| |
| |||||||
Log-Analyse und Auswertung: Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel ArbeitsspeicherWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
01.09.2014, 15:12
| #1 |
| |  Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher Hallo, ich hatte seit einiger Zeit das Problem, dass ich in sämtlichen I-net Browsern Werbung von ad wizard u.ä. bekam und entfernte diese Addons aus dem Programmverzeichnis von Windows. Seitdem hab ich nun aber das Problem, dass sich der Internet Explorer immer selbst im Hintergrund öffnete (alle 30s ein neuer Prozess). daraufhin habe ich den Internet Explorer aus dem System entfernt, habe nun aber das Problem, dass sich statt des Internet Explorers der Windows Explorer in den Prozessen vervielfältigt (Arbeitsspeicher bis 400K) und dadurch auch die Internetleistung verringert. In Online Spielen muss ich so beispielsweise alle 20s den Bildschirm klein machen um die unnötigen Prozesse zu beenden. hier das FRST log Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2014 02
Ran by Basti (administrator) on KUNDEN-C2A4T6U6 on 01-09-2014 14:55:44
Running from C:\Users\Basti\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
() C:\Windows\DAODx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Creative Technology Ltd.) C:\Windows\V0640Mon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM-x32\...\Run: [G Data AntiVirus Tray Application] => C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [MDS_Menu] => C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-08-02] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-11-23] (cyberlink)
HKLM-x32\...\Run: [UpdatePPShortCut] => C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-08-07] (Bitleader)
HKLM-x32\...\Run: [UpdatePSTShortCut] => C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe [222504 2010-12-23] (CyberLink Corp.)
HKLM-x32\...\Run: [Live! Central 2] => C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 2\CTLVCentral2.exe [426140 2009-11-04] (Creative Technology Ltd)
HKLM-x32\...\Run: [V0640Mon.exe] => C:\Windows\V0640Mon.exe [28672 2009-09-22] (Creative Technology Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-703785417-1565345126-2984759567-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1937600 2014-08-14] (Valve Corporation)
HKU\S-1-5-21-703785417-1565345126-2984759567-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
HKU\S-1-5-21-703785417-1565345126-2984759567-1001\...\Run: [Windows Remote Service] => C:\Users\Basti\Desktop\Isos uns Setups\WinRemoteService_v1.2.9_portable\Windows Remote Service\WindowsRemoteService.exe [173568 2013-05-24] (Banamalon)
HKU\S-1-5-21-703785417-1565345126-2984759567-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-703785417-1565345126-2984759567-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-703785417-1565345126-2984759567-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3600216 2014-08-31] (Electronic Arts)
HKU\S-1-5-21-703785417-1565345126-2984759567-1001\...\MountPoints2: {9b9067ea-de6c-11e1-bf3d-806e6f6e6963} - D:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Play Wireless USB Adapter Utility.lnk
ShortcutTarget: Play Wireless USB Adapter Utility.lnk -> C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe ()
Startup: C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
ShortcutTarget: Xfire.lnk -> C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=93ece75e-2672-b8d2-08f9-8178b9479fc1&searchtype=ds&q={searchTerms}&installDate={installDate}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://facebook.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://syb.msn.com
hxxp://www.tecstore.net
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2A10C333036FCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1381008728051&tguid=66920-6787-1381008728051-9434732C2688D9480473067CC62C039D&st=chrome&q=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=93ece75e-2672-b8d2-08f9-8178b9479fc1&searchtype=ds&q={searchTerms}&installDate={installDate}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1381008728051&tguid=66920-6787-1381008728051-9434732C2688D9480473067CC62C039D&st=chrome&q=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {98BF414D-8E2C-4584-B853-F3A6F5935D27} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1381008728051&tguid=66920-6787-1381008728051-9434732C2688D9480473067CC62C039D&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {98bf414d-8e2c-4584-b853-f3a6f5935d27} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1381008728051&tguid=66920-6787-1381008728051-9434732C2688D9480473067CC62C039D&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=93ece75e-2672-b8d2-08f9-8178b9479fc1&searchtype=ds&q={searchTerms}&installDate={installDate}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=93ece75e-2672-b8d2-08f9-8178b9479fc1&searchtype=ds&q={searchTerms}&installDate={installDate}
SearchScopes: HKCU - {010D46DF-85CC-4552-ABDC-7D8BF9F1EE08} URL = hxxp://www.ant.com/search?s=browser&q={searchTerms}
SearchScopes: HKCU - {17B1D3AE-2CD3-4200-BFB1-BB1A7AF25B04} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=4D0BBBD8-62F0-4122-A06B-5E95CB2E58D3&apn_sauid=B1968C2B-D17E-44D0-ADAD-A85600365777
SearchScopes: HKCU - {4327fabe-3c22-4689-8dbf-d226cf777fe9} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1381008728051&tguid=66920-6787-1381008728051-9434732C2688D9480473067CC62C039D&q={searchTerms}
SearchScopes: HKCU - {98BF414D-8E2C-4584-B853-F3A6F5935D27} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Ant.com browser helper (video detector) -> {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} -> C:\Program Files (x86)\Ant.com\IE add-on\Download.dll (Ant.com)
BHO-x32: Funmoods Helper Object -> {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} -> C:\Program Files (x86)\Funmoods\1.5.23.22\bh\escort.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Ant.com Video Downloader toolbar - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files (x86)\Ant.com\IE add-on\AntToolbar.dll (Ant.com)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKCU - No Name - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Filter-x32: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Basti\AppData\Roaming\Mozilla\Firefox\Profiles\o6lub96e.default-1408107985754
FF Homepage: hxxp://de-de.facebook.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff
FF HKLM-x32\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files (x86)\Better-Surf\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta993.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta993\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha906.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha906\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewerV1alpha1969.net] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1969\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha8334.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha8334\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaViewV1alpha5279.net] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5279\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaWatchV1home278.net] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home278\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode6079.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6079\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@TrustMediaViewerV1alpha2380.net] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha2380\ff
Chrome:
=======
CHR Profile: C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-24]
CHR Extension: (Google Drive) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-24]
CHR Extension: (YouTube) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-24]
CHR Extension: (Google-Suche) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-24]
CHR Extension: (Google Wallet) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-24]
CHR Extension: (Google Mail) - C:\Users\Basti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-24]
CHR HKLM-x32\...\Chrome\Extension: [cadmbhkjimoafaokdfdmpebbiapadccm] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6079\ch\MediaBuzzV1mode6079.crx []
CHR HKLM-x32\...\Chrome\Extension: [caeconejdgkoefeelomjfkkfcinkehlc] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha8334\ch\MediaViewV1alpha8334.crx []
CHR HKLM-x32\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files (x86)\BetterSurf\ch\Chrome.crx []
CHR HKLM-x32\...\Chrome\Extension: [fepenaahbicpoholbpjhhilciepkeock] - C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha2380\ch\TrustMediaViewerV1alpha2380.crx []
CHR HKLM-x32\...\Chrome\Extension: [kfdfaggkibkljaklfepfminnfpfniijl] - C:\Program Files (x86)\MediaViewerV1\MediaViewerV1alpha1969\ch\MediaViewerV1alpha1969.crx []
CHR HKLM-x32\...\Chrome\Extension: [llopbnfbphgdlgapmfbdfeldkodlohaa] - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home278\ch\MediaWatchV1home278.crx []
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx []
CHR HKLM-x32\...\Chrome\Extension: [onaefacfpoloobkpanchplbmpndadfog] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta993\ch\VideoPlayerV3beta993.crx []
CHR HKLM-x32\...\Chrome\Extension: [pnfeojhdgncechblgmlmehmjdhhikmhj] - C:\Program Files (x86)\MediaViewV1\MediaViewV1alpha5279\ch\MediaViewV1alpha5279.crx []
CHR HKLM-x32\...\Chrome\Extension: [poheodfamflhhhdcmjfeggbgigeefaco] - C:\Program Files (x86)\Better-Surf\ch\Chrome.crx []
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]
S3 Ant App service; C:\Program Files (x86)\Ant.com\File1 Package Manager\AppService.exe [504816 2013-02-05] (Helios Technologies Ltd)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2010-11-23] (CyberLink)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-08-19] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-08-19] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] () [File not signed]
R2 WLANBelkinService; C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe [36864 2009-12-28] () [File not signed]
S2 DisplayFusionService; "C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe" [X]
R3 WinHttpAutoProxySvc; winhttp.dll [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-09-27] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-08-03] (DT Soft Ltd)
S3 hugoio64; C:\Windows\system32\drivers\hugoio64.sys [13920 2012-08-06] ()
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-09-27] ()
S3 V0640Vid; C:\Windows\System32\DRIVERS\V0640Vid.sys [319520 2009-12-03] (Creative Technology Ltd.)
S3 tswNT; \??\C:\Users\ADMINI~1\AppData\Local\Temp\00013255\tswnt.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-01 14:55 - 2014-09-01 14:56 - 00024060 _____ () C:\Users\Basti\Downloads\FRST.txt
2014-09-01 14:55 - 2014-09-01 14:55 - 00000000 ____D () C:\FRST
2014-09-01 14:54 - 2014-09-01 14:54 - 02104832 _____ (Farbar) C:\Users\Basti\Downloads\FRST64.exe
2014-09-01 14:53 - 2014-09-01 14:53 - 00000542 _____ () C:\Users\Basti\Downloads\defogger_disable.log
2014-09-01 14:53 - 2014-09-01 14:53 - 00000168 _____ () C:\Users\Basti\defogger_reenable
2014-09-01 14:52 - 2014-09-01 14:52 - 00050477 _____ () C:\Users\Basti\Downloads\Defogger.exe
2014-08-31 18:57 - 2014-08-31 18:57 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\AVG2014
2014-08-31 18:56 - 2014-08-31 18:56 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-31 18:56 - 2014-08-31 18:56 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\TuneUp Software
2014-08-31 18:56 - 2014-08-31 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-31 18:55 - 2014-09-01 14:32 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-31 18:55 - 2014-08-31 18:55 - 00000000 ___HD () C:\$AVG
2014-08-31 18:55 - 2014-08-31 18:55 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-08-31 18:44 - 2014-09-01 14:34 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-31 18:44 - 2014-08-31 19:29 - 00000000 ____D () C:\Users\Basti\AppData\Local\Avg2014
2014-08-31 18:44 - 2014-08-31 18:44 - 00000000 ____D () C:\Users\Basti\AppData\Local\MFAData
2014-08-31 18:43 - 2014-08-31 18:44 - 04755920 _____ (AVG Technologies) C:\Users\Basti\Downloads\avg_avct_stb_all_2014_4744_comppg_24.exe
2014-08-31 16:04 - 2014-08-31 16:05 - 00000000 ____D () C:\Users\Basti\AppData\Local\Origin
2014-08-31 15:52 - 2014-09-01 14:30 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-31 15:52 - 2014-08-31 15:52 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-08-31 15:52 - 2014-08-31 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-08-31 15:44 - 2014-08-31 15:44 - 01397992 _____ () C:\Users\Basti\Downloads\battlelog-web-plugins_2.5.0_148.exe
2014-08-31 14:37 - 2014-08-31 14:38 - 02478784 _____ (Sysinternals - www.sysinternals.com) C:\Users\Basti\Downloads\procexp03 (1).exe
2014-08-31 14:30 - 2014-08-31 14:31 - 02478784 _____ (Sysinternals - www.sysinternals.com) C:\Users\Basti\Downloads\procexp03.exe
2014-08-25 19:28 - 2014-09-01 14:32 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Yqnu
2014-08-25 19:28 - 2014-08-25 19:33 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Osug
2014-08-24 18:21 - 2014-08-24 18:21 - 04495528 _____ () C:\Users\Basti\Downloads\AbsolutUninstaller_5.3.1.17.exe
2014-08-24 18:21 - 2014-08-24 18:21 - 00001270 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Uninstaller.lnk
2014-08-24 18:21 - 2014-08-24 18:21 - 00001258 _____ () C:\Users\Public\Desktop\Absolute Uninstaller.lnk
2014-08-24 18:21 - 2014-08-24 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2014-08-24 18:21 - 2014-08-24 18:21 - 00000000 ____D () C:\Program Files (x86)\Glarysoft
2014-08-24 18:05 - 2014-08-24 18:05 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-24 18:05 - 2014-08-24 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-24 17:54 - 2014-09-01 14:29 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-24 17:54 - 2014-08-31 20:59 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-24 17:54 - 2014-08-24 18:05 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-24 17:54 - 2014-08-24 17:54 - 00895120 _____ (Google Inc.) C:\Users\Basti\Downloads\ChromeSetup.exe
2014-08-24 17:54 - 2014-08-24 17:54 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-24 17:54 - 2014-08-24 17:54 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-24 17:33 - 2014-08-31 20:15 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Ovco
2014-08-24 17:33 - 2014-08-24 17:38 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Imzec
2014-08-24 17:24 - 2014-08-24 17:24 - 00000687 _____ () C:\awhE8F7.tmp
2014-08-24 17:03 - 2014-08-24 17:06 - 00000000 ___HD () C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
2014-08-24 16:59 - 2014-09-01 14:32 - 00000000 ____D () C:\ProgramData\AgumInij
2014-08-24 16:59 - 2014-08-24 16:59 - 00000687 _____ () C:\awhE3C9.tmp
2014-08-24 05:36 - 2014-09-01 14:31 - 00000000 ____D () C:\ProgramData\AtlisUwmeh
2014-08-24 05:36 - 2014-08-24 16:59 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-24 04:41 - 2014-08-24 04:41 - 00000687 _____ () C:\awhE003.tmp
2014-08-24 04:06 - 2014-08-24 04:06 - 00000687 _____ () C:\awhDBCD.tmp
2014-08-23 23:44 - 2014-08-23 23:53 - 46684696 _____ (PokerStars) C:\Users\Basti\Downloads\PokerStarsInstallPM.exe
2014-08-23 18:37 - 2014-08-23 18:37 - 00000687 _____ () C:\awh65CA.tmp
2014-08-22 14:45 - 2014-08-22 14:45 - 00000687 _____ () C:\awhE214.tmp
2014-08-21 16:10 - 2014-08-21 16:10 - 00000687 _____ () C:\awhE5BC.tmp
2014-08-20 15:34 - 2014-08-20 15:34 - 00000687 _____ () C:\awhE4C2.tmp
2014-08-19 22:13 - 2014-09-01 14:37 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-19 22:13 - 2014-08-31 20:35 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex1
2014-08-19 22:13 - 2014-08-19 22:13 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-19 18:47 - 2014-08-19 18:47 - 00000687 _____ () C:\awhFEE7.tmp
2014-08-19 15:04 - 2014-08-19 15:04 - 00000687 _____ () C:\awhDE7C.tmp
2014-08-18 22:50 - 2014-08-19 22:17 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-08-18 22:33 - 2014-08-18 22:33 - 00003140 _____ () C:\Windows\System32\Tasks\{32F8C2B5-B270-459D-AC50-DE0EC6FE4C50}
2014-08-18 22:22 - 2014-08-18 22:22 - 02247976 _____ () C:\Users\Basti\Downloads\battlelog-web-plugins_2.4.0_145(1).exe
2014-08-18 22:19 - 2014-08-18 22:19 - 00714207 _____ () C:\Users\Basti\Downloads\pbsetup-37.zip
2014-08-18 22:13 - 2014-08-18 22:13 - 01101648 _____ () C:\Users\Basti\Downloads\PunkBuster - CHIP-Installer.exe
2014-08-18 14:17 - 2014-08-18 14:34 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\.minecraft
2014-08-18 13:03 - 2014-08-18 13:03 - 00000687 _____ () C:\awhEC41.tmp
2014-08-17 18:37 - 2014-08-17 18:37 - 00000687 _____ () C:\awhD326.tmp
2014-08-15 15:11 - 2014-08-15 15:11 - 00244408 _____ () C:\Users\Basti\Downloads\Firefox Setup Stub 31.0.exe
2014-08-15 15:06 - 2014-08-15 15:06 - 00000000 ____D () C:\Users\Basti\Desktop\Alte Firefox-Daten
2014-08-15 13:31 - 2014-08-15 13:31 - 00000687 _____ () C:\awhE455.tmp
2014-08-15 13:25 - 2014-08-15 13:25 - 01192533 _____ () C:\Windows\unins000.exe
2014-08-15 13:25 - 2014-08-15 13:25 - 00018426 _____ () C:\Windows\unins000.dat
2014-08-15 13:25 - 2014-08-15 13:25 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\MingGuan
2014-08-15 13:25 - 2014-08-15 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drakonia Black
2014-08-15 13:25 - 2014-08-15 13:25 - 00000000 ____D () C:\Program Files (x86)\Drakonia Configurator
2014-08-15 12:05 - 2014-08-15 12:05 - 00000687 _____ () C:\awh8ACA.tmp
2014-08-15 11:33 - 2014-08-15 11:33 - 02247976 _____ () C:\Users\Basti\Downloads\battlelog-web-plugins_2.4.0_145.exe
2014-08-14 16:05 - 2014-08-31 14:52 - 00004096 _____ () C:\Users\Public\Documents\000099A0.LCS
2014-08-14 16:05 - 2014-08-21 20:50 - 00000000 ____D () C:\Users\Basti\AppData\Local\Risen3
2014-08-14 16:05 - 2014-08-14 16:05 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\ProtectDISC
2014-08-14 15:28 - 2014-08-14 15:28 - 00002277 _____ () C:\Users\Public\Desktop\Risen 3 - Titan Lords.lnk
2014-08-14 15:25 - 2014-08-14 15:25 - 00000000 ____D () C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2014-08-14 15:06 - 2014-08-14 15:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
2014-08-13 12:29 - 2014-08-13 12:29 - 00002119 _____ () C:\Users\Basti\Desktop\Firefox - CHIP Downloader.lnk
2014-08-13 12:29 - 2014-08-13 12:29 - 00000687 _____ () C:\awhEA2F.tmp
2014-08-13 12:28 - 2014-08-13 12:28 - 01101648 _____ () C:\Users\Basti\Downloads\Firefox - CHIP-Installer.exe
2014-08-12 12:57 - 2014-08-12 12:57 - 00000687 _____ () C:\awhF94C.tmp
2014-08-11 15:05 - 2014-08-11 15:04 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-11 14:50 - 2014-08-11 14:50 - 00000687 _____ () C:\awhED79.tmp
2014-08-11 14:15 - 2014-08-11 14:15 - 00000291 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-11 14:13 - 2014-08-11 14:13 - 00918440 _____ (Oracle Corporation) C:\Users\Basti\Downloads\JavaSetup7u67.exe
2014-08-11 12:34 - 2014-08-11 12:34 - 00000687 _____ () C:\awhDDFF.tmp
2014-08-10 15:15 - 2014-08-10 15:15 - 00000687 _____ () C:\awhDC0C.tmp
2014-08-09 13:32 - 2014-08-09 13:32 - 00000687 _____ () C:\awhDD82.tmp
2014-08-08 19:30 - 2014-08-08 19:44 - 41171024 _____ (Google Inc.) C:\Users\Basti\Downloads\ChromeStandaloneSetup-1985.125.exe
2014-08-08 11:44 - 2014-08-08 11:44 - 00000687 _____ () C:\awhEA6D.tmp
2014-08-07 14:20 - 2014-08-07 14:20 - 00000687 _____ () C:\awh933.tmp
2014-08-06 20:07 - 2014-08-06 20:07 - 00000687 _____ () C:\awhE752.tmp
2014-08-06 13:16 - 2014-08-06 13:16 - 00000687 _____ () C:\awhDF37.tmp
2014-08-06 10:50 - 2014-08-06 10:50 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-08-05 13:14 - 2014-08-05 13:14 - 00000687 _____ () C:\awhF49A.tmp
2014-08-04 13:37 - 2014-08-04 13:37 - 00000687 _____ () C:\awhE002.tmp
2014-08-03 14:13 - 2014-08-03 14:13 - 00000687 _____ () C:\awhDB41.tmp
2014-08-02 18:37 - 2014-08-02 18:37 - 00000687 _____ () C:\awhED5.tmp
2014-08-02 02:02 - 2014-08-02 02:02 - 00000687 _____ () C:\awhDE8B.tmp
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-01 14:56 - 2014-09-01 14:55 - 00024060 _____ () C:\Users\Basti\Downloads\FRST.txt
2014-09-01 14:55 - 2014-09-01 14:55 - 00000000 ____D () C:\FRST
2014-09-01 14:54 - 2014-09-01 14:54 - 02104832 _____ (Farbar) C:\Users\Basti\Downloads\FRST64.exe
2014-09-01 14:53 - 2014-09-01 14:53 - 00000542 _____ () C:\Users\Basti\Downloads\defogger_disable.log
2014-09-01 14:53 - 2014-09-01 14:53 - 00000168 _____ () C:\Users\Basti\defogger_reenable
2014-09-01 14:53 - 2012-07-31 11:12 - 00000000 ____D () C:\Users\Basti
2014-09-01 14:52 - 2014-09-01 14:52 - 00050477 _____ () C:\Users\Basti\Downloads\Defogger.exe
2014-09-01 14:50 - 2013-05-21 21:49 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-01 14:44 - 2012-07-31 12:07 - 00000000 ____D () C:\ProgramData\Origin
2014-09-01 14:37 - 2014-08-19 22:13 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-09-01 14:37 - 2009-07-14 06:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-01 14:37 - 2009-07-14 06:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-01 14:34 - 2014-08-31 18:44 - 00000000 ____D () C:\ProgramData\MFAData
2014-09-01 14:33 - 2012-07-30 16:40 - 01404422 _____ () C:\Windows\WindowsUpdate.log
2014-09-01 14:32 - 2014-08-31 18:55 - 00000000 ____D () C:\ProgramData\AVG2014
2014-09-01 14:32 - 2014-08-25 19:28 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Yqnu
2014-09-01 14:32 - 2014-08-24 16:59 - 00000000 ____D () C:\ProgramData\AgumInij
2014-09-01 14:32 - 2012-07-31 12:24 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-01 14:32 - 2010-11-21 05:24 - 00000000 __SHD () C:\Users\Basti\AppData\Roaming\dwcvajjb
2014-09-01 14:31 - 2014-08-24 05:36 - 00000000 ____D () C:\ProgramData\AtlisUwmeh
2014-09-01 14:31 - 2013-02-04 13:30 - 00000356 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-09-01 14:31 - 2013-02-04 13:30 - 00000000 ____D () C:\Users\Basti\AppData\Local\SwvUpdater
2014-09-01 14:31 - 2012-08-02 00:29 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Skype
2014-09-01 14:30 - 2014-08-31 15:52 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-01 14:29 - 2014-08-24 17:54 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-01 14:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-01 14:29 - 2009-07-14 06:51 - 00139630 _____ () C:\Windows\setupact.log
2014-09-01 14:28 - 2013-11-12 17:57 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-09-01 14:28 - 2010-11-21 05:47 - 00082346 _____ () C:\Windows\PFRO.log
2014-08-31 20:59 - 2014-08-24 17:54 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-31 20:35 - 2014-08-19 22:13 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex1
2014-08-31 20:35 - 2012-08-03 13:53 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-08-31 20:15 - 2014-08-24 17:33 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Ovco
2014-08-31 19:53 - 2013-10-16 19:37 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-08-31 19:29 - 2014-08-31 18:44 - 00000000 ____D () C:\Users\Basti\AppData\Local\Avg2014
2014-08-31 18:57 - 2014-08-31 18:57 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\AVG2014
2014-08-31 18:56 - 2014-08-31 18:56 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-31 18:56 - 2014-08-31 18:56 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\TuneUp Software
2014-08-31 18:56 - 2014-08-31 18:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-31 18:55 - 2014-08-31 18:55 - 00000000 ___HD () C:\$AVG
2014-08-31 18:55 - 2014-08-31 18:55 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-08-31 18:44 - 2014-08-31 18:44 - 00000000 ____D () C:\Users\Basti\AppData\Local\MFAData
2014-08-31 18:44 - 2014-08-31 18:43 - 04755920 _____ (AVG Technologies) C:\Users\Basti\Downloads\avg_avct_stb_all_2014_4744_comppg_24.exe
2014-08-31 16:05 - 2014-08-31 16:04 - 00000000 ____D () C:\Users\Basti\AppData\Local\Origin
2014-08-31 15:52 - 2014-08-31 15:52 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-08-31 15:52 - 2014-08-31 15:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-08-31 15:44 - 2014-08-31 15:44 - 01397992 _____ () C:\Users\Basti\Downloads\battlelog-web-plugins_2.5.0_148.exe
2014-08-31 15:03 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-31 15:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-31 14:52 - 2014-08-14 16:05 - 00004096 _____ () C:\Users\Public\Documents\000099A0.LCS
2014-08-31 14:51 - 2012-08-21 14:36 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\vlc
2014-08-31 14:38 - 2014-08-31 14:37 - 02478784 _____ (Sysinternals - www.sysinternals.com) C:\Users\Basti\Downloads\procexp03 (1).exe
2014-08-31 14:31 - 2014-08-31 14:30 - 02478784 _____ (Sysinternals - www.sysinternals.com) C:\Users\Basti\Downloads\procexp03.exe
2014-08-25 21:32 - 2014-02-03 22:16 - 00000000 ____D () C:\Users\Basti\AppData\Local\PokerStars.NET
2014-08-25 19:33 - 2014-08-25 19:28 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Osug
2014-08-25 01:11 - 2012-07-31 11:13 - 00131280 _____ () C:\Users\Basti\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-24 18:43 - 2014-05-13 18:32 - 00000000 ____D () C:\Program Files (x86)\RichMediaViewV1
2014-08-24 18:43 - 2009-07-14 06:45 - 00434784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-24 18:23 - 2012-07-31 17:02 - 00000000 ____D () C:\Program Files (x86)\Catan
2014-08-24 18:21 - 2014-08-24 18:21 - 04495528 _____ () C:\Users\Basti\Downloads\AbsolutUninstaller_5.3.1.17.exe
2014-08-24 18:21 - 2014-08-24 18:21 - 00001270 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Uninstaller.lnk
2014-08-24 18:21 - 2014-08-24 18:21 - 00001258 _____ () C:\Users\Public\Desktop\Absolute Uninstaller.lnk
2014-08-24 18:21 - 2014-08-24 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft
2014-08-24 18:21 - 2014-08-24 18:21 - 00000000 ____D () C:\Program Files (x86)\Glarysoft
2014-08-24 18:05 - 2014-08-24 18:05 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-24 18:05 - 2014-08-24 18:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-24 18:05 - 2014-08-24 17:54 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-24 18:05 - 2012-07-31 11:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-24 18:03 - 2012-10-12 15:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-24 17:54 - 2014-08-24 17:54 - 00895120 _____ (Google Inc.) C:\Users\Basti\Downloads\ChromeSetup.exe
2014-08-24 17:54 - 2014-08-24 17:54 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-24 17:54 - 2014-08-24 17:54 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-24 17:38 - 2014-08-24 17:33 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\Imzec
2014-08-24 17:24 - 2014-08-24 17:24 - 00000687 _____ () C:\awhE8F7.tmp
2014-08-24 17:06 - 2014-08-24 17:03 - 00000000 ___HD () C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
2014-08-24 16:59 - 2014-08-24 16:59 - 00000687 _____ () C:\awhE3C9.tmp
2014-08-24 16:59 - 2014-08-24 05:36 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-24 04:41 - 2014-08-24 04:41 - 00000687 _____ () C:\awhE003.tmp
2014-08-24 04:06 - 2014-08-24 04:06 - 00000687 _____ () C:\awhDBCD.tmp
2014-08-23 23:55 - 2014-02-03 22:15 - 00000000 ____D () C:\Program Files (x86)\PokerStars.NET
2014-08-23 23:54 - 2014-02-03 22:16 - 00001965 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.net.lnk
2014-08-23 23:54 - 2014-02-03 22:16 - 00001959 _____ () C:\Users\Public\Desktop\PokerStars.net.lnk
2014-08-23 23:53 - 2014-08-23 23:44 - 46684696 _____ (PokerStars) C:\Users\Basti\Downloads\PokerStarsInstallPM.exe
2014-08-23 18:37 - 2014-08-23 18:37 - 00000687 _____ () C:\awh65CA.tmp
2014-08-22 14:45 - 2014-08-22 14:45 - 00000687 _____ () C:\awhE214.tmp
2014-08-21 20:50 - 2014-08-14 16:05 - 00000000 ____D () C:\Users\Basti\AppData\Local\Risen3
2014-08-21 16:10 - 2014-08-21 16:10 - 00000687 _____ () C:\awhE5BC.tmp
2014-08-20 15:34 - 2014-08-20 15:34 - 00000687 _____ () C:\awhE4C2.tmp
2014-08-19 22:17 - 2014-08-18 22:50 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-08-19 22:13 - 2014-08-19 22:13 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-19 18:47 - 2014-08-19 18:47 - 00000687 _____ () C:\awhFEE7.tmp
2014-08-19 15:04 - 2014-08-19 15:04 - 00000687 _____ () C:\awhDE7C.tmp
2014-08-18 22:33 - 2014-08-18 22:33 - 00003140 _____ () C:\Windows\System32\Tasks\{32F8C2B5-B270-459D-AC50-DE0EC6FE4C50}
2014-08-18 22:22 - 2014-08-18 22:22 - 02247976 _____ () C:\Users\Basti\Downloads\battlelog-web-plugins_2.4.0_145(1).exe
2014-08-18 22:19 - 2014-08-18 22:19 - 00714207 _____ () C:\Users\Basti\Downloads\pbsetup-37.zip
2014-08-18 22:13 - 2014-08-18 22:13 - 01101648 _____ () C:\Users\Basti\Downloads\PunkBuster - CHIP-Installer.exe
2014-08-18 21:46 - 2013-09-29 16:33 - 00000000 ____D () C:\Users\Basti\Documents\FIFA 14
2014-08-18 14:34 - 2014-08-18 14:17 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\.minecraft
2014-08-18 13:03 - 2014-08-18 13:03 - 00000687 _____ () C:\awhEC41.tmp
2014-08-18 12:59 - 2012-08-07 15:27 - 00000344 _____ () C:\Windows\lgfwup.ini
2014-08-18 12:59 - 2012-08-07 15:23 - 00000000 ____D () C:\Program Files (x86)\lg_fwupdate
2014-08-17 18:37 - 2014-08-17 18:37 - 00000687 _____ () C:\awhD326.tmp
2014-08-15 15:11 - 2014-08-15 15:11 - 00244408 _____ () C:\Users\Basti\Downloads\Firefox Setup Stub 31.0.exe
2014-08-15 15:06 - 2014-08-15 15:06 - 00000000 ____D () C:\Users\Basti\Desktop\Alte Firefox-Daten
2014-08-15 13:31 - 2014-08-15 13:31 - 00000687 _____ () C:\awhE455.tmp
2014-08-15 13:25 - 2014-08-15 13:25 - 01192533 _____ () C:\Windows\unins000.exe
2014-08-15 13:25 - 2014-08-15 13:25 - 00018426 _____ () C:\Windows\unins000.dat
2014-08-15 13:25 - 2014-08-15 13:25 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\MingGuan
2014-08-15 13:25 - 2014-08-15 13:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drakonia Black
2014-08-15 13:25 - 2014-08-15 13:25 - 00000000 ____D () C:\Program Files (x86)\Drakonia Configurator
2014-08-15 12:05 - 2014-08-15 12:05 - 00000687 _____ () C:\awh8ACA.tmp
2014-08-15 11:33 - 2014-08-15 11:33 - 02247976 _____ () C:\Users\Basti\Downloads\battlelog-web-plugins_2.4.0_145.exe
2014-08-15 04:07 - 2013-11-12 17:57 - 00001194 _____ () C:\Users\Public\Desktop\Battlefield 4.lnk
2014-08-15 04:07 - 2013-11-12 17:57 - 00001170 _____ () C:\Users\Public\Desktop\Battlefield 4(64 bit).lnk
2014-08-15 00:45 - 2012-07-31 12:07 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-08-14 16:05 - 2014-08-14 16:05 - 00000000 ____D () C:\Users\Basti\AppData\Roaming\ProtectDISC
2014-08-14 15:28 - 2014-08-14 15:28 - 00002277 _____ () C:\Users\Public\Desktop\Risen 3 - Titan Lords.lnk
2014-08-14 15:25 - 2014-08-14 15:25 - 00000000 ____D () C:\Windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2014-08-14 15:24 - 2012-07-31 12:58 - 00422801 _____ () C:\Windows\DirectX.log
2014-08-14 15:06 - 2014-08-14 15:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
2014-08-14 15:06 - 2013-09-27 20:13 - 00000000 ____D () C:\Program Files (x86)\Deep Silver
2014-08-13 12:29 - 2014-08-13 12:29 - 00002119 _____ () C:\Users\Basti\Desktop\Firefox - CHIP Downloader.lnk
2014-08-13 12:29 - 2014-08-13 12:29 - 00000687 _____ () C:\awhEA2F.tmp
2014-08-13 12:28 - 2014-08-13 12:28 - 01101648 _____ () C:\Users\Basti\Downloads\Firefox - CHIP-Installer.exe
2014-08-12 12:57 - 2014-08-12 12:57 - 00000687 _____ () C:\awhF94C.tmp
