\Desktop\Revo Uninstaller.lnk

2015-05-27 11:52 - 2015-05-27 11:52 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2015-05-27 11:51 - 2015-05-27 11:51 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\drogba\Downloads\revosetup95.exe

2015-05-24 10:29 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2015-05-24 10:29 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2015-05-24 10:29 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys

2015-05-24 10:29 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS

2015-05-24 10:29 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys

2015-05-24 10:29 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll

2015-05-24 10:29 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll

2015-05-24 10:28 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll

2015-05-24 10:28 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll

2015-05-24 10:28 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll

2015-05-24 10:28 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll

2015-05-24 10:28 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll

2015-05-24 10:28 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll

2015-05-24 10:28 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys

2015-05-24 10:28 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll

2015-05-24 10:28 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll

2015-05-24 10:28 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll

2015-05-24 10:28 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll

2015-05-24 10:27 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe

2015-05-24 10:27 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe

2015-05-24 10:27 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll

2015-05-24 10:27 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll

2015-05-24 10:26 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys

2015-05-24 10:26 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys

2015-05-24 10:26 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml

2015-05-24 10:26 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll

2015-05-24 10:26 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll

2015-05-22 14:06 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll

2015-05-22 14:06 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2015-05-22 13:55 - 2015-05-22 13:55 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2015-05-22 13:55 - 2015-05-22 13:55 - 00000000 ____D () C:\ProgramData\Sun

2015-05-22 13:55 - 2015-05-22 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2015-05-22 13:54 - 2015-05-22 13:54 - 00000000 ____D () C:\ProgramData\Oracle

2015-05-22 13:54 - 2015-05-22 13:54 - 00000000 ____D () C:\Program Files (x86)\Java

2015-05-22 13:53 - 2015-05-22 14:12 - 00003886 _____ () C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

2015-05-22 13:53 - 2015-05-22 13:53 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2015-05-22 13:53 - 2015-05-22 13:53 - 00002029 _____ () C:\Users\Public\Desktop\Acrobat Reader DC.lnk

2015-05-22 13:52 - 2015-05-22 13:55 - 00026008 _____ () C:\Users\drogba\Downloads\Addition.txt

2015-05-22 13:49 - 2015-06-02 11:57 - 00015465 _____ () C:\Users\drogba\Downloads\FRST.txt

2015-05-22 13:49 - 2015-06-02 11:30 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2015-05-22 13:49 - 2015-05-22 13:49 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

2015-05-22 13:48 - 2015-06-02 11:57 - 00000000 ____D () C:\FRST

2015-05-22 13:46 - 2015-05-22 13:46 - 02108416 _____ (Farbar) C:\Users\drogba\Downloads\FRST64.exe

2015-05-20 15:29 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll

2015-05-20 15:29 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll

2015-05-20 15:29 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2015-05-20 15:29 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2015-05-20 15:29 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec

2015-05-20 15:29 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2015-05-20 15:29 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll

2015-05-20 15:29 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2015-05-20 15:29 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2015-05-20 15:29 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2015-05-20 15:29 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll

2015-05-20 15:29 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2015-05-20 15:29 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec

2015-05-20 15:29 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2015-05-20 15:29 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll

2015-05-20 15:29 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2015-05-20 15:29 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2015-05-20 15:29 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll

2015-05-20 15:29 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2015-05-20 15:29 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll

2015-05-20 15:29 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2015-05-20 15:29 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2015-05-20 15:29 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2015-05-20 15:29 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2015-05-20 15:29 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2015-05-20 15:29 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2015-05-20 15:29 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll

2015-05-20 15:29 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2015-05-20 15:29 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll

2015-05-20 15:29 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2015-05-20 15:29 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll

2015-05-20 15:29 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2015-05-20 15:29 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2015-05-20 15:29 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2015-05-20 15:29 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2015-05-20 15:29 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2015-05-20 15:29 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2015-05-20 15:29 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2015-05-20 15:29 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2015-05-20 15:29 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2015-05-20 15:29 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2015-05-20 15:29 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2015-05-20 15:29 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll

2015-05-20 15:29 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll

2015-05-20 15:29 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll

2015-05-20 15:29 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe

2015-05-20 15:29 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2015-05-20 15:29 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll

2015-05-20 15:29 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll

2015-05-20 15:29 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2015-05-20 14:50 - 2015-06-01 12:00 - 00003474 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update1

