| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Boo/Cidox.bWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
19.09.2014, 22:23
| #1 | |
| |  Boo/Cidox.b Hallo Leute, ich würde mich sehr um eure Hilfe freuen, ich habe wie der titel schon sagt eine Meldung von Avira Antivir, Es kommt beim Starten des Rechners zu einer Meldung/Fund diese kann ich nicht Posten da sie nur so angezeigt wird. Ich habe mir bereits einige andere Themen hier im Forum von anderen Leuten mit dem selben Problem angeschaut und die schritte der Helfer soweit befolgt. Dieser thread zb.: http://www.trojaner-board.de/158442-boo-cidox-b.html Zitat von cosinus: Zitat:
Ich denke mal ab hier sollten wir anfangen. TDSSKiller hat ihn entdeckt und ich habe noch nichts unternommen, werde aber wie oben gesagt auf Skip gehen. Es bereitet mir Kopfschmerzen da ich immer so vorsichtig bin  Mfg Mr.dub Edit* TDSSKiller Report habe Skip gewählt. Code:
ATTFilter 00:11:07.0785 0x14f0 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
00:11:13.0051 0x14f0 ============================================================
00:11:13.0051 0x14f0 Current date / time: 2014/09/20 00:11:13.0051
00:11:13.0051 0x14f0 SystemInfo:
00:11:13.0051 0x14f0
00:11:13.0051 0x14f0 OS Version: 6.1.7600 ServicePack: 0.0
00:11:13.0051 0x14f0 Product type: Workstation
00:11:13.0051 0x14f0 ComputerName: DADDY-PC
00:11:13.0051 0x14f0 UserName: Daddy
00:11:13.0051 0x14f0 Windows directory: C:\Windows
00:11:13.0051 0x14f0 System windows directory: C:\Windows
00:11:13.0051 0x14f0 Running under WOW64
00:11:13.0051 0x14f0 Processor architecture: Intel x64
00:11:13.0051 0x14f0 Number of processors: 8
00:11:13.0051 0x14f0 Page size: 0x1000
00:11:13.0051 0x14f0 Boot type: Normal boot
00:11:13.0051 0x14f0 ============================================================
00:11:14.0590 0x14f0 KLMD registered as C:\Windows\system32\drivers\07797485.sys
00:11:15.0048 0x14f0 System UUID: {629A7401-2B25-ED3A-3834-D3C84A959886}
00:11:15.0665 0x14f0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:11:15.0674 0x14f0 ============================================================
00:11:15.0674 0x14f0 \Device\Harddisk0\DR0:
00:11:15.0675 0x14f0 MBR partitions:
00:11:15.0675 0x14f0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D4B178, BlocksNum 0xE8E0360
00:11:15.0706 0x14f0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1062B517, BlocksNum 0x29D5972A
00:11:15.0706 0x14f0 ============================================================
00:11:15.0925 0x14f0 C: <-> \Device\Harddisk0\DR0\Partition1
00:11:16.0135 0x14f0 D: <-> \Device\Harddisk0\DR0\Partition2
00:11:16.0135 0x14f0 ============================================================
00:11:16.0135 0x14f0 Initialize success
00:11:16.0135 0x14f0 ============================================================
00:11:30.0882 0x143c ============================================================
00:11:30.0882 0x143c Scan started
00:11:30.0882 0x143c Mode: Manual; SigCheck; TDLFS;
00:11:30.0882 0x143c ============================================================
00:11:30.0883 0x143c KSN ping started
00:11:33.0526 0x143c KSN ping finished: true
00:11:38.0023 0x143c ================ Scan system memory ========================
00:11:38.0023 0x143c System memory - ok
00:11:38.0024 0x143c ================ Scan services =============================
00:11:38.0388 0x143c [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
00:11:38.0563 0x143c 1394ohci - ok
00:11:38.0644 0x143c [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
00:11:38.0671 0x143c ACPI - ok
00:11:38.0687 0x143c [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
00:11:38.0762 0x143c AcpiPmi - ok
00:11:38.0970 0x143c [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:11:38.0993 0x143c AdobeFlashPlayerUpdateSvc - ok
00:11:39.0061 0x143c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
00:11:39.0161 0x143c adp94xx - ok
00:11:39.0209 0x143c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
00:11:39.0265 0x143c adpahci - ok
00:11:39.0329 0x143c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
00:11:39.0372 0x143c adpu320 - ok
00:11:39.0408 0x143c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:11:39.0465 0x143c AeLookupSvc - ok
00:11:39.0510 0x143c [ FB2BE0BAE9B3F248080CDBF91EF16C7F, 1ED963A18E4D0531FA42832E40B038BB4B9D8EB04DA4D4FE69A4C284958A2CDD ] AFBAgent C:\Windows\system32\FBAgent.exe
00:11:39.0751 0x143c AFBAgent - ok
00:11:39.0813 0x143c [ DB9D6C6B2CD95A9CA414D045B627422E, A4A0B2ACBFE311C20EF9F06A49DBE02CE90433C2364B292F6E8F78F6C274DF88 ] AFD C:\Windows\system32\drivers\afd.sys
00:11:39.0918 0x143c AFD - ok
00:11:39.0950 0x143c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
00:11:39.0973 0x143c agp440 - ok
00:11:40.0007 0x143c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
00:11:40.0039 0x143c ALG - ok
00:11:40.0075 0x143c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
00:11:40.0100 0x143c aliide - ok
00:11:40.0151 0x143c [ 5989D711769200F0F3E145319250472B, 2740032FB3F92DAE5D5AA8D242AFAE79278E95E77F8FA236741320F4696F46FC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
00:11:40.0231 0x143c AMD External Events Utility - ok
00:11:40.0269 0x143c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
00:11:40.0288 0x143c amdide - ok
00:11:40.0306 0x143c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:11:40.0351 0x143c AmdK8 - ok
00:11:40.0375 0x143c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
00:11:40.0436 0x143c AmdPPM - ok
00:11:40.0482 0x143c [ EC7EBAB00A4D8448BAB68D1E49B4BEB9, 786B30C86FA7FEC6BA2569FF818044AA0F7C134693304ED0FF7BD0541F9A755F ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:11:40.0503 0x143c amdsata - ok
00:11:40.0559 0x143c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
00:11:40.0595 0x143c amdsbs - ok
00:11:40.0672 0x143c [ DB27766102C7BF7E95140A2AA81D042E, 489F812B596EA06E53D891CD05047AA17CDF752854BBD553BA65D10799AF78DF ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:11:40.0689 0x143c amdxata - ok
00:11:40.0741 0x143c [ 9C7F164B49CADC658D1B3C575782F346, 7C5FD203735041B6AEB2E551A63CE5F46DB41044BC72E7E77A72F316197C80DA ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
00:11:40.0798 0x143c AmUStor - ok
00:11:40.0931 0x143c [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
00:11:40.0952 0x143c AntiVirSchedulerService - ok
00:11:41.0025 0x143c [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
00:11:41.0046 0x143c AntiVirService - ok
00:11:41.0113 0x143c [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID C:\Windows\system32\drivers\appid.sys
00:11:41.0173 0x143c AppID - ok
00:11:41.0191 0x143c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:11:41.0258 0x143c AppIDSvc - ok
00:11:41.0289 0x143c [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo C:\Windows\System32\appinfo.dll
00:11:41.0338 0x143c Appinfo - ok
00:11:41.0367 0x143c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
00:11:41.0395 0x143c arc - ok
00:11:41.0433 0x143c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
00:11:41.0462 0x143c arcsas - ok
00:11:41.0691 0x143c [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
00:11:41.0703 0x143c ASLDRService - ok
00:11:41.0788 0x143c [ 2DB34EDD17D3A8DA7105A19C95A3DD68, 5F76C140118B181427969237E364FD70B14FA36533061FD4D8EB2F4751706739 ] ASMMAP64 C:\Program Files\ATKGFNEX\ASMMAP64.sys
00:11:41.0804 0x143c ASMMAP64 - ok
00:11:41.0891 0x143c [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:11:42.0039 0x143c aspnet_state - ok
00:11:42.0063 0x143c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:11:42.0134 0x143c AsyncMac - ok
00:11:42.0191 0x143c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
00:11:42.0211 0x143c atapi - ok
00:11:42.0299 0x143c [ 0ACC06FCF46F64ED4F11E57EE461C1F4, F2AB7198C7F7D36AB1D6D03C1FEFD929ED402002AC835B909FC14938BC0EE24B ] athr C:\Windows\system32\DRIVERS\athrx.sys
00:11:42.0466 0x143c athr - ok
00:11:42.0535 0x143c [ FB7602C5C508BE281368AAE0B61B51C6, 81FB4ABFA006974C20CA0E9FEB279A51CC4A9F0C1DA67075AA0EAD13F43B3782 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
00:11:42.0558 0x143c AtiHdmiService - ok
00:11:43.0071 0x143c [ B5FB227A09A9EC28163FA4B45487C3C7, DD290CEC3AFBB8E74F1F113A792239B009CBFCE8ED5A816AE8393164BB0535A8 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
00:11:43.0512 0x143c atikmdag - ok
00:11:43.0533 0x143c [ 7C157574A181B19B9DCF5F339E25337E, 7CA78363CD420BFE4BFE9A38683CA9E31023AC573D9092666CDAEE6AF4998B60 ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe
00:11:43.0584 0x143c ATKGFNEXSrv - detected UnsignedFile.Multi.Generic ( 1 )
00:11:46.0001 0x143c Detect skipped due to KSN trusted
00:11:46.0001 0x143c ATKGFNEXSrv - ok
00:11:46.0069 0x143c [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
00:11:46.0099 0x143c atksgt - ok
00:11:46.0155 0x143c [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:11:46.0231 0x143c AudioEndpointBuilder - ok
00:11:46.0291 0x143c [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv C:\Windows\System32\Audiosrv.dll
00:11:46.0351 0x143c AudioSrv - ok
00:11:46.0378 0x143c [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
00:11:46.0400 0x143c avgntflt - ok
00:11:46.0441 0x143c [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
00:11:46.0466 0x143c avipbb - ok
00:11:46.0544 0x143c [ 05ABC09DC0DFA5DF79A0BB39F60636B7, FEDE900D991F1FB40BA0A44E05181A6A506DC8B5F365E78E523CB6DF2CDACC15 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
00:11:46.0557 0x143c Avira.OE.ServiceHost - ok
00:11:46.0591 0x143c [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
00:11:46.0608 0x143c avkmgr - ok
00:11:46.0647 0x143c [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:11:46.0740 0x143c AxInstSV - ok
00:11:46.0799 0x143c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
00:11:46.0888 0x143c b06bdrv - ok
00:11:46.0947 0x143c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
00:11:47.0023 0x143c b57nd60a - ok
00:11:47.0077 0x143c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
00:11:47.0130 0x143c BDESVC - ok
00:11:47.0154 0x143c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
00:11:47.0212 0x143c Beep - ok
00:11:47.0310 0x143c [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE C:\Windows\System32\bfe.dll
00:11:47.0404 0x143c BFE - ok
00:11:47.0642 0x143c [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS C:\Windows\System32\qmgr.dll
00:11:47.0792 0x143c BITS - ok
00:11:47.0835 0x143c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:11:47.0887 0x143c blbdrive - ok
00:11:47.0935 0x143c [ 19D20159708E152267E53B66677A4995, 6401FA5C3EFF26BED075FEC68F868CD8D0598FDB45EA9381810615F7252F7A9A ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:11:47.0993 0x143c bowser - ok
00:11:48.0015 0x143c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:11:48.0046 0x143c BrFiltLo - ok
00:11:48.0092 0x143c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:11:48.0114 0x143c BrFiltUp - ok
00:11:48.0164 0x143c [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser C:\Windows\System32\browser.dll
00:11:48.0243 0x143c Browser - ok
00:11:48.0275 0x143c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:11:48.0353 0x143c Brserid - ok
00:11:48.0371 0x143c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:11:48.0414 0x143c BrSerWdm - ok
00:11:48.0426 0x143c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:11:48.0483 0x143c BrUsbMdm - ok
00:11:48.0500 0x143c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:11:48.0534 0x143c BrUsbSer - ok
00:11:48.0616 0x143c [ 3B6429C5B11408EF11EFEEE8C0F0682A, 2FC87B91122DC265B4CC2CFE58261DA604C89600F2683AB5294004C721127098 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
00:11:48.0645 0x143c BstHdAndroidSvc - ok
00:11:48.0699 0x143c [ 75EEDB477B68CF35D82F0654266053CE, E7A7F4E4781BE97603A0F08535D2EB247A1304B15EF7BAD748E63246AFFEFF35 ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
00:11:48.0723 0x143c BstHdDrv - ok
00:11:48.0788 0x143c [ 1DC18C9E1B4984389783E4F9DFC61AB1, 0F32EE280F5B9E0065A7AACED3D64373EC3BFC366906606A644AD0D4AD08E61C ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
00:11:48.0816 0x143c BstHdLogRotatorSvc - ok
00:11:48.0836 0x143c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:11:48.0885 0x143c BTHMODEM - ok
00:11:48.0943 0x143c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
00:11:49.0116 0x143c bthserv - ok
00:11:49.0284 0x143c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:11:49.0352 0x143c cdfs - ok
00:11:49.0412 0x143c [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:11:49.0457 0x143c cdrom - ok
00:11:49.0502 0x143c [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc C:\Windows\System32\certprop.dll
00:11:49.0539 0x143c CertPropSvc - ok
00:11:49.0570 0x143c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:11:49.0593 0x143c circlass - ok
00:11:49.0621 0x143c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
00:11:49.0664 0x143c CLFS - ok
00:11:49.0746 0x143c [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:11:49.0763 0x143c clr_optimization_v2.0.50727_32 - ok
00:11:49.0800 0x143c [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:11:49.0814 0x143c clr_optimization_v2.0.50727_64 - ok
00:11:49.0902 0x143c [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:11:50.0006 0x143c clr_optimization_v4.0.30319_32 - ok
00:11:50.0061 0x143c [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:11:50.0125 0x143c clr_optimization_v4.0.30319_64 - ok