2014-08-11 15:05 - 2013-12-20 15:26 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-11 15:04 - 2014-08-11 15:05 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-11 15:04 - 2013-06-28 20:07 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-11 15:04 - 2013-06-28 20:07 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-11 15:04 - 2013-06-28 20:07 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-11 14:50 - 2014-08-11 14:50 - 00000687 _____ () C:\awhED79.tmp
2014-08-11 14:25 - 2013-01-29 19:11 - 00000000 ____D () C:\Program Files\Oracle
2014-08-11 14:24 - 2012-10-24 19:35 - 00000000 ____D () C:\Program Files\Java
2014-08-11 14:15 - 2014-08-11 14:15 - 00000291 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-08-11 14:15 - 2012-09-29 12:00 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-11 14:13 - 2014-08-11 14:13 - 00918440 _____ (Oracle Corporation) C:\Users\Basti\Downloads\JavaSetup7u67.exe
2014-08-11 14:11 - 2012-09-29 12:02 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-08-11 12:34 - 2014-08-11 12:34 - 00000687 _____ () C:\awhDDFF.tmp
2014-08-10 15:15 - 2014-08-10 15:15 - 00000687 _____ () C:\awhDC0C.tmp
2014-08-09 13:32 - 2014-08-09 13:32 - 00000687 _____ () C:\awhDD82.tmp
2014-08-08 19:44 - 2014-08-08 19:30 - 41171024 _____ (Google Inc.) C:\Users\Basti\Downloads\ChromeStandaloneSetup-1985.125.exe
2014-08-08 11:44 - 2014-08-08 11:44 - 00000687 _____ () C:\awhEA6D.tmp
2014-08-07 19:00 - 2014-03-20 23:03 - 00000000 ____D () C:\Users\Basti\AppData\Local\Battle.net
2014-08-07 18:56 - 2014-03-19 19:52 - 00000000 ____D () C:\Users\Basti\Desktop\Diablo III
2014-08-07 15:05 - 2014-03-20 23:03 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-07 14:45 - 2013-01-01 19:26 - 00000000 ____D () C:\Users\Basti\Desktop\Games
2014-08-07 14:20 - 2014-08-07 14:20 - 00000687 _____ () C:\awh933.tmp
2014-08-07 03:17 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-06 20:07 - 2014-08-06 20:07 - 00000687 _____ () C:\awhE752.tmp
2014-08-06 13:16 - 2014-08-06 13:16 - 00000687 _____ () C:\awhDF37.tmp
2014-08-06 10:50 - 2014-08-06 10:50 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-08-05 13:14 - 2014-08-05 13:14 - 00000687 _____ () C:\awhF49A.tmp
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-04 13:37 - 2014-08-04 13:37 - 00000687 _____ () C:\awhE002.tmp
2014-08-03 14:13 - 2014-08-03 14:13 - 00000687 _____ () C:\awhDB41.tmp
2014-08-02 18:37 - 2014-08-02 18:37 - 00000687 _____ () C:\awhED5.tmp
2014-08-02 02:02 - 2014-08-02 02:02 - 00000687 _____ () C:\awhDE8B.tmp
Files to move or delete:
====================
C:\ProgramData\dsgsdgdsgdsgw.pad
C:\ProgramData\hash.dat
Some content of TEMP:
====================
C:\Users\Basti\AppData\Local\Temp\161E.tmp.exe
C:\Users\Basti\AppData\Local\Temp\53544uninstall.exe
C:\Users\Basti\AppData\Local\Temp\8A92.exe
C:\Users\Basti\AppData\Local\Temp\APNStub.exe
C:\Users\Basti\AppData\Local\Temp\AutoRun.exe
C:\Users\Basti\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Basti\AppData\Local\Temp\Browser_Helper_Companion_DE.exe
C:\Users\Basti\AppData\Local\Temp\COMAP.EXE
C:\Users\Basti\AppData\Local\Temp\comver.dll
C:\Users\Basti\AppData\Local\Temp\CTPBSeq.exe
C:\Users\Basti\AppData\Local\Temp\detectionapi_rd.dll
C:\Users\Basti\AppData\Local\Temp\detectionui_r.exe
C:\Users\Basti\AppData\Local\Temp\devcon.exe
C:\Users\Basti\AppData\Local\Temp\directx10tests_rd.dll
C:\Users\Basti\AppData\Local\Temp\directx11tests_rd.dll
C:\Users\Basti\AppData\Local\Temp\directx9tests_rd.dll
C:\Users\Basti\AppData\Local\Temp\E159.exe
C:\Users\Basti\AppData\Local\Temp\EAInstall.dll
C:\Users\Basti\AppData\Local\Temp\eauninstall.exe
C:\Users\Basti\AppData\Local\Temp\EDF7.tmp.exe
C:\Users\Basti\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Basti\AppData\Local\Temp\i4jdel0.exe
C:\Users\Basti\AppData\Local\Temp\i4jdel1.exe
C:\Users\Basti\AppData\Local\Temp\i4jdel2.exe
C:\Users\Basti\AppData\Local\Temp\ICReinstall_JDownloaderSetup.exe
C:\Users\Basti\AppData\Local\Temp\IminentSetup_v2.exe
C:\Users\Basti\AppData\Local\Temp\Installer.exe
C:\Users\Basti\AppData\Local\Temp\installerdll3366376.dll
C:\Users\Basti\AppData\Local\Temp\installerdll3426171.dll
C:\Users\Basti\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Basti\AppData\Local\Temp\local.dll
C:\Users\Basti\AppData\Local\Temp\mpsetup.exe
C:\Users\Basti\AppData\Local\Temp\MSN20F7.exe
C:\Users\Basti\AppData\Local\Temp\procexp03 (1)64.exe
C:\Users\Basti\AppData\Local\Temp\rcpsetup_binstall21_binstall21.exe
C:\Users\Basti\AppData\Local\Temp\rootsupd.exe
C:\Users\Basti\AppData\Local\Temp\Setup.exe
C:\Users\Basti\AppData\Local\Temp\Shortcut_sweetimsetup.exe
C:\Users\Basti\AppData\Local\Temp\SIMEEIInstaller.exe
C:\Users\Basti\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Basti\AppData\Local\Temp\sonarinst.exe
C:\Users\Basti\AppData\Local\Temp\sqlite3.dll
C:\Users\Basti\AppData\Local\Temp\SRLDetectionLibrary246908541541363318.dll
C:\Users\Basti\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Basti\AppData\Local\Temp\tbuE54F.exe
C:\Users\Basti\AppData\Local\Temp\tbuF23F.exe
C:\Users\Basti\AppData\Local\Temp\The Battle for Middle-earth II_uninst.exe
C:\Users\Basti\AppData\Local\Temp\tmp8D70.tmp.exe
C:\Users\Basti\AppData\Local\Temp\ubi14CB.tmp.exe
C:\Users\Basti\AppData\Local\Temp\ubiCD15.tmp.exe
C:\Users\Basti\AppData\Local\Temp\Updater.exe
C:\Users\Basti\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Basti\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Basti\AppData\Local\Temp\wajam_download.exe
C:\Users\Basti\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
C:\Users\Basti\AppData\Local\Temp\wpsetup.exe
C:\Users\Basti\AppData\Local\Temp\_is16EB.exe
C:\Users\Basti\AppData\Local\Temp\_is2387.exe
C:\Users\Basti\AppData\Local\Temp\_is2AAA.exe
C:\Users\Basti\AppData\Local\Temp\_is8097.exe
C:\Users\Basti\AppData\Local\Temp\_isBE80.exe
C:\Users\Basti\AppData\Local\Temp\_isCA61.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-31 16:42
==================== End Of Log ============================
und hier das Addition log Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2014 02
Ran by Basti at 2014-09-01 14:56:40
Running from C:\Users\Basti\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Absolute Uninstaller 5.3.1.17 (HKLM-x32\...\Absolute Uninstaller) (Version: 5.3.1.17 - Glarysoft Ltd)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
Ant.com IE add-on (HKLM-x32\...\{B795F380-D3D6-4EA4-A4BB-27FC2FB0F8B2}) (Version: 2.2.3.1074 - Ant.com)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Assassin's Creed Revelations (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.00 - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
AVG 2014 (Version: 14.0.4015 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.0 - EA Digital Illusions CE AB)
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
Blender (HKLM\...\Blender) (Version: 2.65a-release - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.0 - Activision)
Call of Duty(R) - World at War(TM) (x32 Version: 1.0 - Activision) Hidden
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version: - Treyarch)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - )
Call of Duty: Modern Warfare 3 - Dedicated Server (HKLM-x32\...\Steam App 42750) (Version: - Infinity Ward - Sledgehammer Games)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version: - Infinity Ward - Sledgehammer Games)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward - Sledgehammer Games)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike: Source (HKLM-x32\...\Counter-Strike: Source) (Version: - Valve)
Creative Live! Cam Socialize (VF0640) (1.00.04.00) (HKLM\...\Creative VF0640) (Version: - Creative Technology Ltd.)
Creative Live! Central 2 (HKLM-x32\...\Creative Live! Central 2) (Version: 2.00.29 - Creative Technology Ltd)
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: - )
CyberLink BD Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: - )
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4703 - CyberLink Corp.)
CyberLink Blu-ray Disc Suite (x32 Version: 6.0.4703 - CyberLink Corp.) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1916 - CyberLink Corp.) Hidden
CyberLink LG Burning Tool (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.4619 - CyberLink Corp.)
CyberLink LG Burning Tool (x32 Version: 6.2.4619 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3402 - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 4.1.3402 - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3530.52 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.3530.52 - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2512 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.2.2512 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3718 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 2.0.3718 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{60098CE4-EB16-42D1-9FF6-923488C2AB26}) (Version: - Microsoft)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Die Schlacht um Mittelerde(tm) (HKLM-x32\...\{3F290582-3F4E-4B96-009C-E0BABAA40C42}) (Version: - )
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Drakonia Black (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version: - )
Emergency 2012 (HKLM-x32\...\Emergency 2012) (Version: - Quadriga Games GmbH)
Emergency4 (HKLM-x32\...\{9A4C534E-431F-4A17-97D4-D1682B19A054}) (Version: 1.03.001 - )
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version: - The Creative Assembly)
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
File1 Package Manager (HKLM-x32\...\{8A50D93C-79EE-425C-9464-3550978F4E56}) (Version: 0.1.2.75 - Helios Technologies)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Studio version 5.7.4.918 (HKLM-x32\...\Free Studio_is1) (Version: 5.7.4.918 - DVDVideoSoft Ltd.)
GameShadow (HKLM-x32\...\{B2390904-74BD-48AA-B2CC-6612F8D46379}) (Version: 2.03.0000 - GameShadow Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Governor Of Poker en Español (HKLM-x32\...\Governor Of Poker en Español) (Version: - )
i-Menu 3.9 (HKLM-x32\...\i-Menu_is1) (Version: - AOC)
iTunes (HKLM\...\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}) (Version: 11.0.1.12 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JavaFX 2.1.1 (64-bit) (HKLM\...\{1111706F-666A-4037-7777-211648764D10}) (Version: 2.1.1 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
LG Tool Kit (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
Mass Effect™ 3 (HKLM-x32\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.01.0.0 - Electronic Arts)
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
Napoleon: Total War (HKLM-x32\...\Steam App 34030) (Version: - The Creative Assembly)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.3.2637 - Electronic Arts, Inc.)
Pearl Harbor II (HKLM-x32\...\{8CBCA733-4D81-453D-95EB-28FD5C57430A}) (Version: 12 - FantasticTV)
Pflanzen gegen Zombies (HKLM-x32\...\Pflanzen gegen Zombies) (Version: - )
Pharao (HKLM-x32\...\Pharao) (Version: - )
Play Wireless USB Adapter (HKLM-x32\...\InstallShield_{88E62BD7-A532-48F6-8428-D949BB93A2D7}) (Version: 1.0.0.03 - Belkin)
Play Wireless USB Adapter (x32 Version: 1.0.0.03 - Belkin) Hidden
Playlist Creator 3.6.2 (HKLM-x32\...\Playlist Creator 3.6.2) (Version: 3.6.2.0 - oddgravity)
PokerStars.net (HKLM-x32\...\PokerStars.net) (Version: - PokerStars.net)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
RAGE (HKLM-x32\...\Steam App 9200) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
Risen 3 - Titan Lords (HKLM-x32\...\{383CAA4A-9B72-4DE9-9B0F-780C49682780}) (Version: 1.00 - Deep Silver)
Silent Hunter 4 Wolves of the Pacific (HKLM-x32\...\{0D005F09-A5F4-473B-A901-5735C6AF5628}) (Version: 1.03.0000 - Ubisoft)
Silent Hunter 5 (HKLM-x32\...\{AC61C594-5F86-4BE9-ABAF-763C6A8E2302}) (Version: 1.2.0 - Ubisoft)
Simple Shutdown Timer (HKLM-x32\...\Simple Shutdown Timer1.1.2) (Version: 1.1.2 - PcWinTech.com)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.6 - ) <==== ATTENTION
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{E4D8E90E-B732-4205-AFE6-79B75B14DAAB}) (Version: 2.0.0.0 - Husdawg, LLC)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Witcher 2 Enhanced Edition Version 3.0 (HKLM-x32\...\The Witcher 2 Enhanced Edition_is1) (Version: 3.0 - CD Projekt RED)
Torchlight (HKLM-x32\...\{4F64A46D-67F7-4497-AEA2-313D4305A5F6}) (Version: 1.0.0 - JoWooD)
Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version: - )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2010 (KB2553065) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{D1688F5A-9A61-42F0-B8D0-2C9DF315A141}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{32E700B9-1A94-48B4-99E1-CB8BD5F7340A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{007CC0F3-15DE-426D-95B5-B019FCEF58CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C4F26A9B-B121-4135-8084-A0D9C780C7C8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{460FF681-BC66-4C38-99DF-7012E03F1EBA}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{1CBEDB37-C438-473F-8BA0-2535B0D237E2}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{1CBEDB37-C438-473F-8BA0-2535B0D237E2}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{0C175ED0-26B9-4B09-AFA9-3F16A03A29B9}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{DFE7321B-F914-4AB5-8C74-1F8CC932B1B0}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DFE7321B-F914-4AB5-8C74-1F8CC932B1B0}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{651EE0E5-C789-48D8-8B91-F79352B783C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{326F9E80-FE16-4D2A-827A-4EE1A87B1CE8}) (Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{81CA2EFA-7250-4B1E-B3A6-E0595224E2CD}) (Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{5DA2D071-A54C-47C0-83E5-43C63DBFD936}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Vegas Pro 10.0 (HKLM-x32\...\{6E0E4D61-11EC-11E0-B454-0013D3D69929}) (Version: 10.0.469 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-703785417-1565345126-2984759567-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Basti\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-703785417-1565345126-2984759567-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
==================== Restore Points =========================
21-08-2014 01:26:56 Geplanter Prüfpunkt
21-08-2014 01:27:59 Windows Update
21-08-2014 01:56:01 Windows Defender Checkpoint
24-08-2014 01:33:42 Windows Update
24-08-2014 16:04:37 Entfernt muveeNow 2.0 - Creative
31-08-2014 12:21:34 Windows Modules Installer
31-08-2014 13:21:15 Windows Modules Installer
31-08-2014 16:55:04 Installed AVG 2014
31-08-2014 16:55:27 Installed AVG 2014
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {2016CE31-07D9-4576-9FF9-C333A7887B2F} - System32\Tasks\AmiUpdXp => C:\Users\Basti\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: {227F369D-AE30-4DD9-8270-4AB62C1999AC} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {479F55BE-55C6-499F-A1C8-CE9462FC45DE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6ADB4B99-57B1-4B12-9820-FB3B75E432D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-24] (Google Inc.)
Task: {A971956C-6D2E-4067-9548-4183E4CB50F8} - System32\Tasks\{6B195EBD-4D27-41A6-80B2-5E573123B1ED} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=5.9.0.123&LastError=404
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe
Task: {B2C9FD99-D696-4E11-B8A4-91E02EF11268} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-24] (Google Inc.)
Task: {CC4EAAF6-1C0D-410F-81C6-F4B148BC17C4} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe
Task: {F43D1249-9FB6-446E-9511-21106C818884} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Basti\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-12-19 16:32 - 2012-12-19 16:32 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-10-17 19:39 - 2012-10-17 19:39 - 00749056 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-10-17 19:39 - 2012-10-17 19:39 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2012-12-19 16:32 - 2012-12-19 16:32 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-08-18 22:50 - 2014-08-19 22:17 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2012-08-07 15:13 - 2009-07-02 16:02 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2009-12-28 18:25 - 2009-12-28 18:25 - 00036864 ____N () C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
2009-03-30 08:32 - 2009-03-30 08:32 - 00032768 ____R () C:\Windows\DAODx.exe
2009-11-25 19:45 - 2009-11-25 19:45 - 00110592 ____N () C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe
2014-08-15 13:25 - 2013-10-29 14:49 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2012-12-19 16:32 - 2012-12-19 16:32 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-05-30 20:06 - 2012-05-30 20:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 20:06 - 2012-05-30 20:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-09-15 20:17 - 2009-09-15 20:17 - 00200704 ____N () C:\Program Files (x86)\Belkin\F7D4101\V1\BelkinwcuiDLL.dll
2009-12-15 13:46 - 2009-12-15 13:46 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-12-15 13:49 - 2009-12-15 13:49 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-08-15 13:25 - 2013-01-15 17:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2014-08-24 18:05 - 2014-08-07 05:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-24 18:05 - 2014-08-07 05:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-24 18:05 - 2014-08-07 05:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-24 18:05 - 2014-08-07 05:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-24 18:05 - 2014-08-07 05:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/01/2014 02:30:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/31/2014 06:36:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm bf4.exe, Version 1.3.2.3825 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 404
Startzeit: 01cfc533824b5e46
Endzeit: 1482
Anwendungspfad: C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
Berichts-ID:
Error: (08/31/2014 03:41:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/31/2014 03:24:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/31/2014 03:23:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CLIStart.exe, Version: 3.5.0.0, Zeitstempel: 0x50d21fc3
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001c4909
ID des fehlerhaften Prozesses: 0xe74
Startzeit der fehlerhaften Anwendung: 0xCLIStart.exe0
Pfad der fehlerhaften Anwendung: CLIStart.exe1
Pfad des fehlerhaften Moduls: CLIStart.exe2
Berichtskennung: CLIStart.exe3
Error: (08/31/2014 03:05:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/31/2014 02:00:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/25/2014 09:06:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm bf4.exe, Version 1.3.2.3825 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1fd4
Startzeit: 01cfc09745192f1f
Endzeit: 825
Anwendungspfad: C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
Berichts-ID:
Error: (08/25/2014 04:13:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec4aa8e
Ausnahmecode: 0xc0000024
Fehleroffset: 0x00000000000cd7d8
ID des fehlerhaften Prozesses: 0x1d54
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3
Error: (08/25/2014 02:06:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (09/01/2014 02:37:26 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (09/01/2014 02:29:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DisplayFusionService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/31/2014 04:06:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/31/2014 03:39:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DisplayFusionService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/31/2014 03:23:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DisplayFusionService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/31/2014 03:03:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DisplayFusionService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/31/2014 01:58:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DisplayFusionService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/25/2014 02:04:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DisplayFusionService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/25/2014 01:09:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DisplayFusionService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (08/24/2014 08:29:34 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Microsoft Office Sessions:
=========================
Error: (09/01/2014 02:30:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/31/2014 06:36:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: bf4.exe1.3.2.382540401cfc533824b5e461482C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
Error: (08/31/2014 03:41:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/31/2014 03:24:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/31/2014 03:23:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CLIStart.exe3.5.0.050d21fc3unknown0.0.0.000000000c0000005001c4909e7401cfc51ecec4dea1C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exeunknown0d81b0b9-3112-11e4-88a1-9dc4165e5560
Error: (08/31/2014 03:05:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/31/2014 02:00:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/25/2014 09:06:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: bf4.exe1.3.2.38251fd401cfc09745192f1f825C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
Error: (08/25/2014 04:13:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4ntdll.dll6.1.7601.177254ec4aa8ec000002400000000000cd7d81d5401cfc05f2919e62aC:\Windows\explorer.exeC:\Windows\SYSTEM32\ntdll.dll0ae117a8-2c62-11e4-bc23-93670617f76c
Error: (08/25/2014 02:06:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Processor: AMD FX(tm)-6100 Six-Core Processor
Percentage of memory in use: 30%
Total physical RAM: 8138.43 MB
Available physical RAM: 5630.15 MB
Total Pagefile: 16276.87 MB
Available Pagefile: 13270.22 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:219.16 GB) NTFS
Drive d: (Risen3) (CDROM) (Total:6.77 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3F65C7BF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
01.09.2014, 15:17
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
01.09.2014, 15:35
| #3 |
| | Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher Erstmal vielen Dank für die schnelle Antwort.
__________________Ich habe den Scan wie beschrieben ausgeführt und es gab einen Treffer. anschließen habe ich skip ausgewählt und fortgesetzt, jedoch finde ich nun kein Verzeichnis für den TDSS und somit auch kein log. |
|
01.09.2014, 15:47
| #4 |
| | Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher ah ok ich hab den report gefunden er ist im anhang weil er zu groß ist |
|
02.09.2014, 09:57
| #5 |
| /// the machine /// TB-Ausbilder | Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher Hi, Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.09.2014, 12:11
| #6 |
| | Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher gut dann nochmal Code:
ATTFilter 16:29:15.0074 0x1328 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
16:29:22.0003 0x1328 ============================================================
16:29:22.0003 0x1328 Current date / time: 2014/09/01 16:29:22.0003
16:29:22.0003 0x1328 SystemInfo:
16:29:22.0003 0x1328
16:29:22.0003 0x1328 OS Version: 6.1.7601 ServicePack: 1.0
16:29:22.0003 0x1328 Product type: Workstation
16:29:22.0004 0x1328 ComputerName: KUNDEN-C2A4T6U6
16:29:22.0004 0x1328 UserName: Basti
16:29:22.0004 0x1328 Windows directory: C:\Windows
16:29:22.0004 0x1328 System windows directory: C:\Windows
16:29:22.0004 0x1328 Running under WOW64
16:29:22.0004 0x1328 Processor architecture: Intel x64
16:29:22.0004 0x1328 Number of processors: 6
16:29:22.0004 0x1328 Page size: 0x1000
16:29:22.0004 0x1328 Boot type: Normal boot
16:29:22.0004 0x1328 ============================================================
16:29:22.0103 0x1328 KLMD registered as C:\Windows\system32\drivers\37477633.sys
16:29:22.0374 0x1328 System UUID: {274326C4-A3C0-1F5E-987D-4B96D8B40664}
16:29:22.0785 0x1328 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:29:22.0804 0x1328 ============================================================
16:29:22.0804 0x1328 \Device\Harddisk0\DR0:
16:29:22.0805 0x1328 MBR partitions:
16:29:22.0805 0x1328 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:29:22.0805 0x1328 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
16:29:22.0805 0x1328 ============================================================
16:29:22.0831 0x1328 C: <-> \Device\Harddisk0\DR0\Partition2
16:29:22.0832 0x1328 ============================================================
16:29:22.0832 0x1328 Initialize success
16:29:22.0832 0x1328 ============================================================
16:29:57.0831 0x0d68 ============================================================
16:29:57.0831 0x0d68 Scan started
16:29:57.0831 0x0d68 Mode: Manual; SigCheck; TDLFS;
16:29:57.0831 0x0d68 ============================================================
16:29:57.0831 0x0d68 KSN ping started
16:30:00.0565 0x0d68 KSN ping finished: true
16:30:01.0537 0x0d68 ================ Scan system memory ========================
16:30:01.0537 0x0d68 System memory - ok
16:30:01.0538 0x0d68 ================ Scan services =============================
16:30:01.0698 0x0d68 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:30:01.0782 0x0d68 1394ohci - ok
16:30:01.0860 0x0d68 [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
16:30:01.0876 0x0d68 acedrv11 - ok
16:30:01.0909 0x0d68 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:30:01.0927 0x0d68 ACPI - ok
16:30:01.0942 0x0d68 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:30:02.0015 0x0d68 AcpiPmi - ok
16:30:02.0079 0x0d68 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:30:02.0089 0x0d68 AdobeARMservice - ok
16:30:02.0201 0x0d68 [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:30:02.0214 0x0d68 AdobeFlashPlayerUpdateSvc - ok
16:30:02.0295 0x0d68 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:30:02.0317 0x0d68 adp94xx - ok
16:30:02.0347 0x0d68 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:30:02.0364 0x0d68 adpahci - ok
16:30:02.0385 0x0d68 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:30:02.0398 0x0d68 adpu320 - ok
16:30:02.0440 0x0d68 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:30:02.0491 0x0d68 AeLookupSvc - ok
16:30:02.0574 0x0d68 [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\Windows\system32\drivers\afd.sys
16:30:02.0632 0x0d68 AFD - ok
16:30:02.0657 0x0d68 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
16:30:02.0667 0x0d68 agp440 - ok
16:30:02.0708 0x0d68 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:30:02.0764 0x0d68 ALG - ok
16:30:02.0783 0x0d68 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:30:02.0791 0x0d68 aliide - ok
16:30:02.0835 0x0d68 [ 4EAAAAB8759644D572522FBCDD196A13, EF1ECE8073B048C2286F639BA76C523B6B267B64447358383C042BD593194350 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:30:02.0873 0x0d68 AMD External Events Utility - ok
16:30:02.0964 0x0d68 AMD FUEL Service - ok
16:30:02.0980 0x0d68 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:30:02.0989 0x0d68 amdide - ok
16:30:03.0016 0x0d68 [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
16:30:03.0024 0x0d68 amdiox64 - ok
16:30:03.0041 0x0d68 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:30:03.0053 0x0d68 AmdK8 - ok
16:30:03.0369 0x0d68 [ 22A14DF59FB8D0BE918C597988AF4296, 714BD1BB63D732C6D03DFA1C2D81A2E00659C04052E110F0BF1EB74A7CD39B1C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:30:03.0748 0x0d68 amdkmdag - ok
16:30:03.0803 0x0d68 [ EE22D3ED6D55A855E709F811CCCA97ED, 179F34CF6E0C2F821EBC0AECF09AAA0867616CCBB5EA6B17891860B27D56AC66 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:30:03.0830 0x0d68 amdkmdap - ok
16:30:03.0848 0x0d68 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:30:03.0875 0x0d68 AmdPPM - ok
16:30:03.0928 0x0d68 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:30:03.0939 0x0d68 amdsata - ok
16:30:03.0959 0x0d68 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:30:03.0972 0x0d68 amdsbs - ok
16:30:03.0981 0x0d68 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:30:03.0989 0x0d68 amdxata - ok
16:30:04.0016 0x0d68 [ 2FBB00A7616106B95104574C6CD640C2, 06DE79B42EBBBBA01DAB289D4280E131D780066CD7E4499229CD5EB1E597A017 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
16:30:04.0025 0x0d68 amd_sata - ok
16:30:04.0035 0x0d68 [ 87D0D7645CB0D53220649BD5FE15D93E, 195B25BC640BE5D802F530FAA68D3325A6C076DE8A7E56833372C3B2B53B673B ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
16:30:04.0042 0x0d68 amd_xata - ok
16:30:04.0104 0x0d68 [ 9D267443B7CE8A29899B9C9FF9E846B8, D8775F01A5598DEC2B70F98FD5B7160CA56352DE81AB265B21B68BE234DD4E77 ] Ant App service C:\Program Files (x86)\Ant.com\File1 Package Manager\AppService.exe
16:30:04.0124 0x0d68 Ant App service - ok
16:30:04.0137 0x0d68 [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
16:30:04.0145 0x0d68 AODDriver4.2 - ok
16:30:04.0173 0x0d68 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
16:30:04.0221 0x0d68 AppID - ok
16:30:04.0250 0x0d68 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:30:04.0294 0x0d68 AppIDSvc - ok
16:30:04.0298 0x0d68 [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo C:\Windows\System32\appinfo.dll
16:30:04.0328 0x0d68 Appinfo - ok
16:30:04.0381 0x0d68 [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:30:04.0389 0x0d68 Apple Mobile Device - ok
16:30:04.0406 0x0d68 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
16:30:04.0416 0x0d68 arc - ok
16:30:04.0431 0x0d68 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:30:04.0441 0x0d68 arcsas - ok
16:30:04.0471 0x0d68 [ 954950D11ADA98AC1B7EE3C770E4622C, D6D4700D7359AB84FB362305FBF2389B4EF51B4190EC2E0D4C7FEF80A06A0D0B ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
16:30:04.0495 0x0d68 asmthub3 - ok
16:30:04.0523 0x0d68 [ 01DBB05DB1DB95803E3C9F2B49AFE79C, 286310787F7EB7B237CB0082567BDA2F57D8F88C37015F6637FF6A6775CAA5AE ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
16:30:04.0561 0x0d68 asmtxhci - ok
16:30:04.0683 0x0d68 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:30:04.0691 0x0d68 aspnet_state - ok
16:30:04.0713 0x0d68 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:30:04.0763 0x0d68 AsyncMac - ok
16:30:04.0793 0x0d68 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:30:04.0801 0x0d68 atapi - ok
16:30:04.0833 0x0d68 [ 437F55435623D4D54D36197F5AD8B435, CE004F1E3299E39AFD70C8618253901614C0F3DBD594B6F0E1BA294C7B47FAD6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:30:04.0882 0x0d68 AtiHDAudioService - ok
16:30:04.0920 0x0d68 [ 64F07381335E37C142F6D176705FFCA6, 8F7F633B891FE653D3298578897711A04E7B2B08E51CEE131C50102EFD45AC0E ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
16:30:04.0935 0x0d68 atksgt - ok
16:30:04.0987 0x0d68 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:30:05.0053 0x0d68 AudioEndpointBuilder - ok