2015-05-20 14:42 - 2015-05-20 14:42 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2015-05-20 14:42 - 2015-05-20 14:42 - 00001125 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2015-05-20 14:42 - 2015-05-20 14:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2015-05-18 17:39 - 2015-05-18 17:39 - 00021697 _____ () C:\Users\drogba\Documents\Avira log file.odt

2015-05-18 17:23 - 2015-05-31 19:11 - 00000000 ____D () C:\Program Files\Common Files\McAfee

2015-05-18 17:22 - 2015-05-18 17:22 - 05315120 _____ (McAfee, Inc.) C:\Users\drogba\Downloads\McAfeeSetup-Serial(1).exe

2015-05-18 17:13 - 2015-05-18 17:13 - 04737144 _____ (Avira Operations GmbH & Co. KG) C:\Users\drogba\Downloads\avira_de_av_554b47ab46300__ws.exe

2015-05-07 15:30 - 2015-06-02 09:25 - 00000000 ____D () C:\Program Files (x86)\McAfee

2015-05-07 15:20 - 2015-05-07 15:20 - 05315120 _____ (McAfee, Inc.) C:\Users\drogba\Downloads\McAfeeSetup-Serial.exe

2015-05-07 13:39 - 2015-05-07 13:39 - 01203488 _____ () C:\Users\drogba\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe

2015-05-03 13:24 - 2015-05-04 01:07 - 00000000 ____D () C:\Users\drogba\Documents\Rethinking international tax law
 

==================== One Month Modified files and folders ========
 

(If an entry is included in the fixlist, the file/folder will be moved.)
 

2015-06-02 11:36 - 2014-01-30 00:22 - 01852185 _____ () C:\WINDOWS\WindowsUpdate.log

2015-06-02 11:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2015-06-02 09:51 - 2015-02-06 22:44 - 00000000 ____D () C:\Users\drogba\Documents\WZR

2015-06-02 08:46 - 2013-11-14 09:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2015-06-02 08:46 - 2013-11-14 09:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat

2015-06-02 08:46 - 2013-11-14 09:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat

2015-06-02 08:38 - 2014-01-30 01:01 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8AF272E8-EBB8-4989-A117-9196340E9353}

2015-06-02 08:35 - 2013-12-24 15:53 - 00000064 _____ () C:\Users\drogba\AppData\Roaming\sp_data.sys

2015-06-01 15:31 - 2014-09-29 14:57 - 00011590 _____ () C:\Users\drogba\Documents\Ernährung ab 29.09.2014.odt

2015-06-01 12:00 - 2013-11-21 16:52 - 00003464 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update2

2015-06-01 09:41 - 2013-12-25 16:42 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2651605502-3585297421-3202817343-1001

2015-06-01 09:09 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2015-05-31 22:29 - 2013-11-14 00:18 - 00401958 _____ () C:\WINDOWS\PFRO.log

2015-05-31 22:29 - 2013-08-22 16:46 - 00293594 _____ () C:\WINDOWS\setupact.log

2015-05-31 22:29 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2015-05-31 22:28 - 2014-01-30 00:04 - 00000000 ____D () C:\Users\drogba

2015-05-31 22:28 - 2013-12-24 15:53 - 00001011 _____ () C:\Users\drogba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2015-05-31 20:27 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI

2015-05-31 20:25 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Resources

2015-05-31 19:12 - 2013-08-22 16:44 - 00362760 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2015-05-30 14:01 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel

2015-05-30 14:01 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp

2015-05-30 14:00 - 2015-04-10 18:35 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX

2015-05-30 14:00 - 2015-04-10 18:35 - 00000000 ___SD () C:\WINDOWS\system32\GWX

2015-05-30 09:44 - 2013-04-26 01:18 - 00000000 ____D () C:\ProgramData\McAfee

2015-05-29 14:51 - 2015-01-02 18:46 - 00032716 _____ () C:\Users\drogba\Documents\Tagebuch über alles - Gegenwart.odt

2015-05-28 20:54 - 2014-12-15 14:36 - 00000000 ____D () C:\ProgramData\Malwarebytes

2015-05-28 14:09 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP

2015-05-27 00:32 - 2014-12-26 02:37 - 00000000 ____D () C:\Users\drogba\Documents\Bewerbung

2015-05-26 09:38 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

2015-05-23 00:47 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers

2015-05-22 23:32 - 2014-10-06 17:40 - 00000000 ____D () C:\Users\drogba\AppData\Local\Adobe