00:11:50.0170 0x143c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:11:50.0196 0x143c CmBatt - ok
00:11:50.0213 0x143c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
00:11:50.0229 0x143c cmdide - ok
00:11:50.0281 0x143c [ 937BEB186A735ACA91D717044A49D17E, 3A2BF72670C94D1A7656289F5284F082AB089C96D451F8C5CD9D0211064D3FB1 ] CNG C:\Windows\system32\Drivers\cng.sys
00:11:50.0353 0x143c CNG - ok
00:11:50.0389 0x143c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:11:50.0408 0x143c Compbatt - ok
00:11:50.0446 0x143c [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
00:11:50.0491 0x143c CompositeBus - ok
00:11:50.0507 0x143c COMSysApp - ok
00:11:50.0521 0x143c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
00:11:50.0539 0x143c crcdisk - ok
00:11:50.0585 0x143c [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:11:50.0649 0x143c CryptSvc - ok
00:11:50.0716 0x143c [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:11:50.0804 0x143c DcomLaunch - ok
00:11:50.0867 0x143c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
00:11:50.0949 0x143c defragsvc - ok
00:11:50.0992 0x143c [ 9C253CE7311CA60FC11C774692A13208, 23507138576DB75AA8B7415140F7B5D8A90CB2661796223870461C721A36AEBF ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:11:51.0043 0x143c DfsC - ok
00:11:51.0082 0x143c [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp C:\Windows\system32\dhcpcore.dll
00:11:51.0203 0x143c Dhcp - ok
00:11:51.0234 0x143c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
00:11:51.0277 0x143c discache - ok
00:11:51.0329 0x143c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
00:11:51.0350 0x143c Disk - ok
00:11:51.0409 0x143c [ 85CF424C74A1D5EC33533E1DBFF9920A, 882D5FA0D5EC053D76A0C46A6047A621D607651693CF94E5506219EECCC8D079 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:11:51.0451 0x143c Dnscache - ok
00:11:51.0494 0x143c [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc C:\Windows\System32\dot3svc.dll
00:11:51.0564 0x143c dot3svc - ok
00:11:51.0639 0x143c [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS C:\Windows\system32\dps.dll
00:11:51.0750 0x143c DPS - ok
00:11:51.0800 0x143c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:11:51.0846 0x143c drmkaud - ok
00:11:51.0913 0x143c [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:11:52.0007 0x143c DXGKrnl - ok
00:11:52.0042 0x143c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
00:11:52.0105 0x143c EapHost - ok
00:11:52.0642 0x143c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
00:11:52.0883 0x143c ebdrv - ok
00:11:52.0911 0x143c [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] EFS C:\Windows\System32\lsass.exe
00:11:52.0928 0x143c EFS - ok
00:11:53.0051 0x143c [ 47C071994C3F649F23D9CD075AC9304A, B7AA2DD6AD14F18A19620F5FB79D50C630D3750E72DD67BF8D105CC4F5CE1D46 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:11:53.0216 0x143c ehRecvr - ok
00:11:53.0246 0x143c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
00:11:53.0303 0x143c ehSched - ok
00:11:53.0365 0x143c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
00:11:53.0403 0x143c elxstor - ok
00:11:53.0430 0x143c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
00:11:53.0492 0x143c ErrDev - ok
00:11:53.0528 0x143c [ 3C38648375B7F3988691F53A7AAE10A9, 2423EE67C8E9ACEA3526E5221177F5C63665820ED8A82F6DE0A9997389687C03 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
00:11:53.0561 0x143c ETD - detected UnsignedFile.Multi.Generic ( 1 )
00:11:56.0214 0x143c Detect skipped due to KSN trusted
00:11:56.0214 0x143c ETD - ok
00:11:56.0270 0x143c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
00:11:56.0358 0x143c EventSystem - ok
00:11:56.0395 0x143c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
00:11:56.0470 0x143c exfat - ok
00:11:56.0501 0x143c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:11:56.0575 0x143c fastfat - ok
00:11:56.0673 0x143c [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax C:\Windows\system32\fxssvc.exe
00:11:56.0757 0x143c Fax - ok
00:11:56.0791 0x143c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:11:56.0821 0x143c fdc - ok
00:11:56.0848 0x143c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
00:11:56.0888 0x143c fdPHost - ok
00:11:56.0904 0x143c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
00:11:56.0960 0x143c FDResPub - ok
00:11:56.0994 0x143c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:11:57.0014 0x143c FileInfo - ok
00:11:57.0033 0x143c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:11:57.0086 0x143c Filetrace - ok
00:11:57.0130 0x143c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:11:57.0158 0x143c flpydisk - ok
00:11:57.0194 0x143c [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:11:57.0225 0x143c FltMgr - ok
00:11:57.0331 0x143c [ CB5E4B9C319E3C6BB363EB7E58A4A051, C9DCF2C2A6AFE0A0F3E23A265843D0C423C08B2E54702C5B389CF293D9A6BAC5 ] FontCache C:\Windows\system32\FntCache.dll
00:11:57.0421 0x143c FontCache - ok
00:11:57.0479 0x143c [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:11:57.0496 0x143c FontCache3.0.0.0 - ok
00:11:57.0515 0x143c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:11:57.0535 0x143c FsDepends - ok
00:11:57.0597 0x143c [ 8DE1B4F579F8F8897409856F3BB7A7D2, F6F6B2450951E875C3C236F7798F960FD4433EE6B0C57132CB3D32126BEE34E0 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
00:11:57.0621 0x143c fssfltr - ok
00:11:57.0733 0x143c [ 7B4C82899A967A7EB22DAB502770AE8E, 209FB59669070FCAAACB24B0CE81C375362BF1C519B15FDB5AA3EC2C87E2069B ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
00:11:57.0826 0x143c fsssvc - ok
00:11:57.0878 0x143c [ D3E3F93D67821A2DB2B3D9FAC2DC2064, 727FAA7E15A20ED3A37668D294ABDE6EAF1C87C34EE283C99EE3303E85001404 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:11:57.0901 0x143c Fs_Rec - ok
00:11:57.0935 0x143c [ AE87BA80D0EC3B57126ED2CDC15B24ED, 7E0EA3CDB78054D9A4E3B5142305943F2914536D80B8FC363414C8838D51D56C ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:11:57.0971 0x143c fvevol - ok
00:11:58.0044 0x143c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
00:11:58.0066 0x143c gagp30kx - ok
00:11:58.0150 0x143c [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc C:\Windows\System32\gpsvc.dll
00:11:58.0244 0x143c gpsvc - ok
00:11:58.0330 0x143c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:11:58.0343 0x143c gupdate - ok
00:11:58.0370 0x143c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:11:58.0381 0x143c gupdatem - ok
00:11:58.0401 0x143c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:11:58.0457 0x143c hcw85cir - ok
00:11:58.0497 0x143c [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:11:58.0571 0x143c HdAudAddService - ok
00:11:58.0601 0x143c [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
00:11:58.0632 0x143c HDAudBus - ok
00:11:58.0647 0x143c [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
00:11:58.0711 0x143c HECIx64 - ok
00:11:58.0760 0x143c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
00:11:58.0801 0x143c HidBatt - ok
00:11:58.0821 0x143c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
00:11:58.0860 0x143c HidBth - ok
00:11:58.0885 0x143c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
00:11:58.0920 0x143c HidIr - ok
00:11:58.0950 0x143c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
00:11:59.0007 0x143c hidserv - ok
00:11:59.0066 0x143c [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:11:59.0104 0x143c HidUsb - ok
00:11:59.0132 0x143c [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc C:\Windows\system32\kmsvc.dll
00:11:59.0186 0x143c hkmsvc - ok
00:11:59.0247 0x143c [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:11:59.0307 0x143c HomeGroupListener - ok
00:11:59.0337 0x143c [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:11:59.0392 0x143c HomeGroupProvider - ok
00:11:59.0443 0x143c [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
00:11:59.0464 0x143c HpSAMD - ok
00:11:59.0558 0x143c [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:11:59.0716 0x143c HTTP - ok
00:11:59.0746 0x143c [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:11:59.0764 0x143c hwpolicy - ok
00:11:59.0817 0x143c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
00:11:59.0844 0x143c i8042prt - ok
00:11:59.0904 0x143c [ BBB3B6DF1ABB0FE35802EDE85CC1C011, 6E1FA8519A7D417969244E807D2863B39656169A925966045036A989A5EB611D ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
00:11:59.0927 0x143c iaStor - ok
00:12:00.0001 0x143c [ B75E45C564E944A2657167D197AB29DA, 622EA73F4D9CAE17628C18148FB241817A0AE6D80A74B099204ED27C1A750B24 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:12:00.0071 0x143c iaStorV - ok
00:12:00.0208 0x143c [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:12:00.0273 0x143c idsvc - ok
00:12:00.0314 0x143c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
00:12:00.0341 0x143c iirsp - ok
00:12:00.0434 0x143c [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT C:\Windows\System32\ikeext.dll
00:12:00.0569 0x143c IKEEXT - ok
00:12:00.0947 0x143c [ DCF6AFBA140AF3F880A427C2656BE44D, 8D97B9E5B35106BA74253F3DCC5672F08C7112F56E2BA882A3BBB0D7102F965C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
00:12:01.0112 0x143c IntcAzAudAddService - ok
00:12:01.0152 0x143c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
00:12:01.0170 0x143c intelide - ok
00:12:01.0188 0x143c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:12:01.0225 0x143c intelppm - ok
00:12:01.0266 0x143c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:12:01.0332 0x143c IPBusEnum - ok
00:12:01.0361 0x143c [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:12:01.0435 0x143c IpFilterDriver - ok
00:12:01.0585 0x143c [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:12:01.0689 0x143c iphlpsvc - ok
00:12:01.0722 0x143c [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
00:12:01.0759 0x143c IPMIDRV - ok
00:12:01.0781 0x143c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:12:01.0850 0x143c IPNAT - ok
00:12:01.0913 0x143c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:12:01.0953 0x143c IRENUM - ok
00:12:01.0968 0x143c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
00:12:01.0991 0x143c isapnp - ok
00:12:02.0008 0x143c [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
00:12:02.0043 0x143c iScsiPrt - ok
00:12:02.0073 0x143c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:12:02.0096 0x143c kbdclass - ok
00:12:02.0113 0x143c [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
00:12:02.0145 0x143c kbdhid - ok
00:12:02.0192 0x143c [ E63EF8C3271D014F14E2469CE75FECB4, 3A8DFA4B446AFDC35F01FD5218D0BEBC510A1E3DE9976210F00D19767D0F9069 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
00:12:02.0207 0x143c kbfiltr - ok
00:12:02.0233 0x143c [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] KeyIso C:\Windows\system32\lsass.exe
00:12:02.0249 0x143c KeyIso - ok
00:12:02.0264 0x143c [ 16C1B906FC5EAD84769F90B736B6BF0E, 2FD11B1A6C208CBA4FB97DB2E48B9A487C7649B1FCF5F761B2A0E4D6A02E61EC ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:12:02.0289 0x143c KSecDD - ok
00:12:02.0323 0x143c [ 0B711550C56444879D71C7DAABDA6C83, A598E0817B0B943457068AD196FD5C9DB9C4135C9901B9B6EAFD1D3B3F4F0E2F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:12:02.0354 0x143c KSecPkg - ok
00:12:02.0398 0x143c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
00:12:02.0459 0x143c ksthunk - ok
00:12:02.0538 0x143c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
00:12:02.0642 0x143c KtmRm - ok
00:12:02.0708 0x143c [ B4A3A05B0F9C81D098B96AB6AA915042, 76A63A00926E8ADE44994CEE282B086A2F5573430874AC60A6CFE0F80D5CCE9A ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
00:12:02.0750 0x143c L1C - ok
00:12:02.0785 0x143c [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer C:\Windows\system32\srvsvc.dll
00:12:02.0839 0x143c LanmanServer - ok
00:12:02.0879 0x143c [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:12:02.0944 0x143c LanmanWorkstation - ok
00:12:03.0062 0x143c [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
00:12:03.0079 0x143c lirsgt - ok
00:12:03.0151 0x143c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:12:03.0214 0x143c lltdio - ok
00:12:03.0279 0x143c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:12:03.0379 0x143c lltdsvc - ok
00:12:03.0406 0x143c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:12:03.0470 0x143c lmhosts - ok
00:12:03.0559 0x143c [ A1C148801B4AF64847AEB9F3AD9594EF, FF6ED89EA47DF74C33CD8BFAC48FAED1B979348ABA6B6D94EE07CBD21810F37B ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
00:12:03.0580 0x143c LMS - detected UnsignedFile.Multi.Generic ( 1 )
00:12:05.0973 0x143c Detect skipped due to KSN trusted
00:12:05.0973 0x143c LMS - ok
00:12:06.0014 0x143c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
00:12:06.0040 0x143c LSI_FC - ok
00:12:06.0086 0x143c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
00:12:06.0110 0x143c LSI_SAS - ok
00:12:06.0138 0x143c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:12:06.0163 0x143c LSI_SAS2 - ok
00:12:06.0198 0x143c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:12:06.0226 0x143c LSI_SCSI - ok
00:12:06.0240 0x143c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
00:12:06.0307 0x143c luafv - ok
00:12:06.0327 0x143c [ 085435AE1A124361304044029B5CC644, FEEDB68A3A31B31DD2550591E220A25FCAA8EF1A4BC87EA2750E73E2BE56848D ] lullaby C:\Windows\system32\DRIVERS\lullaby.sys
00:12:06.0342 0x143c lullaby - ok