16:30:05.0072 0x0d68 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:30:05.0118 0x0d68 AudioSrv - ok
16:30:05.0135 0x0d68 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:30:05.0170 0x0d68 AxInstSV - ok
16:30:05.0236 0x0d68 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:30:05.0287 0x0d68 b06bdrv - ok
16:30:05.0308 0x0d68 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:30:05.0326 0x0d68 b57nd60a - ok
16:30:05.0380 0x0d68 [ E49110A58A32E9450356686A95DD7763, 0C16196F48184907B92167AD6C4DA3A6039711AB99CB0D2D1BD37F935696303B ] BCMH43XX C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
16:30:05.0407 0x0d68 BCMH43XX - ok
16:30:05.0414 0x0d68 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:30:05.0461 0x0d68 BDESVC - ok
16:30:05.0468 0x0d68 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:30:05.0497 0x0d68 Beep - ok
16:30:05.0538 0x0d68 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:30:05.0589 0x0d68 BFE - ok
16:30:05.0630 0x0d68 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
16:30:05.0705 0x0d68 BITS - ok
16:30:05.0739 0x0d68 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:30:05.0785 0x0d68 blbdrive - ok
16:30:05.0902 0x0d68 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:30:05.0920 0x0d68 Bonjour Service - ok
16:30:05.0958 0x0d68 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:30:06.0026 0x0d68 bowser - ok
16:30:06.0036 0x0d68 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:30:06.0062 0x0d68 BrFiltLo - ok
16:30:06.0082 0x0d68 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:30:06.0093 0x0d68 BrFiltUp - ok
16:30:06.0118 0x0d68 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:30:06.0152 0x0d68 Browser - ok
16:30:06.0168 0x0d68 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:30:06.0238 0x0d68 Brserid - ok
16:30:06.0260 0x0d68 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:30:06.0273 0x0d68 BrSerWdm - ok
16:30:06.0276 0x0d68 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:30:06.0309 0x0d68 BrUsbMdm - ok
16:30:06.0325 0x0d68 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:30:06.0335 0x0d68 BrUsbSer - ok
16:30:06.0392 0x0d68 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
16:30:06.0437 0x0d68 BthEnum - ok
16:30:06.0451 0x0d68 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:30:06.0465 0x0d68 BTHMODEM - ok
16:30:06.0517 0x0d68 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:30:06.0545 0x0d68 BthPan - ok
16:30:06.0587 0x0d68 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
16:30:06.0625 0x0d68 BTHPORT - ok
16:30:06.0669 0x0d68 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:30:06.0701 0x0d68 bthserv - ok
16:30:06.0714 0x0d68 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
16:30:06.0726 0x0d68 BTHUSB - ok
16:30:06.0764 0x0d68 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:30:06.0813 0x0d68 cdfs - ok
16:30:06.0837 0x0d68 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:30:06.0856 0x0d68 cdrom - ok
16:30:06.0861 0x0d68 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:30:06.0919 0x0d68 CertPropSvc - ok
16:30:06.0950 0x0d68 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
16:30:06.0963 0x0d68 circlass - ok
16:30:06.0988 0x0d68 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
16:30:07.0006 0x0d68 CLFS - ok
16:30:07.0105 0x0d68 [ 4642B5A3E0D2E61D08163DE95FC5B949, C1A502ED96EB4AF7FE8643AD139A0AAA5492583E6D83A3937443662CDD430FE4 ] CLKMSVC10_9EC60124 C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
16:30:07.0119 0x0d68 CLKMSVC10_9EC60124 - ok
16:30:07.0167 0x0d68 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:30:07.0176 0x0d68 clr_optimization_v2.0.50727_32 - ok
16:30:07.0207 0x0d68 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:30:07.0217 0x0d68 clr_optimization_v2.0.50727_64 - ok
16:30:07.0286 0x0d68 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:30:07.0296 0x0d68 clr_optimization_v4.0.30319_32 - ok
16:30:07.0308 0x0d68 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:30:07.0325 0x0d68 clr_optimization_v4.0.30319_64 - ok
16:30:07.0342 0x0d68 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:30:07.0352 0x0d68 CmBatt - ok
16:30:07.0370 0x0d68 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:30:07.0378 0x0d68 cmdide - ok
16:30:07.0409 0x0d68 [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG C:\Windows\system32\Drivers\cng.sys
16:30:07.0444 0x0d68 CNG - ok
16:30:07.0454 0x0d68 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:30:07.0463 0x0d68 Compbatt - ok
16:30:07.0476 0x0d68 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:30:07.0506 0x0d68 CompositeBus - ok
16:30:07.0522 0x0d68 COMSysApp - ok
16:30:07.0526 0x0d68 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:30:07.0536 0x0d68 crcdisk - ok
16:30:07.0558 0x0d68 [ 9C01375BE382E834CC26D1B7EAF2C4FE, B1D1E36B91A3C3CD09428EE3403896F71390A2798323BB406B484D9DB064A219 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:30:07.0595 0x0d68 CryptSvc - ok
16:30:07.0645 0x0d68 [ 580033E37BEB30E7176CAF46D8C282F3, 67B51B89E13831758486766357916592FB581FAFD27BD83DBAF4C658247C74D0 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
16:30:07.0730 0x0d68 CtClsFlt - ok
16:30:07.0756 0x0d68 [ C7259495924D21F1AFA26467D9F4DAE0, 7FF991D7FE660E7CAC682FC82B9C44EC38E267A0C3AAE0C4FAEE0853756AF5C8 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
16:30:07.0767 0x0d68 dc3d - ok
16:30:07.0801 0x0d68 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:30:07.0862 0x0d68 DcomLaunch - ok
16:30:07.0902 0x0d68 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:30:07.0941 0x0d68 defragsvc - ok
16:30:07.0961 0x0d68 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:30:08.0014 0x0d68 DfsC - ok
16:30:08.0049 0x0d68 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:30:08.0087 0x0d68 Dhcp - ok
16:30:08.0108 0x0d68 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:30:08.0158 0x0d68 discache - ok
16:30:08.0196 0x0d68 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
16:30:08.0206 0x0d68 Disk - ok
16:30:08.0247 0x0d68 DisplayFusionService - ok
16:30:08.0290 0x0d68 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:30:08.0327 0x0d68 Dnscache - ok
16:30:08.0374 0x0d68 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:30:08.0431 0x0d68 dot3svc - ok
16:30:08.0453 0x0d68 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:30:08.0506 0x0d68 DPS - ok
16:30:08.0539 0x0d68 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:30:08.0573 0x0d68 drmkaud - ok
16:30:08.0635 0x0d68 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:30:08.0650 0x0d68 dtsoftbus01 - ok
16:30:08.0698 0x0d68 [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:30:08.0731 0x0d68 DXGKrnl - ok
16:30:08.0758 0x0d68 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:30:08.0795 0x0d68 EapHost - ok
16:30:08.0894 0x0d68 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:30:09.0027 0x0d68 ebdrv - ok
16:30:09.0074 0x0d68 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
16:30:09.0102 0x0d68 EFS - ok
16:30:09.0170 0x0d68 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:30:09.0211 0x0d68 ehRecvr - ok
16:30:09.0234 0x0d68 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:30:09.0269 0x0d68 ehSched - ok
16:30:09.0305 0x0d68 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:30:09.0329 0x0d68 elxstor - ok
16:30:09.0339 0x0d68 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:30:09.0363 0x0d68 ErrDev - ok
16:30:09.0394 0x0d68 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:30:09.0453 0x0d68 EventSystem - ok
16:30:09.0478 0x0d68 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:30:09.0514 0x0d68 exfat - ok
16:30:09.0528 0x0d68 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:30:09.0564 0x0d68 fastfat - ok
16:30:09.0602 0x0d68 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:30:09.0665 0x0d68 Fax - ok
16:30:09.0687 0x0d68 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
16:30:09.0698 0x0d68 fdc - ok
16:30:09.0707 0x0d68 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:30:09.0753 0x0d68 fdPHost - ok
16:30:09.0774 0x0d68 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:30:09.0828 0x0d68 FDResPub - ok
16:30:09.0847 0x0d68 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:30:09.0857 0x0d68 FileInfo - ok
16:30:09.0869 0x0d68 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:30:09.0916 0x0d68 Filetrace - ok
16:30:09.0920 0x0d68 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:30:09.0930 0x0d68 flpydisk - ok
16:30:09.0959 0x0d68 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:30:09.0975 0x0d68 FltMgr - ok
16:30:10.0029 0x0d68 [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache C:\Windows\system32\FntCache.dll
16:30:10.0078 0x0d68 FontCache - ok
16:30:10.0140 0x0d68 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:30:10.0149 0x0d68 FontCache3.0.0.0 - ok
16:30:10.0154 0x0d68 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:30:10.0164 0x0d68 FsDepends - ok
16:30:10.0189 0x0d68 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:30:10.0197 0x0d68 Fs_Rec - ok
16:30:10.0214 0x0d68 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:30:10.0230 0x0d68 fvevol - ok
16:30:10.0249 0x0d68 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:30:10.0259 0x0d68 gagp30kx - ok
16:30:10.0275 0x0d68 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:30:10.0282 0x0d68 GEARAspiWDM - ok
16:30:10.0323 0x0d68 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
16:30:10.0376 0x0d68 gpsvc - ok
16:30:10.0424 0x0d68 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:30:10.0433 0x0d68 gupdate - ok
16:30:10.0455 0x0d68 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:30:10.0464 0x0d68 gupdatem - ok
16:30:10.0491 0x0d68 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
16:30:10.0498 0x0d68 hamachi - ok
16:30:10.0513 0x0d68 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:30:10.0574 0x0d68 hcw85cir - ok
16:30:10.0622 0x0d68 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:30:10.0659 0x0d68 HdAudAddService - ok
16:30:10.0688 0x0d68 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:30:10.0719 0x0d68 HDAudBus - ok
16:30:10.0736 0x0d68 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:30:10.0746 0x0d68 HidBatt - ok
16:30:10.0759 0x0d68 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:30:10.0773 0x0d68 HidBth - ok
16:30:10.0781 0x0d68 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
16:30:10.0793 0x0d68 HidIr - ok
16:30:10.0802 0x0d68 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
16:30:10.0854 0x0d68 hidserv - ok
16:30:10.0906 0x0d68 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:30:10.0916 0x0d68 HidUsb - ok
16:30:10.0930 0x0d68 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:30:10.0979 0x0d68 hkmsvc - ok
16:30:11.0003 0x0d68 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:30:11.0067 0x0d68 HomeGroupListener - ok
16:30:11.0088 0x0d68 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:30:11.0122 0x0d68 HomeGroupProvider - ok
16:30:11.0146 0x0d68 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:30:11.0156 0x0d68 HpSAMD - ok
16:30:11.0193 0x0d68 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:30:11.0258 0x0d68 HTTP - ok
16:30:11.0308 0x0d68 [ 8C7F1C56491A1CF8E32316052324D7F5, FFAB4953108A6E4F09AB34DC95DE3F3C8E50482C945928A8C9613CEB9669CA89 ] hugoio64 C:\Windows\system32\drivers\hugoio64.sys
16:30:11.0315 0x0d68 hugoio64 - ok
16:30:11.0332 0x0d68 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:30:11.0340 0x0d68 hwpolicy - ok
16:30:11.0364 0x0d68 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:30:11.0376 0x0d68 i8042prt - ok
16:30:11.0412 0x0d68 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:30:11.0431 0x0d68 iaStorV - ok
16:30:11.0483 0x0d68 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:30:11.0509 0x0d68 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
16:30:13.0972 0x0d68 Detect skipped due to KSN trusted
16:30:13.0972 0x0d68 IDriverT - ok
16:30:14.0021 0x0d68 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:30:14.0052 0x0d68 idsvc - ok
16:30:14.0074 0x0d68 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:30:14.0084 0x0d68 iirsp - ok
16:30:14.0126 0x0d68 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
16:30:14.0183 0x0d68 IKEEXT - ok
16:30:14.0281 0x0d68 [ 589B94A9B73A0E819FF873743A480834, 49FA8EC38F1C78F38F818CC28F2734802739247F0B89A971D65FDAF3110041A8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:30:14.0349 0x0d68 IntcAzAudAddService - ok
16:30:14.0357 0x0d68 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:30:14.0366 0x0d68 intelide - ok
16:30:14.0374 0x0d68 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
16:30:14.0403 0x0d68 intelppm - ok
16:30:14.0430 0x0d68 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:30:14.0481 0x0d68 IPBusEnum - ok
16:30:14.0486 0x0d68 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:30:14.0516 0x0d68 IpFilterDriver - ok
16:30:14.0558 0x0d68 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:30:14.0621 0x0d68 iphlpsvc - ok
16:30:14.0636 0x0d68 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:30:14.0668 0x0d68 IPMIDRV - ok
16:30:14.0712 0x0d68 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:30:14.0744 0x0d68 IPNAT - ok
16:30:14.0785 0x0d68 [ 0F261EC4F514926177C70C1832374231, 7E61B89FE2651C0C7951E10454267174550677DEAB1C497571A9B0B583687304 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:30:14.0810 0x0d68 iPod Service - ok
16:30:14.0827 0x0d68 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:30:14.0858 0x0d68 IRENUM - ok
16:30:14.0883 0x0d68 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:30:14.0892 0x0d68 isapnp - ok
16:30:14.0914 0x0d68 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:30:14.0929 0x0d68 iScsiPrt - ok
16:30:14.0946 0x0d68 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:30:14.0955 0x0d68 kbdclass - ok
16:30:14.0975 0x0d68 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:30:15.0002 0x0d68 kbdhid - ok
16:30:15.0044 0x0d68 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
16:30:15.0054 0x0d68 KeyIso - ok
16:30:15.0079 0x0d68 [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:30:15.0089 0x0d68 KSecDD - ok
16:30:15.0100 0x0d68 [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:30:15.0112 0x0d68 KSecPkg - ok
16:30:15.0118 0x0d68 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:30:15.0169 0x0d68 ksthunk - ok
16:30:15.0194 0x0d68 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:30:15.0252 0x0d68 KtmRm - ok
16:30:15.0308 0x0d68 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:30:15.0359 0x0d68 LanmanServer - ok
16:30:15.0411 0x0d68 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:30:15.0461 0x0d68 LanmanWorkstation - ok
16:30:15.0532 0x0d68 [ 83BA097ACAAD0B00505634A62D90F93A, 6F1FE2F413A4A939D2D921F537EBB9330E2A65A7C38BD380CF9405792FD03052 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
16:30:15.0541 0x0d68 lirsgt - ok
16:30:15.0557 0x0d68 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:30:15.0589 0x0d68 lltdio - ok
16:30:15.0610 0x0d68 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:30:15.0665 0x0d68 lltdsvc - ok
16:30:15.0690 0x0d68 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:30:15.0743 0x0d68 lmhosts - ok
16:30:15.0771 0x0d68 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:30:15.0783 0x0d68 LSI_FC - ok
16:30:15.0796 0x0d68 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:30:15.0808 0x0d68 LSI_SAS - ok
16:30:15.0848 0x0d68 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:30:15.0858 0x0d68 LSI_SAS2 - ok
16:30:15.0871 0x0d68 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:30:15.0883 0x0d68 LSI_SCSI - ok
16:30:15.0898 0x0d68 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:30:15.0948 0x0d68 luafv - ok
16:30:15.0976 0x0d68 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:30:15.0990 0x0d68 Mcx2Svc - ok
16:30:16.0000 0x0d68 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
16:30:16.0009 0x0d68 megasas - ok
16:30:16.0026 0x0d68 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:30:16.0042 0x0d68 MegaSR - ok
16:30:16.0060 0x0d68 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:30:16.0094 0x0d68 MMCSS - ok
16:30:16.0105 0x0d68 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:30:16.0137 0x0d68 Modem - ok
16:30:16.0166 0x0d68 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:30:16.0202 0x0d68 monitor - ok
16:30:16.0220 0x0d68 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:30:16.0230 0x0d68 mouclass - ok
16:30:16.0237 0x0d68 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:30:16.0260 0x0d68 mouhid - ok
16:30:16.0280 0x0d68 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:30:16.0290 0x0d68 mountmgr - ok
16:30:16.0297 0x0d68 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:30:16.0313 0x0d68 mpio - ok
16:30:16.0325 0x0d68 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:30:16.0358 0x0d68 mpsdrv - ok
16:30:16.0386 0x0d68 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:30:16.0441 0x0d68 MpsSvc - ok
16:30:16.0450 0x0d68 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:30:16.0487 0x0d68 MRxDAV - ok
16:30:16.0520 0x0d68 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:30:16.0593 0x0d68 mrxsmb - ok
16:30:16.0624 0x0d68 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:30:16.0642 0x0d68 mrxsmb10 - ok
16:30:16.0658 0x0d68 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:30:16.0670 0x0d68 mrxsmb20 - ok
16:30:16.0685 0x0d68 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:30:16.0694 0x0d68 msahci - ok
16:30:16.0713 0x0d68 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:30:16.0725 0x0d68 msdsm - ok
16:30:16.0736 0x0d68 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:30:16.0768 0x0d68 MSDTC - ok
16:30:16.0789 0x0d68 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:30:16.0834 0x0d68 Msfs - ok
16:30:16.0860 0x0d68 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:30:16.0889 0x0d68 mshidkmdf - ok
16:30:16.0899 0x0d68 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:30:16.0908 0x0d68 msisadrv - ok
16:30:16.0931 0x0d68 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:30:16.0965 0x0d68 MSiSCSI - ok
16:30:16.0968 0x0d68 msiserver - ok
16:30:16.0983 0x0d68 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:30:17.0028 0x0d68 MSKSSRV - ok
16:30:17.0048 0x0d68 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:30:17.0095 0x0d68 MSPCLOCK - ok
16:30:17.0114 0x0d68 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:30:17.0159 0x0d68 MSPQM - ok
16:30:17.0190 0x0d68 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:30:17.0208 0x0d68 MsRPC - ok
16:30:17.0218 0x0d68 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:30:17.0227 0x0d68 mssmbios - ok
16:30:17.0238 0x0d68 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:30:17.0267 0x0d68 MSTEE - ok
16:30:17.0279 0x0d68 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:30:17.0288 0x0d68 MTConfig - ok
16:30:17.0299 0x0d68 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:30:17.0308 0x0d68 Mup - ok
16:30:17.0340 0x0d68 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:30:17.0384 0x0d68 napagent - ok
16:30:17.0440 0x0d68 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:30:17.0481 0x0d68 NativeWifiP - ok
16:30:17.0543 0x0d68 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
16:30:17.0576 0x0d68 NDIS - ok
16:30:17.0587 0x0d68 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:30:17.0618 0x0d68 NdisCap - ok
16:30:17.0636 0x0d68 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:30:17.0667 0x0d68 NdisTapi - ok
16:30:17.0676 0x0d68 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:30:17.0721 0x0d68 Ndisuio - ok
16:30:17.0744 0x0d68 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:30:17.0809 0x0d68 NdisWan - ok
16:30:17.0828 0x0d68 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:30:17.0859 0x0d68 NDProxy - ok
16:30:17.0868 0x0d68 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:30:17.0919 0x0d68 NetBIOS - ok
16:30:17.0948 0x0d68 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:30:17.0983 0x0d68 NetBT - ok
16:30:17.0992 0x0d68 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
16:30:18.0001 0x0d68 Netlogon - ok
16:30:18.0028 0x0d68 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:30:18.0090 0x0d68 Netman - ok
16:30:18.0131 0x0d68 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:30:18.0142 0x0d68 NetMsmqActivator - ok
16:30:18.0161 0x0d68 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:30:18.0171 0x0d68 NetPipeActivator - ok
16:30:18.0195 0x0d68 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:30:18.0237 0x0d68 netprofm - ok
16:30:18.0242 0x0d68 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:30:18.0252 0x0d68 NetTcpActivator - ok
16:30:18.0257 0x0d68 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:30:18.0267 0x0d68 NetTcpPortSharing - ok
16:30:18.0279 0x0d68 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:30:18.0288 0x0d68 nfrd960 - ok
16:30:18.0308 0x0d68 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:30:18.0327 0x0d68 NlaSvc - ok
16:30:18.0334 0x0d68 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:30:18.0365 0x0d68 Npfs - ok
16:30:18.0385 0x0d68 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:30:18.0415 0x0d68 nsi - ok
16:30:18.0421 0x0d68 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:30:18.0465 0x0d68 nsiproxy - ok
16:30:18.0560 0x0d68 [ E453ACF4E7D44E5530B5D5F2B9CA8563, 85EEBCBB3187A21282619A0264C10E9E52EFE4387F3425D3D279EF460DA3AD06 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:30:18.0614 0x0d68 Ntfs - ok
16:30:18.0630 0x0d68 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:30:18.0680 0x0d68 Null - ok
16:30:18.0741 0x0d68 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:30:18.0753 0x0d68 nvraid - ok
16:30:18.0772 0x0d68 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:30:18.0785 0x0d68 nvstor - ok
16:30:18.0804 0x0d68 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:30:18.0816 0x0d68 nv_agp - ok
16:30:18.0830 0x0d68 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:30:18.0842 0x0d68 ohci1394 - ok
16:30:18.0877 0x0d68 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:30:18.0888 0x0d68 ose - ok
16:30:19.0061 0x0d68 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:30:19.0207 0x0d68 osppsvc - ok
16:30:19.0240 0x0d68 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:30:19.0294 0x0d68 p2pimsvc - ok
16:30:19.0321 0x0d68 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:30:19.0344 0x0d68 p2psvc - ok
16:30:19.0365 0x0d68 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
16:30:19.0393 0x0d68 Parport - ok
16:30:19.0421 0x0d68 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:30:19.0431 0x0d68 partmgr - ok
16:30:19.0443 0x0d68 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
16:30:19.0479 0x0d68 PcaSvc - ok
16:30:19.0501 0x0d68 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
16:30:19.0516 0x0d68 pci - ok
16:30:19.0531 0x0d68 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:30:19.0539 0x0d68 pciide - ok
16:30:19.0556 0x0d68 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:30:19.0570 0x0d68 pcmcia - ok
16:30:19.0581 0x0d68 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:30:19.0591 0x0d68 pcw - ok
16:30:19.0613 0x0d68 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:30:19.0662 0x0d68 PEAUTH - ok
16:30:19.0716 0x0d68 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:30:19.0742 0x0d68 PerfHost - ok
16:30:19.0803 0x0d68 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:30:19.0893 0x0d68 pla - ok
16:30:19.0943 0x0d68 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:30:19.0981 0x0d68 PlugPlay - ok
16:30:20.0063 0x0d68 [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
16:30:20.0073 0x0d68 PnkBstrA - ok
16:30:20.0081 0x0d68 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:30:20.0092 0x0d68 PNRPAutoReg - ok
16:30:20.0102 0x0d68 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:30:20.0120 0x0d68 PNRPsvc - ok
16:30:20.0140 0x0d68 [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64 C:\Windows\system32\DRIVERS\point64.sys
16:30:20.0148 0x0d68 Point64 - ok
16:30:20.0199 0x0d68 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:30:20.0262 0x0d68 PolicyAgent - ok
16:30:20.0299 0x0d68 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:30:20.0352 0x0d68 Power - ok
16:30:20.0406 0x0d68 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:30:20.0453 0x0d68 PptpMiniport - ok
16:30:20.0478 0x0d68 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
16:30:20.0489 0x0d68 Processor - ok
16:30:20.0522 0x0d68 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
16:30:20.0579 0x0d68 ProfSvc - ok
16:30:20.0591 0x0d68 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
16:30:20.0601 0x0d68 ProtectedStorage - ok
16:30:20.0628 0x0d68 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:30:20.0676 0x0d68 Psched - ok
16:30:20.0732 0x0d68 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:30:20.0782 0x0d68 ql2300 - ok
16:30:20.0790 0x0d68 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:30:20.0802 0x0d68 ql40xx - ok
16:30:20.0838 0x0d68 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:30:20.0860 0x0d68 QWAVE - ok
16:30:20.0869 0x0d68 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:30:20.0884 0x0d68 QWAVEdrv - ok
16:30:20.0898 0x0d68 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:30:20.0928 0x0d68 RasAcd - ok
16:30:20.0993 0x0d68 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:30:21.0023 0x0d68 RasAgileVpn - ok
16:30:21.0029 0x0d68 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:30:21.0082 0x0d68 RasAuto - ok
16:30:21.0109 0x0d68 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:30:21.0156 0x0d68 Rasl2tp - ok
16:30:21.0187 0x0d68 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:30:21.0226 0x0d68 RasMan - ok
16:30:21.0242 0x0d68 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:30:21.0287 0x0d68 RasPppoe - ok
16:30:21.0311 0x0d68 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:30:21.0342 0x0d68 RasSstp - ok
16:30:21.0359 0x0d68 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:30:21.0396 0x0d68 rdbss - ok
16:30:21.0407 0x0d68 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
16:30:21.0439 0x0d68 rdpbus - ok
16:30:21.0461 0x0d68 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:30:21.0512 0x0d68 RDPCDD - ok
16:30:21.0545 0x0d68 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:30:21.0592 0x0d68 RDPENCDD - ok
16:30:21.0648 0x0d68 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:30:21.0677 0x0d68 RDPREFMP - ok
16:30:21.0707 0x0d68 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:30:21.0758 0x0d68 RDPWD - ok
16:30:21.0772 0x0d68 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:30:21.0786 0x0d68 rdyboost - ok
16:30:21.0810 0x0d68 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:30:21.0842 0x0d68 RemoteAccess - ok
16:30:21.0849 0x0d68 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:30:21.0897 0x0d68 RemoteRegistry - ok
16:30:21.0940 0x0d68 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:30:21.0956 0x0d68 RFCOMM - ok
16:30:22.0022 0x0d68 [ F12A68ED55053940CADD59CA5E3468DD, 75331E6DA4E30717085E7D8131989241EBC492DC3EE455546F91DA9DFFFD2BFC ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
16:30:22.0034 0x0d68 RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
16:30:24.0497 0x0d68 Detect skipped due to KSN trusted
16:30:24.0497 0x0d68 RichVideo - ok
16:30:24.0516 0x0d68 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:30:24.0548 0x0d68 RpcEptMapper - ok
16:30:24.0559 0x0d68 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:30:24.0591 0x0d68 RpcLocator - ok
16:30:24.0625 0x0d68 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
16:30:24.0667 0x0d68 RpcSs - ok
16:30:24.0691 0x0d68 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:30:24.0722 0x0d68 rspndr - ok
16:30:24.0770 0x0d68 [ F4C374B1C46DE294B573BB43723AC3F6, 9B8A40BF54262A1949661596CB753D0B591E94577470ED44D498042BD3EA7C10 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:30:24.0789 0x0d68 RTL8167 - ok
16:30:24.0805 0x0d68 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\Windows\system32\lsass.exe
16:30:24.0815 0x0d68 SamSs - ok
16:30:24.0829 0x0d68 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:30:24.0840 0x0d68 sbp2port - ok
16:30:24.0855 0x0d68 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:30:24.0892 0x0d68 SCardSvr - ok
16:30:24.0903 0x0d68 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:30:24.0946 0x0d68 scfilter - ok
16:30:24.0998 0x0d68 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
16:30:25.0061 0x0d68 Schedule - ok
16:30:25.0083 0x0d68 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:30:25.0112 0x0d68 SCPolicySvc - ok
16:30:25.0121 0x0d68 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:30:25.0168 0x0d68 SDRSVC - ok
16:30:25.0172 0x0d68 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:30:25.0201 0x0d68 secdrv - ok
16:30:25.0206 0x0d68 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
16:30:25.0235 0x0d68 seclogon - ok
16:30:25.0258 0x0d68 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
16:30:25.0290 0x0d68 SENS - ok
16:30:25.0301 0x0d68 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:30:25.0347 0x0d68 SensrSvc - ok
16:30:25.0372 0x0d68 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:30:25.0398 0x0d68 Serenum - ok
16:30:25.0428 0x0d68 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:30:25.0459 0x0d68 Serial - ok
16:30:25.0477 0x0d68 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:30:25.0506 0x0d68 sermouse - ok
16:30:25.0516 0x0d68 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:30:25.0554 0x0d68 SessionEnv - ok
16:30:25.0576 0x0d68 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:30:25.0588 0x0d68 sffdisk - ok
16:30:25.0599 0x0d68 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:30:25.0611 0x0d68 sffp_mmc - ok
16:30:25.0614 0x0d68 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:30:25.0641 0x0d68 sffp_sd - ok
16:30:25.0664 0x0d68 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:30:25.0674 0x0d68 sfloppy - ok
16:30:25.0704 0x0d68 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:30:25.0761 0x0d68 SharedAccess - ok
16:30:25.0789 0x0d68 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:30:25.0830 0x0d68 ShellHWDetection - ok
16:30:25.0834 0x0d68 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:30:25.0844 0x0d68 SiSRaid2 - ok
16:30:25.0849 0x0d68 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:30:25.0859 0x0d68 SiSRaid4 - ok
16:30:25.0875 0x0d68 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:30:25.0889 0x0d68 SkypeUpdate - ok
16:30:25.0909 0x0d68 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:30:25.0941 0x0d68 Smb - ok
16:30:25.0961 0x0d68 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:30:25.0971 0x0d68 SNMPTRAP - ok
16:30:25.0975 0x0d68 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:30:25.0983 0x0d68 spldr - ok