2015-05-22 14:00 - 2013-11-14 09:13 - 00000000 ____D () C:\Program Files\Windows Journal

2015-05-22 13:59 - 2013-12-27 00:16 - 00000000 ____D () C:\WINDOWS\system32\MRT

2015-05-22 13:56 - 2013-12-27 00:16 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2015-05-22 13:52 - 2013-04-26 01:15 - 00000000 ____D () C:\ProgramData\Adobe

2015-05-22 13:52 - 2013-04-26 01:15 - 00000000 ____D () C:\Program Files (x86)\Adobe

2015-05-22 10:26 - 2014-12-12 20:26 - 00016184 _____ () C:\Users\drogba\Documents\Music.odt

2015-05-20 20:36 - 2014-12-26 02:47 - 00000000 ____D () C:\Users\drogba\Documents\Schreiben

2015-05-20 20:08 - 2015-04-27 14:48 - 00000000 ____D () C:\Users\drogba\Documents\Literatur Downloads, Hörbücher

2015-05-20 14:42 - 2015-04-22 16:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2015-05-18 17:14 - 2014-02-23 02:48 - 00000000 ____D () C:\ProgramData\Avira

2015-05-18 17:14 - 2014-02-23 02:48 - 00000000 ____D () C:\Program Files (x86)\Avira

2015-05-07 23:53 - 2014-10-26 16:20 - 00013235 _____ () C:\Users\drogba\Documents\Gesundheit - Angst.odt

2015-05-06 00:21 - 2015-01-14 01:10 - 00000000 ____D () C:\Users\drogba\Documents\Referendariat

2015-05-05 19:59 - 2015-03-16 01:04 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2015-05-05 19:59 - 2015-03-16 01:04 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-05-03 16:08 - 2014-12-26 02:30 - 00000000 ____D () C:\Users\drogba\Documents\FFE
 

==================== Files in the root of some directories =======
 

2013-12-24 15:53 - 2015-06-02 08:35 - 0000064 _____ () C:\Users\drogba\AppData\Roaming\sp_data.sys

2014-01-30 00:00 - 2014-01-30 00:00 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

2013-04-26 01:15 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd

2013-04-26 01:15 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe

2013-04-26 01:15 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
 

Files to move or delete:

====================

C:\ProgramData\SetStretch.exe

C:\ProgramData\SetStretch.VBS
 
 

Some files in TEMP:

====================

C:\Users\drogba\AppData\Local\Temp\avgnt.exe

C:\Users\drogba\AppData\Local\Temp\i4jdel0.exe

C:\Users\drogba\AppData\Local\Temp\mccspuninstall.exe

C:\Users\drogba\AppData\Local\Temp\Quarantine.exe

C:\Users\drogba\AppData\Local\Temp\SkypeSetup.exe

C:\Users\drogba\AppData\Local\Temp\sqlite3.dll
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-03-18 16:44
 

==================== End of log ============================

ESET:

Code:

ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7623

# api_version=3.0.2

# EOSSerial=4c0bd0e6862b2a42bdb1a23a5a0ddc49

# engine=24128

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2015-06-02 09:28:41

# local_time=2015-06-02 11:28:41 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1031

# osver=6.2.9200 NT 

# compatibility_mode_1=''

# compatibility_mode=5893 16776573 100 94 72566 10319713 0 0

# scanned=201061

# found=13

# cleaned=0

# scan_time=9237

sh=47B19AB97028D8925579BED54EFEE88C8107D6B6 ft=1 fh=34f71966959b3eb8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\drogba\AppData\Local\Temp\DMR\dmr_72.exe"

sh=7FB2B410D7A3C932D5B739BEAEFD74BBBB94FE44 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\drogba\Desktop\Alte Firefox-Daten\t3wv2bbe.default\extensions\39e612de-2951-40c2-ab4a-82e121c42778@4e0cecc2-7c67-4374-bc4c-f15656d80ab7.com\extensionData\plugins\103_intext_5_m.js"

sh=06107E2CB2818761C26753E71FE096DFDE882F3F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\drogba\Desktop\Alte Firefox-Daten\t3wv2bbe.default\extensions\39e612de-2951-40c2-ab4a-82e121c42778@4e0cecc2-7c67-4374-bc4c-f15656d80ab7.com\extensionData\plugins\190_pops_5_m.js"