00:12:06.0386 0x143c [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:12:06.0429 0x143c Mcx2Svc - ok
00:12:06.0455 0x143c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
00:12:06.0474 0x143c megasas - ok
00:12:06.0504 0x143c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
00:12:06.0533 0x143c MegaSR - ok
00:12:06.0551 0x143c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
00:12:06.0604 0x143c MMCSS - ok
00:12:06.0635 0x143c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
00:12:06.0690 0x143c Modem - ok
00:12:06.0714 0x143c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:12:06.0751 0x143c monitor - ok
00:12:06.0770 0x143c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:12:06.0790 0x143c mouclass - ok
00:12:06.0811 0x143c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:12:06.0841 0x143c mouhid - ok
00:12:06.0868 0x143c [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:12:06.0888 0x143c mountmgr - ok
00:12:06.0961 0x143c [ F60E017313E0F1EEB21D87C434CF538D, 5418A716AD23E21FFF7CDACD0C4EF2CD7F1D45E391E72196B4D036DBF9E9559C ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:12:06.0981 0x143c MozillaMaintenance - ok
00:12:07.0020 0x143c [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
00:12:07.0045 0x143c mpio - ok
00:12:07.0072 0x143c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:12:07.0128 0x143c mpsdrv - ok
00:12:07.0193 0x143c [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc C:\Windows\system32\mpssvc.dll
00:12:07.0341 0x143c MpsSvc - ok
00:12:07.0380 0x143c [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:12:07.0428 0x143c MRxDAV - ok
00:12:07.0467 0x143c [ 040D62A9D8AD28922632137ACDD984F2, D9457BDA88C2E3AA4E716C0657B77A4A3E212328CDABD5C18279B6440E1C1594 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:12:07.0529 0x143c mrxsmb - ok
00:12:07.0566 0x143c [ F0067552F8F9B33D7C59403AB808A3CB, 698B63528E1943BB4253BF7578DC128AA824C71BD04FF0521277E68B20656C02 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:12:07.0697 0x143c mrxsmb10 - ok
00:12:07.0717 0x143c [ 3C142D31DE9F2F193218A53FE2632051, 026B3A932A95D5160B64E470FC414F3D388D429317D5EAEA2D476F715C4CAE75 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:12:07.0758 0x143c mrxsmb20 - ok
00:12:07.0779 0x143c [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
00:12:07.0797 0x143c msahci - ok
00:12:07.0817 0x143c [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
00:12:07.0842 0x143c msdsm - ok
00:12:07.0892 0x143c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
00:12:07.0915 0x143c MSDTC - ok
00:12:07.0934 0x143c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:12:07.0990 0x143c Msfs - ok
00:12:08.0030 0x143c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:12:08.0085 0x143c mshidkmdf - ok
00:12:08.0090 0x143c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
00:12:08.0109 0x143c msisadrv - ok
00:12:08.0147 0x143c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:12:08.0223 0x143c MSiSCSI - ok
00:12:08.0228 0x143c msiserver - ok
00:12:08.0259 0x143c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:12:08.0323 0x143c MSKSSRV - ok
00:12:08.0341 0x143c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:12:08.0399 0x143c MSPCLOCK - ok
00:12:08.0416 0x143c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:12:08.0462 0x143c MSPQM - ok
00:12:08.0494 0x143c [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:12:08.0536 0x143c MsRPC - ok
00:12:08.0556 0x143c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
00:12:08.0579 0x143c mssmbios - ok
00:12:08.0630 0x143c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:12:08.0689 0x143c MSTEE - ok
00:12:08.0705 0x143c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
00:12:08.0737 0x143c MTConfig - ok
00:12:08.0769 0x143c [ 032D35C996F21D19A205A7C8F0B76F3C, 1A1C5BD7204BB937A05E201BCC0840B2C8E4B273D8E1D6D9407264FB4C57F014 ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
00:12:08.0785 0x143c MTsensor - ok
00:12:08.0798 0x143c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
00:12:08.0821 0x143c Mup - ok
00:12:08.0858 0x143c [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent C:\Windows\system32\qagentRT.dll
00:12:08.0948 0x143c napagent - ok
00:12:09.0001 0x143c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:12:09.0067 0x143c NativeWifiP - ok
00:12:09.0160 0x143c [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS C:\Windows\system32\drivers\ndis.sys
00:12:09.0252 0x143c NDIS - ok
00:12:09.0297 0x143c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:12:09.0353 0x143c NdisCap - ok
00:12:09.0401 0x143c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:12:09.0452 0x143c NdisTapi - ok
00:12:09.0487 0x143c [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:12:09.0533 0x143c Ndisuio - ok
00:12:09.0549 0x143c [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:12:09.0623 0x143c NdisWan - ok
00:12:09.0656 0x143c [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:12:09.0707 0x143c NDProxy - ok
00:12:09.0729 0x143c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:12:09.0792 0x143c NetBIOS - ok
00:12:09.0823 0x143c [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:12:09.0896 0x143c NetBT - ok
00:12:09.0925 0x143c [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] Netlogon C:\Windows\system32\lsass.exe
00:12:09.0941 0x143c Netlogon - ok
00:12:09.0969 0x143c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
00:12:10.0044 0x143c Netman - ok
00:12:10.0084 0x143c [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:12:10.0112 0x143c NetMsmqActivator - ok
00:12:10.0120 0x143c [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:12:10.0137 0x143c NetPipeActivator - ok
00:12:10.0183 0x143c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
00:12:10.0258 0x143c netprofm - ok
00:12:10.0293 0x143c [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:12:10.0310 0x143c NetTcpActivator - ok
00:12:10.0326 0x143c [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:12:10.0346 0x143c NetTcpPortSharing - ok
00:12:10.0374 0x143c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
00:12:10.0395 0x143c nfrd960 - ok
00:12:10.0436 0x143c [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc C:\Windows\System32\nlasvc.dll
00:12:10.0500 0x143c NlaSvc - ok
00:12:10.0522 0x143c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:12:10.0605 0x143c Npfs - ok
00:12:10.0654 0x143c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
00:12:10.0699 0x143c nsi - ok
00:12:10.0723 0x143c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:12:10.0780 0x143c nsiproxy - ok
00:12:10.0867 0x143c [ 378E0E0DFEA67D98AE6EA53ADBBD76BC, 2A78A36A729B271FE54A54E507EBC9AD9B9D764DBCB58AC3CBB8FC76D0075391 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:12:10.0986 0x143c Ntfs - ok
00:12:11.0001 0x143c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
00:12:11.0052 0x143c Null - ok
00:12:11.0100 0x143c [ 785298579B5F9B4032152DFBB992FDB6, 873346A9B2C71C4F3F8B9C6B6AF34AD3675D029DAEA93876350ACBCEE19145D5 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
00:12:11.0150 0x143c nusb3hub - ok
00:12:11.0173 0x143c [ DF2750481B4964814467C974F2B0EEF1, 573FE5B5867C207355F0D6BBAE744EC5D2539F02DDC25E1470AE2D1E00954C3C ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
00:12:11.0199 0x143c nusb3xhc - ok
00:12:11.0225 0x143c [ A4D9C9A608A97F59307C2F2600EDC6A4, D786F4CA2D10BAC31CE14A338C442F7027D4BB2E955AB99BC44C2F241D383BBE ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:12:11.0249 0x143c nvraid - ok
00:12:11.0287 0x143c [ 6C1D5F70E7A6A3FD1C90D840EDC048B9, 8D5337742A0F5B04D636C163CE77D4A9B3684CF81170026912A402513B44BA77 ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:12:11.0314 0x143c nvstor - ok
00:12:11.0340 0x143c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
00:12:11.0365 0x143c nv_agp - ok
00:12:11.0464 0x143c [ 1F0E05DFF4F5A833168E49BE1256F002, A858267572033C185293B0FD15B2BFDA679D0771A14C0ADF24461B529DBAD8DF ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:12:11.0502 0x143c odserv - ok
00:12:11.0527 0x143c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
00:12:11.0569 0x143c ohci1394 - ok
00:12:11.0629 0x143c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:12:11.0647 0x143c ose - ok
00:12:11.0796 0x143c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:12:11.0857 0x143c p2pimsvc - ok
00:12:11.0900 0x143c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
00:12:11.0953 0x143c p2psvc - ok
00:12:11.0991 0x143c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
00:12:12.0015 0x143c Parport - ok
00:12:12.0056 0x143c [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:12:12.0076 0x143c partmgr - ok
00:12:12.0107 0x143c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
00:12:12.0148 0x143c PcaSvc - ok
00:12:12.0159 0x143c [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci C:\Windows\system32\DRIVERS\pci.sys
00:12:12.0175 0x143c pci - ok
00:12:12.0180 0x143c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
00:12:12.0196 0x143c pciide - ok
00:12:12.0225 0x143c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
00:12:12.0253 0x143c pcmcia - ok
00:12:12.0260 0x143c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
00:12:12.0279 0x143c pcw - ok
00:12:12.0322 0x143c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:12:12.0430 0x143c PEAUTH - ok
00:12:12.0539 0x143c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:12:12.0571 0x143c PerfHost - ok
00:12:12.0653 0x143c [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla C:\Windows\system32\pla.dll
00:12:12.0813 0x143c pla - ok
00:12:12.0866 0x143c [ 98B1721B8718164293B9701B98C52D77, 27F5F00D4AA394D4D8D0A0062EDC3F944B603E07CAAEDC5CC959BA1E8C208C2A ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:12:12.0931 0x143c PlugPlay - ok
00:12:12.0965 0x143c PnkBstrA - ok
00:12:12.0984 0x143c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:12:13.0019 0x143c PNRPAutoReg - ok
00:12:13.0051 0x143c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:12:13.0079 0x143c PNRPsvc - ok
00:12:13.0125 0x143c [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:12:13.0205 0x143c PolicyAgent - ok
00:12:13.0243 0x143c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
00:12:13.0299 0x143c Power - ok
00:12:13.0347 0x143c [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:12:13.0411 0x143c PptpMiniport - ok
00:12:13.0450 0x143c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
00:12:13.0485 0x143c Processor - ok
00:12:13.0516 0x143c [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc C:\Windows\system32\profsvc.dll
00:12:13.0579 0x143c ProfSvc - ok
00:12:13.0612 0x143c [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:12:13.0628 0x143c ProtectedStorage - ok
00:12:13.0663 0x143c [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:12:13.0716 0x143c Psched - ok
00:12:13.0812 0x143c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
00:12:13.0961 0x143c ql2300 - ok
00:12:13.0997 0x143c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
00:12:14.0021 0x143c ql40xx - ok
00:12:14.0057 0x143c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
00:12:14.0096 0x143c QWAVE - ok
00:12:14.0148 0x143c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:12:14.0182 0x143c QWAVEdrv - ok
00:12:14.0204 0x143c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:12:14.0253 0x143c RasAcd - ok
00:12:14.0296 0x143c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:12:14.0339 0x143c RasAgileVpn - ok
00:12:14.0361 0x143c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
00:12:14.0417 0x143c RasAuto - ok
00:12:14.0444 0x143c [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:12:14.0507 0x143c Rasl2tp - ok
00:12:14.0554 0x143c [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan C:\Windows\System32\rasmans.dll
00:12:14.0650 0x143c RasMan - ok
00:12:14.0699 0x143c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:12:14.0760 0x143c RasPppoe - ok
00:12:14.0782 0x143c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:12:14.0838 0x143c RasSstp - ok
00:12:14.0869 0x143c [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:12:14.0947 0x143c rdbss - ok
00:12:14.0967 0x143c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
00:12:15.0033 0x143c rdpbus - ok
00:12:15.0088 0x143c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:12:15.0200 0x143c RDPCDD - ok
00:12:15.0246 0x143c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:12:15.0283 0x143c RDPENCDD - ok
00:12:15.0290 0x143c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:12:15.0349 0x143c RDPREFMP - ok
00:12:15.0398 0x143c [ 074AC702D8B8B660B0E1371555995386, 4D038797AF891BB6FE4503178C3A9C918620FEA80AFB36083B836B2547271952 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:12:15.0453 0x143c RDPWD - ok
00:12:15.0488 0x143c [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:12:15.0516 0x143c rdyboost - ok
00:12:15.0536 0x143c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:12:15.0593 0x143c RemoteAccess - ok
00:12:15.0636 0x143c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:12:15.0680 0x143c RemoteRegistry - ok
00:12:15.0732 0x143c [ F12A68ED55053940CADD59CA5E3468DD, 75331E6DA4E30717085E7D8131989241EBC492DC3EE455546F91DA9DFFFD2BFC ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
00:12:15.0748 0x143c RichVideo - detected UnsignedFile.Multi.Generic ( 1 )
00:12:18.0806 0x143c Detect skipped due to KSN trusted
00:12:18.0806 0x143c RichVideo - ok
00:12:18.0839 0x143c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:12:18.0891 0x143c RpcEptMapper - ok