16:30:26.0015 0x0d68 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
16:30:26.0046 0x0d68 Spooler - ok
16:30:26.0154 0x0d68 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:30:26.0281 0x0d68 sppsvc - ok
16:30:26.0300 0x0d68 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:30:26.0332 0x0d68 sppuinotify - ok
16:30:26.0358 0x0d68 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:30:26.0390 0x0d68 srv - ok
16:30:26.0419 0x0d68 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:30:26.0458 0x0d68 srv2 - ok
16:30:26.0484 0x0d68 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:30:26.0497 0x0d68 srvnet - ok
16:30:26.0515 0x0d68 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:30:26.0550 0x0d68 SSDPSRV - ok
16:30:26.0558 0x0d68 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:30:26.0589 0x0d68 SstpSvc - ok
16:30:26.0641 0x0d68 [ B5C26A6A92C9A6CD64399D2B06D29464, 6CAF09892D4C516361125AAF5387D5BF306EC26133EE45DBBC35C8B6190BAD24 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:30:26.0670 0x0d68 Steam Client Service - ok
16:30:26.0693 0x0d68 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:30:26.0702 0x0d68 stexstor - ok
16:30:26.0746 0x0d68 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:30:26.0778 0x0d68 stisvc - ok
16:30:26.0791 0x0d68 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:30:26.0799 0x0d68 swenum - ok
16:30:26.0826 0x0d68 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:30:26.0887 0x0d68 swprv - ok
16:30:26.0956 0x0d68 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
16:30:27.0043 0x0d68 SysMain - ok
16:30:27.0066 0x0d68 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:30:27.0105 0x0d68 TabletInputService - ok
16:30:27.0137 0x0d68 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:30:27.0198 0x0d68 TapiSrv - ok
16:30:27.0210 0x0d68 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
16:30:27.0241 0x0d68 TBS - ok
16:30:27.0313 0x0d68 [ 37608401DFDB388CAF66917F6B2D6FB0, 3E8A594CB84D94C4AFEB5B5657D2DEEECBAF64BB6AD16510BCDDFDE07F099056 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:30:27.0374 0x0d68 Tcpip - ok
16:30:27.0433 0x0d68 [ 37608401DFDB388CAF66917F6B2D6FB0, 3E8A594CB84D94C4AFEB5B5657D2DEEECBAF64BB6AD16510BCDDFDE07F099056 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:30:27.0487 0x0d68 TCPIP6 - ok
16:30:27.0507 0x0d68 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:30:27.0517 0x0d68 tcpipreg - ok
16:30:27.0534 0x0d68 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:30:27.0575 0x0d68 TDPIPE - ok
16:30:27.0588 0x0d68 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:30:27.0615 0x0d68 TDTCP - ok
16:30:27.0641 0x0d68 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:30:27.0673 0x0d68 tdx - ok
16:30:27.0685 0x0d68 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:30:27.0694 0x0d68 TermDD - ok
16:30:27.0725 0x0d68 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
16:30:27.0776 0x0d68 TermService - ok
16:30:27.0790 0x0d68 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:30:27.0805 0x0d68 Themes - ok
16:30:27.0824 0x0d68 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:30:27.0855 0x0d68 THREADORDER - ok
16:30:27.0864 0x0d68 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:30:27.0916 0x0d68 TrkWks - ok
16:30:27.0976 0x0d68 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:30:28.0010 0x0d68 TrustedInstaller - ok
16:30:28.0026 0x0d68 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:30:28.0072 0x0d68 tssecsrv - ok
16:30:28.0106 0x0d68 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:30:28.0122 0x0d68 TsUsbFlt - ok
16:30:28.0133 0x0d68 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:30:28.0159 0x0d68 TsUsbGD - ok
16:30:28.0198 0x0d68 tswNT - ok
16:30:28.0211 0x0d68 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:30:28.0258 0x0d68 tunnel - ok
16:30:28.0263 0x0d68 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:30:28.0273 0x0d68 uagp35 - ok
16:30:28.0296 0x0d68 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:30:28.0333 0x0d68 udfs - ok
16:30:28.0347 0x0d68 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:30:28.0378 0x0d68 UI0Detect - ok
16:30:28.0402 0x0d68 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:30:28.0412 0x0d68 uliagpkx - ok
16:30:28.0431 0x0d68 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:30:28.0462 0x0d68 umbus - ok
16:30:28.0482 0x0d68 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
16:30:28.0505 0x0d68 UmPass - ok
16:30:28.0534 0x0d68 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:30:28.0592 0x0d68 upnphost - ok
16:30:28.0633 0x0d68 [ 43228F8EDD1B0BCDD3145AD246E63D39, 108D8793E9F94C0A0E895398599B359121751F2E7BAA8B7BD24838AEF646726D ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:30:28.0643 0x0d68 USBAAPL64 - ok
16:30:28.0682 0x0d68 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A, DE1CDDEEF2285CC8387E88ACB13C000576DC8819DF6DC648C988068B5C83BB15 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:30:28.0715 0x0d68 usbaudio - ok
16:30:28.0749 0x0d68 [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:30:28.0761 0x0d68 usbccgp - ok
16:30:28.0791 0x0d68 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:30:28.0805 0x0d68 usbcir - ok
16:30:28.0825 0x0d68 [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:30:28.0854 0x0d68 usbehci - ok
16:30:28.0893 0x0d68 [ 573D192E268F0C5B486B7E96F661E538, 0F32BD82CA7B5D4DE234EFC6527EF4C854BD15B3057FE4A0151C70115493FFDC ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
16:30:28.0901 0x0d68 usbfilter - ok
16:30:28.0931 0x0d68 [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:30:28.0948 0x0d68 usbhub - ok
16:30:28.0961 0x0d68 [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
16:30:28.0988 0x0d68 usbohci - ok
16:30:29.0010 0x0d68 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
16:30:29.0043 0x0d68 usbprint - ok
16:30:29.0074 0x0d68 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:30:29.0126 0x0d68 USBSTOR - ok
16:30:29.0143 0x0d68 [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:30:29.0169 0x0d68 usbuhci - ok
16:30:29.0210 0x0d68 [ 70D05EE263568A742D14E1876DF80532, D49D7B60EE30F2398B8B532F4A4C3F17535485F2BDB9B14AB600E2A4E3F12A6B ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
16:30:29.0262 0x0d68 usb_rndisx - ok
16:30:29.0278 0x0d68 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:30:29.0329 0x0d68 UxSms - ok
16:30:29.0374 0x0d68 [ 34AF631F8D8BDBE77E7FBD99FF147D3F, B767E46330C27F3C6BDF3E1EC363B8BE702B7B3CC793698B829460EAA2426EE1 ] V0640Vid C:\Windows\system32\DRIVERS\V0640Vid.sys
16:30:29.0422 0x0d68 V0640Vid - ok
|
|
02.09.2014, 12:13
| #7 |
| | Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel ArbeitsspeicherCode:
ATTFilter 16:30:29.0433 0x0d68 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\Windows\system32\lsass.exe
16:30:29.0443 0x0d68 VaultSvc - ok
16:30:29.0452 0x0d68 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:30:29.0461 0x0d68 vdrvroot - ok
16:30:29.0481 0x0d68 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:30:29.0527 0x0d68 vds - ok
16:30:29.0550 0x0d68 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:30:29.0563 0x0d68 vga - ok
16:30:29.0574 0x0d68 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:30:29.0625 0x0d68 VgaSave - ok
16:30:29.0650 0x0d68 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:30:29.0664 0x0d68 vhdmp - ok
16:30:29.0678 0x0d68 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:30:29.0687 0x0d68 viaide - ok
16:30:29.0694 0x0d68 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:30:29.0704 0x0d68 volmgr - ok
16:30:29.0727 0x0d68 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:30:29.0745 0x0d68 volmgrx - ok
16:30:29.0767 0x0d68 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:30:29.0783 0x0d68 volsnap - ok
16:30:29.0800 0x0d68 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:30:29.0814 0x0d68 vsmraid - ok
16:30:29.0869 0x0d68 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:30:29.0970 0x0d68 VSS - ok
16:30:29.0994 0x0d68 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:30:30.0020 0x0d68 vwifibus - ok
16:30:30.0053 0x0d68 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:30:30.0086 0x0d68 vwififlt - ok
16:30:30.0112 0x0d68 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:30:30.0143 0x0d68 vwifimp - ok
16:30:30.0173 0x0d68 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:30:30.0214 0x0d68 W32Time - ok
16:30:30.0226 0x0d68 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:30:30.0254 0x0d68 WacomPen - ok
16:30:30.0291 0x0d68 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:30:30.0338 0x0d68 WANARP - ok
16:30:30.0343 0x0d68 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:30:30.0373 0x0d68 Wanarpv6 - ok
16:30:30.0441 0x0d68 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:30:30.0535 0x0d68 wbengine - ok
16:30:30.0554 0x0d68 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:30:30.0574 0x0d68 WbioSrvc - ok
16:30:30.0586 0x0d68 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:30:30.0612 0x0d68 wcncsvc - ok
16:30:30.0623 0x0d68 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:30:30.0652 0x0d68 WcsPlugInService - ok
16:30:30.0655 0x0d68 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
16:30:30.0664 0x0d68 Wd - ok
16:30:30.0710 0x0d68 [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:30:30.0741 0x0d68 Wdf01000 - ok
16:30:30.0757 0x0d68 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:30:30.0789 0x0d68 WdiServiceHost - ok
16:30:30.0793 0x0d68 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:30:30.0810 0x0d68 WdiSystemHost - ok
16:30:30.0835 0x0d68 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
16:30:30.0878 0x0d68 WebClient - ok
16:30:30.0887 0x0d68 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:30:30.0930 0x0d68 Wecsvc - ok
16:30:30.0951 0x0d68 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:30:30.0983 0x0d68 wercplsupport - ok
16:30:30.0991 0x0d68 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:30:31.0023 0x0d68 WerSvc - ok
16:30:31.0027 0x0d68 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:30:31.0055 0x0d68 WfpLwf - ok
16:30:31.0068 0x0d68 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:30:31.0076 0x0d68 WIMMount - ok
16:30:31.0107 0x0d68 WinDefend - ok
16:30:31.0112 0x0d68 WinHttpAutoProxySvc - ok
16:30:31.0164 0x0d68 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:30:31.0201 0x0d68 Winmgmt - ok
16:30:31.0258 0x0d68 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
16:30:31.0351 0x0d68 WinRM - ok
16:30:31.0393 0x0d68 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:30:31.0407 0x0d68 WinUsb - ok
16:30:31.0460 0x0d68 [ 0F695800783C3F9E577B94BF1E71D95A, EA10AA7D61167ED0AB5C741C42DAA32A4906C46F85D593D4ED00656318451DE4 ] WLANBelkinService C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
16:30:31.0484 0x0d68 WLANBelkinService - detected UnsignedFile.Multi.Generic ( 1 )
16:30:33.0949 0x0d68 Detect skipped due to KSN trusted
16:30:33.0949 0x0d68 WLANBelkinService - ok
16:30:33.0991 0x0d68 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:30:34.0053 0x0d68 Wlansvc - ok
16:30:34.0077 0x0d68 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:30:34.0108 0x0d68 WmiAcpi - ok
16:30:34.0139 0x0d68 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:30:34.0171 0x0d68 wmiApSrv - ok
16:30:34.0194 0x0d68 WMPNetworkSvc - ok
16:30:34.0215 0x0d68 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:30:34.0234 0x0d68 WPCSvc - ok
16:30:34.0243 0x0d68 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:30:34.0257 0x0d68 WPDBusEnum - ok
16:30:34.0265 0x0d68 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:30:34.0295 0x0d68 ws2ifsl - ok
16:30:34.0331 0x0d68 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
16:30:34.0369 0x0d68 wscsvc - ok
16:30:34.0372 0x0d68 WSearch - ok
16:30:34.0466 0x0d68 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
16:30:34.0557 0x0d68 wuauserv - ok
16:30:34.0591 0x0d68 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:30:34.0635 0x0d68 WudfPf - ok
16:30:34.0652 0x0d68 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:30:34.0685 0x0d68 WUDFRd - ok
16:30:34.0719 0x0d68 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:30:34.0731 0x0d68 wudfsvc - ok
16:30:34.0748 0x0d68 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
16:30:34.0790 0x0d68 WwanSvc - ok
16:30:34.0833 0x0d68 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
16:30:34.0847 0x0d68 xusb21 - ok
16:30:34.0956 0x0d68 ================ Scan global ===============================
16:30:34.0976 0x0d68 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:30:35.0002 0x0d68 [ 9E479C2B605C25DA4971ABA36250FAEF, 1D1D5CE908A6B17CDFA257A46121D7C938B56277B0F5256FBA29DF93352EAA3D ] C:\Windows\system32\winsrv.dll
16:30:35.0015 0x0d68 [ 9E479C2B605C25DA4971ABA36250FAEF, 1D1D5CE908A6B17CDFA257A46121D7C938B56277B0F5256FBA29DF93352EAA3D ] C:\Windows\system32\winsrv.dll
16:30:35.0040 0x0d68 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:30:35.0065 0x0d68 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:30:35.0073 0x0d68 [ Global ] - ok
16:30:35.0073 0x0d68 ================ Scan MBR ==================================
16:30:35.0082 0x0d68 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:30:35.0308 0x0d68 \Device\Harddisk0\DR0 - ok
16:30:35.0309 0x0d68 ================ Scan VBR ==================================
16:30:35.0315 0x0d68 [ 9610C77DA5E23C3AECA92E2D52FABC7A ] \Device\Harddisk0\DR0\Partition1
16:30:35.0350 0x0d68 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
16:30:35.0350 0x0d68 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
16:30:37.0759 0x0d68 [ 9E1977327432C5762A805BF11DC23C78 ] \Device\Harddisk0\DR0\Partition2
16:30:37.0790 0x0d68 \Device\Harddisk0\DR0\Partition2 - ok
16:30:37.0791 0x0d68 ================ Scan generic autorun ======================
16:30:37.0914 0x0d68 [ 5B72629C8144D1A96490D4C090D28DA1, 114891B9E7E05D2B86C8E3CD7B4096088491E338C3B1902F9352D40B47DD418C ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
16:30:37.0984 0x0d68 IntelliPoint - ok
16:30:38.0315 0x0d68 [ FBDF607ED7EF0467639DB501E1FD938C, 040528158D85D13122DB043144A982D6DC8744E75D140DB17A9BA5B93DC6B74D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:30:38.0644 0x0d68 RtHDVCpl - ok
16:30:38.0666 0x0d68 G Data AntiVirus Tray Application - ok
16:30:38.0667 0x0d68 GDFirewallTray - ok
16:30:38.0734 0x0d68 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
16:30:38.0766 0x0d68 Adobe ARM - ok
16:30:38.0810 0x0d68 [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
16:30:38.0818 0x0d68 APSDaemon - ok
16:30:38.0864 0x0d68 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
16:30:38.0875 0x0d68 UpdateLBPShortCut - ok
16:30:38.0914 0x0d68 [ CD1E74BC24CB1D1544406741F46F4D61, 658529854926471AE413D8A365C8E6500AEBDC33A562607DAB185F1571A5524B ] C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe
16:30:38.0925 0x0d68 MDS_Menu - ok
16:30:38.0960 0x0d68 [ 572024F59132BC3A2AC5E60A6C48D31E, 8BC1BA9BAB555DDF246100A511E9B54FB790F0F871868DCB54B0F83AA9E7306B ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
16:30:38.0968 0x0d68 CLMLServer - ok
16:30:39.0008 0x0d68 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
16:30:39.0020 0x0d68 UpdateP2GoShortCut - ok
16:30:39.0041 0x0d68 [ 54986909FA8EB661E0B3BF258935588D, CF42472CD6F5D96F2A37C6B1E752E8AA622B045AC9D4C2AFAF9EC1605BCEDEA9 ] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
16:30:39.0049 0x0d68 RemoteControl9 - ok
16:30:39.0061 0x0d68 [ E347862038C50FE3A5023D785C80B3E5, 6DC25B56FCD097ECE7A18859B7F6A14BC52ED09AD0C7481689FEB8DDC47F1075 ] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
16:30:39.0069 0x0d68 BDRegion - ok
16:30:39.0121 0x0d68 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe
16:30:39.0132 0x0d68 UpdatePPShortCut - ok
16:30:39.0173 0x0d68 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
16:30:39.0184 0x0d68 UCam_Menu - ok
16:30:39.0211 0x0d68 [ 9D56299FA5C9B3D9E67FF3ACB301139F, 202A0542BEA33C5F78A406EF9479EB7BD42FCBEAC9F49F38F6ECC48554117811 ] C:\Program Files (x86)\lg_fwupdate\lgfw.exe
16:30:39.0219 0x0d68 LGODDFU - ok
16:30:39.0260 0x0d68 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe
16:30:39.0272 0x0d68 UpdatePSTShortCut - ok
16:30:39.0343 0x0d68 [ 4452B3D4116EC5F81ACF33A80F264473, 8C7037DFCCB5165385DF67082E5183A3155574773B15C2FAB811F31C93D3325E ] C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 2\CTLVCentral2.exe
16:30:39.0359 0x0d68 Live! Central 2 - detected UnsignedFile.Multi.Generic ( 1 )
16:30:41.0826 0x0d68 Detect skipped due to KSN trusted
16:30:41.0826 0x0d68 Live! Central 2 - ok
16:30:41.0838 0x0d68 [ 4791A9FFA41B6744B4B5C9C6572E4EBB, 67B52BDA297F95570EAA4B0C7F0FAFBAC2FB4A69603EB45E712086D26A47379B ] C:\Windows\V0640Mon.exe
16:30:41.0868 0x0d68 V0640Mon.exe - ok
16:30:41.0925 0x0d68 [ E4401CF27225C1D6E664E86195978562, F572A2757C2A649E25F52F7071E6A2CCF298C60A8F2B15A0E2D800F890C4FD93 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
16:30:41.0936 0x0d68 iTunesHelper - ok
16:30:41.0987 0x0d68 [ 8DDA2B606279753601F9415DA503CA63, 2C9AD8218E150B6D50817991377ED3230A1672EFBD7AE29D0CD9E55E2418C800 ] C:\Program Files (x86)\QuickTime\QTTask.exe
16:30:42.0028 0x0d68 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
16:30:44.0491 0x0d68 Detect skipped due to KSN trusted
16:30:44.0491 0x0d68 QuickTime Task - ok
16:30:44.0544 0x0d68 [ 4CB7CEE3F7540B0BEDBD158D75F06509, 73348467A976AF06928B402E12A622BB1B5BD8BB2AC6446117E1FD1EEAFED217 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
16:30:44.0568 0x0d68 StartCCC - ok
16:30:44.0610 0x0d68 [ 5E7601CCBC2A98A4457E50612E0AEE73, 3F5FDCF1BEC5B134433F62ADD5C2931F700F2B7CBEDB0A98EF1362BF6E9FAC03 ] C:\Program Files (x86)\Drakonia Configurator\hid.exe
16:30:44.0620 0x0d68 GamingMouse - detected UnsignedFile.Multi.Generic ( 1 )
16:30:47.0079 0x0d68 Detect skipped due to KSN trusted
16:30:47.0079 0x0d68 GamingMouse - ok
16:30:47.0150 0x0d68 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:30:47.0210 0x0d68 Sidebar - ok
16:30:47.0235 0x0d68 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:30:47.0253 0x0d68 mctadmin - ok
16:30:47.0283 0x0d68 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:30:47.0323 0x0d68 Sidebar - ok
16:30:47.0330 0x0d68 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:30:47.0346 0x0d68 mctadmin - ok
16:30:47.0433 0x0d68 [ AFD67CED4279C1FBA095F1603D18E59F, 0F4E580D5F13EA0198D32D29A8500E193B18F266CCF354778032CAFD496337E1 ] C:\Program Files (x86)\Steam\steam.exe
16:30:47.0483 0x0d68 Steam - ok
16:30:47.0540 0x0d68 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
16:30:47.0613 0x0d68 Sidebar - ok
16:30:47.0616 0x0d68 LightScribe Control Panel - ok
16:30:47.0691 0x0d68 [ 026FCF998F9C5986BB31DA44FB571BBF, 4163733DCB9721B5C8FF0BFF66AE22AB9B886622B8FD992D0AF1963BCFCAFE3C ] C:\Users\Basti\Desktop\Isos uns Setups\WinRemoteService_v1.2.9_portable\Windows Remote Service\WindowsRemoteService.exe
16:30:47.0717 0x0d68 Windows Remote Service - detected UnsignedFile.Multi.Generic ( 1 )
16:30:50.0182 0x0d68 Detect skipped due to KSN trusted
16:30:50.0182 0x0d68 Windows Remote Service - ok
16:30:50.0752 0x0d68 [ 9D4A0ECBF734E2EECDD5B473A2D705FE, F663B8EDA4C75DB6D3E3B68EE938FE43B0C05EF9B09598BFEB147D041D3F6A17 ] C:\Program Files (x86)\Skype\Phone\Skype.exe
16:30:51.0264 0x0d68 Skype - ok
16:30:51.0328 0x0d68 [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
16:30:51.0382 0x0d68 RESTART_STICKY_NOTES - ok
16:30:51.0559 0x0d68 [ 978B3D42B75CAF33553577E78E612709, 4B999342B616A7566F198F937A6B5E81BC7F9D2155CE8238D58239B5CD8BFDCE ] C:\Program Files (x86)\Origin\Origin.exe
16:30:51.0649 0x0d68 EADM - ok
16:30:51.0655 0x0d68 LightScribe Control Panel - ok
16:30:51.0723 0x0d68 [ AFD67CED4279C1FBA095F1603D18E59F, 0F4E580D5F13EA0198D32D29A8500E193B18F266CCF354778032CAFD496337E1 ] C:\Program Files (x86)\Steam\steam.exe
16:30:51.0773 0x0d68 Steam - ok
16:30:52.0333 0x0d68 [ 9D4A0ECBF734E2EECDD5B473A2D705FE, F663B8EDA4C75DB6D3E3B68EE938FE43B0C05EF9B09598BFEB147D041D3F6A17 ] C:\Program Files (x86)\Skype\Phone\Skype.exe
16:30:52.0845 0x0d68 Skype - ok
16:30:52.0932 0x0d68 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
16:30:52.0979 0x0d68 Sidebar - ok
16:30:53.0111 0x0d68 [ DC34596BFCF0BD472AA1D48449D8A7DF, B1A1AD8A72D585525CC4FEA4984EAD0AC0077640D2A4CF478BAA10BA3F08711A ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
16:30:53.0218 0x0d68 DAEMON Tools Lite - ok
16:30:53.0232 0x0d68 Pando Media Booster - ok
16:30:53.0257 0x0d68 [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
16:30:53.0278 0x0d68 RESTART_STICKY_NOTES - ok
16:30:53.0355 0x0d68 [ 862753AE696BD34EFCCB2A422E273C08, 5FA9423D35A236FACCE5A2AC5B7F50570804796E178EC0F79A412F41710D612B ] C:\Users\Basti\AppData\Local\Temp\CTPBSeq.exe
16:30:53.0360 0x0d68 CTPostBootSequencer - detected UnsignedFile.Multi.Generic ( 1 )
16:30:55.0822 0x0d68 Detect skipped due to KSN trusted
16:30:55.0822 0x0d68 CTPostBootSequencer - ok
16:30:55.0822 0x0d68 Waiting for KSN requests completion. In queue: 6
16:30:56.0822 0x0d68 Waiting for KSN requests completion. In queue: 6
16:30:57.0822 0x0d68 Waiting for KSN requests completion. In queue: 6
16:30:58.0845 0x0d68 Win FW state via NFP2: enabled
16:31:01.0266 0x0d68 ============================================================
16:31:01.0266 0x0d68 Scan finished
16:31:01.0266 0x0d68 ============================================================
16:31:01.0273 0x12a8 Detected object count: 1
16:31:01.0273 0x12a8 Actual detected object count: 1
16:31:17.0621 0x12a8 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user
16:31:17.0621 0x12a8 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip
16:36:05.0770 0x0ac8 ============================================================
16:36:05.0770 0x0ac8 Scan started
16:36:05.0770 0x0ac8 Mode: Manual; SigCheck; TDLFS;
16:36:05.0770 0x0ac8 ============================================================
16:36:05.0770 0x0ac8 KSN ping started
16:36:08.0261 0x0ac8 KSN ping finished: true
16:36:08.0688 0x0ac8 ================ Scan system memory ========================
16:36:08.0688 0x0ac8 System memory - ok
16:36:08.0688 0x0ac8 ================ Scan services =============================
16:36:08.0793 0x0ac8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:36:08.0816 0x0ac8 1394ohci - ok
16:36:08.0856 0x0ac8 [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
16:36:08.0869 0x0ac8 acedrv11 - ok
16:36:08.0897 0x0ac8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:36:08.0913 0x0ac8 ACPI - ok
16:36:08.0929 0x0ac8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:36:08.0941 0x0ac8 AcpiPmi - ok
16:36:09.0000 0x0ac8 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:36:09.0010 0x0ac8 AdobeARMservice - ok
16:36:09.0080 0x0ac8 [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:36:09.0093 0x0ac8 AdobeFlashPlayerUpdateSvc - ok
16:36:09.0125 0x0ac8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:36:09.0144 0x0ac8 adp94xx - ok
16:36:09.0177 0x0ac8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:36:09.0192 0x0ac8 adpahci - ok
16:36:09.0215 0x0ac8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:36:09.0227 0x0ac8 adpu320 - ok
16:36:09.0253 0x0ac8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:36:09.0284 0x0ac8 AeLookupSvc - ok
16:36:09.0321 0x0ac8 [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\Windows\system32\drivers\afd.sys
16:36:09.0343 0x0ac8 AFD - ok
16:36:09.0363 0x0ac8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
16:36:09.0373 0x0ac8 agp440 - ok
16:36:09.0389 0x0ac8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:36:09.0401 0x0ac8 ALG - ok
16:36:09.0422 0x0ac8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:36:09.0431 0x0ac8 aliide - ok
16:36:09.0467 0x0ac8 [ 4EAAAAB8759644D572522FBCDD196A13, EF1ECE8073B048C2286F639BA76C523B6B267B64447358383C042BD593194350 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:36:09.0485 0x0ac8 AMD External Events Utility - ok
16:36:09.0538 0x0ac8 AMD FUEL Service - ok
16:36:09.0545 0x0ac8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:36:09.0554 0x0ac8 amdide - ok
16:36:09.0581 0x0ac8 [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
16:36:09.0589 0x0ac8 amdiox64 - ok
16:36:09.0615 0x0ac8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:36:09.0626 0x0ac8 AmdK8 - ok
16:36:09.0942 0x0ac8 [ 22A14DF59FB8D0BE918C597988AF4296, 714BD1BB63D732C6D03DFA1C2D81A2E00659C04052E110F0BF1EB74A7CD39B1C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:36:10.0263 0x0ac8 amdkmdag - ok
16:36:10.0311 0x0ac8 [ EE22D3ED6D55A855E709F811CCCA97ED, 179F34CF6E0C2F821EBC0AECF09AAA0867616CCBB5EA6B17891860B27D56AC66 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:36:10.0337 0x0ac8 amdkmdap - ok
16:36:10.0347 0x0ac8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:36:10.0358 0x0ac8 AmdPPM - ok
16:36:10.0377 0x0ac8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:36:10.0388 0x0ac8 amdsata - ok
16:36:10.0408 0x0ac8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:36:10.0420 0x0ac8 amdsbs - ok
16:36:10.0430 0x0ac8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:36:10.0439 0x0ac8 amdxata - ok
16:36:10.0466 0x0ac8 [ 2FBB00A7616106B95104574C6CD640C2, 06DE79B42EBBBBA01DAB289D4280E131D780066CD7E4499229CD5EB1E597A017 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
16:36:10.0474 0x0ac8 amd_sata - ok
16:36:10.0484 0x0ac8 [ 87D0D7645CB0D53220649BD5FE15D93E, 195B25BC640BE5D802F530FAA68D3325A6C076DE8A7E56833372C3B2B53B673B ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
16:36:10.0492 0x0ac8 amd_xata - ok
16:36:10.0544 0x0ac8 [ 9D267443B7CE8A29899B9C9FF9E846B8, D8775F01A5598DEC2B70F98FD5B7160CA56352DE81AB265B21B68BE234DD4E77 ] Ant App service C:\Program Files (x86)\Ant.com\File1 Package Manager\AppService.exe
16:36:10.0563 0x0ac8 Ant App service - ok
16:36:10.0578 0x0ac8 [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
16:36:10.0585 0x0ac8 AODDriver4.2 - ok
16:36:10.0598 0x0ac8 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
16:36:10.0628 0x0ac8 AppID - ok
16:36:10.0649 0x0ac8 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:36:10.0679 0x0ac8 AppIDSvc - ok
16:36:10.0683 0x0ac8 [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo C:\Windows\System32\appinfo.dll
16:36:10.0713 0x0ac8 Appinfo - ok
16:36:10.0747 0x0ac8 [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:36:10.0755 0x0ac8 Apple Mobile Device - ok
16:36:10.0772 0x0ac8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
16:36:10.0782 0x0ac8 arc - ok
16:36:10.0797 0x0ac8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:36:10.0808 0x0ac8 arcsas - ok
16:36:10.0830 0x0ac8 [ 954950D11ADA98AC1B7EE3C770E4622C, D6D4700D7359AB84FB362305FBF2389B4EF51B4190EC2E0D4C7FEF80A06A0D0B ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
16:36:10.0844 0x0ac8 asmthub3 - ok
16:36:10.0873 0x0ac8 [ 01DBB05DB1DB95803E3C9F2B49AFE79C, 286310787F7EB7B237CB0082567BDA2F57D8F88C37015F6637FF6A6775CAA5AE ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
16:36:10.0894 0x0ac8 asmtxhci - ok
16:36:10.0966 0x0ac8 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:36:10.0974 0x0ac8 aspnet_state - ok
16:36:10.0988 0x0ac8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:36:11.0017 0x0ac8 AsyncMac - ok
16:36:11.0027 0x0ac8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:36:11.0035 0x0ac8 atapi - ok
16:36:11.0058 0x0ac8 [ 437F55435623D4D54D36197F5AD8B435, CE004F1E3299E39AFD70C8618253901614C0F3DBD594B6F0E1BA294C7B47FAD6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:36:11.0069 0x0ac8 AtiHDAudioService - ok
16:36:11.0104 0x0ac8 [ 64F07381335E37C142F6D176705FFCA6, 8F7F633B891FE653D3298578897711A04E7B2B08E51CEE131C50102EFD45AC0E ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
16:36:11.0118 0x0ac8 atksgt - ok
16:36:11.0146 0x0ac8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:36:11.0192 0x0ac8 AudioEndpointBuilder - ok
16:36:11.0212 0x0ac8 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:36:11.0258 0x0ac8 AudioSrv - ok
16:36:11.0286 0x0ac8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:36:11.0302 0x0ac8 AxInstSV - ok
16:36:11.0329 0x0ac8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:36:11.0350 0x0ac8 b06bdrv - ok
16:36:11.0368 0x0ac8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:36:11.0384 0x0ac8 b57nd60a - ok
16:36:11.0424 0x0ac8 [ E49110A58A32E9450356686A95DD7763, 0C16196F48184907B92167AD6C4DA3A6039711AB99CB0D2D1BD37F935696303B ] BCMH43XX C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
16:36:11.0449 0x0ac8 BCMH43XX - ok
16:36:11.0456 0x0ac8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:36:11.0467 0x0ac8 BDESVC - ok
16:36:11.0479 0x0ac8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:36:11.0508 0x0ac8 Beep - ok
16:36:11.0532 0x0ac8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:36:11.0580 0x0ac8 BFE - ok
16:36:11.0615 0x0ac8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
16:36:11.0667 0x0ac8 BITS - ok
16:36:11.0683 0x0ac8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:36:11.0694 0x0ac8 blbdrive - ok
16:36:11.0763 0x0ac8 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:36:11.0779 0x0ac8 Bonjour Service - ok
16:36:11.0803 0x0ac8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:36:11.0814 0x0ac8 bowser - ok
16:36:11.0823 0x0ac8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:36:11.0835 0x0ac8 BrFiltLo - ok
16:36:11.0844 0x0ac8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:36:11.0855 0x0ac8 BrFiltUp - ok
16:36:11.0880 0x0ac8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:36:11.0893 0x0ac8 Browser - ok
16:36:11.0913 0x0ac8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:36:11.0931 0x0ac8 Brserid - ok
16:36:11.0939 0x0ac8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:36:11.0951 0x0ac8 BrSerWdm - ok
16:36:11.0954 0x0ac8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:36:11.0966 0x0ac8 BrUsbMdm - ok
16:36:11.0979 0x0ac8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:36:11.0988 0x0ac8 BrUsbSer - ok
16:36:12.0013 0x0ac8 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
16:36:12.0023 0x0ac8 BthEnum - ok
16:36:12.0028 0x0ac8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:36:12.0041 0x0ac8 BTHMODEM - ok
16:36:12.0056 0x0ac8 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
16:36:12.0070 0x0ac8 BthPan - ok
16:36:12.0108 0x0ac8 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
16:36:12.0132 0x0ac8 BTHPORT - ok
16:36:12.0150 0x0ac8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:36:12.0181 0x0ac8 bthserv - ok
16:36:12.0195 0x0ac8 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
16:36:12.0206 0x0ac8 BTHUSB - ok
16:36:12.0220 0x0ac8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:36:12.0251 0x0ac8 cdfs - ok
16:36:12.0268 0x0ac8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:36:12.0281 0x0ac8 cdrom - ok
16:36:12.0286 0x0ac8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:36:12.0316 0x0ac8 CertPropSvc - ok
16:36:12.0331 0x0ac8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
16:36:12.0343 0x0ac8 circlass - ok