sh=723D315206A52C4CE6BE51080EAE93F13ACDBD86 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\drogba\Desktop\Alte Firefox-Daten\t3wv2bbe.default\extensions\39e612de-2951-40c2-ab4a-82e121c42778@4e0cecc2-7c67-4374-bc4c-f15656d80ab7.com\extensionData\plugins\194_retargeting_bi_m.js.js"

sh=8F399BFA81BF493FF5FE7D4CD69A7C44E8EF1A6A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\drogba\Desktop\Alte Firefox-Daten\t3wv2bbe.default\extensions\39e612de-2951-40c2-ab4a-82e121c42778@4e0cecc2-7c67-4374-bc4c-f15656d80ab7.com\extensionData\plugins\195_icm_convertmedia_m.js"

sh=63D3217BF16BFB37091DD90C82E573D8CA13F08E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\drogba\Desktop\Alte Firefox-Daten\t3wv2bbe.default\extensions\39e612de-2951-40c2-ab4a-82e121c42778@4e0cecc2-7c67-4374-bc4c-f15656d80ab7.com\extensionData\plugins\1_base.js"

sh=A7920DCAE31CAB7E2BAA6D10C4B2C540F5D87CF0 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\drogba\Desktop\Alte Firefox-Daten\t3wv2bbe.default\extensions\39e612de-2951-40c2-ab4a-82e121c42778@4e0cecc2-7c67-4374-bc4c-f15656d80ab7.com\extensionData\plugins\208_gam_manager.js"

sh=5902FC10054355A5B8B9CC41620445BAA0F1D0AB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\drogba\Desktop\Alte Firefox-Daten\t3wv2bbe.default\extensions\39e612de-2951-40c2-ab4a-82e121c42778@4e0cecc2-7c67-4374-bc4c-f15656d80ab7.com\extensionData\plugins\21_debug.js"

sh=932A0B84A1EE5590D4311A71FEE071A08166963C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\drogba\Desktop\Alte Firefox-Daten\t3wv2bbe.default\extensions\39e612de-2951-40c2-ab4a-82e121c42778@4e0cecc2-7c67-4374-bc4c-f15656d80ab7.com\extensionData\plugins\221_icm_downloads_m.js"

sh=57F2136CD86B69E88017E3346CF16BE0C2A51A2B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\drogba\Desktop\Alte Firefox-Daten\t3wv2bbe.default\extensions\39e612de-2951-40c2-ab4a-82e121c42778@4e0cecc2-7c67-4374-bc4c-f15656d80ab7.com\extensionData\plugins\28_initializer.js"

sh=8570CA3A333663EEA5F8513AE30B44F022B47990 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\drogba\Desktop\Alte Firefox-Daten\t3wv2bbe.default\extensions\39e612de-2951-40c2-ab4a-82e121c42778@4e0cecc2-7c67-4374-bc4c-f15656d80ab7.com\extensionData\plugins\91_monetizationLoader.js.js"

sh=82375A6153BE4F1F134E2E0A6077B67597E7F382 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\drogba\Desktop\Alte Firefox-Daten\t3wv2bbe.default\extensions\39e612de-2951-40c2-ab4a-82e121c42778@4e0cecc2-7c67-4374-bc4c-f15656d80ab7.com\extensionData\plugins\93_superfish_no_coupons_m.js"

sh=21C215053181F86C868E80D34E43AD3F09BFD2B8 ft=1 fh=7f6459cc6576c5bd vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\drogba\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe"

Security Check:

Code:

 Results of screen317's Security Check version 1.002  

   x64 (UAC is enabled)  

 Internet Explorer 11  
 ``````````````Antivirus/Firewall Check:`````````````` 

Windows Defender   

 WMI entry may not exist for antivirus; attempting automatic update. 
 `````````Anti-malware/Other Utilities Check:````````` 

 Java 8 Update 45  

 Adobe Flash Player         17.0.0.188  

 Mozilla Firefox (38.0.1) 
 ````````Process Check: objlist.exe by Laurent````````  

 Windows Defender MSMpEng.exe 
 `````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  % 
 ````````````````````End of Log``````````````````````

Das Antivirenprogramm konnte ich jetzt problemlos installieren. Falls in den Textdateien nichts anderes zu lesen ist, müsste alles in Ordnng sein? Jedenfalls fällt mir im Moment nichts auf.

Super, vielen Dank schonmal für Deine Hilfe, Schrauber! Wäre sonst wirklich aufgeschmissen gewesen :-)