00:12:18.0918 0x143c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
00:12:18.0946 0x143c RpcLocator - ok
00:12:18.0984 0x143c [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs C:\Windows\system32\rpcss.dll
00:12:19.0039 0x143c RpcSs - ok
00:12:19.0081 0x143c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:12:19.0131 0x143c rspndr - ok
00:12:19.0181 0x143c [ 483C537E69FA97C77F7FE0E2E1C1F102, B5DCC1C669126C558057B328F86071F35B2FF55A0C595A05FC16F2E893BA48E4 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
00:12:19.0472 0x143c RTHDMIAzAudService - ok
00:12:19.0632 0x143c [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] SamSs C:\Windows\system32\lsass.exe
00:12:19.0697 0x143c SamSs - ok
00:12:19.0717 0x143c [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
00:12:19.0739 0x143c sbp2port - ok
00:12:19.0773 0x143c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:12:19.0841 0x143c SCardSvr - ok
00:12:19.0860 0x143c [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:12:19.0910 0x143c scfilter - ok
00:12:19.0980 0x143c [ 624D0F5FF99428BB90A5B8A4123E918E, 90A43E6F09B56CB86A3E3851F8E5ABB74905AEB70296F4B87BEDBC3027E65E86 ] Schedule C:\Windows\system32\schedsvc.dll
00:12:20.0073 0x143c Schedule - ok
00:12:20.0108 0x143c [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc C:\Windows\System32\certprop.dll
00:12:20.0145 0x143c SCPolicySvc - ok
00:12:20.0182 0x143c [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:12:20.0240 0x143c SDRSVC - ok
00:12:20.0252 0x143c [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon C:\Windows\system32\seclogon.dll
00:12:20.0303 0x143c seclogon - ok
00:12:20.0322 0x143c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
00:12:20.0360 0x143c SENS - ok
00:12:20.0379 0x143c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:12:20.0423 0x143c SensrSvc - ok
00:12:20.0454 0x143c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:12:20.0487 0x143c Serenum - ok
00:12:20.0509 0x143c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
00:12:20.0534 0x143c Serial - ok
00:12:20.0555 0x143c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
00:12:20.0614 0x143c sermouse - ok
00:12:20.0652 0x143c [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv C:\Windows\system32\sessenv.dll
00:12:20.0691 0x143c SessionEnv - ok
00:12:20.0711 0x143c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
00:12:20.0740 0x143c sffdisk - ok
00:12:20.0754 0x143c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
00:12:20.0774 0x143c sffp_mmc - ok
00:12:20.0791 0x143c [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
00:12:20.0812 0x143c sffp_sd - ok
00:12:20.0832 0x143c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
00:12:20.0879 0x143c sfloppy - ok
00:12:20.0924 0x143c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:12:21.0004 0x143c SharedAccess - ok
00:12:21.0052 0x143c [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:12:21.0101 0x143c ShellHWDetection - ok
00:12:21.0138 0x143c [ 1BC348CF6BAA90EC8E533EF6E6A69933, 2B26F6EB701F48E092DED6A7B888F24736F2899EE81D54DD4B1E9DF7CFD36E7A ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
00:12:21.0176 0x143c SiSGbeLH - ok
00:12:21.0208 0x143c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:12:21.0228 0x143c SiSRaid2 - ok
00:12:21.0250 0x143c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
00:12:21.0272 0x143c SiSRaid4 - ok
00:12:21.0292 0x143c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:12:21.0336 0x143c Smb - ok
00:12:21.0386 0x143c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:12:21.0420 0x143c SNMPTRAP - ok
00:12:21.0518 0x143c [ 2114518E55B380A3ACC28B2C27FD499A, 5EB378ECE4AD1E1C843CF21D46A5A3DE85CB8BBF1DF7292D54200F4ECFAE301A ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
00:12:21.0677 0x143c SNP2UVC - ok
00:12:21.0711 0x143c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
00:12:21.0727 0x143c spldr - ok
00:12:21.0779 0x143c [ F8E1FA03CB70D54A9892AC88B91D1E7B, 55EECAAD4C7EC0868BE937F4ADDA026AFDFCC614E94DE4B3248BFF2BE7FF13E8 ] Spooler C:\Windows\System32\spoolsv.exe
00:12:21.0810 0x143c Spooler - ok
00:12:21.0970 0x143c [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc C:\Windows\system32\sppsvc.exe
00:12:22.0168 0x143c sppsvc - ok
00:12:22.0190 0x143c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:12:22.0246 0x143c sppuinotify - ok
00:12:22.0347 0x143c [ 602884696850C86434530790B110E8EB, C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA ] sptd C:\Windows\system32\Drivers\sptd.sys
00:12:22.0347 0x143c Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB, sha256: C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA
00:12:22.0349 0x143c sptd - detected LockedFile.Multi.Generic ( 1 )
00:12:25.0302 0x143c Detect skipped due to KSN trusted
00:12:25.0302 0x143c sptd - ok
00:12:25.0361 0x143c [ 2408C0366D96BCDF63E8F1C78E4A29C5, 66F646890695B5D80536E88B1566C8765D89CFE25954ED650F6D773EFF045016 ] srv C:\Windows\system32\DRIVERS\srv.sys
00:12:25.0454 0x143c srv - ok
00:12:25.0487 0x143c [ 76548F7B818881B47D8D1AE1BE9C11F8, 8F1356B07A6A55746FC71B6DB0322128941AE890850196F2B19BC01E6FC9B41C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:12:25.0545 0x143c srv2 - ok
00:12:25.0577 0x143c [ 0AF6E19D39C70844C5CAA8FB0183C36E, 4494EEFDEA7198888D32E74727E5BC0AC628FFA70B1FE7EB59DBEEDC1A95D0DD ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:12:25.0624 0x143c srvnet - ok
00:12:25.0658 0x143c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:12:25.0706 0x143c SSDPSRV - ok
00:12:25.0736 0x143c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:12:25.0787 0x143c SstpSvc - ok
00:12:25.0896 0x143c [ 7E815DDD79CC73A02A33DF11FABE4E1E, A05A85CDB0CB0AA1AAC93AA801C39242BFE59082E2BC580F04EBFA71B5B61F07 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
00:12:25.0946 0x143c Steam Client Service - ok
00:12:26.0009 0x143c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
00:12:26.0027 0x143c stexstor - ok
00:12:26.0080 0x143c [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc C:\Windows\System32\wiaservc.dll
00:12:26.0160 0x143c stisvc - ok
00:12:26.0177 0x143c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
00:12:26.0197 0x143c swenum - ok
00:12:26.0249 0x143c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
00:12:26.0337 0x143c swprv - ok
00:12:26.0434 0x143c [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain C:\Windows\system32\sysmain.dll
00:12:26.0548 0x143c SysMain - ok
00:12:26.0578 0x143c [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:12:26.0626 0x143c TabletInputService - ok
00:12:26.0682 0x143c [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv C:\Windows\System32\tapisrv.dll
00:12:26.0747 0x143c TapiSrv - ok
00:12:26.0763 0x143c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
00:12:26.0818 0x143c TBS - ok
00:12:26.0933 0x143c [ F18F56EFC0BFB9C87BA01C37B27F4DA5, 868EF8102EAB18E5EEC4B3032392BB4559B442A489026381F86875193325F63C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:12:27.0092 0x143c Tcpip - ok
00:12:27.0198 0x143c [ F18F56EFC0BFB9C87BA01C37B27F4DA5, 868EF8102EAB18E5EEC4B3032392BB4559B442A489026381F86875193325F63C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:12:27.0262 0x143c TCPIP6 - ok
00:12:27.0314 0x143c [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:12:27.0357 0x143c tcpipreg - ok
00:12:27.0394 0x143c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:12:27.0442 0x143c TDPIPE - ok
00:12:27.0474 0x143c [ 7518F7BCFD4B308ABC9192BACAF6C970, CF08E547EF4059DA3F5A2FCBA98939E84092BB6E0E37F9BBCD1E4D9EBB8A58BB ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:12:27.0515 0x143c TDTCP - ok
00:12:27.0527 0x143c [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:12:27.0589 0x143c tdx - ok
00:12:27.0628 0x143c [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
00:12:27.0647 0x143c TermDD - ok
00:12:27.0691 0x143c [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService C:\Windows\System32\termsrv.dll
00:12:27.0764 0x143c TermService - ok
00:12:27.0791 0x143c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
00:12:27.0828 0x143c Themes - ok
00:12:27.0857 0x143c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
00:12:27.0894 0x143c THREADORDER - ok
00:12:27.0930 0x143c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
00:12:27.0972 0x143c TrkWks - ok
00:12:28.0019 0x143c [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:12:28.0055 0x143c TrustedInstaller - ok
00:12:28.0072 0x143c [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:12:28.0145 0x143c tssecsrv - ok
00:12:28.0312 0x143c [ CDAD7034AF9562835F29FB50A5F54832, CEBEAAF387A6B6A7CE20839E29988F47A7CD381BEDD8B127ECD5E0548BCC68FA ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
00:12:28.0433 0x143c TuneUp.UtilitiesSvc - ok
00:12:28.0493 0x143c [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
00:12:28.0511 0x143c TuneUpUtilitiesDrv - ok
00:12:28.0548 0x143c [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:12:28.0600 0x143c tunnel - ok
00:12:28.0633 0x143c [ C45A3E051C65106A28982CAED125F855, 9164708ABC6B1BA804B8297AA4EEBC65C4BDD4D399AD6CBAB9C66BB7AA9020E8 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
00:12:28.0649 0x143c TurboB - ok
00:12:28.0725 0x143c [ BAEF86EBEAECE76573FA822DEA256F6C, B845AB0AACCCF4C2D4A8DD152C57C52416C5938FB3FEB670DB5434FA95620F3B ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
00:12:28.0737 0x143c TurboBoost - ok
00:12:28.0754 0x143c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
00:12:28.0773 0x143c uagp35 - ok
00:12:28.0806 0x143c [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:12:28.0890 0x143c udfs - ok
00:12:28.0919 0x143c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:12:28.0949 0x143c UI0Detect - ok
00:12:28.0973 0x143c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
00:12:29.0035 0x143c uliagpkx - ok
00:12:29.0141 0x143c [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
00:12:29.0175 0x143c umbus - ok
00:12:29.0216 0x143c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
00:12:29.0233 0x143c UmPass - ok
00:12:29.0367 0x143c [ 41118D920B2B268C0ADC36421248CDCF, 4F99C4913DCFE02B0783FD97F02558E4DD4D7C98553D95A8E26FAAA0C0D67616 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
00:12:29.0529 0x143c UNS - detected UnsignedFile.Multi.Generic ( 1 )
00:12:32.0854 0x143c Detect skipped due to KSN trusted
00:12:32.0854 0x143c UNS - ok
00:12:32.0897 0x143c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
00:12:32.0955 0x143c upnphost - ok
00:12:32.0979 0x143c [ 7B6A127C93EE590E4D79A5F2A76FE46F, 6F178916EF6D58D1E5B26C0D9D95C276B776505BFC9F716BB1E3ABD3B2B72FCE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:12:33.0009 0x143c usbccgp - ok
00:12:33.0041 0x143c [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
00:12:33.0087 0x143c usbcir - ok
00:12:33.0123 0x143c [ 92969BA5AC44E229C55A332864F79677, 4ED1E1049E7641D3FFF5D296F2D59060225CE52AB9F7B5CA618898B46A772F98 ] usbehci C:\Windows\system32\drivers\usbehci.sys
00:12:33.0150 0x143c usbehci - ok
00:12:33.0181 0x143c [ E7DF1CFD28CA86B35EF5ADD0735CEEF3, AA751288EC34D61D934D7E8C036B60BBCEDC2A746815623478BB015D87D6A998 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:12:33.0242 0x143c usbhub - ok
00:12:33.0271 0x143c [ F1BB1E55F1E7A65C5839CCC7B36D773E, 4F517F81FA5688D78D3627EA7D2EA16AD4EB410D7624FE483C7AF26951E579A9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
00:12:33.0306 0x143c usbohci - ok
00:12:33.0341 0x143c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:12:33.0374 0x143c usbprint - ok
00:12:33.0422 0x143c [ F39983647BC1F3E6100778DDFE9DCE29, 3BD36594F7C753680DB5A4354B1D6A33FC3011631D2D56DD4B2464AA99C85F7B ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:12:33.0471 0x143c USBSTOR - ok
00:12:33.0494 0x143c [ BC3070350A491D84B518D7CCA9ABD36F, 96FFF9F76A93CF4806297AE7C11A5C6D1E7A9980260E6CFC960F8247D5032161 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
00:12:33.0532 0x143c usbuhci - ok
00:12:33.0696 0x143c [ 7CB8C573C6E4A2714402CC0A36EAB4FE, FCD65AA3723617F58F77C4DA93CE910C712B8AA9411B5C4A60DC6C684EA53C1B ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
00:12:33.0754 0x143c usbvideo - ok
00:12:33.0782 0x143c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
00:12:33.0830 0x143c UxSms - ok
00:12:33.0851 0x143c [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] VaultSvc C:\Windows\system32\lsass.exe
00:12:33.0867 0x143c VaultSvc - ok
00:12:33.0897 0x143c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
00:12:33.0915 0x143c vdrvroot - ok
00:12:33.0961 0x143c [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds C:\Windows\System32\vds.exe
00:12:34.0011 0x143c vds - ok
00:12:34.0035 0x143c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:12:34.0056 0x143c vga - ok
00:12:34.0069 0x143c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
00:12:34.0124 0x143c VgaSave - ok
00:12:34.0145 0x143c [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
00:12:34.0177 0x143c vhdmp - ok
00:12:34.0194 0x143c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
00:12:34.0213 0x143c viaide - ok
00:12:34.0229 0x143c [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
00:12:34.0251 0x143c volmgr - ok
00:12:34.0275 0x143c [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:12:34.0327 0x143c volmgrx - ok
00:12:34.0341 0x143c [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
00:12:34.0376 0x143c volsnap - ok