16:36:12.0369 0x0ac8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
16:36:12.0385 0x0ac8 CLFS - ok
16:36:12.0461 0x0ac8 [ 4642B5A3E0D2E61D08163DE95FC5B949, C1A502ED96EB4AF7FE8643AD139A0AAA5492583E6D83A3937443662CDD430FE4 ] CLKMSVC10_9EC60124 C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
16:36:12.0473 0x0ac8 CLKMSVC10_9EC60124 - ok
16:36:12.0515 0x0ac8 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:36:12.0524 0x0ac8 clr_optimization_v2.0.50727_32 - ok
16:36:12.0555 0x0ac8 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:36:12.0565 0x0ac8 clr_optimization_v2.0.50727_64 - ok
16:36:12.0593 0x0ac8 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:36:12.0602 0x0ac8 clr_optimization_v4.0.30319_32 - ok
16:36:12.0614 0x0ac8 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:36:12.0624 0x0ac8 clr_optimization_v4.0.30319_64 - ok
16:36:12.0632 0x0ac8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:36:12.0642 0x0ac8 CmBatt - ok
16:36:12.0652 0x0ac8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:36:12.0660 0x0ac8 cmdide - ok
16:36:12.0691 0x0ac8 [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG C:\Windows\system32\Drivers\cng.sys
16:36:12.0714 0x0ac8 CNG - ok
16:36:12.0736 0x0ac8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:36:12.0745 0x0ac8 Compbatt - ok
16:36:12.0748 0x0ac8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:36:12.0761 0x0ac8 CompositeBus - ok
16:36:12.0764 0x0ac8 COMSysApp - ok
16:36:12.0768 0x0ac8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:36:12.0777 0x0ac8 crcdisk - ok
16:36:12.0799 0x0ac8 [ 9C01375BE382E834CC26D1B7EAF2C4FE, B1D1E36B91A3C3CD09428EE3403896F71390A2798323BB406B484D9DB064A219 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:36:12.0812 0x0ac8 CryptSvc - ok
16:36:12.0844 0x0ac8 [ 580033E37BEB30E7176CAF46D8C282F3, 67B51B89E13831758486766357916592FB581FAFD27BD83DBAF4C658247C74D0 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
16:36:12.0857 0x0ac8 CtClsFlt - ok
16:36:12.0881 0x0ac8 [ C7259495924D21F1AFA26467D9F4DAE0, 7FF991D7FE660E7CAC682FC82B9C44EC38E267A0C3AAE0C4FAEE0853756AF5C8 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
16:36:12.0890 0x0ac8 dc3d - ok
16:36:12.0917 0x0ac8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:36:12.0959 0x0ac8 DcomLaunch - ok
16:36:12.0985 0x0ac8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:36:13.0021 0x0ac8 defragsvc - ok
16:36:13.0036 0x0ac8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:36:13.0066 0x0ac8 DfsC - ok
16:36:13.0082 0x0ac8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:36:13.0100 0x0ac8 Dhcp - ok
16:36:13.0108 0x0ac8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:36:13.0139 0x0ac8 discache - ok
16:36:13.0171 0x0ac8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
16:36:13.0181 0x0ac8 Disk - ok
16:36:13.0183 0x0ac8 DisplayFusionService - ok
16:36:13.0208 0x0ac8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:36:13.0222 0x0ac8 Dnscache - ok
16:36:13.0241 0x0ac8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:36:13.0277 0x0ac8 dot3svc - ok
16:36:13.0288 0x0ac8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:36:13.0321 0x0ac8 DPS - ok
16:36:13.0341 0x0ac8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:36:13.0353 0x0ac8 drmkaud - ok
16:36:13.0378 0x0ac8 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:36:13.0391 0x0ac8 dtsoftbus01 - ok
16:36:13.0432 0x0ac8 [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:36:13.0462 0x0ac8 DXGKrnl - ok
16:36:13.0477 0x0ac8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:36:13.0509 0x0ac8 EapHost - ok
16:36:13.0609 0x0ac8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:36:13.0708 0x0ac8 ebdrv - ok
16:36:13.0718 0x0ac8 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
16:36:13.0729 0x0ac8 EFS - ok
16:36:13.0780 0x0ac8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:36:13.0809 0x0ac8 ehRecvr - ok
16:36:13.0820 0x0ac8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:36:13.0833 0x0ac8 ehSched - ok
16:36:13.0858 0x0ac8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:36:13.0878 0x0ac8 elxstor - ok
16:36:13.0892 0x0ac8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:36:13.0902 0x0ac8 ErrDev - ok
16:36:13.0922 0x0ac8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:36:13.0962 0x0ac8 EventSystem - ok
16:36:13.0982 0x0ac8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:36:14.0015 0x0ac8 exfat - ok
16:36:14.0032 0x0ac8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:36:14.0067 0x0ac8 fastfat - ok
16:36:14.0097 0x0ac8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:36:14.0125 0x0ac8 Fax - ok
16:36:14.0141 0x0ac8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
16:36:14.0151 0x0ac8 fdc - ok
16:36:14.0161 0x0ac8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:36:14.0191 0x0ac8 fdPHost - ok
16:36:14.0203 0x0ac8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:36:14.0233 0x0ac8 FDResPub - ok
16:36:14.0243 0x0ac8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:36:14.0253 0x0ac8 FileInfo - ok
16:36:14.0265 0x0ac8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:36:14.0295 0x0ac8 Filetrace - ok
16:36:14.0299 0x0ac8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:36:14.0309 0x0ac8 flpydisk - ok
16:36:14.0330 0x0ac8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:36:14.0344 0x0ac8 FltMgr - ok
16:36:14.0399 0x0ac8 [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache C:\Windows\system32\FntCache.dll
16:36:14.0439 0x0ac8 FontCache - ok
16:36:14.0478 0x0ac8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:36:14.0486 0x0ac8 FontCache3.0.0.0 - ok
16:36:14.0490 0x0ac8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:36:14.0499 0x0ac8 FsDepends - ok
16:36:14.0519 0x0ac8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:36:14.0527 0x0ac8 Fs_Rec - ok
16:36:14.0543 0x0ac8 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:36:14.0559 0x0ac8 fvevol - ok
16:36:14.0571 0x0ac8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:36:14.0580 0x0ac8 gagp30kx - ok
16:36:14.0596 0x0ac8 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:36:14.0603 0x0ac8 GEARAspiWDM - ok
16:36:14.0636 0x0ac8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
16:36:14.0685 0x0ac8 gpsvc - ok
16:36:14.0712 0x0ac8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:36:14.0722 0x0ac8 gupdate - ok
16:36:14.0727 0x0ac8 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:36:14.0735 0x0ac8 gupdatem - ok
16:36:14.0762 0x0ac8 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
16:36:14.0770 0x0ac8 hamachi - ok
16:36:14.0785 0x0ac8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:36:14.0794 0x0ac8 hcw85cir - ok
16:36:14.0828 0x0ac8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:36:14.0848 0x0ac8 HdAudAddService - ok
16:36:14.0869 0x0ac8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:36:14.0883 0x0ac8 HDAudBus - ok
16:36:14.0892 0x0ac8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:36:14.0902 0x0ac8 HidBatt - ok
16:36:14.0914 0x0ac8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:36:14.0929 0x0ac8 HidBth - ok
16:36:14.0937 0x0ac8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
16:36:14.0949 0x0ac8 HidIr - ok
16:36:14.0967 0x0ac8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
16:36:14.0997 0x0ac8 hidserv - ok
16:36:15.0004 0x0ac8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:36:15.0013 0x0ac8 HidUsb - ok
16:36:15.0028 0x0ac8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:36:15.0059 0x0ac8 hkmsvc - ok
16:36:15.0076 0x0ac8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:36:15.0091 0x0ac8 HomeGroupListener - ok
16:36:15.0112 0x0ac8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:36:15.0126 0x0ac8 HomeGroupProvider - ok
16:36:15.0137 0x0ac8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:36:15.0147 0x0ac8 HpSAMD - ok
16:36:15.0175 0x0ac8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:36:15.0222 0x0ac8 HTTP - ok
16:36:15.0248 0x0ac8 [ 8C7F1C56491A1CF8E32316052324D7F5, FFAB4953108A6E4F09AB34DC95DE3F3C8E50482C945928A8C9613CEB9669CA89 ] hugoio64 C:\Windows\system32\drivers\hugoio64.sys
16:36:15.0255 0x0ac8 hugoio64 - ok
16:36:15.0264 0x0ac8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:36:15.0272 0x0ac8 hwpolicy - ok
16:36:15.0288 0x0ac8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:36:15.0300 0x0ac8 i8042prt - ok
16:36:15.0328 0x0ac8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:36:15.0345 0x0ac8 iaStorV - ok
16:36:15.0382 0x0ac8 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:36:15.0387 0x0ac8 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
16:36:15.0387 0x0ac8 Detect skipped due to KSN trusted
16:36:15.0387 0x0ac8 IDriverT - ok
16:36:15.0436 0x0ac8 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:36:15.0462 0x0ac8 idsvc - ok
16:36:15.0489 0x0ac8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:36:15.0498 0x0ac8 iirsp - ok
16:36:15.0541 0x0ac8 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
16:36:15.0592 0x0ac8 IKEEXT - ok
16:36:15.0679 0x0ac8 [ 589B94A9B73A0E819FF873743A480834, 49FA8EC38F1C78F38F818CC28F2734802739247F0B89A971D65FDAF3110041A8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:36:15.0745 0x0ac8 IntcAzAudAddService - ok
16:36:15.0754 0x0ac8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:36:15.0762 0x0ac8 intelide - ok
16:36:15.0767 0x0ac8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
16:36:15.0778 0x0ac8 intelppm - ok
16:36:15.0795 0x0ac8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:36:15.0827 0x0ac8 IPBusEnum - ok
16:36:15.0832 0x0ac8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:36:15.0862 0x0ac8 IpFilterDriver - ok
16:36:15.0898 0x0ac8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:36:15.0923 0x0ac8 iphlpsvc - ok
16:36:15.0935 0x0ac8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:36:15.0946 0x0ac8 IPMIDRV - ok
16:36:15.0961 0x0ac8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:36:15.0992 0x0ac8 IPNAT - ok
16:36:16.0027 0x0ac8 [ 0F261EC4F514926177C70C1832374231, 7E61B89FE2651C0C7951E10454267174550677DEAB1C497571A9B0B583687304 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:36:16.0048 0x0ac8 iPod Service - ok
16:36:16.0060 0x0ac8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:36:16.0074 0x0ac8 IRENUM - ok
16:36:16.0082 0x0ac8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:36:16.0091 0x0ac8 isapnp - ok
16:36:16.0113 0x0ac8 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:36:16.0127 0x0ac8 iScsiPrt - ok
16:36:16.0137 0x0ac8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:36:16.0146 0x0ac8 kbdclass - ok
16:36:16.0158 0x0ac8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:36:16.0168 0x0ac8 kbdhid - ok
16:36:16.0177 0x0ac8 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
16:36:16.0187 0x0ac8 KeyIso - ok
16:36:16.0212 0x0ac8 [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:36:16.0222 0x0ac8 KSecDD - ok
16:36:16.0233 0x0ac8 [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:36:16.0245 0x0ac8 KSecPkg - ok
16:36:16.0251 0x0ac8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:36:16.0280 0x0ac8 ksthunk - ok
16:36:16.0302 0x0ac8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:36:16.0342 0x0ac8 KtmRm - ok
16:36:16.0367 0x0ac8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:36:16.0401 0x0ac8 LanmanServer - ok
16:36:16.0428 0x0ac8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:36:16.0460 0x0ac8 LanmanWorkstation - ok
16:36:16.0475 0x0ac8 [ 83BA097ACAAD0B00505634A62D90F93A, 6F1FE2F413A4A939D2D921F537EBB9330E2A65A7C38BD380CF9405792FD03052 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
16:36:16.0484 0x0ac8 lirsgt - ok
16:36:16.0488 0x0ac8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:36:16.0519 0x0ac8 lltdio - ok
16:36:16.0536 0x0ac8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:36:16.0574 0x0ac8 lltdsvc - ok
16:36:16.0592 0x0ac8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:36:16.0622 0x0ac8 lmhosts - ok
16:36:16.0632 0x0ac8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:36:16.0642 0x0ac8 LSI_FC - ok
16:36:16.0656 0x0ac8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:36:16.0666 0x0ac8 LSI_SAS - ok
16:36:16.0683 0x0ac8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:36:16.0692 0x0ac8 LSI_SAS2 - ok
16:36:16.0706 0x0ac8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:36:16.0716 0x0ac8 LSI_SCSI - ok
16:36:16.0733 0x0ac8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:36:16.0764 0x0ac8 luafv - ok
16:36:16.0787 0x0ac8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:36:16.0799 0x0ac8 Mcx2Svc - ok
16:36:16.0810 0x0ac8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
16:36:16.0819 0x0ac8 megasas - ok
16:36:16.0836 0x0ac8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:36:16.0851 0x0ac8 MegaSR - ok
16:36:16.0862 0x0ac8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:36:16.0893 0x0ac8 MMCSS - ok
16:36:16.0907 0x0ac8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:36:16.0938 0x0ac8 Modem - ok
16:36:16.0960 0x0ac8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:36:16.0972 0x0ac8 monitor - ok
16:36:16.0981 0x0ac8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:36:16.0990 0x0ac8 mouclass - ok
16:36:16.0997 0x0ac8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:36:17.0007 0x0ac8 mouhid - ok
16:36:17.0015 0x0ac8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:36:17.0026 0x0ac8 mountmgr - ok
16:36:17.0032 0x0ac8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:36:17.0044 0x0ac8 mpio - ok
16:36:17.0052 0x0ac8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:36:17.0083 0x0ac8 mpsdrv - ok
16:36:17.0114 0x0ac8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:36:17.0166 0x0ac8 MpsSvc - ok
16:36:17.0174 0x0ac8 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:36:17.0191 0x0ac8 MRxDAV - ok
16:36:17.0214 0x0ac8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:36:17.0227 0x0ac8 mrxsmb - ok
16:36:17.0244 0x0ac8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:36:17.0260 0x0ac8 mrxsmb10 - ok
16:36:17.0269 0x0ac8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:36:17.0281 0x0ac8 mrxsmb20 - ok
16:36:17.0288 0x0ac8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:36:17.0297 0x0ac8 msahci - ok
16:36:17.0303 0x0ac8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:36:17.0314 0x0ac8 msdsm - ok
16:36:17.0331 0x0ac8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:36:17.0345 0x0ac8 MSDTC - ok
16:36:17.0359 0x0ac8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:36:17.0388 0x0ac8 Msfs - ok
16:36:17.0397 0x0ac8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:36:17.0428 0x0ac8 mshidkmdf - ok
16:36:17.0437 0x0ac8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:36:17.0445 0x0ac8 msisadrv - ok
16:36:17.0468 0x0ac8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:36:17.0501 0x0ac8 MSiSCSI - ok
16:36:17.0504 0x0ac8 msiserver - ok
16:36:17.0512 0x0ac8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:36:17.0542 0x0ac8 MSKSSRV - ok
16:36:17.0552 0x0ac8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:36:17.0581 0x0ac8 MSPCLOCK - ok
16:36:17.0593 0x0ac8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:36:17.0622 0x0ac8 MSPQM - ok
16:36:17.0644 0x0ac8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:36:17.0661 0x0ac8 MsRPC - ok
16:36:17.0672 0x0ac8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:36:17.0681 0x0ac8 mssmbios - ok
16:36:17.0692 0x0ac8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:36:17.0721 0x0ac8 MSTEE - ok
16:36:17.0733 0x0ac8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:36:17.0743 0x0ac8 MTConfig - ok
16:36:17.0753 0x0ac8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:36:17.0763 0x0ac8 Mup - ok
16:36:17.0794 0x0ac8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:36:17.0834 0x0ac8 napagent - ok
16:36:17.0861 0x0ac8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:36:17.0883 0x0ac8 NativeWifiP - ok
16:36:17.0931 0x0ac8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
16:36:17.0960 0x0ac8 NDIS - ok
16:36:17.0975 0x0ac8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:36:18.0004 0x0ac8 NdisCap - ok
16:36:18.0008 0x0ac8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:36:18.0038 0x0ac8 NdisTapi - ok
16:36:18.0047 0x0ac8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:36:18.0077 0x0ac8 Ndisuio - ok
16:36:18.0091 0x0ac8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:36:18.0123 0x0ac8 NdisWan - ok
16:36:18.0134 0x0ac8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:36:18.0163 0x0ac8 NDProxy - ok
16:36:18.0173 0x0ac8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:36:18.0203 0x0ac8 NetBIOS - ok
16:36:18.0220 0x0ac8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:36:18.0254 0x0ac8 NetBT - ok
16:36:18.0264 0x0ac8 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
16:36:18.0274 0x0ac8 Netlogon - ok
16:36:18.0300 0x0ac8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:36:18.0339 0x0ac8 Netman - ok
16:36:18.0370 0x0ac8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:36:18.0380 0x0ac8 NetMsmqActivator - ok
16:36:18.0385 0x0ac8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:36:18.0395 0x0ac8 NetPipeActivator - ok
16:36:18.0426 0x0ac8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:36:18.0467 0x0ac8 netprofm - ok
16:36:18.0473 0x0ac8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:36:18.0483 0x0ac8 NetTcpActivator - ok
16:36:18.0488 0x0ac8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:36:18.0497 0x0ac8 NetTcpPortSharing - ok
16:36:18.0510 0x0ac8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:36:18.0519 0x0ac8 nfrd960 - ok
16:36:18.0539 0x0ac8 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:36:18.0556 0x0ac8 NlaSvc - ok
16:36:18.0565 0x0ac8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:36:18.0595 0x0ac8 Npfs - ok
16:36:18.0616 0x0ac8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:36:18.0646 0x0ac8 nsi - ok
16:36:18.0652 0x0ac8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:36:18.0682 0x0ac8 nsiproxy - ok
16:36:18.0749 0x0ac8 [ E453ACF4E7D44E5530B5D5F2B9CA8563, 85EEBCBB3187A21282619A0264C10E9E52EFE4387F3425D3D279EF460DA3AD06 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:36:18.0796 0x0ac8 Ntfs - ok
16:36:18.0811 0x0ac8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:36:18.0840 0x0ac8 Null - ok
16:36:18.0864 0x0ac8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:36:18.0876 0x0ac8 nvraid - ok
16:36:18.0887 0x0ac8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:36:18.0899 0x0ac8 nvstor - ok
16:36:18.0911 0x0ac8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:36:18.0921 0x0ac8 nv_agp - ok
16:36:18.0937 0x0ac8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:36:18.0949 0x0ac8 ohci1394 - ok
16:36:18.0984 0x0ac8 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:36:18.0994 0x0ac8 ose - ok
16:36:19.0167 0x0ac8 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:36:19.0299 0x0ac8 osppsvc - ok
16:36:19.0346 0x0ac8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:36:19.0364 0x0ac8 p2pimsvc - ok
16:36:19.0386 0x0ac8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:36:19.0407 0x0ac8 p2psvc - ok
16:36:19.0422 0x0ac8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
16:36:19.0433 0x0ac8 Parport - ok
16:36:19.0454 0x0ac8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:36:19.0463 0x0ac8 partmgr - ok
16:36:19.0475 0x0ac8 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
16:36:19.0494 0x0ac8 PcaSvc - ok
16:36:19.0517 0x0ac8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
16:36:19.0529 0x0ac8 pci - ok
16:36:19.0538 0x0ac8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:36:19.0546 0x0ac8 pciide - ok
16:36:19.0563 0x0ac8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:36:19.0575 0x0ac8 pcmcia - ok
|
|
02.09.2014, 12:14
| #8 |
| | Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel ArbeitsspeicherCode:
ATTFilter
16:36:19.0589 0x0ac8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:36:19.0597 0x0ac8 pcw - ok
16:36:19.0620 0x0ac8 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:36:19.0668 0x0ac8 PEAUTH - ok
16:36:19.0723 0x0ac8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:36:19.0734 0x0ac8 PerfHost - ok
16:36:19.0785 0x0ac8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:36:19.0851 0x0ac8 pla - ok
16:36:19.0884 0x0ac8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:36:19.0904 0x0ac8 PlugPlay - ok
16:36:19.0929 0x0ac8 [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
16:36:19.0939 0x0ac8 PnkBstrA - ok
16:36:19.0948 0x0ac8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:36:19.0958 0x0ac8 PNRPAutoReg - ok
16:36:19.0969 0x0ac8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:36:19.0986 0x0ac8 PNRPsvc - ok
16:36:20.0007 0x0ac8 [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64 C:\Windows\system32\DRIVERS\point64.sys
16:36:20.0015 0x0ac8 Point64 - ok
16:36:20.0049 0x0ac8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:36:20.0090 0x0ac8 PolicyAgent - ok
16:36:20.0116 0x0ac8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:36:20.0150 0x0ac8 Power - ok
16:36:20.0165 0x0ac8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:36:20.0195 0x0ac8 PptpMiniport - ok
16:36:20.0204 0x0ac8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
16:36:20.0215 0x0ac8 Processor - ok
16:36:20.0248 0x0ac8 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
16:36:20.0264 0x0ac8 ProfSvc - ok
16:36:20.0284 0x0ac8 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
16:36:20.0294 0x0ac8 ProtectedStorage - ok
16:36:20.0304 0x0ac8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:36:20.0335 0x0ac8 Psched - ok
16:36:20.0383 0x0ac8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:36:20.0427 0x0ac8 ql2300 - ok
16:36:20.0436 0x0ac8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:36:20.0447 0x0ac8 ql40xx - ok
16:36:20.0464 0x0ac8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:36:20.0485 0x0ac8 QWAVE - ok
16:36:20.0495 0x0ac8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:36:20.0510 0x0ac8 QWAVEdrv - ok
16:36:20.0525 0x0ac8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:36:20.0553 0x0ac8 RasAcd - ok
16:36:20.0569 0x0ac8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:36:20.0599 0x0ac8 RasAgileVpn - ok
16:36:20.0607 0x0ac8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:36:20.0640 0x0ac8 RasAuto - ok
16:36:20.0653 0x0ac8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:36:20.0684 0x0ac8 Rasl2tp - ok
16:36:20.0706 0x0ac8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:36:20.0743 0x0ac8 RasMan - ok
16:36:20.0752 0x0ac8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:36:20.0784 0x0ac8 RasPppoe - ok
16:36:20.0789 0x0ac8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:36:20.0820 0x0ac8 RasSstp - ok
16:36:20.0836 0x0ac8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:36:20.0872 0x0ac8 rdbss - ok
16:36:20.0884 0x0ac8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
16:36:20.0896 0x0ac8 rdpbus - ok
16:36:20.0905 0x0ac8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:36:20.0934 0x0ac8 RDPCDD - ok
16:36:20.0947 0x0ac8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:36:20.0976 0x0ac8 RDPENCDD - ok
16:36:20.0985 0x0ac8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:36:21.0014 0x0ac8 RDPREFMP - ok
16:36:21.0044 0x0ac8 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:36:21.0058 0x0ac8 RDPWD - ok
16:36:21.0077 0x0ac8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:36:21.0089 0x0ac8 rdyboost - ok
16:36:21.0106 0x0ac8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:36:21.0138 0x0ac8 RemoteAccess - ok
16:36:21.0145 0x0ac8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:36:21.0181 0x0ac8 RemoteRegistry - ok
16:36:21.0203 0x0ac8 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
16:36:21.0219 0x0ac8 RFCOMM - ok
16:36:21.0268 0x0ac8 [ F12A68ED55053940CADD59CA5E3468DD, 75331E6DA4E30717085E7D8131989241EBC492DC3EE455546F91DA9DFFFD2BFC ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
16:36:21.0280 0x0ac8 RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
16:36:21.0280 0x0ac8 Detect skipped due to KSN trusted
16:36:21.0280 0x0ac8 RichVideo - ok
16:36:21.0288 0x0ac8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:36:21.0319 0x0ac8 RpcEptMapper - ok
16:36:21.0330 0x0ac8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:36:21.0340 0x0ac8 RpcLocator - ok
16:36:21.0362 0x0ac8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
16:36:21.0404 0x0ac8 RpcSs - ok
16:36:21.0412 0x0ac8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:36:21.0443 0x0ac8 rspndr - ok
16:36:21.0483 0x0ac8 [ F4C374B1C46DE294B573BB43723AC3F6, 9B8A40BF54262A1949661596CB753D0B591E94577470ED44D498042BD3EA7C10 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:36:21.0500 0x0ac8 RTL8167 - ok
16:36:21.0504 0x0ac8 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\Windows\system32\lsass.exe
16:36:21.0514 0x0ac8 SamSs - ok
16:36:21.0534 0x0ac8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:36:21.0544 0x0ac8 sbp2port - ok
16:36:21.0560 0x0ac8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:36:21.0595 0x0ac8 SCardSvr - ok
16:36:21.0608 0x0ac8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:36:21.0637 0x0ac8 scfilter - ok
16:36:21.0678 0x0ac8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
16:36:21.0737 0x0ac8 Schedule - ok
16:36:21.0763 0x0ac8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:36:21.0793 0x0ac8 SCPolicySvc - ok
16:36:21.0809 0x0ac8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:36:21.0824 0x0ac8 SDRSVC - ok
16:36:21.0828 0x0ac8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:36:21.0858 0x0ac8 secdrv - ok
16:36:21.0869 0x0ac8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
16:36:21.0899 0x0ac8 seclogon - ok
16:36:21.0905 0x0ac8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
16:36:21.0936 0x0ac8 SENS - ok
16:36:21.0947 0x0ac8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:36:21.0958 0x0ac8 SensrSvc - ok
16:36:21.0969 0x0ac8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:36:21.0979 0x0ac8 Serenum - ok
16:36:21.0992 0x0ac8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:36:22.0004 0x0ac8 Serial - ok
16:36:22.0016 0x0ac8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:36:22.0027 0x0ac8 sermouse - ok
16:36:22.0037 0x0ac8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:36:22.0069 0x0ac8 SessionEnv - ok
16:36:22.0072 0x0ac8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:36:22.0084 0x0ac8 sffdisk - ok
16:36:22.0097 0x0ac8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:36:22.0109 0x0ac8 sffp_mmc - ok
16:36:22.0112 0x0ac8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:36:22.0124 0x0ac8 sffp_sd - ok
16:36:22.0137 0x0ac8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:36:22.0147 0x0ac8 sfloppy - ok
16:36:22.0177 0x0ac8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:36:22.0216 0x0ac8 SharedAccess - ok
16:36:22.0237 0x0ac8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:36:22.0277 0x0ac8 ShellHWDetection - ok
16:36:22.0281 0x0ac8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:36:22.0291 0x0ac8 SiSRaid2 - ok
16:36:22.0296 0x0ac8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:36:22.0306 0x0ac8 SiSRaid4 - ok
16:36:22.0324 0x0ac8 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:36:22.0337 0x0ac8 SkypeUpdate - ok
16:36:22.0349 0x0ac8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:36:22.0381 0x0ac8 Smb - ok
16:36:22.0392 0x0ac8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:36:22.0403 0x0ac8 SNMPTRAP - ok
16:36:22.0407 0x0ac8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:36:22.0415 0x0ac8 spldr - ok
16:36:22.0447 0x0ac8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
16:36:22.0472 0x0ac8 Spooler - ok
16:36:22.0576 0x0ac8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:36:22.0699 0x0ac8 sppsvc - ok
16:36:22.0715 0x0ac8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:36:22.0747 0x0ac8 sppuinotify - ok
16:36:22.0773 0x0ac8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:36:22.0794 0x0ac8 srv - ok
16:36:22.0825 0x0ac8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:36:22.0845 0x0ac8 srv2 - ok
16:36:22.0857 0x0ac8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:36:22.0870 0x0ac8 srvnet - ok
16:36:22.0888 0x0ac8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:36:22.0923 0x0ac8 SSDPSRV - ok
16:36:22.0931 0x0ac8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:36:22.0963 0x0ac8 SstpSvc - ok
16:36:23.0006 0x0ac8 [ B5C26A6A92C9A6CD64399D2B06D29464, 6CAF09892D4C516361125AAF5387D5BF306EC26133EE45DBBC35C8B6190BAD24 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:36:23.0032 0x0ac8 Steam Client Service - ok
16:36:23.0042 0x0ac8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:36:23.0051 0x0ac8 stexstor - ok
16:36:23.0087 0x0ac8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:36:23.0117 0x0ac8 stisvc - ok
16:36:23.0157 0x0ac8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:36:23.0167 0x0ac8 swenum - ok
16:36:23.0199 0x0ac8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:36:23.0243 0x0ac8 swprv - ok
16:36:23.0305 0x0ac8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
16:36:23.0367 0x0ac8 SysMain - ok
16:36:23.0386 0x0ac8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:36:23.0403 0x0ac8 TabletInputService - ok
16:36:23.0420 0x0ac8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:36:23.0457 0x0ac8 TapiSrv - ok
16:36:23.0468 0x0ac8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
16:36:23.0500 0x0ac8 TBS - ok
16:36:23.0570 0x0ac8 [ 37608401DFDB388CAF66917F6B2D6FB0, 3E8A594CB84D94C4AFEB5B5657D2DEEECBAF64BB6AD16510BCDDFDE07F099056 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:36:23.0622 0x0ac8 Tcpip - ok
16:36:23.0673 0x0ac8 [ 37608401DFDB388CAF66917F6B2D6FB0, 3E8A594CB84D94C4AFEB5B5657D2DEEECBAF64BB6AD16510BCDDFDE07F099056 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:36:23.0726 0x0ac8 TCPIP6 - ok
16:36:23.0748 0x0ac8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:36:23.0759 0x0ac8 tcpipreg - ok
16:36:23.0775 0x0ac8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:36:23.0784 0x0ac8 TDPIPE - ok
16:36:23.0805 0x0ac8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:36:23.0814 0x0ac8 TDTCP - ok
16:36:23.0833 0x0ac8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:36:23.0863 0x0ac8 tdx - ok
16:36:23.0876 0x0ac8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:36:23.0885 0x0ac8 TermDD - ok
16:36:23.0917 0x0ac8 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
16:36:23.0964 0x0ac8 TermService - ok
16:36:23.0973 0x0ac8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:36:23.0990 0x0ac8 Themes - ok
16:36:24.0007 0x0ac8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:36:24.0039 0x0ac8 THREADORDER - ok
16:36:24.0048 0x0ac8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:36:24.0080 0x0ac8 TrkWks - ok