00:12:34.0401 0x143c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
00:12:34.0428 0x143c vsmraid - ok
00:12:34.0567 0x143c [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS C:\Windows\system32\vssvc.exe
00:12:34.0718 0x143c VSS - ok
00:12:34.0741 0x143c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
00:12:34.0776 0x143c vwifibus - ok
00:12:34.0791 0x143c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
00:12:34.0832 0x143c vwififlt - ok
00:12:34.0863 0x143c [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
00:12:34.0888 0x143c vwifimp - ok
00:12:34.0938 0x143c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
00:12:35.0012 0x143c W32Time - ok
00:12:35.0038 0x143c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
00:12:35.0076 0x143c WacomPen - ok
00:12:35.0112 0x143c [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:12:35.0175 0x143c WANARP - ok
00:12:35.0180 0x143c [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:12:35.0217 0x143c Wanarpv6 - ok
00:12:35.0296 0x143c [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine C:\Windows\system32\wbengine.exe
00:12:35.0426 0x143c wbengine - ok
00:12:35.0450 0x143c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:12:35.0505 0x143c WbioSrvc - ok
00:12:35.0559 0x143c [ DD1BAE8EBFC653824D29CCF8C9054D68, 81D6640222FE276D721168745F6BB905D4E756909A9B2C706AF25465D748772D ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:12:35.0639 0x143c wcncsvc - ok
00:12:35.0667 0x143c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:12:35.0717 0x143c WcsPlugInService - ok
00:12:35.0753 0x143c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
00:12:35.0770 0x143c Wd - ok
00:12:35.0811 0x143c [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:12:35.0889 0x143c Wdf01000 - ok
00:12:35.0914 0x143c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:12:35.0947 0x143c WdiServiceHost - ok
00:12:35.0970 0x143c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:12:35.0992 0x143c WdiSystemHost - ok
00:12:36.0023 0x143c [ 733006127F235BE7C35354EBEE7B9A7B, 2C7E7030D586C36261F33F29883337695493D48CEA415D6DBA7C5635845A5B32 ] WebClient C:\Windows\System32\webclnt.dll
00:12:36.0085 0x143c WebClient - ok
00:12:36.0120 0x143c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:12:36.0186 0x143c Wecsvc - ok
00:12:36.0203 0x143c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:12:36.0268 0x143c wercplsupport - ok
00:12:36.0307 0x143c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
00:12:36.0368 0x143c WerSvc - ok
00:12:36.0405 0x143c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:12:36.0446 0x143c WfpLwf - ok
00:12:36.0480 0x143c [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
00:12:36.0503 0x143c WimFltr - ok
00:12:36.0514 0x143c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:12:36.0532 0x143c WIMMount - ok
00:12:36.0551 0x143c WinDefend - ok
00:12:36.0560 0x143c WinHttpAutoProxySvc - ok
00:12:36.0627 0x143c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:12:36.0677 0x143c Winmgmt - ok
00:12:36.0893 0x143c [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM C:\Windows\system32\WsmSvc.dll
00:12:37.0065 0x143c WinRM - ok
00:12:37.0134 0x143c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
00:12:37.0198 0x143c Wlansvc - ok
00:12:37.0337 0x143c [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:12:37.0461 0x143c wlidsvc - ok
00:12:37.0495 0x143c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
00:12:37.0528 0x143c WmiAcpi - ok
00:12:37.0568 0x143c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:12:37.0596 0x143c wmiApSrv - ok
00:12:37.0634 0x143c WMPNetworkSvc - ok
00:12:37.0654 0x143c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:12:37.0703 0x143c WPCSvc - ok
00:12:37.0720 0x143c [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:12:37.0755 0x143c WPDBusEnum - ok
00:12:37.0780 0x143c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:12:37.0834 0x143c ws2ifsl - ok
00:12:37.0882 0x143c [ 8F9F3969933C02DA96EB0F84576DB43E, C424D7B881A4DCC348433CF02044383013E32DB94CC66D1D20E1866CB3B0F952 ] wscsvc C:\Windows\System32\wscsvc.dll
00:12:37.0930 0x143c wscsvc - ok
00:12:37.0933 0x143c WSearch - ok
00:12:38.0084 0x143c [ 38340204A2D0228F1E87740FC5E554A7, 57181ED34E73DD17B590803C770A086C57754F229C6F587637B8FBB5D6519603 ] wuauserv C:\Windows\system32\wuaueng.dll
00:12:38.0275 0x143c wuauserv - ok
00:12:38.0300 0x143c [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:12:38.0348 0x143c WudfPf - ok
00:12:38.0402 0x143c [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:12:38.0468 0x143c WUDFRd - ok
00:12:38.0510 0x143c [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:12:38.0575 0x143c wudfsvc - ok
00:12:38.0614 0x143c [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
00:12:38.0665 0x143c WwanSvc - ok
00:12:38.0763 0x143c [ 74983ADDCA2D9618512C088D856D6615, C4592EFC1206BD813221814FD529AD38ED26E4AE086613EB95D3D5E20448A1F0 ] {B154377D-700F-42cc-9474-23858FBDF4BD} C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl
00:12:38.0779 0x143c {B154377D-700F-42cc-9474-23858FBDF4BD} - ok
00:12:38.0800 0x143c ================ Scan global ===============================
00:12:38.0820 0x143c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
00:12:38.0853 0x143c [ 0CB6EBF4B461A6043353C570BD72A1E1, B6DA0AE56A7DC373F60CA1EF69E4D55E6F2EEB0D62AB78D555C5F85EB389A356 ] C:\Windows\system32\winsrv.dll
00:12:38.0875 0x143c [ 0CB6EBF4B461A6043353C570BD72A1E1, B6DA0AE56A7DC373F60CA1EF69E4D55E6F2EEB0D62AB78D555C5F85EB389A356 ] C:\Windows\system32\winsrv.dll
00:12:38.0910 0x143c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
00:12:39.0079 0x143c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
00:12:39.0095 0x143c [ Global ] - ok
00:12:39.0096 0x143c ================ Scan MBR ==================================
00:12:39.0117 0x143c [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
00:12:41.0228 0x143c \Device\Harddisk0\DR0 - ok
00:12:41.0230 0x143c ================ Scan VBR ==================================
00:12:41.0254 0x143c [ 1D5A4C505F70AD283EEA61A893FA2FDF ] \Device\Harddisk0\DR0\Partition1
00:12:41.0257 0x143c \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
00:12:41.0257 0x143c \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
00:12:43.0651 0x143c [ 49AB2F696E91DF00265D64A54C592637 ] \Device\Harddisk0\DR0\Partition2
00:12:43.0655 0x143c \Device\Harddisk0\DR0\Partition2 - ok
00:12:43.0655 0x143c ================ Scan generic autorun ======================
00:12:43.0802 0x143c [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
00:12:43.0847 0x143c AdobeAAMUpdater-1.0 - ok
00:12:43.0890 0x143c [ 819CB14FC5EF910B6D4C5AB77793C53F, 96F2FE5400C278D9C1E3FAA28B699DEC63F297D61C03A85FD63ADEA411B00869 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
00:12:43.0899 0x143c StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
00:12:46.0491 0x143c Detect skipped due to KSN trusted
00:12:46.0491 0x143c StartCCC - ok
00:12:46.0541 0x143c [ 087A06DB98D0E84C0DE90EE308707E63, 96E8CDC492115A93B1B244196947E45D3C30CF64F538EAB634E0B02BEFBF1607 ] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
00:12:46.0549 0x143c NUSB3MON - detected UnsignedFile.Multi.Generic ( 1 )
00:12:48.0995 0x143c Detect skipped due to KSN trusted
00:12:48.0996 0x143c NUSB3MON - ok
00:12:49.0132 0x143c [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
00:12:49.0168 0x143c avgnt - ok
00:12:49.0250 0x143c [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:12:49.0412 0x143c Sidebar - ok
00:12:49.0439 0x143c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:12:49.0460 0x143c mctadmin - ok
00:12:49.0514 0x143c [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:12:49.0566 0x143c Sidebar - ok
00:12:49.0604 0x143c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:12:49.0624 0x143c mctadmin - ok
00:12:49.0731 0x143c [ 7A6A4EDC0CEF9DE9CAFFDFE36D991FD4, 29078B41C8E977E06D925936325B1BE41F478CE53B1F5D2408A7C414240DC0B2 ] C:\Users\Daddy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
00:12:49.0803 0x143c Spotify Web Helper - ok
00:12:49.0806 0x143c Waiting for KSN requests completion. In queue: 6
00:12:50.0806 0x143c Waiting for KSN requests completion. In queue: 6
00:12:51.0806 0x143c Waiting for KSN requests completion. In queue: 6
00:12:52.0859 0x143c AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x41000 ( enabled : updated )
00:12:52.0875 0x143c Win FW state via NFP2: enabled
00:12:55.0258 0x143c ============================================================
00:12:55.0258 0x143c Scan finished
00:12:55.0258 0x143c ============================================================
00:12:55.0268 0x18ac Detected object count: 1
00:12:55.0268 0x18ac Actual detected object count: 1
00:13:06.0746 0x18ac \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user
00:13:06.0747 0x18ac \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip
Geändert von Mr.dub (19.09.2014 um 23:17 Uhr) |
|
19.09.2014, 23:18
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Boo/Cidox.b Hi,
__________________Einträge mit TDSS-Killer löschen. Windows neu starten, neues Log mit TDSS-Killer machen. Und auch bitte FRST: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
19.09.2014, 23:48
| #3 |
| | Boo/Cidox.b Hier: FRST
__________________FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Daddy (administrator) on DADDY-PC on 20-09-2014 00:39:27
Running from C:\Users\Daddy\Desktop
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\Daddy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-21] (NEC Electronics Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [807696 2013-12-20] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1479915848-3698468020-625273048-1000\...\Run: [Spotify Web Helper] => C:\Users\Daddy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-08-27] (Spotify Ltd)
HKU\S-1-5-21-1479915848-3698468020-625273048-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-1479915848-3698468020-625273048-1000\...\MountPoints2: {28dc369f-039f-11df-bcea-e0cb4e560368} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1479915848-3698468020-625273048-1000\...\MountPoints2: {5cbbe385-02d0-11df-898a-e0cb4e560368} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1479915848-3698468020-625273048-1000\...\MountPoints2: {e2d2cf65-030e-11df-9307-e0cb4e560368} - H:\Autorun.exe
IFEO\hd-apkhandler.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\hd-runapp.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\hd-startlauncher.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPF63F852A-B6EE-41A6-AA53-09BE44511160&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP6AF504B4-561F-4237-9FC2-AEDC2A6F0D97&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP6AF504B4-561F-4237-9FC2-AEDC2A6F0D97&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {DAA0E028-948E-4052-AE09-9E30A6C11D43} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=6ea1bed0-7e74-4987-94c1-46ea1336f438&apn_sauid=34A2857F-02CB-46D4-8840-742E0E352357
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Daddy\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Daddy\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Daddy\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Daddy\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Daddy\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Daddy\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru [2011-07-26]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2011-07-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012-04-23]
Chrome:
=======
CHR Profile: C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-05-15]
CHR Extension: (Google Translate) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-02-22]
CHR Extension: (Google Drive) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-23]
CHR Extension: (Slinky Elegant) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2014-02-22]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-22]
CHR Extension: (Google Search) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-23]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2014-05-02]
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2014-02-22]
CHR Extension: (AdBlock) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-02]
CHR Extension: (Dropbox) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-02-22]
CHR Extension: (Google Play) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-02-22]
CHR Extension: (Google Maps) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-02-22]
CHR Extension: (Hangouts) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-02-23]
CHR Extension: (Google Wallet) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-03]
CHR Extension: (Google Chrome to Phone Extension) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2014-02-22]
CHR Extension: (Context Menu Search) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2014-07-30]
CHR Extension: (Gmail) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-23]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-07] (Avira Operations GmbH & Co. KG)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-01] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-08-03] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-14] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-08-03] ()
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-07] ()
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl [146928 2009-09-02] (CyberLink Corp.)
U3 tmlwf; No ImagePath
U3 tmwfp; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-20 00:37 - 2014-09-20 00:39 - 00068418 _____ () C:\Users\Daddy\Desktop\Addition.txt
2014-09-20 00:36 - 2014-09-20 00:39 - 00016673 _____ () C:\Users\Daddy\Desktop\FRST.txt
2014-09-20 00:36 - 2014-09-20 00:39 - 00000000 ____D () C:\FRST
2014-09-20 00:21 - 2014-09-20 00:28 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-09-20 00:20 - 2014-09-20 00:20 - 02105856 _____ (Farbar) C:\Users\Daddy\Desktop\FRST64.exe
2014-09-19 23:54 - 2014-09-19 23:54 - 490967222 _____ () C:\Windows\MEMORY.DMP
2014-09-19 23:54 - 2014-09-19 23:54 - 00275960 _____ () C:\Windows\Minidump\091914-22978-01.dmp
2014-09-19 23:23 - 2014-09-19 23:23 - 00001265 _____ () C:\Users\Daddy\Desktop\Neues Textdokument.txt
2014-09-19 22:50 - 2014-09-19 22:50 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Daddy\Desktop\tdsskiller.exe
2014-09-19 21:58 - 2014-09-19 21:58 - 00003288 ____N () C:\bootsqm.dat
2014-09-19 20:38 - 2014-09-20 00:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-19 20:38 - 2014-09-19 20:38 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-19 20:38 - 2014-09-19 20:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-19 20:38 - 2014-09-19 20:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-19 20:38 - 2014-09-19 20:38 - 00000000 ____D () C:\Windows\system32\Macromed
2014-09-19 20:31 - 2014-09-19 20:31 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-09-18 21:45 - 2014-09-18 21:45 - 12789816 _____ () C:\Users\Daddy\Downloads\Warriors-MP3.zip
2014-09-16 19:14 - 2014-09-16 19:17 - 00000000 ____D () C:\Users\Daddy\Desktop\alex mod
2014-09-12 18:38 - 2014-09-12 18:38 - 00275960 _____ () C:\Windows\Minidump\091214-19983-01.dmp
2014-09-09 11:52 - 2014-09-09 11:52 - 00275960 _____ () C:\Windows\Minidump\090914-21840-01.dmp
2014-09-07 16:04 - 2014-09-07 16:04 - 00000824 _____ () C:\Users\Daddy\Desktop\teeworlds.lnk
2014-09-07 15:06 - 2014-09-08 18:47 - 00000000 ____D () C:\Users\Daddy\AppData\Roaming\Teeworlds
2014-09-05 18:12 - 2014-09-05 18:21 - 00393216 _____ () C:\Windows\system32\Ikeext.etl
2014-08-31 13:50 - 2014-08-31 13:50 - 00275960 _____ () C:\Windows\Minidump\083114-31590-01.dmp
2014-08-30 14:11 - 2014-08-30 14:11 - 00000000 ____D () C:\Users\Daddy\Documents\NeocoreGames
2014-08-29 17:10 - 2014-08-29 17:23 - 34888568 _____ (Riot Games) C:\Users\Daddy\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-08-27 00:27 - 2014-08-27 00:28 - 00000000 ____D () C:\Users\Daddy\LAN
2014-08-27 00:10 - 2014-08-27 00:11 - 00011264 ___SH () C:\Users\Daddy\Downloads\Thumbs.db
2014-08-27 00:10 - 2014-08-27 00:10 - 00010752 ___SH () C:\Users\Daddy\Desktop\Thumbs.db
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-20 00:39 - 2014-09-20 00:37 - 00068418 _____ () C:\Users\Daddy\Desktop\Addition.txt
2014-09-20 00:39 - 2014-09-20 00:36 - 00016673 _____ () C:\Users\Daddy\Desktop\FRST.txt
2014-09-20 00:39 - 2014-09-20 00:36 - 00000000 ____D () C:\FRST
2014-09-20 00:37 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-20 00:37 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-20 00:33 - 2010-01-09 00:38 - 01277012 _____ () C:\Windows\WindowsUpdate.log
2014-09-20 00:29 - 2014-05-25 22:55 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-20 00:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-20 00:29 - 2009-07-14 06:51 - 00184143 _____ () C:\Windows\setupact.log
2014-09-20 00:28 - 2014-09-20 00:21 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-09-20 00:26 - 2014-09-19 20:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-20 00:20 - 2014-09-20 00:20 - 02105856 _____ (Farbar) C:\Users\Daddy\Desktop\FRST64.exe
2014-09-20 00:11 - 2010-01-29 20:35 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8284BB31-0CBF-4504-9CF4-17F940177E7E}
2014-09-19 23:54 - 2014-09-19 23:54 - 490967222 _____ () C:\Windows\MEMORY.DMP
2014-09-19 23:54 - 2014-09-19 23:54 - 00275960 _____ () C:\Windows\Minidump\091914-22978-01.dmp
2014-09-19 23:54 - 2010-01-22 20:56 - 00000000 ____D () C:\Windows\Minidump
2014-09-19 23:51 - 2012-04-23 18:01 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000UA.job
2014-09-19 23:23 - 2014-09-19 23:23 - 00001265 _____ () C:\Users\Daddy\Desktop\Neues Textdokument.txt
2014-09-19 23:23 - 2014-05-25 22:55 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-19 22:50 - 2014-09-19 22:50 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Daddy\Desktop\tdsskiller.exe
2014-09-19 21:58 - 2014-09-19 21:58 - 00003288 ____N () C:\bootsqm.dat
2014-09-19 21:46 - 2009-07-29 07:10 - 00000000 __SHD () C:\Recovery
2014-09-19 21:09 - 2010-01-09 01:48 - 00001755 _____ () C:\Windows\system32\ServiceFilter.ini
2014-09-19 20:38 - 2014-09-19 20:38 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-19 20:38 - 2014-09-19 20:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-19 20:38 - 2014-09-19 20:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-19 20:38 - 2014-09-19 20:38 - 00000000 ____D () C:\Windows\system32\Macromed
2014-09-19 20:31 - 2014-09-19 20:31 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-09-19 16:12 - 2010-01-16 20:53 - 00000000 ____D () C:\Users\Daddy
2014-09-19 12:52 - 2012-04-23 18:41 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-18 23:12 - 2009-08-04 11:51 - 00698374 _____ () C:\Windows\system32\perfh007.dat
2014-09-18 23:12 - 2009-08-04 11:51 - 00149038 _____ () C:\Windows\system32\perfc007.dat
2014-09-18 23:12 - 2009-07-14 07:13 - 01616954 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-18 21:45 - 2014-09-18 21:45 - 12789816 _____ () C:\Users\Daddy\Downloads\Warriors-MP3.zip
2014-09-18 17:51 - 2012-04-23 18:01 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000Core.job
2014-09-17 15:10 - 2010-01-22 19:43 - 00355754 _____ () C:\Windows\PFRO.log
2014-09-16 19:17 - 2014-09-16 19:14 - 00000000 ____D () C:\Users\Daddy\Desktop\alex mod
2014-09-16 19:14 - 2014-03-15 23:43 - 00000000 ___RD () C:\Users\Daddy\Dokumente
2014-09-14 03:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-12 18:44 - 2014-02-22 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-12 18:44 - 2013-11-01 18:40 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-12 18:44 - 2012-07-14 18:30 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-12 18:38 - 2014-09-12 18:38 - 00275960 _____ () C:\Windows\Minidump\091214-19983-01.dmp
2014-09-12 14:02 - 2011-07-26 13:20 - 00000000 ____D () C:\Users\Daddy\AppData\Roaming\Skype
2014-09-12 13:55 - 2014-08-11 02:01 - 00000000 ___RD () C:\Users\Daddy\Desktop\*
2014-09-09 11:52 - 2014-09-09 11:52 - 00275960 _____ () C:\Windows\Minidump\090914-21840-01.dmp
2014-09-08 18:47 - 2014-09-07 15:06 - 00000000 ____D () C:\Users\Daddy\AppData\Roaming\Teeworlds
2014-09-07 16:04 - 2014-09-07 16:04 - 00000824 _____ () C:\Users\Daddy\Desktop\teeworlds.lnk
2014-09-05 18:21 - 2014-09-05 18:12 - 00393216 _____ () C:\Windows\system32\Ikeext.etl
2014-09-05 18:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-08-31 20:59 - 2014-05-18 10:45 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-08-31 20:59 - 2014-05-18 10:45 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-08-31 20:59 - 2014-02-22 18:21 - 00000000 ____D () C:\Users\Daddy\Downloads\Games
2014-08-31 20:59 - 2010-01-09 01:10 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-31 13:50 - 2014-08-31 13:50 - 00275960 _____ () C:\Windows\Minidump\083114-31590-01.dmp
2014-08-30 14:11 - 2014-08-30 14:11 - 00000000 ____D () C:\Users\Daddy\Documents\NeocoreGames
2014-08-30 13:58 - 2010-01-16 22:30 - 00000000 ____D () C:\Users\Daddy\Documents\My Games
2014-08-30 02:54 - 2014-05-10 17:32 - 00000000 ____D () C:\Users\Daddy\AppData\Local\Battle.net
2014-08-29 17:23 - 2014-08-29 17:10 - 34888568 _____ (Riot Games) C:\Users\Daddy\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-08-29 16:31 - 2010-07-30 00:13 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-08-29 14:11 - 2012-05-26 19:47 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-08-29 14:09 - 2014-05-10 17:32 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-27 16:35 - 2014-04-30 17:19 - 00000000 ____D () C:\Users\Daddy\AppData\Roaming\Spotify
2014-08-27 16:04 - 2014-04-30 17:20 - 00000000 ____D () C:\Users\Daddy\AppData\Local\Spotify
2014-08-27 00:28 - 2014-08-27 00:27 - 00000000 ____D () C:\Users\Daddy\LAN
2014-08-27 00:11 - 2014-08-27 00:10 - 00011264 ___SH () C:\Users\Daddy\Downloads\Thumbs.db
2014-08-27 00:10 - 2014-08-27 00:10 - 00010752 ___SH () C:\Users\Daddy\Desktop\Thumbs.db
Some content of TEMP:
====================
C:\Users\Daddy\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\Daddy\AppData\Local\Temp\AskSLib.dll
C:\Users\Daddy\AppData\Local\Temp\avgnt.exe
C:\Users\Daddy\AppData\Local\Temp\ETDUninst.dll
C:\Users\Daddy\AppData\Local\Temp\Gw2.exe
C:\Users\Daddy\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\Daddy\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\Daddy\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Daddy\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Daddy\AppData\Local\Temp\nscB8AA.exe
C:\Users\Daddy\AppData\Local\Temp\nse9714.exe
C:\Users\Daddy\AppData\Local\Temp\nseC251.exe
C:\Users\Daddy\AppData\Local\Temp\nseE648.exe
C:\Users\Daddy\AppData\Local\Temp\nseEA3F.exe
C:\Users\Daddy\AppData\Local\Temp\nshBB3A.exe
C:\Users\Daddy\AppData\Local\Temp\nsnF183.exe
C:\Users\Daddy\AppData\Local\Temp\nss595A.exe
C:\Users\Daddy\AppData\Local\Temp\nsx5C38.exe
C:\Users\Daddy\AppData\Local\Temp\nszBED7.exe
C:\Users\Daddy\AppData\Local\Temp\sonarinst.exe
C:\Users\Daddy\AppData\Local\Temp\SPSetup.exe
C:\Users\Daddy\AppData\Local\Temp\tmd_34012332.exe
C:\Users\Daddy\AppData\Local\Temp\tmd_34013515.exe
C:\Users\Daddy\AppData\Local\Temp\tmd_34014036.exe
C:\Users\Daddy\AppData\Local\Temp\tmd_34014716.exe
C:\Users\Daddy\AppData\Local\Temp\tmd_34015670.exe
C:\Users\Daddy\AppData\Local\Temp\tmp101d6250.exe
C:\Users\Daddy\AppData\Local\Temp\UpdateFlashPlayer_d67338fd.exe
C:\Users\Daddy\AppData\Local\Temp\utt7C3C.tmp.exe
C:\Users\Daddy\AppData\Local\Temp\{345C2D7F-B8B8-4156-8BA3-C36AC0B21119}.exe
C:\Users\Daddy\AppData\Local\Temp\{68CB2CC0-30D1-411C-A47A-8813A14F810E}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-16 18:29
==================== End Of Log ============================
--- --- --- Hier Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Daddy at 2014-09-20 00:39:50
Running from C:\Users\Daddy\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6425.1000 - Microsoft Corporation)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
Actualização do Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0816-0000-0000000FF1CE}_PROHYBRIDR_{CCDE3C71-5F35-477F-BA90-1A399C91C10C}) (Version: - Microsoft)
Actualização do Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0816-0000-0000000FF1CE}_PROHYBRIDR_{CF0BC77F-1B63-44BF-BCFE-3A8CBB9077D1}) (Version: - Microsoft)
Actualização do Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0816-0000-0000000FF1CE}_PROHYBRIDR_{A1A8C49E-BB40-4852-853E-B5A1F6BB2A3C}) (Version: - Microsoft)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
ÅíçìåñùìÝíç Ýêäïóç Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0408-0000-0000000FF1CE}_PROHYBRIDR_{08A4BDB3-7A63-4F59-B9FA-EE80ADE88DC2}) (Version: - Microsoft)
ÅíçìåñùìÝíç Ýêäïóç Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0408-0000-0000000FF1CE}_PROHYBRIDR_{C52A655D-F8AE-485D-908D-62CEC754B6A4}) (Version: - Microsoft)
ÅíçìåñùìÝíç Ýêäïóç Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0408-0000-0000000FF1CE}_PROHYBRIDR_{054186C0-F351-472E-84E8-D5E16FA08241}) (Version: - Microsoft)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}) (Version: 1.5.17.25482 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.7 - ASUS)
ASUS AP Bank (HKLM-x32\...\ASUS AP Bank_is1) (Version: 1.0.0.0 - ASUSTEK)
ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS)
ASUS FancyStart (HKLM-x32\...\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}) (Version: 1.0.6 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.25 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3301 - CyberLink Corp.)
ASUS Video Magic (x32 Version: 6.0.3301 - CyberLink Corp.) Hidden
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.19 - asus)
ASUS WebStorage (HKLM\...\ASUS WebStorage) (Version: 2.0.36.1260 - eCareme Technologies, Inc.)
ASUS_N_Series_Screensaver (HKLM-x32\...\ASUS_N_Series_Screensaver) (Version: - )
ATI Catalyst Install Manager (HKLM\...\{FEC0590D-D4DE-DB7C-C625-657FC30CF927}) (Version: 3.0.754.0 - ATI Technologies, Inc.)
ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0054 - ASUS)
ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0006 - ASUS)
ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0008 - ASUS)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{44181DF6-2751-48C7-B918-72F14508F127}) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.1118.1260.23275 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help English (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help French (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help German (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
ccc-core-static (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
ccc-utility64 (Version: 2009.1118.1260.23275 - ATI) Hidden
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.4 - ASUS)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink MediaShow Espresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 5.0.0526 - CyberLink Corp.)