16:36:24.0126 0x0ac8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:36:24.0159 0x0ac8 TrustedInstaller - ok
16:36:24.0176 0x0ac8 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:36:24.0204 0x0ac8 tssecsrv - ok
16:36:24.0215 0x0ac8 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:36:24.0225 0x0ac8 TsUsbFlt - ok
16:36:24.0234 0x0ac8 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:36:24.0243 0x0ac8 TsUsbGD - ok
16:36:24.0258 0x0ac8 tswNT - ok
16:36:24.0264 0x0ac8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:36:24.0295 0x0ac8 tunnel - ok
16:36:24.0299 0x0ac8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:36:24.0309 0x0ac8 uagp35 - ok
16:36:24.0330 0x0ac8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:36:24.0366 0x0ac8 udfs - ok
16:36:24.0381 0x0ac8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:36:24.0393 0x0ac8 UI0Detect - ok
16:36:24.0403 0x0ac8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:36:24.0412 0x0ac8 uliagpkx - ok
16:36:24.0424 0x0ac8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:36:24.0434 0x0ac8 umbus - ok
16:36:24.0449 0x0ac8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
16:36:24.0459 0x0ac8 UmPass - ok
16:36:24.0477 0x0ac8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:36:24.0516 0x0ac8 upnphost - ok
16:36:24.0543 0x0ac8 [ 43228F8EDD1B0BCDD3145AD246E63D39, 108D8793E9F94C0A0E895398599B359121751F2E7BAA8B7BD24838AEF646726D ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:36:24.0552 0x0ac8 USBAAPL64 - ok
16:36:24.0576 0x0ac8 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A, DE1CDDEEF2285CC8387E88ACB13C000576DC8819DF6DC648C988068B5C83BB15 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:36:24.0590 0x0ac8 usbaudio - ok
16:36:24.0609 0x0ac8 [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:36:24.0620 0x0ac8 usbccgp - ok
16:36:24.0643 0x0ac8 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:36:24.0657 0x0ac8 usbcir - ok
16:36:24.0677 0x0ac8 [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:36:24.0686 0x0ac8 usbehci - ok
16:36:24.0696 0x0ac8 [ 573D192E268F0C5B486B7E96F661E538, 0F32BD82CA7B5D4DE234EFC6527EF4C854BD15B3057FE4A0151C70115493FFDC ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
16:36:24.0704 0x0ac8 usbfilter - ok
16:36:24.0725 0x0ac8 [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:36:24.0743 0x0ac8 usbhub - ok
16:36:24.0755 0x0ac8 [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
16:36:24.0764 0x0ac8 usbohci - ok
16:36:24.0771 0x0ac8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
16:36:24.0783 0x0ac8 usbprint - ok
16:36:24.0810 0x0ac8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:36:24.0821 0x0ac8 USBSTOR - ok
16:36:24.0838 0x0ac8 [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:36:24.0847 0x0ac8 usbuhci - ok
16:36:24.0872 0x0ac8 [ 70D05EE263568A742D14E1876DF80532, D49D7B60EE30F2398B8B532F4A4C3F17535485F2BDB9B14AB600E2A4E3F12A6B ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
16:36:24.0881 0x0ac8 usb_rndisx - ok
16:36:24.0890 0x0ac8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:36:24.0921 0x0ac8 UxSms - ok
16:36:24.0961 0x0ac8 [ 34AF631F8D8BDBE77E7FBD99FF147D3F, B767E46330C27F3C6BDF3E1EC363B8BE702B7B3CC793698B829460EAA2426EE1 ] V0640Vid C:\Windows\system32\DRIVERS\V0640Vid.sys
16:36:24.0977 0x0ac8 V0640Vid - ok
16:36:24.0995 0x0ac8 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\Windows\system32\lsass.exe
16:36:25.0005 0x0ac8 VaultSvc - ok
16:36:25.0015 0x0ac8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:36:25.0024 0x0ac8 vdrvroot - ok
16:36:25.0052 0x0ac8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:36:25.0095 0x0ac8 vds - ok
16:36:25.0104 0x0ac8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:36:25.0116 0x0ac8 vga - ok
16:36:25.0128 0x0ac8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:36:25.0158 0x0ac8 VgaSave - ok
16:36:25.0179 0x0ac8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:36:25.0192 0x0ac8 vhdmp - ok
16:36:25.0207 0x0ac8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:36:25.0215 0x0ac8 viaide - ok
16:36:25.0220 0x0ac8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:36:25.0230 0x0ac8 volmgr - ok
16:36:25.0256 0x0ac8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:36:25.0272 0x0ac8 volmgrx - ok
16:36:25.0288 0x0ac8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:36:25.0302 0x0ac8 volsnap - ok
16:36:25.0330 0x0ac8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:36:25.0341 0x0ac8 vsmraid - ok
16:36:25.0396 0x0ac8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:36:25.0470 0x0ac8 VSS - ok
16:36:25.0482 0x0ac8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:36:25.0494 0x0ac8 vwifibus - ok
16:36:25.0508 0x0ac8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:36:25.0523 0x0ac8 vwififlt - ok
16:36:25.0534 0x0ac8 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:36:25.0548 0x0ac8 vwifimp - ok
16:36:25.0570 0x0ac8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:36:25.0609 0x0ac8 W32Time - ok
16:36:25.0622 0x0ac8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:36:25.0632 0x0ac8 WacomPen - ok
16:36:25.0646 0x0ac8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:36:25.0677 0x0ac8 WANARP - ok
16:36:25.0681 0x0ac8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:36:25.0711 0x0ac8 Wanarpv6 - ok
16:36:25.0763 0x0ac8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:36:25.0814 0x0ac8 wbengine - ok
16:36:25.0835 0x0ac8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:36:25.0855 0x0ac8 WbioSrvc - ok
16:36:25.0866 0x0ac8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:36:25.0890 0x0ac8 wcncsvc - ok
16:36:25.0904 0x0ac8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:36:25.0915 0x0ac8 WcsPlugInService - ok
16:36:25.0918 0x0ac8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
16:36:25.0927 0x0ac8 Wd - ok
16:36:25.0966 0x0ac8 [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:36:25.0993 0x0ac8 Wdf01000 - ok
16:36:26.0005 0x0ac8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:36:26.0022 0x0ac8 WdiServiceHost - ok
16:36:26.0026 0x0ac8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:36:26.0043 0x0ac8 WdiSystemHost - ok
16:36:26.0058 0x0ac8 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
16:36:26.0079 0x0ac8 WebClient - ok
16:36:26.0088 0x0ac8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:36:26.0125 0x0ac8 Wecsvc - ok
16:36:26.0140 0x0ac8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:36:26.0173 0x0ac8 wercplsupport - ok
16:36:26.0178 0x0ac8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:36:26.0211 0x0ac8 WerSvc - ok
16:36:26.0214 0x0ac8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:36:26.0243 0x0ac8 WfpLwf - ok
16:36:26.0258 0x0ac8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:36:26.0266 0x0ac8 WIMMount - ok
16:36:26.0297 0x0ac8 WinDefend - ok
16:36:26.0302 0x0ac8 WinHttpAutoProxySvc - ok
16:36:26.0354 0x0ac8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:36:26.0389 0x0ac8 Winmgmt - ok
16:36:26.0465 0x0ac8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
16:36:26.0548 0x0ac8 WinRM - ok
16:36:26.0575 0x0ac8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:36:26.0587 0x0ac8 WinUsb - ok
16:36:26.0633 0x0ac8 [ 0F695800783C3F9E577B94BF1E71D95A, EA10AA7D61167ED0AB5C741C42DAA32A4906C46F85D593D4ED00656318451DE4 ] WLANBelkinService C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
16:36:26.0636 0x0ac8 WLANBelkinService - detected UnsignedFile.Multi.Generic ( 1 )
16:36:26.0636 0x0ac8 Detect skipped due to KSN trusted
16:36:26.0637 0x0ac8 WLANBelkinService - ok
16:36:26.0671 0x0ac8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:36:26.0709 0x0ac8 Wlansvc - ok
16:36:26.0724 0x0ac8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:36:26.0734 0x0ac8 WmiAcpi - ok
16:36:26.0754 0x0ac8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:36:26.0769 0x0ac8 wmiApSrv - ok
16:36:26.0783 0x0ac8 WMPNetworkSvc - ok
16:36:26.0796 0x0ac8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:36:26.0805 0x0ac8 WPCSvc - ok
16:36:26.0815 0x0ac8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:36:26.0830 0x0ac8 WPDBusEnum - ok
16:36:26.0838 0x0ac8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:36:26.0867 0x0ac8 ws2ifsl - ok
16:36:26.0878 0x0ac8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
16:36:26.0896 0x0ac8 wscsvc - ok
16:36:26.0898 0x0ac8 WSearch - ok
16:36:26.0978 0x0ac8 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
16:36:27.0044 0x0ac8 wuauserv - ok
16:36:27.0072 0x0ac8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:36:27.0083 0x0ac8 WudfPf - ok
16:36:27.0101 0x0ac8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:36:27.0114 0x0ac8 WUDFRd - ok
16:36:27.0134 0x0ac8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:36:27.0146 0x0ac8 wudfsvc - ok
16:36:27.0165 0x0ac8 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
16:36:27.0186 0x0ac8 WwanSvc - ok
16:36:27.0215 0x0ac8 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
16:36:27.0225 0x0ac8 xusb21 - ok
16:36:27.0266 0x0ac8 ================ Scan global ===============================
16:36:27.0284 0x0ac8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:36:27.0309 0x0ac8 [ 9E479C2B605C25DA4971ABA36250FAEF, 1D1D5CE908A6B17CDFA257A46121D7C938B56277B0F5256FBA29DF93352EAA3D ] C:\Windows\system32\winsrv.dll
16:36:27.0321 0x0ac8 [ 9E479C2B605C25DA4971ABA36250FAEF, 1D1D5CE908A6B17CDFA257A46121D7C938B56277B0F5256FBA29DF93352EAA3D ] C:\Windows\system32\winsrv.dll
16:36:27.0340 0x0ac8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:36:27.0364 0x0ac8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:36:27.0371 0x0ac8 [ Global ] - ok
16:36:27.0372 0x0ac8 ================ Scan MBR ==================================
16:36:27.0381 0x0ac8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:36:27.0543 0x0ac8 \Device\Harddisk0\DR0 - ok
16:36:27.0544 0x0ac8 ================ Scan VBR ==================================
16:36:27.0546 0x0ac8 [ 9610C77DA5E23C3AECA92E2D52FABC7A ] \Device\Harddisk0\DR0\Partition1
16:36:27.0564 0x0ac8 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
16:36:27.0564 0x0ac8 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
16:36:29.0943 0x0ac8 [ 9E1977327432C5762A805BF11DC23C78 ] \Device\Harddisk0\DR0\Partition2
16:36:29.0974 0x0ac8 \Device\Harddisk0\DR0\Partition2 - ok
16:36:29.0974 0x0ac8 ================ Scan generic autorun ======================
16:36:30.0081 0x0ac8 [ 5B72629C8144D1A96490D4C090D28DA1, 114891B9E7E05D2B86C8E3CD7B4096088491E338C3B1902F9352D40B47DD418C ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
16:36:30.0141 0x0ac8 IntelliPoint - ok
16:36:30.0472 0x0ac8 [ FBDF607ED7EF0467639DB501E1FD938C, 040528158D85D13122DB043144A982D6DC8744E75D140DB17A9BA5B93DC6B74D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:36:30.0745 0x0ac8 RtHDVCpl - ok
16:36:30.0767 0x0ac8 G Data AntiVirus Tray Application - ok
16:36:30.0767 0x0ac8 GDFirewallTray - ok
16:36:30.0835 0x0ac8 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
16:36:30.0863 0x0ac8 Adobe ARM - ok
16:36:30.0902 0x0ac8 [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
16:36:30.0910 0x0ac8 APSDaemon - ok
16:36:30.0956 0x0ac8 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
16:36:30.0966 0x0ac8 UpdateLBPShortCut - ok
16:36:30.0998 0x0ac8 [ CD1E74BC24CB1D1544406741F46F4D61, 658529854926471AE413D8A365C8E6500AEBDC33A562607DAB185F1571A5524B ] C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe
16:36:31.0008 0x0ac8 MDS_Menu - ok
16:36:31.0044 0x0ac8 [ 572024F59132BC3A2AC5E60A6C48D31E, 8BC1BA9BAB555DDF246100A511E9B54FB790F0F871868DCB54B0F83AA9E7306B ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
16:36:31.0052 0x0ac8 CLMLServer - ok
16:36:31.0092 0x0ac8 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
16:36:31.0103 0x0ac8 UpdateP2GoShortCut - ok
16:36:31.0125 0x0ac8 [ 54986909FA8EB661E0B3BF258935588D, CF42472CD6F5D96F2A37C6B1E752E8AA622B045AC9D4C2AFAF9EC1605BCEDEA9 ] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
16:36:31.0133 0x0ac8 RemoteControl9 - ok
16:36:31.0145 0x0ac8 [ E347862038C50FE3A5023D785C80B3E5, 6DC25B56FCD097ECE7A18859B7F6A14BC52ED09AD0C7481689FEB8DDC47F1075 ] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
16:36:31.0153 0x0ac8 BDRegion - ok
16:36:31.0205 0x0ac8 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe
16:36:31.0216 0x0ac8 UpdatePPShortCut - ok
16:36:31.0257 0x0ac8 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
16:36:31.0267 0x0ac8 UCam_Menu - ok
16:36:31.0287 0x0ac8 [ 9D56299FA5C9B3D9E67FF3ACB301139F, 202A0542BEA33C5F78A406EF9479EB7BD42FCBEAC9F49F38F6ECC48554117811 ] C:\Program Files (x86)\lg_fwupdate\lgfw.exe
16:36:31.0294 0x0ac8 LGODDFU - ok
16:36:31.0336 0x0ac8 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe
16:36:31.0347 0x0ac8 UpdatePSTShortCut - ok
16:36:31.0419 0x0ac8 [ 4452B3D4116EC5F81ACF33A80F264473, 8C7037DFCCB5165385DF67082E5183A3155574773B15C2FAB811F31C93D3325E ] C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 2\CTLVCentral2.exe
16:36:31.0434 0x0ac8 Live! Central 2 - detected UnsignedFile.Multi.Generic ( 1 )
16:36:31.0434 0x0ac8 Detect skipped due to KSN trusted
16:36:31.0434 0x0ac8 Live! Central 2 - ok
16:36:31.0439 0x0ac8 [ 4791A9FFA41B6744B4B5C9C6572E4EBB, 67B52BDA297F95570EAA4B0C7F0FAFBAC2FB4A69603EB45E712086D26A47379B ] C:\Windows\V0640Mon.exe
16:36:31.0448 0x0ac8 V0640Mon.exe - ok
16:36:31.0493 0x0ac8 [ E4401CF27225C1D6E664E86195978562, F572A2757C2A649E25F52F7071E6A2CCF298C60A8F2B15A0E2D800F890C4FD93 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
16:36:31.0502 0x0ac8 iTunesHelper - ok
16:36:31.0554 0x0ac8 [ 8DDA2B606279753601F9415DA503CA63, 2C9AD8218E150B6D50817991377ED3230A1672EFBD7AE29D0CD9E55E2418C800 ] C:\Program Files (x86)\QuickTime\QTTask.exe
16:36:31.0569 0x0ac8 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
16:36:31.0569 0x0ac8 Detect skipped due to KSN trusted
16:36:31.0569 0x0ac8 QuickTime Task - ok
16:36:31.0628 0x0ac8 [ 4CB7CEE3F7540B0BEDBD158D75F06509, 73348467A976AF06928B402E12A622BB1B5BD8BB2AC6446117E1FD1EEAFED217 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
16:36:31.0649 0x0ac8 StartCCC - ok
16:36:31.0686 0x0ac8 [ 5E7601CCBC2A98A4457E50612E0AEE73, 3F5FDCF1BEC5B134433F62ADD5C2931F700F2B7CBEDB0A98EF1362BF6E9FAC03 ] C:\Program Files (x86)\Drakonia Configurator\hid.exe
16:36:31.0695 0x0ac8 GamingMouse - detected UnsignedFile.Multi.Generic ( 1 )
16:36:31.0695 0x0ac8 Detect skipped due to KSN trusted
16:36:31.0695 0x0ac8 GamingMouse - ok
16:36:31.0759 0x0ac8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:36:31.0800 0x0ac8 Sidebar - ok
16:36:31.0835 0x0ac8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:36:31.0852 0x0ac8 mctadmin - ok
16:36:31.0881 0x0ac8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:36:31.0920 0x0ac8 Sidebar - ok
16:36:31.0926 0x0ac8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:36:31.0943 0x0ac8 mctadmin - ok
16:36:32.0033 0x0ac8 [ AFD67CED4279C1FBA095F1603D18E59F, 0F4E580D5F13EA0198D32D29A8500E193B18F266CCF354778032CAFD496337E1 ] C:\Program Files (x86)\Steam\steam.exe
16:36:32.0083 0x0ac8 Steam - ok
16:36:32.0157 0x0ac8 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
16:36:32.0205 0x0ac8 Sidebar - ok
16:36:32.0207 0x0ac8 LightScribe Control Panel - ok
16:36:32.0257 0x0ac8 [ 026FCF998F9C5986BB31DA44FB571BBF, 4163733DCB9721B5C8FF0BFF66AE22AB9B886622B8FD992D0AF1963BCFCAFE3C ] C:\Users\Basti\Desktop\Isos uns Setups\WinRemoteService_v1.2.9_portable\Windows Remote Service\WindowsRemoteService.exe
16:36:32.0265 0x0ac8 Windows Remote Service - detected UnsignedFile.Multi.Generic ( 1 )
16:36:32.0265 0x0ac8 Detect skipped due to KSN trusted
16:36:32.0265 0x0ac8 Windows Remote Service - ok
16:36:32.0831 0x0ac8 [ 9D4A0ECBF734E2EECDD5B473A2D705FE, F663B8EDA4C75DB6D3E3B68EE938FE43B0C05EF9B09598BFEB147D041D3F6A17 ] C:\Program Files (x86)\Skype\Phone\Skype.exe
16:36:33.0340 0x0ac8 Skype - ok
16:36:33.0410 0x0ac8 [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
16:36:33.0431 0x0ac8 RESTART_STICKY_NOTES - ok
16:36:33.0607 0x0ac8 [ 978B3D42B75CAF33553577E78E612709, 4B999342B616A7566F198F937A6B5E81BC7F9D2155CE8238D58239B5CD8BFDCE ] C:\Program Files (x86)\Origin\Origin.exe
16:36:33.0694 0x0ac8 EADM - ok
16:36:33.0700 0x0ac8 LightScribe Control Panel - ok
16:36:33.0772 0x0ac8 [ AFD67CED4279C1FBA095F1603D18E59F, 0F4E580D5F13EA0198D32D29A8500E193B18F266CCF354778032CAFD496337E1 ] C:\Program Files (x86)\Steam\steam.exe
16:36:33.0821 0x0ac8 Steam - ok
16:36:34.0375 0x0ac8 [ 9D4A0ECBF734E2EECDD5B473A2D705FE, F663B8EDA4C75DB6D3E3B68EE938FE43B0C05EF9B09598BFEB147D041D3F6A17 ] C:\Program Files (x86)\Skype\Phone\Skype.exe
16:36:34.0882 0x0ac8 Skype - ok
16:36:34.0963 0x0ac8 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
16:36:35.0011 0x0ac8 Sidebar - ok
16:36:35.0126 0x0ac8 [ DC34596BFCF0BD472AA1D48449D8A7DF, B1A1AD8A72D585525CC4FEA4984EAD0AC0077640D2A4CF478BAA10BA3F08711A ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
16:36:35.0216 0x0ac8 DAEMON Tools Lite - ok
16:36:35.0232 0x0ac8 Pando Media Booster - ok
16:36:35.0256 0x0ac8 [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
16:36:35.0277 0x0ac8 RESTART_STICKY_NOTES - ok
16:36:35.0346 0x0ac8 [ 862753AE696BD34EFCCB2A422E273C08, 5FA9423D35A236FACCE5A2AC5B7F50570804796E178EC0F79A412F41710D612B ] C:\Users\Basti\AppData\Local\Temp\CTPBSeq.exe
16:36:35.0350 0x0ac8 CTPostBootSequencer - detected UnsignedFile.Multi.Generic ( 1 )
16:36:35.0351 0x0ac8 Detect skipped due to KSN trusted
16:36:35.0351 0x0ac8 CTPostBootSequencer - ok
16:36:35.0358 0x0ac8 Win FW state via NFP2: enabled
16:36:37.0737 0x0ac8 ============================================================
16:36:37.0737 0x0ac8 Scan finished
16:36:37.0737 0x0ac8 ============================================================
16:36:37.0742 0x1050 Detected object count: 1
16:36:37.0742 0x1050 Actual detected object count: 1
16:36:50.0411 0x1050 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user
16:36:50.0411 0x1050 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip
|
|
03.09.2014, 08:09
| #9 |
| /// the machine /// TB-Ausbilder | Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher Starte TDSSkiller.exe mit Doppelklick. Vista und Win7 User mit Rechtsklick "als Administrator starten"
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt Poste den Inhalt bitte hier in deinen Thread. Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.09.2014, 10:28
| #10 |
| | Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher Hier das TDSS log Code:
ATTFilter 10:50:02.0993 0x17b4 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
10:50:06.0786 0x17b4 ============================================================
10:50:06.0786 0x17b4 Current date / time: 2014/09/03 10:50:06.0786
10:50:06.0786 0x17b4 SystemInfo:
10:50:06.0786 0x17b4
10:50:06.0786 0x17b4 OS Version: 6.1.7601 ServicePack: 1.0
10:50:06.0786 0x17b4 Product type: Workstation
10:50:06.0786 0x17b4 ComputerName: KUNDEN-C2A4T6U6
10:50:06.0786 0x17b4 UserName: Basti
10:50:06.0786 0x17b4 Windows directory: C:\Windows
10:50:06.0786 0x17b4 System windows directory: C:\Windows
10:50:06.0786 0x17b4 Running under WOW64
10:50:06.0786 0x17b4 Processor architecture: Intel x64
10:50:06.0786 0x17b4 Number of processors: 6
10:50:06.0786 0x17b4 Page size: 0x1000
10:50:06.0786 0x17b4 Boot type: Normal boot
10:50:06.0786 0x17b4 ============================================================
10:50:07.0028 0x17b4 KLMD registered as C:\Windows\system32\drivers\94684036.sys
10:50:07.0254 0x17b4 System UUID: {274326C4-A3C0-1F5E-987D-4B96D8B40664}
10:50:07.0586 0x17b4 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:50:07.0605 0x17b4 ============================================================
10:50:07.0605 0x17b4 \Device\Harddisk0\DR0:
10:50:07.0605 0x17b4 MBR partitions:
10:50:07.0605 0x17b4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:50:07.0605 0x17b4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
10:50:07.0605 0x17b4 ============================================================
10:50:07.0632 0x17b4 C: <-> \Device\Harddisk0\DR0\Partition2
10:50:07.0632 0x17b4 ============================================================
10:50:07.0632 0x17b4 Initialize success
10:50:07.0632 0x17b4 ============================================================
10:50:46.0174 0x0e28 ============================================================
10:50:46.0174 0x0e28 Scan started
10:50:46.0174 0x0e28 Mode: Manual;
10:50:46.0174 0x0e28 ============================================================
10:50:46.0174 0x0e28 KSN ping started
10:50:46.0189 0x0e28 KSN ping finished: false
10:50:47.0172 0x0e28 ================ Scan system memory ========================
10:50:47.0172 0x0e28 System memory - ok
10:50:47.0172 0x0e28 ================ Scan services =============================
10:50:47.0328 0x0e28 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:50:47.0328 0x0e28 1394ohci - ok
10:50:47.0406 0x0e28 [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
10:50:47.0406 0x0e28 acedrv11 - ok
10:50:47.0437 0x0e28 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:50:47.0437 0x0e28 ACPI - ok
10:50:47.0453 0x0e28 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:50:47.0453 0x0e28 AcpiPmi - ok
10:50:47.0531 0x0e28 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:50:47.0531 0x0e28 AdobeARMservice - ok
10:50:47.0624 0x0e28 [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:50:47.0624 0x0e28 AdobeFlashPlayerUpdateSvc - ok
10:50:47.0671 0x0e28 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:50:47.0671 0x0e28 adp94xx - ok
10:50:47.0702 0x0e28 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:50:47.0702 0x0e28 adpahci - ok
10:50:47.0734 0x0e28 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:50:47.0734 0x0e28 adpu320 - ok
10:50:47.0765 0x0e28 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:50:47.0765 0x0e28 AeLookupSvc - ok
10:50:47.0812 0x0e28 [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\Windows\system32\drivers\afd.sys
10:50:47.0827 0x0e28 AFD - ok
10:50:47.0843 0x0e28 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
10:50:47.0843 0x0e28 agp440 - ok
10:50:47.0858 0x0e28 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:50:47.0874 0x0e28 ALG - ok
10:50:47.0890 0x0e28 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
10:50:47.0890 0x0e28 aliide - ok
10:50:47.0936 0x0e28 [ 4EAAAAB8759644D572522FBCDD196A13, EF1ECE8073B048C2286F639BA76C523B6B267B64447358383C042BD593194350 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:50:47.0936 0x0e28 AMD External Events Utility - ok
10:50:47.0999 0x0e28 AMD FUEL Service - ok
10:50:47.0999 0x0e28 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
10:50:47.0999 0x0e28 amdide - ok
10:50:48.0030 0x0e28 [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\Windows\system32\DRIVERS\amdiox64.sys
10:50:48.0030 0x0e28 amdiox64 - ok
10:50:48.0046 0x0e28 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:50:48.0046 0x0e28 AmdK8 - ok
10:50:48.0342 0x0e28 [ 22A14DF59FB8D0BE918C597988AF4296, 714BD1BB63D732C6D03DFA1C2D81A2E00659C04052E110F0BF1EB74A7CD39B1C ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
10:50:48.0576 0x0e28 amdkmdag - ok
10:50:48.0638 0x0e28 [ EE22D3ED6D55A855E709F811CCCA97ED, 179F34CF6E0C2F821EBC0AECF09AAA0867616CCBB5EA6B17891860B27D56AC66 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
10:50:48.0654 0x0e28 amdkmdap - ok
10:50:48.0670 0x0e28 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:50:48.0670 0x0e28 AmdPPM - ok
10:50:48.0701 0x0e28 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:50:48.0701 0x0e28 amdsata - ok
10:50:48.0748 0x0e28 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:50:48.0748 0x0e28 amdsbs - ok
10:50:48.0779 0x0e28 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:50:48.0779 0x0e28 amdxata - ok
10:50:48.0826 0x0e28 [ 2FBB00A7616106B95104574C6CD640C2, 06DE79B42EBBBBA01DAB289D4280E131D780066CD7E4499229CD5EB1E597A017 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
10:50:48.0826 0x0e28 amd_sata - ok
10:50:48.0872 0x0e28 [ 87D0D7645CB0D53220649BD5FE15D93E, 195B25BC640BE5D802F530FAA68D3325A6C076DE8A7E56833372C3B2B53B673B ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
10:50:48.0872 0x0e28 amd_xata - ok
10:50:48.0950 0x0e28 [ 9D267443B7CE8A29899B9C9FF9E846B8, D8775F01A5598DEC2B70F98FD5B7160CA56352DE81AB265B21B68BE234DD4E77 ] Ant App service C:\Program Files (x86)\Ant.com\File1 Package Manager\AppService.exe
10:50:48.0950 0x0e28 Ant App service - ok
10:50:48.0982 0x0e28 [ 5A528A540B1AEE8B1C77ED65094E8CDF, 6E3DE68E630B81425056AB58E64721DD41F56491DD2D281CBB86AA7EF9CAD0E0 ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
10:50:48.0982 0x0e28 AODDriver4.2 - ok
10:50:49.0044 0x0e28 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
10:50:49.0060 0x0e28 AppID - ok
10:50:49.0106 0x0e28 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:50:49.0106 0x0e28 AppIDSvc - ok
10:50:49.0106 0x0e28 [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo C:\Windows\System32\appinfo.dll
10:50:49.0106 0x0e28 Appinfo - ok
10:50:49.0153 0x0e28 [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:50:49.0153 0x0e28 Apple Mobile Device - ok
10:50:49.0184 0x0e28 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
10:50:49.0184 0x0e28 arc - ok
10:50:49.0200 0x0e28 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:50:49.0200 0x0e28 arcsas - ok
10:50:49.0231 0x0e28 [ 954950D11ADA98AC1B7EE3C770E4622C, D6D4700D7359AB84FB362305FBF2389B4EF51B4190EC2E0D4C7FEF80A06A0D0B ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
10:50:49.0231 0x0e28 asmthub3 - ok
10:50:49.0262 0x0e28 [ 01DBB05DB1DB95803E3C9F2B49AFE79C, 286310787F7EB7B237CB0082567BDA2F57D8F88C37015F6637FF6A6775CAA5AE ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
10:50:49.0278 0x0e28 asmtxhci - ok
10:50:49.0372 0x0e28 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:50:49.0372 0x0e28 aspnet_state - ok
10:50:49.0387 0x0e28 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:50:49.0387 0x0e28 AsyncMac - ok
10:50:49.0403 0x0e28 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
10:50:49.0403 0x0e28 atapi - ok
10:50:49.0450 0x0e28 [ 437F55435623D4D54D36197F5AD8B435, CE004F1E3299E39AFD70C8618253901614C0F3DBD594B6F0E1BA294C7B47FAD6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
10:50:49.0450 0x0e28 AtiHDAudioService - ok
10:50:49.0496 0x0e28 [ 64F07381335E37C142F6D176705FFCA6, 8F7F633B891FE653D3298578897711A04E7B2B08E51CEE131C50102EFD45AC0E ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
10:50:49.0496 0x0e28 atksgt - ok
10:50:49.0528 0x0e28 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:50:49.0543 0x0e28 AudioEndpointBuilder - ok
10:50:49.0559 0x0e28 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:50:49.0574 0x0e28 AudioSrv - ok
10:50:49.0590 0x0e28 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:50:49.0606 0x0e28 AxInstSV - ok
10:50:49.0637 0x0e28 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
10:50:49.0637 0x0e28 b06bdrv - ok
10:50:49.0668 0x0e28 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:50:49.0668 0x0e28 b57nd60a - ok
10:50:49.0730 0x0e28 [ E49110A58A32E9450356686A95DD7763, 0C16196F48184907B92167AD6C4DA3A6039711AB99CB0D2D1BD37F935696303B ] BCMH43XX C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
10:50:49.0746 0x0e28 BCMH43XX - ok
10:50:49.0746 0x0e28 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:50:49.0746 0x0e28 BDESVC - ok
10:50:49.0777 0x0e28 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:50:49.0777 0x0e28 Beep - ok
10:50:49.0808 0x0e28 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
10:50:49.0824 0x0e28 BFE - ok
10:50:49.0855 0x0e28 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
10:50:49.0871 0x0e28 BITS - ok
10:50:49.0902 0x0e28 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:50:49.0902 0x0e28 blbdrive - ok
10:50:49.0964 0x0e28 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:50:49.0980 0x0e28 Bonjour Service - ok
10:50:50.0011 0x0e28 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:50:50.0011 0x0e28 bowser - ok
10:50:50.0027 0x0e28 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
10:50:50.0027 0x0e28 BrFiltLo - ok
10:50:50.0042 0x0e28 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
10:50:50.0042 0x0e28 BrFiltUp - ok
10:50:50.0089 0x0e28 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:50:50.0089 0x0e28 Browser - ok
10:50:50.0105 0x0e28 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:50:50.0120 0x0e28 Brserid - ok
10:50:50.0120 0x0e28 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:50:50.0120 0x0e28 BrSerWdm - ok
10:50:50.0136 0x0e28 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:50:50.0136 0x0e28 BrUsbMdm - ok
10:50:50.0136 0x0e28 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:50:50.0136 0x0e28 BrUsbSer - ok
10:50:50.0167 0x0e28 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
10:50:50.0167 0x0e28 BthEnum - ok
10:50:50.0183 0x0e28 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:50:50.0183 0x0e28 BTHMODEM - ok
10:50:50.0198 0x0e28 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:50:50.0198 0x0e28 BthPan - ok
10:50:50.0245 0x0e28 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
10:50:50.0261 0x0e28 BTHPORT - ok
10:50:50.0292 0x0e28 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:50:50.0292 0x0e28 bthserv - ok
10:50:50.0308 0x0e28 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
10:50:50.0308 0x0e28 BTHUSB - ok
10:50:50.0323 0x0e28 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:50:50.0323 0x0e28 cdfs - ok
10:50:50.0354 0x0e28 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:50:50.0354 0x0e28 cdrom - ok
10:50:50.0370 0x0e28 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:50:50.0370 0x0e28 CertPropSvc - ok
10:50:50.0370 0x0e28 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
10:50:50.0386 0x0e28 circlass - ok
10:50:50.0401 0x0e28 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
10:50:50.0401 0x0e28 CLFS - ok
10:50:50.0526 0x0e28 [ 4642B5A3E0D2E61D08163DE95FC5B949, C1A502ED96EB4AF7FE8643AD139A0AAA5492583E6D83A3937443662CDD430FE4 ] CLKMSVC10_9EC60124 C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe
10:50:50.0526 0x0e28 CLKMSVC10_9EC60124 - ok
10:50:50.0573 0x0e28 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:50:50.0573 0x0e28 clr_optimization_v2.0.50727_32 - ok
10:50:50.0604 0x0e28 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:50:50.0620 0x0e28 clr_optimization_v2.0.50727_64 - ok
10:50:50.0666 0x0e28 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:50:50.0666 0x0e28 clr_optimization_v4.0.30319_32 - ok
10:50:50.0682 0x0e28 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:50:50.0682 0x0e28 clr_optimization_v4.0.30319_64 - ok
10:50:50.0698 0x0e28 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
10:50:50.0698 0x0e28 CmBatt - ok
10:50:50.0713 0x0e28 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:50:50.0713 0x0e28 cmdide - ok
10:50:50.0760 0x0e28 [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG C:\Windows\system32\Drivers\cng.sys
10:50:50.0760 0x0e28 CNG - ok