CyberLink MediaShow Espresso (x32 Version: 5.0.0526 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3509a - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3509a - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2311 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.2311 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Darksiders (HKLM-x32\...\Steam App 50620) (Version: - Vigil Games)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version: - Vigil Games)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - Ihr Firmenname)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Express Gate (HKLM-x32\...\{B5A5627C-0173-4DB2-ADA8-740479370F67}) (Version: 1.2.13.31 - DeviceVM, Inc.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.4 - ASUS)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.43.806 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.43.806 - DVDVideoSoft Ltd.)
Frontlines: Fuel of War (HKLM-x32\...\{C711E88C-9DC2-4254-A989-D6E017844DDF}) (Version: 1.3.0 - THQ)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.115.11 - Intel)
iTNC530 (340494) (HKLM-x32\...\{4E31D9A6-245B-41A6-949D-C7B029A703D2}) (Version: - )
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 37 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.370 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version: - 4A Games)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678) (HKLM-x32\...\{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}) (Version: - Microsoft)
Microsoft Office Excel 2007 Help §ó·sµ{¦¡ (KB963678) (HKLM-x32\...\{90120000-0016-0404-0000-0000000FF1CE}_PROHYBRIDR_{15EEA099-97F0-4952-8597-88472FF062D2}) (Version: - Microsoft)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version: - Microsoft)
Microsoft Office Excel MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office IME (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office IME (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.3 (HKLM-x32\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677) (HKLM-x32\...\{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{2278E02A-AB15-4BF7-B2B4-5C0EEB4B7EEB}) (Version: - Microsoft)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version: - Microsoft)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669) (HKLM-x32\...\{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{C76C02F1-B07F-4974-876A-A18DEC9887C8}) (Version: - Microsoft)
Microsoft Office Powerpoint 2007 Help §ó·sµ{¦¡ (KB963669) (HKLM-x32\...\{90120000-0018-0404-0000-0000000FF1CE}_PROHYBRIDR_{A7688131-70CB-4945-BAFA-11053AC34D75}) (Version: - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version: - Microsoft)
Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Arabic) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Basque) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Catalan) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Galician) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Russian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Chinese (Traditional)) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Dutch) 2007 (x32 Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Greek) 2007 (x32 Version: 12.0.4518.1029 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Hebrew) 2007 (x32 Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Italian) 2007 (x32 Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Portugal)) 2007 (x32 Version: 12.0.4518.1029 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Spanish) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Greek) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Hebrew) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word 2007 Help - Aggiornamento (KB963665) (HKLM-x32\...\{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}) (Version: - Microsoft)
Microsoft Office Word 2007 Help §ó·sµ{¦¡ (KB963665) (HKLM-x32\...\{90120000-001B-0404-0000-0000000FF1CE}_PROHYBRIDR_{AD30F628-2AAE-43E0-A0D8-CDFA976E6A9E}) (Version: - Microsoft)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version: - Microsoft)
Microsoft Office Word MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mini Ninjas (HKLM-x32\...\Steam App 35000) (Version: - IO Interactive)
Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft)
Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.18.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0 - NEC Electronics Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
òãëåï òáåø îñðï ãåàø äæáì ùì Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040D-0000-0000000FF1CE}_PROHYBRIDR_{18E2D7BF-CC18-4CE8-B875-D2934B6086E2}) (Version: - Microsoft)
òãëåï òáåø îñðï ãåàø äæáì ùì Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040D-0000-0000000FF1CE}_PROHYBRIDR_{54B50AC9-2088-4F43-B39A-0F10F53D425E}) (Version: - Microsoft)
òãëåï òáåø îñðï ãåàø äæáì ùì Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040D-0000-0000000FF1CE}_PROHYBRIDR_{CAB664CE-BBA4-4A81-A358-6CC6F7852FC9}) (Version: - Microsoft)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - Robot Entertainment)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5995 - Realtek Semiconductor Corp.)
Skype™ 5.3 (HKLM-x32\...\{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}) (Version: 5.3.120 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.2600 - SRS Labs, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Incredible Adventures of Van Helsing (HKLM-x32\...\Steam App 215530) (Version: - NeocoreGames)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version: - Ubisoft Singapore)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - Runic Games)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.221 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version: - Microsoft)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version: - Microsoft)
Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.29.0 - ASUS)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.14 - ASUS)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1479915848-3698468020-625273048-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Daddy\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1479915848-3698468020-625273048-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Daddy\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {03FB7F63-5D99-48EC-9211-C4B530E13022} - System32\Tasks\{7CE09AFD-F27D-4CC6-95DF-6B78B6C0737A} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {04FDDD85-815E-4A9F-9C21-66FD7B9135FB} - System32\Tasks\{5320897F-DAD3-479F-967B-957E295E5F78} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {0E8B92FF-2344-42EC-940A-A7EAADFE2AEF} - System32\Tasks\{1AE9A9AA-F359-4C3E-866B-22EE2BD42932} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {13F69D18-EF62-4803-8651-40586B4AF5A7} - System32\Tasks\{7D0C89A6-220B-479A-9B1E-AAA3DEA304BB} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {1C88F5C9-CA1B-4280-9AFF-904574457AF7} - System32\Tasks\{49FBB1A9-7005-496A-B715-7D3962B5E024} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {24E7EF90-132F-4B78-BEFF-4D6B6ECF9D8E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {2B174B4D-076C-446E-B5F5-B04A6F260FFB} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS)
Task: {35EABD2C-7C07-479F-9063-85675E9143D8} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-09-24] ()
Task: {38D61FA6-8F8F-4193-B111-7FF1ADD77226} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {3A738DE0-C3D1-4241-AFEA-180513F73F1A} - System32\Tasks\{0D8E092B-7116-4886-BCAC-7627887EF2AA} => D:\instalProgramm\Heidenhein530\itnclaunch.EXE
Task: {3D66CA82-4A87-4BA3-9DEF-1A36F5CB9F02} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {3E68CC0A-8389-407C-B4AC-E007F7B2ED9D} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-19] (ASUS)
Task: {410ED00F-F415-47D1-89C8-6E862CA00E54} - System32\Tasks\{6D6A9425-F02A-43D6-A553-C587497647D4} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {48969814-923F-43CF-80F3-CCFCF784B12A} - System32\Tasks\{36B9F202-3088-4A3E-8B26-47D0161CA57E} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {4BBE6869-0A00-42ED-8027-28BB3F043CBA} - System32\Tasks\{607FA0ED-22CE-403C-837B-D549F42090A1} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {4CC6320B-D55F-4294-9BA5-38DD55FD365D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-25] (Google Inc.)
Task: {4D323374-00EE-4734-B9C5-B47F71926DD1} - System32\Tasks\{494EE43C-A27A-43A0-937B-5B4EA1D6E8FB} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {4D77AADB-6644-4333-884A-4C1BD8148B14} - System32\Tasks\{E8DADE2A-5473-42C6-9344-14506B5983B5} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {4D8174D8-8C48-4798-989F-E1D11AC01D19} - System32\Tasks\{2F6A8821-B72B-4910-A57E-98FD5947BC08} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {4DAADFD2-C855-43BA-9B51-57E089636DA0} - System32\Tasks\{8CED5A9F-82EB-4418-BF6E-CDE2DDD8C6A7} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {52440FE5-978C-4486-AB75-1C9C65D646B8} - System32\Tasks\{26BB7E51-C4CD-4E48-B6FA-FB511AB151C0} => D:\Games\Age of Methology\Aomx_NoCD_Loader.exe
Task: {557CF159-390C-43F6-82BF-4187958A6CBA} - System32\Tasks\{05E31DAB-50C1-41BA-8954-7B04BA17DA5C} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {59D4328B-BBF7-43F0-A6C3-8BCA27D9FDF3} - System32\Tasks\{31B41EC3-EBA4-4626-B54E-3CA65FF1C52D} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {6007466A-A073-41AA-BB76-6D26ECBCFE1D} - System32\Tasks\{D1CBAB85-EC92-4A2F-88D2-6214CF46A01F} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {64AC7B93-F5F9-4A71-A314-219580DFE7CB} - System32\Tasks\{10FE5C06-6AA8-464C-BA26-83E0FD85E4E5} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {6645F1A3-4028-4450-8C64-3D1BF9334054} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-12-18] (TuneUp Software)
Task: {693B50B5-C49C-42A1-A042-82FF3398EBFB} - System32\Tasks\{641B5D20-6881-4819-ABA0-2AF5C8EEF11C} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {6986E9B5-4985-4AD4-9CB0-B7E80BF17FC3} - System32\Tasks\{DBBBD1E3-BA6A-4163-9960-C2EEA8A6C5DE} => D:\Programm\EXSLWINX\SERVER\START.EXE
Task: {69A7F967-803D-4AB2-A263-89732B0D8C26} - System32\Tasks\{A2A5F72B-9E61-46CF-B641-388450FFDB53} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {723429FF-39A4-4FCC-83C1-A616479148F0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000UA => C:\Users\Daddy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-23] (Google Inc.)
Task: {76043709-D083-422E-9BA2-8A796852F385} - System32\Tasks\{780431C9-23E9-42B6-B10B-A70599291CBA} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {89D93805-A4D1-4663-94B9-82BF919FEDE8} - System32\Tasks\{5B90A7D2-6D0B-4799-95A1-5B6E52C7B3E2} => D:\Programm\EXSLWINX\SERVER\START.EXE
Task: {8C2FAF10-77AF-419A-8A74-3AD966CEF703} - System32\Tasks\{30B3D042-F41F-480B-B11C-ECD101665044} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {98F2A7E1-597B-4D5F-ACB2-854E962E8140} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-11-07] (ATK)
Task: {99841740-F097-4D61-9AA2-41D408664D9E} - System32\Tasks\{CEC6E2F5-3C23-408B-8FDA-34C16D2C1360} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {9C1B9D41-825A-4463-9B4A-E92FCF7A3B01} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000Core => C:\Users\Daddy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-23] (Google Inc.)
Task: {9C7C43D9-0E96-43A4-B5D5-B3AA584B9198} - System32\Tasks\{E15888B0-8F1E-401D-8144-7695B9325BB1} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {9D09A5CD-6EDE-4382-B28B-B20A143FC65C} - System32\Tasks\{AEF5FBFA-CA52-472B-97E8-FC5E6893A756} => D:\instalProgramm\Heidenhein530\itnclaunch.EXE
Task: {A1BF1D2D-CE47-44D1-8DDE-CD553F10EE05} - System32\Tasks\{C470D71A-3519-44CC-8066-96A3224D308E} => D:\instalProgramm\Heidenhein530\itnclaunch.EXE
Task: {A7E7B620-CF25-4105-B18A-150A375953AB} - System32\Tasks\{A471E529-3D65-470F-A463-15758124F143} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {A838D148-7567-4012-8743-4C1D662C41FC} - System32\Tasks\{C1AEC165-46AE-4B9C-9958-22D272FEEEBA} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {ABE662F0-C969-4F59-8AA2-B909D95D9164} - System32\Tasks\Google Updater and Installer => C:\Users\Daddy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-23] (Google Inc.)
Task: {AC8B95FD-2D22-4C72-B2A7-A77E3ECD7DDB} - System32\Tasks\{191E7276-23ED-4C67-AA4A-F9709B102C0D} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {AD1F90BA-DCBD-4966-B2DE-93E38E056838} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {BB64D2E1-448B-41C7-B8FB-0398FC9CAA75} - System32\Tasks\{0A888769-12DB-4EDC-B5CF-C7B84D527FD8} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2011-06-15] (Skype Technologies S.A.)