10:50:50.0776 0x0e28 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
10:50:50.0776 0x0e28 Compbatt - ok
10:50:50.0807 0x0e28 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
10:50:50.0807 0x0e28 CompositeBus - ok
10:50:50.0822 0x0e28 COMSysApp - ok
10:50:50.0822 0x0e28 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:50:50.0822 0x0e28 crcdisk - ok
10:50:50.0885 0x0e28 [ 9C01375BE382E834CC26D1B7EAF2C4FE, B1D1E36B91A3C3CD09428EE3403896F71390A2798323BB406B484D9DB064A219 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:50:50.0885 0x0e28 CryptSvc - ok
10:50:50.0932 0x0e28 [ 580033E37BEB30E7176CAF46D8C282F3, 67B51B89E13831758486766357916592FB581FAFD27BD83DBAF4C658247C74D0 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
10:50:50.0932 0x0e28 CtClsFlt - ok
10:50:50.0978 0x0e28 [ C7259495924D21F1AFA26467D9F4DAE0, 7FF991D7FE660E7CAC682FC82B9C44EC38E267A0C3AAE0C4FAEE0853756AF5C8 ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
10:50:50.0978 0x0e28 dc3d - ok
10:50:51.0010 0x0e28 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:50:51.0025 0x0e28 DcomLaunch - ok
10:50:51.0056 0x0e28 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:50:51.0056 0x0e28 defragsvc - ok
10:50:51.0088 0x0e28 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:50:51.0088 0x0e28 DfsC - ok
10:50:51.0119 0x0e28 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:50:51.0119 0x0e28 Dhcp - ok
10:50:51.0134 0x0e28 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:50:51.0134 0x0e28 discache - ok
10:50:51.0181 0x0e28 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
10:50:51.0181 0x0e28 Disk - ok
10:50:51.0197 0x0e28 DisplayFusionService - ok
10:50:51.0244 0x0e28 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:50:51.0244 0x0e28 Dnscache - ok
10:50:51.0259 0x0e28 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:50:51.0259 0x0e28 dot3svc - ok
10:50:51.0275 0x0e28 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:50:51.0275 0x0e28 DPS - ok
10:50:51.0306 0x0e28 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:50:51.0306 0x0e28 drmkaud - ok
10:50:51.0337 0x0e28 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
10:50:51.0353 0x0e28 dtsoftbus01 - ok
10:50:51.0384 0x0e28 [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:50:51.0400 0x0e28 DXGKrnl - ok
10:50:51.0415 0x0e28 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:50:51.0415 0x0e28 EapHost - ok
10:50:51.0509 0x0e28 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
10:50:51.0587 0x0e28 ebdrv - ok
10:50:51.0602 0x0e28 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
10:50:51.0602 0x0e28 EFS - ok
10:50:51.0649 0x0e28 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:50:51.0665 0x0e28 ehRecvr - ok
10:50:51.0680 0x0e28 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
10:50:51.0680 0x0e28 ehSched - ok
10:50:51.0712 0x0e28 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:50:51.0712 0x0e28 elxstor - ok
10:50:51.0727 0x0e28 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:50:51.0727 0x0e28 ErrDev - ok
10:50:51.0758 0x0e28 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:50:51.0758 0x0e28 EventSystem - ok
10:50:51.0774 0x0e28 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
10:50:51.0790 0x0e28 exfat - ok
10:50:51.0805 0x0e28 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:50:51.0805 0x0e28 fastfat - ok
10:50:51.0852 0x0e28 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
10:50:51.0868 0x0e28 Fax - ok
10:50:51.0883 0x0e28 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
10:50:51.0883 0x0e28 fdc - ok
10:50:51.0914 0x0e28 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:50:51.0914 0x0e28 fdPHost - ok
10:50:51.0914 0x0e28 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:50:51.0914 0x0e28 FDResPub - ok
10:50:51.0930 0x0e28 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:50:51.0930 0x0e28 FileInfo - ok
10:50:51.0946 0x0e28 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:50:51.0946 0x0e28 Filetrace - ok
10:50:51.0946 0x0e28 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
10:50:51.0946 0x0e28 flpydisk - ok
10:50:51.0977 0x0e28 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:50:51.0977 0x0e28 FltMgr - ok
10:50:52.0024 0x0e28 [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache C:\Windows\system32\FntCache.dll
10:50:52.0055 0x0e28 FontCache - ok
10:50:52.0086 0x0e28 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:50:52.0086 0x0e28 FontCache3.0.0.0 - ok
10:50:52.0086 0x0e28 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:50:52.0086 0x0e28 FsDepends - ok
10:50:52.0133 0x0e28 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:50:52.0133 0x0e28 Fs_Rec - ok
10:50:52.0148 0x0e28 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:50:52.0148 0x0e28 fvevol - ok
10:50:52.0180 0x0e28 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:50:52.0180 0x0e28 gagp30kx - ok
10:50:52.0211 0x0e28 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:50:52.0211 0x0e28 GEARAspiWDM - ok
10:50:52.0242 0x0e28 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
10:50:52.0258 0x0e28 gpsvc - ok
10:50:52.0320 0x0e28 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:50:52.0320 0x0e28 gupdate - ok
10:50:52.0336 0x0e28 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:50:52.0336 0x0e28 gupdatem - ok
10:50:52.0367 0x0e28 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
10:50:52.0367 0x0e28 hamachi - ok
10:50:52.0367 0x0e28 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:50:52.0382 0x0e28 hcw85cir - ok
10:50:52.0414 0x0e28 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:50:52.0414 0x0e28 HdAudAddService - ok
10:50:52.0445 0x0e28 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:50:52.0445 0x0e28 HDAudBus - ok
10:50:52.0460 0x0e28 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
10:50:52.0460 0x0e28 HidBatt - ok
10:50:52.0476 0x0e28 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:50:52.0476 0x0e28 HidBth - ok
10:50:52.0476 0x0e28 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
10:50:52.0476 0x0e28 HidIr - ok
10:50:52.0492 0x0e28 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
10:50:52.0492 0x0e28 hidserv - ok
10:50:52.0507 0x0e28 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:50:52.0507 0x0e28 HidUsb - ok
10:50:52.0523 0x0e28 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:50:52.0523 0x0e28 hkmsvc - ok
10:50:52.0554 0x0e28 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:50:52.0554 0x0e28 HomeGroupListener - ok
10:50:52.0585 0x0e28 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:50:52.0585 0x0e28 HomeGroupProvider - ok
10:50:52.0601 0x0e28 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:50:52.0601 0x0e28 HpSAMD - ok
10:50:52.0648 0x0e28 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:50:52.0663 0x0e28 HTTP - ok
10:50:52.0694 0x0e28 [ 8C7F1C56491A1CF8E32316052324D7F5, FFAB4953108A6E4F09AB34DC95DE3F3C8E50482C945928A8C9613CEB9669CA89 ] hugoio64 C:\Windows\system32\drivers\hugoio64.sys
10:50:52.0694 0x0e28 hugoio64 - ok
10:50:52.0710 0x0e28 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:50:52.0710 0x0e28 hwpolicy - ok
10:50:52.0726 0x0e28 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
10:50:52.0726 0x0e28 i8042prt - ok
10:50:52.0757 0x0e28 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:50:52.0772 0x0e28 iaStorV - ok
10:50:52.0835 0x0e28 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:50:52.0835 0x0e28 IDriverT - ok
10:50:52.0897 0x0e28 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:50:52.0913 0x0e28 idsvc - ok
10:50:52.0928 0x0e28 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:50:52.0928 0x0e28 iirsp - ok
10:50:52.0960 0x0e28 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
10:50:52.0991 0x0e28 IKEEXT - ok
10:50:53.0084 0x0e28 [ 589B94A9B73A0E819FF873743A480834, 49FA8EC38F1C78F38F818CC28F2734802739247F0B89A971D65FDAF3110041A8 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:50:53.0131 0x0e28 IntcAzAudAddService - ok
10:50:53.0147 0x0e28 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
10:50:53.0147 0x0e28 intelide - ok
10:50:53.0162 0x0e28 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
10:50:53.0162 0x0e28 intelppm - ok
10:50:53.0178 0x0e28 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:50:53.0178 0x0e28 IPBusEnum - ok
10:50:53.0194 0x0e28 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:50:53.0194 0x0e28 IpFilterDriver - ok
10:50:53.0225 0x0e28 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:50:53.0240 0x0e28 iphlpsvc - ok
10:50:53.0256 0x0e28 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:50:53.0256 0x0e28 IPMIDRV - ok
10:50:53.0272 0x0e28 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:50:53.0287 0x0e28 IPNAT - ok
10:50:53.0334 0x0e28 [ 0F261EC4F514926177C70C1832374231, 7E61B89FE2651C0C7951E10454267174550677DEAB1C497571A9B0B583687304 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:50:53.0350 0x0e28 iPod Service - ok
10:50:53.0365 0x0e28 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:50:53.0365 0x0e28 IRENUM - ok
10:50:53.0381 0x0e28 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:50:53.0381 0x0e28 isapnp - ok
10:50:53.0396 0x0e28 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:50:53.0396 0x0e28 iScsiPrt - ok
10:50:53.0412 0x0e28 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:50:53.0412 0x0e28 kbdclass - ok
10:50:53.0428 0x0e28 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:50:53.0428 0x0e28 kbdhid - ok
10:50:53.0443 0x0e28 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
10:50:53.0443 0x0e28 KeyIso - ok
10:50:53.0474 0x0e28 [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:50:53.0474 0x0e28 KSecDD - ok
10:50:53.0490 0x0e28 [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:50:53.0490 0x0e28 KSecPkg - ok
10:50:53.0506 0x0e28 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:50:53.0506 0x0e28 ksthunk - ok
10:50:53.0521 0x0e28 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:50:53.0537 0x0e28 KtmRm - ok
10:50:53.0568 0x0e28 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:50:53.0568 0x0e28 LanmanServer - ok
10:50:53.0599 0x0e28 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:50:53.0599 0x0e28 LanmanWorkstation - ok
10:50:53.0630 0x0e28 [ 83BA097ACAAD0B00505634A62D90F93A, 6F1FE2F413A4A939D2D921F537EBB9330E2A65A7C38BD380CF9405792FD03052 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
10:50:53.0630 0x0e28 lirsgt - ok
10:50:53.0646 0x0e28 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:50:53.0662 0x0e28 lltdio - ok
10:50:53.0677 0x0e28 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:50:53.0677 0x0e28 lltdsvc - ok
10:50:53.0693 0x0e28 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:50:53.0693 0x0e28 lmhosts - ok
10:50:53.0724 0x0e28 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:50:53.0724 0x0e28 LSI_FC - ok
10:50:53.0724 0x0e28 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:50:53.0740 0x0e28 LSI_SAS - ok
10:50:53.0740 0x0e28 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
10:50:53.0740 0x0e28 LSI_SAS2 - ok
10:50:53.0755 0x0e28 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:50:53.0755 0x0e28 LSI_SCSI - ok
10:50:53.0771 0x0e28 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
10:50:53.0786 0x0e28 luafv - ok
10:50:53.0802 0x0e28 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:50:53.0802 0x0e28 Mcx2Svc - ok
10:50:53.0802 0x0e28 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
10:50:53.0818 0x0e28 megasas - ok
10:50:53.0833 0x0e28 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
10:50:53.0833 0x0e28 MegaSR - ok
10:50:53.0849 0x0e28 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:50:53.0849 0x0e28 MMCSS - ok
10:50:53.0864 0x0e28 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:50:53.0864 0x0e28 Modem - ok
10:50:53.0896 0x0e28 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:50:53.0896 0x0e28 monitor - ok
10:50:53.0911 0x0e28 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:50:53.0911 0x0e28 mouclass - ok
10:50:53.0911 0x0e28 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:50:53.0911 0x0e28 mouhid - ok
10:50:53.0927 0x0e28 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:50:53.0927 0x0e28 mountmgr - ok
10:50:53.0942 0x0e28 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:50:53.0942 0x0e28 mpio - ok
10:50:53.0958 0x0e28 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:50:53.0974 0x0e28 mpsdrv - ok
10:50:54.0005 0x0e28 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:50:54.0020 0x0e28 MpsSvc - ok
10:50:54.0036 0x0e28 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:50:54.0036 0x0e28 MRxDAV - ok
10:50:54.0067 0x0e28 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:50:54.0067 0x0e28 mrxsmb - ok
10:50:54.0083 0x0e28 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:50:54.0098 0x0e28 mrxsmb10 - ok
10:50:54.0114 0x0e28 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:50:54.0114 0x0e28 mrxsmb20 - ok
10:50:54.0114 0x0e28 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
10:50:54.0114 0x0e28 msahci - ok
10:50:54.0130 0x0e28 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:50:54.0130 0x0e28 msdsm - ok
10:50:54.0145 0x0e28 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:50:54.0145 0x0e28 MSDTC - ok
10:50:54.0176 0x0e28 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:50:54.0176 0x0e28 Msfs - ok
10:50:54.0176 0x0e28 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:50:54.0192 0x0e28 mshidkmdf - ok
10:50:54.0192 0x0e28 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:50:54.0208 0x0e28 msisadrv - ok
10:50:54.0223 0x0e28 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:50:54.0223 0x0e28 MSiSCSI - ok
10:50:54.0223 0x0e28 msiserver - ok
10:50:54.0254 0x0e28 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:50:54.0254 0x0e28 MSKSSRV - ok
10:50:54.0270 0x0e28 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:50:54.0270 0x0e28 MSPCLOCK - ok
10:50:54.0286 0x0e28 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:50:54.0286 0x0e28 MSPQM - ok
10:50:54.0301 0x0e28 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:50:54.0301 0x0e28 MsRPC - ok
10:50:54.0332 0x0e28 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:50:54.0332 0x0e28 mssmbios - ok
10:50:54.0332 0x0e28 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:50:54.0332 0x0e28 MSTEE - ok
10:50:54.0348 0x0e28 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
10:50:54.0348 0x0e28 MTConfig - ok
10:50:54.0364 0x0e28 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:50:54.0364 0x0e28 Mup - ok
10:50:54.0395 0x0e28 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:50:54.0395 0x0e28 napagent - ok
10:50:54.0442 0x0e28 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:50:54.0442 0x0e28 NativeWifiP - ok
10:50:54.0504 0x0e28 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
10:50:54.0535 0x0e28 NDIS - ok
10:50:54.0551 0x0e28 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:50:54.0551 0x0e28 NdisCap - ok
10:50:54.0566 0x0e28 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:50:54.0566 0x0e28 NdisTapi - ok
10:50:54.0582 0x0e28 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:50:54.0582 0x0e28 Ndisuio - ok
10:50:54.0598 0x0e28 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:50:54.0598 0x0e28 NdisWan - ok
10:50:54.0613 0x0e28 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:50:54.0613 0x0e28 NDProxy - ok
10:50:54.0629 0x0e28 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:50:54.0629 0x0e28 NetBIOS - ok
10:50:54.0644 0x0e28 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:50:54.0644 0x0e28 NetBT - ok
10:50:54.0660 0x0e28 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
10:50:54.0660 0x0e28 Netlogon - ok
10:50:54.0691 0x0e28 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:50:54.0691 0x0e28 Netman - ok
10:50:54.0738 0x0e28 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:50:54.0738 0x0e28 NetMsmqActivator - ok
10:50:54.0754 0x0e28 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:50:54.0769 0x0e28 NetPipeActivator - ok
10:50:54.0785 0x0e28 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:50:54.0800 0x0e28 netprofm - ok
10:50:54.0800 0x0e28 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:50:54.0800 0x0e28 NetTcpActivator - ok
10:50:54.0800 0x0e28 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:50:54.0816 0x0e28 NetTcpPortSharing - ok
10:50:54.0832 0x0e28 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:50:54.0832 0x0e28 nfrd960 - ok
10:50:54.0847 0x0e28 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:50:54.0847 0x0e28 NlaSvc - ok
10:50:54.0863 0x0e28 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:50:54.0863 0x0e28 Npfs - ok
10:50:54.0878 0x0e28 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
10:50:54.0878 0x0e28 nsi - ok
10:50:54.0894 0x0e28 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:50:54.0894 0x0e28 nsiproxy - ok
10:50:54.0956 0x0e28 [ E453ACF4E7D44E5530B5D5F2B9CA8563, 85EEBCBB3187A21282619A0264C10E9E52EFE4387F3425D3D279EF460DA3AD06 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:50:55.0003 0x0e28 Ntfs - ok
10:50:55.0003 0x0e28 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:50:55.0019 0x0e28 Null - ok
10:50:55.0050 0x0e28 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:50:55.0050 0x0e28 nvraid - ok
10:50:55.0066 0x0e28 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:50:55.0066 0x0e28 nvstor - ok
10:50:55.0097 0x0e28 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:50:55.0097 0x0e28 nv_agp - ok
10:50:55.0112 0x0e28 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:50:55.0112 0x0e28 ohci1394 - ok
10:50:55.0144 0x0e28 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:50:55.0159 0x0e28 ose - ok
10:50:55.0346 0x0e28 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:50:55.0456 0x0e28 osppsvc - ok
10:50:55.0487 0x0e28 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:50:55.0502 0x0e28 p2pimsvc - ok
10:50:55.0518 0x0e28 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
10:50:55.0534 0x0e28 p2psvc - ok
10:50:55.0549 0x0e28 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
10:50:55.0549 0x0e28 Parport - ok
10:50:55.0580 0x0e28 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:50:55.0580 0x0e28 partmgr - ok
10:50:55.0596 0x0e28 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
10:50:55.0596 0x0e28 PcaSvc - ok
10:50:55.0627 0x0e28 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
10:50:55.0627 0x0e28 pci - ok
10:50:55.0643 0x0e28 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
10:50:55.0643 0x0e28 pciide - ok
10:50:55.0658 0x0e28 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:50:55.0658 0x0e28 pcmcia - ok
10:50:55.0674 0x0e28 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:50:55.0674 0x0e28 pcw - ok
10:50:55.0690 0x0e28 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:50:55.0705 0x0e28 PEAUTH - ok
10:50:55.0752 0x0e28 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:50:55.0752 0x0e28 PerfHost - ok
10:50:55.0799 0x0e28 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
10:50:55.0830 0x0e28 pla - ok
10:50:55.0877 0x0e28 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:50:55.0892 0x0e28 PlugPlay - ok
10:50:55.0955 0x0e28 [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
10:50:55.0955 0x0e28 PnkBstrA - ok
10:50:55.0970 0x0e28 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:50:55.0970 0x0e28 PNRPAutoReg - ok
10:50:55.0970 0x0e28 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:50:55.0986 0x0e28 PNRPsvc - ok
10:50:56.0017 0x0e28 [ 4F0878FD62D5F7444C5F1C4C66D9D293, B381217D6202C06EE992EBDE061FA20376FF71F698022D0A80168CCD1059453C ] Point64 C:\Windows\system32\DRIVERS\point64.sys
10:50:56.0017 0x0e28 Point64 - ok
10:50:56.0064 0x0e28 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:50:56.0064 0x0e28 PolicyAgent - ok
10:50:56.0095 0x0e28 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
10:50:56.0111 0x0e28 Power - ok
10:50:56.0126 0x0e28 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:50:56.0142 0x0e28 PptpMiniport - ok
10:50:56.0142 0x0e28 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
10:50:56.0142 0x0e28 Processor - ok
10:50:56.0189 0x0e28 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
10:50:56.0189 0x0e28 ProfSvc - ok
10:50:56.0220 0x0e28 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
10:50:56.0220 0x0e28 ProtectedStorage - ok
10:50:56.0236 0x0e28 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:50:56.0236 0x0e28 Psched - ok
10:50:56.0298 0x0e28 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:50:56.0329 0x0e28 ql2300 - ok
10:50:56.0345 0x0e28 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:50:56.0345 0x0e28 ql40xx - ok
10:50:56.0360 0x0e28 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:50:56.0376 0x0e28 QWAVE - ok
10:50:56.0376 0x0e28 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:50:56.0392 0x0e28 QWAVEdrv - ok
10:50:56.0392 0x0e28 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:50:56.0392 0x0e28 RasAcd - ok
10:50:56.0392 0x0e28 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:50:56.0392 0x0e28 RasAgileVpn - ok
10:50:56.0407 0x0e28 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:50:56.0407 0x0e28 RasAuto - ok
10:50:56.0423 0x0e28 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:50:56.0423 0x0e28 Rasl2tp - ok
10:50:56.0454 0x0e28 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:50:56.0454 0x0e28 RasMan - ok
10:50:56.0470 0x0e28 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:50:56.0470 0x0e28 RasPppoe - ok
10:50:56.0485 0x0e28 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:50:56.0485 0x0e28 RasSstp - ok
10:50:56.0501 0x0e28 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:50:56.0516 0x0e28 rdbss - ok
10:50:56.0532 0x0e28 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
10:50:56.0532 0x0e28 rdpbus - ok
10:50:56.0548 0x0e28 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:50:56.0548 0x0e28 RDPCDD - ok
10:50:56.0563 0x0e28 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:50:56.0563 0x0e28 RDPENCDD - ok
10:50:56.0579 0x0e28 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:50:56.0579 0x0e28 RDPREFMP - ok
10:50:56.0610 0x0e28 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:50:56.0626 0x0e28 RDPWD - ok
10:50:56.0641 0x0e28 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:50:56.0641 0x0e28 rdyboost - ok
10:50:56.0657 0x0e28 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:50:56.0657 0x0e28 RemoteAccess - ok
10:50:56.0672 0x0e28 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:50:56.0672 0x0e28 RemoteRegistry - ok
10:50:56.0704 0x0e28 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:50:56.0704 0x0e28 RFCOMM - ok
10:50:56.0782 0x0e28 [ F12A68ED55053940CADD59CA5E3468DD, 75331E6DA4E30717085E7D8131989241EBC492DC3EE455546F91DA9DFFFD2BFC ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
10:50:56.0782 0x0e28 RichVideo - ok
10:50:56.0797 0x0e28 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:50:56.0797 0x0e28 RpcEptMapper - ok
10:50:56.0797 0x0e28 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:50:56.0797 0x0e28 RpcLocator - ok
10:50:56.0828 0x0e28 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
10:50:56.0828 0x0e28 RpcSs - ok
10:50:56.0844 0x0e28 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:50:56.0844 0x0e28 rspndr - ok
10:50:56.0906 0x0e28 [ F4C374B1C46DE294B573BB43723AC3F6, 9B8A40BF54262A1949661596CB753D0B591E94577470ED44D498042BD3EA7C10 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:50:56.0906 0x0e28 RTL8167 - ok
10:50:56.0922 0x0e28 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\Windows\system32\lsass.exe
10:50:56.0922 0x0e28 SamSs - ok
10:50:56.0938 0x0e28 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:50:56.0938 0x0e28 sbp2port - ok
10:50:56.0969 0x0e28 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:50:56.0969 0x0e28 SCardSvr - ok
10:50:56.0969 0x0e28 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:50:56.0984 0x0e28 scfilter - ok
10:50:57.0016 0x0e28 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
10:50:57.0047 0x0e28 Schedule - ok
10:50:57.0062 0x0e28 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:50:57.0062 0x0e28 SCPolicySvc - ok
10:50:57.0078 0x0e28 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:50:57.0094 0x0e28 SDRSVC - ok
10:50:57.0094 0x0e28 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:50:57.0094 0x0e28 secdrv - ok
10:50:57.0109 0x0e28 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
10:50:57.0109 0x0e28 seclogon - ok
10:50:57.0125 0x0e28 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
10:50:57.0125 0x0e28 SENS - ok
10:50:57.0140 0x0e28 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:50:57.0140 0x0e28 SensrSvc - ok
10:50:57.0172 0x0e28 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:50:57.0172 0x0e28 Serenum - ok
10:50:57.0203 0x0e28 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:50:57.0203 0x0e28 Serial - ok
10:50:57.0218 0x0e28 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:50:57.0218 0x0e28 sermouse - ok
10:50:57.0218 0x0e28 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:50:57.0234 0x0e28 SessionEnv - ok
10:50:57.0234 0x0e28 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:50:57.0234 0x0e28 sffdisk - ok
10:50:57.0250 0x0e28 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:50:57.0250 0x0e28 sffp_mmc - ok
10:50:57.0250 0x0e28 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:50:57.0250 0x0e28 sffp_sd - ok
10:50:57.0265 0x0e28 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:50:57.0265 0x0e28 sfloppy - ok
10:50:57.0296 0x0e28 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:50:57.0296 0x0e28 SharedAccess - ok
10:50:57.0312 0x0e28 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:50:57.0328 0x0e28 ShellHWDetection - ok
10:50:57.0343 0x0e28 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
10:50:57.0343 0x0e28 SiSRaid2 - ok
10:50:57.0343 0x0e28 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:50:57.0343 0x0e28 SiSRaid4 - ok
10:50:57.0359 0x0e28 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:50:57.0374 0x0e28 SkypeUpdate - ok
10:50:57.0374 0x0e28 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:50:57.0390 0x0e28 Smb - ok
10:50:57.0406 0x0e28 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:50:57.0406 0x0e28 SNMPTRAP - ok
10:50:57.0406 0x0e28 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:50:57.0406 0x0e28 spldr - ok
10:50:57.0452 0x0e28 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
10:50:57.0452 0x0e28 Spooler - ok
10:50:57.0546 0x0e28 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:50:57.0624 0x0e28 sppsvc - ok
10:50:57.0640 0x0e28 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:50:57.0655 0x0e28 sppuinotify - ok
10:50:57.0686 0x0e28 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:50:57.0702 0x0e28 srv - ok
10:50:57.0718 0x0e28 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:50:57.0718 0x0e28 srv2 - ok
10:50:57.0733 0x0e28 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:50:57.0749 0x0e28 srvnet - ok
10:50:57.0749 0x0e28 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:50:57.0764 0x0e28 SSDPSRV - ok
10:50:57.0780 0x0e28 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:50:57.0780 0x0e28 SstpSvc - ok
10:50:57.0842 0x0e28 [ B5C26A6A92C9A6CD64399D2B06D29464, 6CAF09892D4C516361125AAF5387D5BF306EC26133EE45DBBC35C8B6190BAD24 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:50:57.0858 0x0e28 Steam Client Service - ok
10:50:57.0874 0x0e28 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
10:50:57.0874 0x0e28 stexstor - ok
10:50:57.0905 0x0e28 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:50:57.0920 0x0e28 stisvc - ok
10:50:57.0936 0x0e28 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:50:57.0936 0x0e28 swenum - ok
10:50:57.0967 0x0e28 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:50:57.0967 0x0e28 swprv - ok
10:50:58.0030 0x0e28 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
10:50:58.0061 0x0e28 SysMain - ok
10:50:58.0076 0x0e28 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:50:58.0092 0x0e28 TabletInputService - ok
10:50:58.0108 0x0e28 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:50:58.0108 0x0e28 TapiSrv - ok
10:50:58.0123 0x0e28 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
10:50:58.0123 0x0e28 TBS - ok
10:50:58.0201 0x0e28 [ 37608401DFDB388CAF66917F6B2D6FB0, 3E8A594CB84D94C4AFEB5B5657D2DEEECBAF64BB6AD16510BCDDFDE07F099056 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:50:58.0248 0x0e28 Tcpip - ok
10:50:58.0310 0x0e28 [ 37608401DFDB388CAF66917F6B2D6FB0, 3E8A594CB84D94C4AFEB5B5657D2DEEECBAF64BB6AD16510BCDDFDE07F099056 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:50:58.0342 0x0e28 TCPIP6 - ok
10:50:58.0357 0x0e28 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:50:58.0357 0x0e28 tcpipreg - ok
10:50:58.0373 0x0e28 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:50:58.0373 0x0e28 TDPIPE - ok
10:50:58.0404 0x0e28 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:50:58.0404 0x0e28 TDTCP - ok
10:50:58.0404 0x0e28 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:50:58.0420 0x0e28 tdx - ok
10:50:58.0420 0x0e28 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:50:58.0420 0x0e28 TermDD - ok
10:50:58.0451 0x0e28 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
10:50:58.0466 0x0e28 TermService - ok
10:50:58.0466 0x0e28 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
10:50:58.0482 0x0e28 Themes - ok
10:50:58.0498 0x0e28 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:50:58.0498 0x0e28 THREADORDER - ok
10:50:58.0513 0x0e28 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:50:58.0513 0x0e28 TrkWks - ok
10:50:58.0560 0x0e28 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:50:58.0560 0x0e28 TrustedInstaller - ok
10:50:58.0576 0x0e28 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:50:58.0576 0x0e28 tssecsrv - ok
10:50:58.0607 0x0e28 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:50:58.0607 0x0e28 TsUsbFlt - ok
10:50:58.0607 0x0e28 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
10:50:58.0607 0x0e28 TsUsbGD - ok
10:50:58.0638 0x0e28 tswNT - ok
10:50:58.0654 0x0e28 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:50:58.0654 0x0e28 tunnel - ok
10:50:58.0654 0x0e28 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:50:58.0654 0x0e28 uagp35 - ok
10:50:58.0669 0x0e28 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:50:58.0685 0x0e28 udfs - ok
10:50:58.0716 0x0e28 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:50:58.0716 0x0e28 UI0Detect - ok
10:50:58.0732 0x0e28 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:50:58.0732 0x0e28 uliagpkx - ok
10:50:58.0747 0x0e28 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:50:58.0747 0x0e28 umbus - ok
10:50:58.0763 0x0e28 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
10:50:58.0763 0x0e28 UmPass - ok
10:50:58.0794 0x0e28 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:50:58.0794 0x0e28 upnphost - ok
10:50:58.0825 0x0e28 [ 43228F8EDD1B0BCDD3145AD246E63D39, 108D8793E9F94C0A0E895398599B359121751F2E7BAA8B7BD24838AEF646726D ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:50:58.0825 0x0e28 USBAAPL64 - ok
10:50:58.0872 0x0e28 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A, DE1CDDEEF2285CC8387E88ACB13C000576DC8819DF6DC648C988068B5C83BB15 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:50:58.0888 0x0e28 usbaudio - ok
10:50:58.0903 0x0e28 [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:50:58.0903 0x0e28 usbccgp - ok
10:50:58.0919 0x0e28 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:50:58.0919 0x0e28 usbcir - ok
10:50:58.0950 0x0e28 [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:50:58.0950 0x0e28 usbehci - ok
10:50:58.0981 0x0e28 [ 573D192E268F0C5B486B7E96F661E538, 0F32BD82CA7B5D4DE234EFC6527EF4C854BD15B3057FE4A0151C70115493FFDC ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
10:50:58.0981 0x0e28 usbfilter - ok
10:50:58.0997 0x0e28 [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:50:59.0012 0x0e28 usbhub - ok
10:50:59.0012 0x0e28 [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
10:50:59.0012 0x0e28 usbohci - ok
10:50:59.0028 0x0e28 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
10:50:59.0028 0x0e28 usbprint - ok
10:50:59.0059 0x0e28 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:50:59.0059 0x0e28 USBSTOR - ok
10:50:59.0090 0x0e28 [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:50:59.0090 0x0e28 usbuhci - ok
10:50:59.0122 0x0e28 [ 70D05EE263568A742D14E1876DF80532, D49D7B60EE30F2398B8B532F4A4C3F17535485F2BDB9B14AB600E2A4E3F12A6B ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
10:50:59.0122 0x0e28 usb_rndisx - ok
10:50:59.0137 0x0e28 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:50:59.0137 0x0e28 UxSms - ok
10:50:59.0168 0x0e28 [ 34AF631F8D8BDBE77E7FBD99FF147D3F, B767E46330C27F3C6BDF3E1EC363B8BE702B7B3CC793698B829460EAA2426EE1 ] V0640Vid C:\Windows\system32\DRIVERS\V0640Vid.sys
10:50:59.0168 0x0e28 V0640Vid - ok
10:50:59.0184 0x0e28 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\Windows\system32\lsass.exe
10:50:59.0200 0x0e28 VaultSvc - ok
10:50:59.0200 0x0e28 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:50:59.0200 0x0e28 vdrvroot - ok
10:50:59.0231 0x0e28 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:50:59.0246 0x0e28 vds - ok
10:50:59.0262 0x0e28 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:50:59.0262 0x0e28 vga - ok
10:50:59.0278 0x0e28 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:50:59.0278 0x0e28 VgaSave - ok
10:50:59.0293 0x0e28 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:50:59.0293 0x0e28 vhdmp - ok
10:50:59.0309 0x0e28 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
10:50:59.0309 0x0e28 viaide - ok
10:50:59.0324 0x0e28 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:50:59.0324 0x0e28 volmgr - ok
10:50:59.0340 0x0e28 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:50:59.0356 0x0e28 volmgrx - ok
10:50:59.0371 0x0e28 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:50:59.0371 0x0e28 volsnap - ok
10:50:59.0387 0x0e28 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:50:59.0402 0x0e28 vsmraid - ok
10:50:59.0449 0x0e28 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:50:59.0480 0x0e28 VSS - ok
10:50:59.0496 0x0e28 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:50:59.0496 0x0e28 vwifibus - ok
10:50:59.0527 0x0e28 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:50:59.0527 0x0e28 vwififlt - ok
10:50:59.0543 0x0e28 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:50:59.0543 0x0e28 vwifimp - ok
10:50:59.0558 0x0e28 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:50:59.0574 0x0e28 W32Time - ok
10:50:59.0590 0x0e28 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:50:59.0590 0x0e28 WacomPen - ok
10:50:59.0605 0x0e28 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:50:59.0605 0x0e28 WANARP - ok
10:50:59.0621 0x0e28 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:50:59.0621 0x0e28 Wanarpv6 - ok
10:50:59.0668 0x0e28 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:50:59.0699 0x0e28 wbengine - ok
10:50:59.0714 0x0e28 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:50:59.0714 0x0e28 WbioSrvc - ok
10:50:59.0730 0x0e28 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:50:59.0746 0x0e28 wcncsvc - ok
10:50:59.0746 0x0e28 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:50:59.0761 0x0e28 WcsPlugInService - ok
10:50:59.0761 0x0e28 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
10:50:59.0761 0x0e28 Wd - ok
10:50:59.0808 0x0e28 [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:50:59.0824 0x0e28 Wdf01000 - ok
10:50:59.0839 0x0e28 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:50:59.0855 0x0e28 WdiServiceHost - ok
10:50:59.0855 0x0e28 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:50:59.0855 0x0e28 WdiSystemHost - ok
10:50:59.0870 0x0e28 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
10:50:59.0886 0x0e28 WebClient - ok
10:50:59.0886 0x0e28 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:50:59.0902 0x0e28 Wecsvc - ok
10:50:59.0902 0x0e28 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:50:59.0902 0x0e28 wercplsupport - ok
10:50:59.0917 0x0e28 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:50:59.0933 0x0e28 WerSvc - ok
10:50:59.0933 0x0e28 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:50:59.0933 0x0e28 WfpLwf - ok
10:50:59.0948 0x0e28 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:50:59.0948 0x0e28 WIMMount - ok
10:50:59.0964 0x0e28 WinDefend - ok
10:50:59.0980 0x0e28 WinHttpAutoProxySvc - ok
10:51:00.0026 0x0e28 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:51:00.0026 0x0e28 Winmgmt - ok
10:51:00.0104 0x0e28 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
10:51:00.0151 0x0e28 WinRM - ok
10:51:00.0229 0x0e28 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:51:00.0229 0x0e28 WinUsb - ok
10:51:00.0292 0x0e28 [ 0F695800783C3F9E577B94BF1E71D95A, EA10AA7D61167ED0AB5C741C42DAA32A4906C46F85D593D4ED00656318451DE4 ] WLANBelkinService C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
10:51:00.0292 0x0e28 WLANBelkinService - ok
10:51:00.0338 0x0e28 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:51:00.0354 0x0e28 Wlansvc - ok
10:51:00.0385 0x0e28 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
10:51:00.0385 0x0e28 WmiAcpi - ok
10:51:00.0401 0x0e28 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:51:00.0401 0x0e28 wmiApSrv - ok
10:51:00.0416 0x0e28 WMPNetworkSvc - ok
10:51:00.0432 0x0e28 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:51:00.0432 0x0e28 WPCSvc - ok
10:51:00.0463 0x0e28 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:51:00.0463 0x0e28 WPDBusEnum - ok
10:51:00.0463 0x0e28 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:51:00.0479 0x0e28 ws2ifsl - ok
10:51:00.0479 0x0e28 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
10:51:00.0494 0x0e28 wscsvc - ok
10:51:00.0494 0x0e28 WSearch - ok
10:51:00.0572 0x0e28 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
10:51:00.0635 0x0e28 wuauserv - ok
10:51:00.0650 0x0e28 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:51:00.0650 0x0e28 WudfPf - ok
10:51:00.0682 0x0e28 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:51:00.0682 0x0e28 WUDFRd - ok
10:51:00.0713 0x0e28 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:51:00.0728 0x0e28 wudfsvc - ok
10:51:00.0744 0x0e28 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
10:51:00.0744 0x0e28 WwanSvc - ok
10:51:00.0775 0x0e28 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
10:51:00.0791 0x0e28 xusb21 - ok
10:51:00.0869 0x0e28 ================ Scan global ===============================
10:51:00.0884 0x0e28 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:51:00.0931 0x0e28 [ 9E479C2B605C25DA4971ABA36250FAEF, 1D1D5CE908A6B17CDFA257A46121D7C938B56277B0F5256FBA29DF93352EAA3D ] C:\Windows\system32\winsrv.dll
10:51:00.0931 0x0e28 [ 9E479C2B605C25DA4971ABA36250FAEF, 1D1D5CE908A6B17CDFA257A46121D7C938B56277B0F5256FBA29DF93352EAA3D ] C:\Windows\system32\winsrv.dll
10:51:00.0962 0x0e28 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:51:00.0978 0x0e28 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:51:00.0994 0x0e28 [ Global ] - ok
10:51:00.0994 0x0e28 ================ Scan MBR ==================================
10:51:00.0994 0x0e28 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:51:01.0134 0x0e28 \Device\Harddisk0\DR0 - ok
10:51:01.0134 0x0e28 ================ Scan VBR ==================================
10:51:01.0134 0x0e28 [ 9610C77DA5E23C3AECA92E2D52FABC7A ] \Device\Harddisk0\DR0\Partition1
10:51:01.0165 0x0e28 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
10:51:01.0165 0x0e28 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
10:51:01.0165 0x0e28 [ 9E1977327432C5762A805BF11DC23C78 ] \Device\Harddisk0\DR0\Partition2
10:51:01.0196 0x0e28 \Device\Harddisk0\DR0\Partition2 - ok
10:51:01.0196 0x0e28 ================ Scan generic autorun ======================
10:51:01.0306 0x0e28 [ 5B72629C8144D1A96490D4C090D28DA1, 114891B9E7E05D2B86C8E3CD7B4096088491E338C3B1902F9352D40B47DD418C ] c:\Program Files\Microsoft IntelliPoint\ipoint.exe
10:51:01.0352 0x0e28 IntelliPoint - ok
10:51:01.0680 0x0e28 [ FBDF607ED7EF0467639DB501E1FD938C, 040528158D85D13122DB043144A982D6DC8744E75D140DB17A9BA5B93DC6B74D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
10:51:01.0914 0x0e28 RtHDVCpl - ok
10:51:01.0930 0x0e28 G Data AntiVirus Tray Application - ok
10:51:01.0930 0x0e28 GDFirewallTray - ok
10:51:02.0023 0x0e28 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
10:51:02.0039 0x0e28 Adobe ARM - ok
10:51:02.0101 0x0e28 [ 61E4289E91E88C90478D7F4BEB10DCF7, 1D0F4034E0111CF5758F470C15A22A0A28EB8269CB5BF07222C9C0FB07A15C55 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
10:51:02.0101 0x0e28 APSDaemon - ok
10:51:02.0164 0x0e28 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
10:51:02.0164 0x0e28 UpdateLBPShortCut - ok
10:51:02.0226 0x0e28 [ CD1E74BC24CB1D1544406741F46F4D61, 658529854926471AE413D8A365C8E6500AEBDC33A562607DAB185F1571A5524B ] C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe
10:51:02.0226 0x0e28 MDS_Menu - ok
10:51:02.0288 0x0e28 [ 572024F59132BC3A2AC5E60A6C48D31E, 8BC1BA9BAB555DDF246100A511E9B54FB790F0F871868DCB54B0F83AA9E7306B ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
10:51:02.0288 0x0e28 CLMLServer - ok
10:51:02.0320 0x0e28 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
10:51:02.0335 0x0e28 UpdateP2GoShortCut - ok
10:51:02.0351 0x0e28 [ 54986909FA8EB661E0B3BF258935588D, CF42472CD6F5D96F2A37C6B1E752E8AA622B045AC9D4C2AFAF9EC1605BCEDEA9 ] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
10:51:02.0366 0x0e28 RemoteControl9 - ok
10:51:02.0366 0x0e28 [ E347862038C50FE3A5023D785C80B3E5, 6DC25B56FCD097ECE7A18859B7F6A14BC52ED09AD0C7481689FEB8DDC47F1075 ] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
10:51:02.0366 0x0e28 BDRegion - ok
10:51:02.0429 0x0e28 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe
10:51:02.0444 0x0e28 UpdatePPShortCut - ok
10:51:02.0491 0x0e28 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
10:51:02.0507 0x0e28 UCam_Menu - ok
10:51:02.0522 0x0e28 [ 9D56299FA5C9B3D9E67FF3ACB301139F, 202A0542BEA33C5F78A406EF9479EB7BD42FCBEAC9F49F38F6ECC48554117811 ] C:\Program Files (x86)\lg_fwupdate\lgfw.exe
10:51:02.0522 0x0e28 LGODDFU - ok
10:51:02.0585 0x0e28 [ 4EFCDF3DB1BBA69C09622991280C4ACB, A86D4694BCFFF3C0FAF07C56A410A8317A953FB581CDCDBED5CAF735A0E2AC0D ] C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe
10:51:02.0600 0x0e28 UpdatePSTShortCut - ok
10:51:02.0663 0x0e28 [ 4452B3D4116EC5F81ACF33A80F264473, 8C7037DFCCB5165385DF67082E5183A3155574773B15C2FAB811F31C93D3325E ] C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 2\CTLVCentral2.exe
10:51:02.0678 0x0e28 Live! Central 2 - ok
10:51:02.0694 0x0e28 [ 4791A9FFA41B6744B4B5C9C6572E4EBB, 67B52BDA297F95570EAA4B0C7F0FAFBAC2FB4A69603EB45E712086D26A47379B ] C:\Windows\V0640Mon.exe
10:51:02.0694 0x0e28 V0640Mon.exe - ok
10:51:02.0741 0x0e28 [ E4401CF27225C1D6E664E86195978562, F572A2757C2A649E25F52F7071E6A2CCF298C60A8F2B15A0E2D800F890C4FD93 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
10:51:02.0741 0x0e28 iTunesHelper - ok
10:51:02.0803 0x0e28 [ 8DDA2B606279753601F9415DA503CA63, 2C9AD8218E150B6D50817991377ED3230A1672EFBD7AE29D0CD9E55E2418C800 ] C:\Program Files (x86)\QuickTime\QTTask.exe
10:51:02.0819 0x0e28 QuickTime Task - ok
10:51:02.0866 0x0e28 [ 4CB7CEE3F7540B0BEDBD158D75F06509, 73348467A976AF06928B402E12A622BB1B5BD8BB2AC6446117E1FD1EEAFED217 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
10:51:02.0881 0x0e28 StartCCC - ok
10:51:02.0944 0x0e28 [ 5E7601CCBC2A98A4457E50612E0AEE73, 3F5FDCF1BEC5B134433F62ADD5C2931F700F2B7CBEDB0A98EF1362BF6E9FAC03 ] C:\Program Files (x86)\Drakonia Configurator\hid.exe
10:51:02.0944 0x0e28 GamingMouse - ok
10:51:03.0006 0x0e28 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:51:03.0037 0x0e28 Sidebar - ok
10:51:03.0053 0x0e28 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:51:03.0053 0x0e28 mctadmin - ok
10:51:03.0084 0x0e28 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:51:03.0100 0x0e28 Sidebar - ok
10:51:03.0115 0x0e28 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:51:03.0115 0x0e28 mctadmin - ok
10:51:03.0209 0x0e28 [ AFD67CED4279C1FBA095F1603D18E59F, 0F4E580D5F13EA0198D32D29A8500E193B18F266CCF354778032CAFD496337E1 ] C:\Program Files (x86)\Steam\steam.exe
10:51:03.0240 0x0e28 Steam - ok
10:51:03.0302 0x0e28 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
10:51:03.0334 0x0e28 Sidebar - ok
10:51:03.0334 0x0e28 LightScribe Control Panel - ok
10:51:03.0396 0x0e28 [ 026FCF998F9C5986BB31DA44FB571BBF, 4163733DCB9721B5C8FF0BFF66AE22AB9B886622B8FD992D0AF1963BCFCAFE3C ] C:\Users\Basti\Desktop\Isos uns Setups\WinRemoteService_v1.2.9_portable\Windows Remote Service\WindowsRemoteService.exe
10:51:03.0396 0x0e28 Windows Remote Service - ok
10:51:03.0926 0x0e28 [ 9D4A0ECBF734E2EECDD5B473A2D705FE, F663B8EDA4C75DB6D3E3B68EE938FE43B0C05EF9B09598BFEB147D041D3F6A17 ] C:\Program Files (x86)\Skype\Phone\Skype.exe
10:51:04.0285 0x0e28 Skype - ok
10:51:04.0348 0x0e28 [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
10:51:04.0348 0x0e28 RESTART_STICKY_NOTES - ok
10:51:04.0488 0x0e28 [ 978B3D42B75CAF33553577E78E612709, 4B999342B616A7566F198F937A6B5E81BC7F9D2155CE8238D58239B5CD8BFDCE ] C:\Program Files (x86)\Origin\Origin.exe
10:51:04.0550 0x0e28 EADM - ok
10:51:04.0550 0x0e28 LightScribe Control Panel - ok
10:51:04.0613 0x0e28 [ AFD67CED4279C1FBA095F1603D18E59F, 0F4E580D5F13EA0198D32D29A8500E193B18F266CCF354778032CAFD496337E1 ] C:\Program Files (x86)\Steam\steam.exe
10:51:04.0644 0x0e28 Steam - ok
10:51:05.0159 0x0e28 [ 9D4A0ECBF734E2EECDD5B473A2D705FE, F663B8EDA4C75DB6D3E3B68EE938FE43B0C05EF9B09598BFEB147D041D3F6A17 ] C:\Program Files (x86)\Skype\Phone\Skype.exe
10:51:05.0518 0x0e28 Skype - ok
10:51:05.0596 0x0e28 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
10:51:05.0611 0x0e28 Sidebar - ok
10:51:05.0736 0x0e28 [ DC34596BFCF0BD472AA1D48449D8A7DF, B1A1AD8A72D585525CC4FEA4984EAD0AC0077640D2A4CF478BAA10BA3F08711A ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
10:51:05.0814 0x0e28 DAEMON Tools Lite - ok
10:51:05.0830 0x0e28 Pando Media Booster - ok
10:51:05.0845 0x0e28 [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
10:51:05.0861 0x0e28 RESTART_STICKY_NOTES - ok
10:51:05.0939 0x0e28 [ 862753AE696BD34EFCCB2A422E273C08, 5FA9423D35A236FACCE5A2AC5B7F50570804796E178EC0F79A412F41710D612B ] C:\Users\Basti\AppData\Local\Temp\CTPBSeq.exe
10:51:05.0939 0x0e28 CTPostBootSequencer - ok
10:51:05.0954 0x0e28 Win FW state via NFP2: enabled
10:51:05.0954 0x0e28 ============================================================
10:51:05.0954 0x0e28 Scan finished
10:51:05.0954 0x0e28 ============================================================
10:51:05.0970 0x1204 Detected object count: 1
10:51:05.0970 0x1204 Actual detected object count: 1
10:51:25.0252 0x1204 \Device\Harddisk0\DR0\Partition1 - copied to quarantine
10:51:25.0314 0x1204 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
10:51:25.0361 0x1204 \Device\Harddisk0\DR0\Partition1 - ok
10:51:25.0361 0x1204 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
10:51:25.0454 0x1204 KLMD registered as C:\Windows\system32\drivers\34976871.sys
10:51:30.0025 0x17f4 Deinitialize success
|
|
03.09.2014, 10:29
| #11 |
| | Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher und das Cmbfx log Code:
ATTFilter ComboFix 14-08-31.01 - Basti 03.09.2014 11:00:21.1.6 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8138.6460 [GMT 2:00]
ausgeführt von:: c:\users\Basti\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\Common Files\Config\uninstinethnfd.exe
c:\program files (x86)\Common Files\Config\ver.xml
c:\program files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe
c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe
c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
c:\program files (x86)\RichMediaViewV1
c:\programdata\dsgsdgdsgdsgw.pad
c:\windows\IsUn0407.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
-------\Legacy_NETHFDRV
-------\Service_acedrv11
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-08-03 bis 2014-09-03 ))))))))))))))))))))))))))))))
.
.
2014-09-03 09:11 . 2014-09-03 09:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-09-03 09:11 . 2014-09-03 09:11 -------- d-----w- c:\users\Gast\AppData\Local\temp
2014-09-03 08:51 . 2014-09-03 08:51 -------- d-----w- C:\TDSSKiller_Quarantine
2014-09-01 17:57 . 2014-09-01 17:57 163504 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2014-09-01 12:55 . 2014-09-01 12:57 -------- d-----w- C:\FRST
2014-08-31 16:56 . 2014-08-31 16:56 -------- d-----w- c:\users\Basti\AppData\Roaming\TuneUp Software
2014-08-31 16:55 . 2014-09-01 13:37 -------- d-----w- c:\programdata\AVG2014
2014-08-31 16:44 . 2014-09-01 13:37 -------- d-----w- c:\programdata\MFAData
2014-08-31 16:44 . 2014-08-31 16:44 -------- d--h--w- c:\programdata\Common Files
2014-08-31 16:44 . 2014-08-31 16:44 -------- d-----w- c:\users\Basti\AppData\Local\MFAData
2014-08-31 14:04 . 2014-08-31 14:05 -------- d-----w- c:\users\Basti\AppData\Local\Origin
2014-08-31 13:52 . 2014-09-03 08:53 -------- d-----w- c:\program files (x86)\Origin
2014-08-25 17:28 . 2014-09-01 12:32 -------- d-----w- c:\users\Basti\AppData\Roaming\Yqnu
2014-08-25 17:28 . 2014-08-25 17:33 -------- d-----w- c:\users\Basti\AppData\Roaming\Osug
2014-08-24 16:21 . 2014-08-24 16:21 -------- d-----w- c:\program files (x86)\Glarysoft
2014-08-24 15:54 . 2014-08-24 16:05 -------- d-----w- c:\program files (x86)\Google
2014-08-24 15:33 . 2014-08-31 18:15 -------- d-----w- c:\users\Basti\AppData\Roaming\Ovco
2014-08-24 15:33 . 2014-08-24 15:38 -------- d-----w- c:\users\Basti\AppData\Roaming\Imzec
2014-08-24 15:24 . 2014-08-24 15:24 687 ----a-w- C:\awhE8F7.tmp
2014-08-24 15:03 . 2014-08-24 15:06 -------- d--h--w- c:\programdata\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
2014-08-24 14:59 . 2014-09-01 12:32 -------- d-----w- c:\programdata\AgumInij
2014-08-24 14:59 . 2014-08-24 14:59 687 ----a-w- C:\awhE3C9.tmp
2014-08-24 03:36 . 2014-09-01 12:31 -------- d-----w- c:\programdata\AtlisUwmeh
2014-08-24 02:41 . 2014-08-24 02:41 687 ----a-w- C:\awhE003.tmp
2014-08-24 02:06 . 2014-08-24 02:06 687 ----a-w- C:\awhDBCD.tmp
2014-08-24 01:34 . 2014-08-21 03:43 11319192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A29C0EEA-D312-4BD3-A0FB-880BCC6A9396}\mpengine.dll
2014-08-23 16:37 . 2014-08-23 16:37 687 ----a-w- C:\awh65CA.tmp
2014-08-22 12:45 . 2014-08-22 12:45 687 ----a-w- C:\awhE214.tmp
2014-08-21 14:10 . 2014-08-21 14:10 687 ----a-w- C:\awhE5BC.tmp
2014-08-20 13:34 . 2014-08-20 13:34 687 ----a-w- C:\awhE4C2.tmp
2014-08-19 20:13 . 2014-09-02 15:29 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-08-19 20:13 . 2014-08-31 18:35 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex1
2014-08-19 20:13 . 2014-08-19 20:13 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-08-19 16:47 . 2014-08-19 16:47 687 ----a-w- C:\awhFEE7.tmp
2014-08-19 13:04 . 2014-08-19 13:04 687 ----a-w- C:\awhDE7C.tmp
2014-08-18 20:50 . 2014-08-19 20:17 76152 ----a-w- c:\windows\system32\PnkBstrA.exe
2014-08-18 12:17 . 2014-08-18 12:34 -------- d-----w- c:\users\Basti\AppData\Roaming\.minecraft
2014-08-18 11:03 . 2014-08-18 11:03 687 ----a-w- C:\awhEC41.tmp
2014-08-17 16:37 . 2014-08-17 16:37 687 ----a-w- C:\awhD326.tmp
2014-08-15 11:31 . 2014-08-15 11:31 687 ----a-w- C:\awhE455.tmp
2014-08-15 11:25 . 2014-08-15 11:25 -------- d-----w- c:\program files (x86)\Drakonia Configurator
2014-08-15 11:25 . 2014-08-15 11:25 -------- d-----w- c:\users\Basti\AppData\Roaming\MingGuan
2014-08-15 11:25 . 2014-08-15 11:25 1192533 ----a-w- c:\windows\unins000.exe
2014-08-15 10:05 . 2014-08-15 10:05 687 ----a-w- C:\awh8ACA.tmp
2014-08-14 14:05 . 2014-08-21 18:50 -------- d-----w- c:\users\Basti\AppData\Local\Risen3
2014-08-14 14:05 . 2014-08-14 14:05 -------- d-----w- c:\users\Basti\AppData\Roaming\ProtectDISC
2014-08-14 13:25 . 2014-08-14 13:25 -------- d-----w- c:\windows\3F5C371F8EA24F259D3DD0B4526E3AEA.TMP
2014-08-14 13:24 . 2014-08-14 13:25 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2014-08-13 10:29 . 2014-08-13 10:29 687 ----a-w- C:\awhEA2F.tmp
2014-08-12 10:57 . 2014-08-12 10:57 687 ----a-w- C:\awhF94C.tmp
2014-08-11 12:50 . 2014-08-11 12:50 687 ----a-w- C:\awhED79.tmp
2014-08-11 12:15 . 2014-08-11 12:15 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-08-11 10:34 . 2014-08-11 10:34 687 ----a-w- C:\awhDDFF.tmp
2014-08-10 13:15 . 2014-08-10 13:15 687 ----a-w- C:\awhDC0C.tmp
2014-08-09 11:32 . 2014-08-09 11:32 687 ----a-w- C:\awhDD82.tmp
2014-08-08 09:44 . 2014-08-08 09:44 687 ----a-w- C:\awhEA6D.tmp
2014-08-07 12:20 . 2014-08-07 12:20 687 ----a-w- C:\awh933.tmp
2014-08-06 18:07 . 2014-08-06 18:07 687 ----a-w- C:\awhE752.tmp
2014-08-06 11:16 . 2014-08-06 11:16 687 ----a-w- C:\awhDF37.tmp
2014-08-05 11:14 . 2014-08-05 11:14 687 ----a-w- C:\awhF49A.tmp
2014-08-04 11:37 . 2014-08-04 11:37 687 ----a-w- C:\awhE002.tmp
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-02 15:29 . 2012-08-03 11:53 214392 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-08-11 13:04 . 2013-06-28 18:07 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-05 07:20 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-08-03 12:13 . 2014-08-03 12:13 687 ----a-w- C:\awhDB41.tmp
2014-08-02 16:37 . 2014-08-02 16:37 687 ----a-w- C:\awhED5.tmp
2014-08-02 00:02 . 2014-08-02 00:02 687 ----a-w- C:\awhDE8B.tmp
2014-08-01 07:12 . 2014-08-01 07:12 687 ----a-w- C:\awhE3D8.tmp
2014-07-31 12:40 . 2014-07-31 12:40 687 ----a-w- C:\awhF150.tmp
2014-07-30 11:17 . 2014-07-30 11:17 687 ----a-w- C:\awhE3F8.tmp
2014-07-29 12:55 . 2014-07-29 12:55 687 ----a-w- C:\awhEC32.tmp
2014-07-28 11:20 . 2014-07-28 11:20 687 ----a-w- C:\awhE669.tmp
2014-07-27 11:21 . 2014-07-27 11:21 687 ----a-w- C:\awhF3D0.tmp
2014-07-26 10:45 . 2014-07-26 10:45 687 ----a-w- C:\awhE30E.tmp
2014-07-25 11:50 . 2014-07-25 11:50 687 ----a-w- C:\awhE935.tmp
2014-07-23 11:19 . 2014-07-23 11:19 687 ----a-w- C:\awhDEF8.tmp
2014-07-22 20:41 . 2014-07-22 20:41 687 ----a-w- C:\awhEF0F.tmp
2014-07-22 14:15 . 2014-07-22 14:15 687 ----a-w- C:\awh6A40.tmp
2014-07-20 21:18 . 2014-07-20 21:18 687 ----a-w- C:\awh2FC.tmp
2014-07-20 17:47 . 2014-07-20 17:47 687 ----a-w- C:\awhFEB8.tmp
2014-07-20 15:26 . 2014-07-20 15:26 687 ----a-w- C:\awhF2C6.tmp
2014-07-19 18:43 . 2014-07-19 18:43 687 ----a-w- C:\awhED1.tmp
2014-07-14 12:38 . 2014-07-14 12:38 687 ----a-w- C:\awhE668.tmp
2014-07-12 11:11 . 2014-07-12 11:11 687 ----a-w- C:\awhF22A.tmp
2014-07-11 21:37 . 2014-07-11 21:37 687 ----a-w- C:\awhA723.tmp
2014-07-09 18:54 . 2012-07-31 14:51 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 18:54 . 2012-07-31 14:51 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2014-08-13 1937600]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Windows Remote Service"="c:\users\Basti\Desktop\Isos uns Setups\WinRemoteService_v1.2.9_portable\Windows Remote Service\WindowsRemoteService.exe" [2013-05-24 173568]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-08-31 3600216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"MDS_Menu"="c:\program files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-12-15 103720]
"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-08-02 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-11-23 75048]
"LGODDFU"="c:\program files (x86)\lg_fwupdate\lgfw.exe" [2012-08-07 27760]
"Live! Central 2"="c:\program files (x86)\Creative\Creative Live! Cam\Live! Central 2\CTLVCentral2.exe" [2009-11-04 426140]
"V0640Mon.exe"="c:\windows\V0640Mon.exe" [2009-09-22 28672]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"GamingMouse"="c:\program files (x86)\Drakonia Configurator\hid.exe" [2013-10-29 248832]
.
c:\users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Xfire.lnk - c:\program files (x86)\Xfire\Xfire.exe [2005-9-28 3088520]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Play Wireless USB Adapter Utility.lnk - c:\program files (x86)\Belkin\F7D4101\V1\PBN.exe [2009-11-25 110592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 CLKMSVC10_9EC60124;CyberLink Product - 2012/08/07 15:19;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DisplayFusionService;DisplayFusionService;c:\program files (x86)\DisplayFusion\DisplayFusionService.exe;c:\program files (x86)\DisplayFusion\DisplayFusionService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 WLANBelkinService;Belkin WLAN service;c:\program files (x86)\Belkin\F7D4101\V1\wlansrv.exe;c:\program files (x86)\Belkin\F7D4101\V1\wlansrv.exe [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 Ant App service;File1 Application service;c:\program files (x86)\Ant.com\File1 Package Manager\AppService.exe;c:\program files (x86)\Ant.com\File1 Package Manager\AppService.exe [x]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 hugoio64;hugoio64;c:\windows\system32\drivers\hugoio64.sys;c:\windows\SYSNATIVE\drivers\hugoio64.sys [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tswNT;toolstar*testWIN support driver;c:\users\ADMINI~1\AppData\Local\Temp\00013255\tswnt.sys;c:\users\ADMINI~1\AppData\Local\Temp\00013255\tswnt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 V0640Vid;Creative Live! Cam Socialize (VF0640) Driver;c:\windows\system32\DRIVERS\V0640Vid.sys;c:\windows\SYSNATIVE\DRIVERS\V0640Vid.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BCMH43XX;N+ Wireless USB Adapter Driver;c:\windows\system32\DRIVERS\bcmwlhigh664.sys;c:\windows\SYSNATIVE\DRIVERS\bcmwlhigh664.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - CLKMDRV10_9EC60124
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-24 16:05 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.143\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-09-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-31 18:54]
.
2014-09-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-24 15:54]
.
2014-09-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-24 15:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-11-19 11613288]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://facebook.com/
uDefault_Search_URL = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1381008728051&tguid=66920-6787-1381008728051-9434732C2688D9480473067CC62C039D&st=chrome&q=
mStart Page = about:newtab
mSearch Bar = hxxp://search.certified-toolbar.com?si=66920&tid=6787&ver=4.4&ts=1381008728051&tguid=66920-6787-1381008728051-9434732C2688D9480473067CC62C039D&st=chrome&q=
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=Somoto&dpid=Somoto&co=DE&userid=93ece75e-2672-b8d2-08f9-8178b9479fc1&searchtype=ds&q={searchTerms}&installDate={installDate}
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - c:\users\Basti\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Basti\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - c:\program files (x86)\Funmoods\1.5.23.22\bh\escort.dll
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-LightScribe Control Panel - c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKLM-Run-G Data AntiVirus Tray Application - c:\program files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
Wow6432Node-HKLM-Run-GDFirewallTray - c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
Wow6432Node-HKLM-Run-UpdateLBPShortCut - c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
Wow6432Node-HKLM-Run-UpdateP2GoShortCut - c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
Wow6432Node-HKLM-Run-UpdatePPShortCut - c:\program files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe
Wow6432Node-HKLM-Run-UCam_Menu - c:\program files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
Wow6432Node-HKLM-Run-UpdatePSTShortCut - c:\program files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe
SafeBoot-40232351.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-BattlEye for A2 - c:\program files (x86)\Bohemia Interactive\ArmA 2BattlEye\UnInstallBE.exe
AddRemove-Pharao - c:\windows\IsUn0407.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} - c:\users\Basti\AppData\Local\SwvUpdater\Updater.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}"=hex:51,66,7a,6c,4c,1d,38,12,c4,b3,f8,
71,26,0c,da,09,ef,fa,a0,a0,7b,93,40,e3
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\S-1-5-21-703785417-1565345126-2984759567-1001\Software\SecuROM\License information*]
"datasecu"=hex:7f,b5,d5,22,17,dc,9b,6b,60,a2,3c,1f,4e,73,5c,88,c3,16,ff,f7,a3,
69,08,fc,78,92,6b,dd,fe,f0,7f,1a,f1,cd,1a,13,ae,cc,cd,8e,12,26,53,e7,bb,77,\
"rkeysecu"=hex:cf,fd,36,ed,8f,83,8f,67,d5,d5,68,a4,04,da,e7,c7
.
[HKEY_USERS\S-1-5-21-703785417-1565345126-2984759567-1001_Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\SecuROM\License information*]
"datasecu"=hex:83,43,98,14,a8,cf,a6,87,b4,a3,b5,0e,15,24,c2,f1,9b,2a,87,f5,7b,
a6,76,fd,4d,ed,99,12,33,29,74,12,ca,68,e9,36,5d,2c,1a,ac,5d,5c,7b,ee,58,f6,\
"rkeysecu"=hex:c9,b6,b0,b2,4c,53,ad,80,d3,25,3c,06,ec,18,e9,ac
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\PnkBstrA.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-09-03 11:25:37 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-09-03 09:25
.
Vor Suchlauf: 17 Verzeichnis(se), 235.721.650.176 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 240.502.272.000 Bytes frei
.
- - End Of File - - 78DBA6F11BD326A7AF32DDCCB0BB8F15
A36C5E4F47E84449FF07ED3517B43A31
|
|
03.09.2014, 20:51
| #12 |
| /// the machine /// TB-Ausbilder | Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 7 : Windows Explorer öffnet sich oft im Hintergrund mit zu viel Arbeitsspeicher |
| 4d36e972-e325-11ce-bfc1-08002be10318, bildschirm, branding, desktop, downloader, dvdvideosoft ltd., fehlercode 0x5, fehlercode 0xc0000005, fehlercode 0xc0000024, flash player, homepage, icreinstall, kunde, problem, realtek, security, software, svchost.exe, system, teredo, vcredist, werbung, win7 64, windows, windows explorer |
Linear-Darstellung