Task: {BFECEE00-AD3A-4442-92BA-B336336BB48D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C6C0B8E9-F5E7-43FF-B751-92AB33C7F2DE} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2009-11-12] ()
Task: {C7422ED8-20DF-4F40-A594-067CF0BB1D02} - System32\Tasks\{EAD94CDE-E99A-4441-B7C2-AA0B19937CF4} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {C88308E3-4169-4D5D-90FF-F5D2364283F6} - System32\Tasks\{3996EB8C-5DA5-485D-A362-565DF638AE5E} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {CB0ABD3C-5877-4E19-9AF2-4FB2F25CAF0D} - System32\Tasks\{6A84EC5D-5E30-4604-85AD-0EAFE37B72D8} => D:\Programm\EXSLWINX\SERVER\START.EXE
Task: {DF9DBF63-6458-48E0-BDB6-7BF35EDED54F} - System32\Tasks\P4G Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14] (Microsoft Corporation)
Task: {E05C4D93-54E1-41C4-A1A3-5D99D3F03214} - System32\Tasks\P4GIntlCtrl => C:\Program Files\P4G\IntlCtrl.exe [2009-09-23] (TODO: <Company name>)
Task: {E2AA4FCA-1D4A-4E43-814B-56125941B55F} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {E69B5094-F91A-4C39-9FF5-3F25F3B02769} - System32\Tasks\{8ED09C41-6258-4FDC-9E23-6E45C6443E07} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {E835947D-E6BE-4B23-808A-7B84619EA857} - System32\Tasks\{EB22B261-09C8-4C69-8061-4AE6DDB547A8} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {EB759989-8844-4458-A7AE-093099D2F2ED} - System32\Tasks\{B35B384D-FDDD-4B70-BB1C-E912892B2508} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {EF3022F0-A857-43AD-97DB-00C3E68E701D} - System32\Tasks\{781FFB95-89B9-4A06-A967-37A5976C7996} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {EF9EF285-EC84-434B-BC50-95865B04468F} - System32\Tasks\{EA16595C-E528-47A7-A9C3-A881B326746E} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {F2336DD4-0215-469C-AFA3-77F9C21E1313} - System32\Tasks\{757B5A5A-7444-4C4D-93BE-13B1150C89B0} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {F2D80A1C-C4FA-4E95-B6BE-8DF344F8919F} - System32\Tasks\{4568D84C-4507-4470-BA3B-3FB391088878} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {F43044BA-EF13-41E3-8C4A-42E7B72A62EE} - System32\Tasks\{3139785A-5976-4507-AA87-8D61079CFDA2} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {FEF12DE6-41FD-4FCD-B53B-54AD8E39FC7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-25] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000Core.job => C:\Users\Daddy\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000UA.job => C:\Users\Daddy\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2010-01-09 01:48 - 2007-08-08 10:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2009-09-24 23:50 - 2009-09-24 23:50 - 00053888 _____ () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
2008-10-01 09:02 - 2008-10-01 09:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2010-01-09 01:48 - 2007-11-30 21:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2009-11-27 07:29 - 2009-11-27 07:29 - 00148752 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\EcaremeDLL.dll
2010-01-09 01:22 - 2010-01-09 01:22 - 00029968 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3617.20553__0d0f4b69e50e559b\SqliteShared.dll
2010-01-09 01:22 - 2010-01-09 01:22 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2011-12-30 01:12 - 2011-05-28 23:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2009-11-12 20:10 - 2009-11-12 20:10 - 01597440 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2010-01-23 21:00 - 2013-11-01 18:46 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2009-10-23 23:40 - 2009-10-23 23:40 - 00041984 _____ () C:\Program Files\P4G\DevMng.dll
2009-09-11 22:27 - 2009-09-11 22:27 - 00029184 _____ () C:\Program Files\P4G\OvrClk.dll
2010-01-09 01:48 - 2007-03-10 04:58 - 00124416 _____ () C:\Program Files\ATKGFNEX\AGFNEX64.dll
2013-12-18 11:01 - 2013-12-18 11:01 - 00742200 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2008-10-23 20:21 - 2008-10-23 20:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-01-09 01:41 - 2010-01-09 01:41 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2009-11-03 00:20 - 2009-11-03 00:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-03 00:23 - 2009-11-03 00:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-02-22 19:22 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Daddy\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:734E442A
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:B88E99C8
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\60155534.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\70804624.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\60155534.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\70804624.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk => C:\Windows\pss\SRS Premium Sound.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
MSCONFIG\startupreg: ATKOSD2 => C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EeeStorageBackup => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe MySyncFolder
MSCONFIG\startupreg: HControlUser => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
MSCONFIG\startupreg: MDS_Menu => "C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\MediaShowEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.0"
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Setwallpaper => c:\programdata\SetWallpaper.cmd
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: UfSeAgnt.exe => "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/19/2014 10:13:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rstrui.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc50f
Name des fehlerhaften Moduls: rstrui.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc50f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001d4d9
ID des fehlerhaften Prozesses: 0x129c
Startzeit der fehlerhaften Anwendung: 0xrstrui.exe0
Pfad der fehlerhaften Anwendung: rstrui.exe1
Pfad des fehlerhaften Moduls: rstrui.exe2
Berichtskennung: rstrui.exe3
Error: (09/19/2014 10:04:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rstrui.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc50f
Name des fehlerhaften Moduls: rstrui.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc50f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001d4d9
ID des fehlerhaften Prozesses: 0x2b4
Startzeit der fehlerhaften Anwendung: 0xrstrui.exe0
Pfad der fehlerhaften Anwendung: rstrui.exe1
Pfad des fehlerhaften Moduls: rstrui.exe2
Berichtskennung: rstrui.exe3
Error: (09/19/2014 09:16:41 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{f3661b11-fca5-11de-afdc-806e6f6e6963} - 0000000000000154,0x0053c06c,00000000002B12C0,0,00000000002B02B0,4096,[0])". hr = 0x8007045d, Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden.
.
Vorgang:
Ein Vergleichsbereichvolume wird automatisch ausgewählt
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (09/19/2014 09:16:34 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{f3661b11-fca5-11de-afdc-806e6f6e6963} - 0000000000000178,0x0053c06c,00000000002AD2C0,0,00000000002AC2B0,4096,[0])". hr = 0x8007045d, Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden.
.
Vorgang:
Ein Vergleichsbereichvolume wird automatisch ausgewählt
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (09/19/2014 09:16:34 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{f3661b11-fca5-11de-afdc-806e6f6e6963} - 0000000000000144,0x0053c06c,00000000002AD2C0,0,00000000002AC2B0,4096,[0])". hr = 0x8007045d, Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden.
.
Vorgang:
Ein Vergleichsbereichvolume wird automatisch ausgewählt
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (09/19/2014 09:16:34 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{f3661b11-fca5-11de-afdc-806e6f6e6963} - 0000000000000154,0x0053c06c,00000000002AC2B0,0,00000000000EEE90,4096,[0])". hr = 0x8007045d, Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden.
.
Vorgang:
Ein Vergleichsbereichvolume wird automatisch ausgewählt
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (09/19/2014 09:16:21 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{f3661b11-fca5-11de-afdc-806e6f6e6963} - 0000000000000178,0x0053c06c,00000000002AC2B0,0,00000000000EEE90,4096,[0])". hr = 0x8007045d, Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden.
.
Vorgang:
Ein Vergleichsbereichvolume wird automatisch ausgewählt
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (09/19/2014 09:16:21 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{f3661b11-fca5-11de-afdc-806e6f6e6963} - 0000000000000144,0x0053c06c,00000000002AA2B0,0,00000000000EE690,4096,[0])". hr = 0x8007045d, Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden.
.
Vorgang:
Ein Vergleichsbereichvolume wird automatisch ausgewählt
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (09/19/2014 09:16:21 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{f3661b11-fca5-11de-afdc-806e6f6e6963} - 0000000000000154,0x0053c06c,00000000002AA2B0,0,00000000000EE690,4096,[0])". hr = 0x8007045d, Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden.
.
Vorgang:
Ein Vergleichsbereichvolume wird automatisch ausgewählt
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (09/19/2014 09:15:25 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "DeviceIoControl(\\?\Volume{f3661b11-fca5-11de-afdc-806e6f6e6963} - 0000000000000154,0x0053c06c,00000000000EEEA0,0,00000000000EDE90,4096,[0])". hr = 0x8007045d, Die Anforderung konnte wegen eines E/A-Gerätefehlers nicht ausgeführt werden.
.
Vorgang:
Ein Vergleichsbereichvolume wird automatisch ausgewählt
EndPrepareSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
System errors:
=============
Error: (09/20/2014 00:24:58 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Browser erreicht.
Error: (09/20/2014 00:05:07 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (09/20/2014 00:04:24 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 19.09.2014 um 23:55:28 unerwartet heruntergefahren.
Error: (09/19/2014 11:54:39 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000124 (0x0000000000000004, 0xfffffa8004bb3038, 0x0000000000000000, 0x0000000000000000)C:\Windows\MEMORY.DMP091914-22978-01
Error: (09/19/2014 11:54:35 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 19.09.2014 um 23:53:26 unerwartet heruntergefahren.
Error: (09/19/2014 11:20:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (09/19/2014 11:19:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 19.09.2014 um 23:18:32 unerwartet heruntergefahren.
Error: (09/19/2014 10:32:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "PnP-X-IP-Busenumerator" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (09/19/2014 10:32:06 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}
Error: (09/19/2014 10:31:00 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-05-10 21:35:19.276
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-10 21:35:19.229
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-10 21:28:51.039
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-10 21:28:50.930
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Percentage of memory in use: 32%
Total physical RAM: 4020.53 MB
Available physical RAM: 2726.9 MB
Total Pagefile: 8039.2 MB
Available Pagefile: 6354.35 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:2.2 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:334.67 GB) (Free:97.89 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 76692CA8)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=1C)
Partition 2: (Active) - (Size=116.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=334.7 GB) - (Type=OF Extended)
==================== End Of Log ============================
|
|
19.09.2014, 23:49
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Boo/Cidox.b Neues Log vom TDSS-Killer nach dem Fix?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
19.09.2014, 23:51
| #5 |
| | Boo/Cidox.b Hier waren 2 die ich kenne also Programme die auch Vorinstalliert waren. Trotzdem löschen ? C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver die beiden kenne ich, kann es sein das sich da auch Viren Rein geschlichen haben ? sind halt UnsignedFile, aber erst nachdem ich Denn Boo/Cidox.b gelöscht hatte. *Edit habs eben nochmal drüber laufen lassen und es zeigt sie mir nicht mehr als Meldung an (davor skipped gemacht), beim ersten durchlaufen waren ca. 4-5 Funde die ich dann auch gelöscht habe. *Edit2 Wahrscheinlich ist es "weg", davor hat sich immer der Internet Explorer (Benutze Chrome) Prozess geöffnet mehr Mals (6-7 stück) und ging bis zu 400.000k Arbeitsspeicher beim schließen dieser Prozesse öffneten sie sich wieder, nach einer gewissen zeit, ca.30min folgte ein Bluescreen. Code:
ATTFilter 00:53:34.0403 0x0308 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
00:53:36.0777 0x0308 ============================================================
00:53:36.0777 0x0308 Current date / time: 2014/09/20 00:53:36.0777
00:53:36.0777 0x0308 SystemInfo:
00:53:36.0777 0x0308
00:53:36.0777 0x0308 OS Version: 6.1.7600 ServicePack: 0.0
00:53:36.0778 0x0308 Product type: Workstation
00:53:36.0778 0x0308 ComputerName: DADDY-PC
00:53:36.0778 0x0308 UserName: Daddy
00:53:36.0778 0x0308 Windows directory: C:\Windows
00:53:36.0778 0x0308 System windows directory: C:\Windows
00:53:36.0778 0x0308 Running under WOW64
00:53:36.0778 0x0308 Processor architecture: Intel x64
00:53:36.0778 0x0308 Number of processors: 8
00:53:36.0778 0x0308 Page size: 0x1000
00:53:36.0778 0x0308 Boot type: Normal boot
00:53:36.0778 0x0308 ============================================================
00:53:36.0779 0x0308 BG loaded
00:53:37.0044 0x0308 System UUID: {629A7401-2B25-ED3A-3834-D3C84A959886}
00:53:37.0482 0x0308 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:53:37.0492 0x0308 ============================================================
00:53:37.0492 0x0308 \Device\Harddisk0\DR0:
00:53:37.0493 0x0308 MBR partitions:
00:53:37.0493 0x0308 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D4B178, BlocksNum 0xE8E0360
00:53:37.0524 0x0308 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1062B517, BlocksNum 0x29D5972A
00:53:37.0524 0x0308 ============================================================
00:53:37.0556 0x0308 C: <-> \Device\Harddisk0\DR0\Partition1
00:53:37.0587 0x0308 D: <-> \Device\Harddisk0\DR0\Partition2
00:53:37.0587 0x0308 ============================================================
00:53:37.0587 0x0308 Initialize success
00:53:37.0587 0x0308 ============================================================
00:53:41.0767 0x0c2c ============================================================
00:53:41.0767 0x0c2c Scan started
00:53:41.0768 0x0c2c Mode: Manual; SigCheck; TDLFS;
00:53:41.0768 0x0c2c ============================================================
00:53:41.0768 0x0c2c KSN ping started
00:53:44.0230 0x0c2c KSN ping finished: true
00:53:45.0502 0x0c2c ================ Scan system memory ========================
00:53:45.0502 0x0c2c System memory - ok
00:53:45.0502 0x0c2c ================ Scan services =============================
00:53:45.0732 0x0c2c [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
00:53:45.0789 0x0c2c 1394ohci - ok
00:53:45.0833 0x0c2c [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
00:53:45.0851 0x0c2c ACPI - ok
00:53:45.0869 0x0c2c [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
00:53:45.0883 0x0c2c AcpiPmi - ok
00:53:46.0064 0x0c2c [ FBB312C9DA3863673EC18F4AE4101778, 4E9AAE7C700E485C17FDFCC9100A79784673B006D00D4D4CE8F1DB617D25C864 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:53:46.0081 0x0c2c AdobeFlashPlayerUpdateSvc - ok
00:53:46.0152 0x0c2c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
00:53:46.0173 0x0c2c adp94xx - ok
00:53:46.0226 0x0c2c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
00:53:46.0244 0x0c2c adpahci - ok
00:53:46.0268 0x0c2c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
00:53:46.0282 0x0c2c adpu320 - ok
00:53:46.0314 0x0c2c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:53:46.0346 0x0c2c AeLookupSvc - ok
00:53:46.0404 0x0c2c [ FB2BE0BAE9B3F248080CDBF91EF16C7F, 1ED963A18E4D0531FA42832E40B038BB4B9D8EB04DA4D4FE69A4C284958A2CDD ] AFBAgent C:\Windows\system32\FBAgent.exe
00:53:46.0519 0x0c2c AFBAgent - ok
00:53:46.0585 0x0c2c [ DB9D6C6B2CD95A9CA414D045B627422E, A4A0B2ACBFE311C20EF9F06A49DBE02CE90433C2364B292F6E8F78F6C274DF88 ] AFD C:\Windows\system32\drivers\afd.sys
00:53:46.0623 0x0c2c AFD - ok
00:53:46.0647 0x0c2c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
00:53:46.0658 0x0c2c agp440 - ok
00:53:46.0681 0x0c2c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
00:53:46.0695 0x0c2c ALG - ok
00:53:46.0728 0x0c2c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
00:53:46.0738 0x0c2c aliide - ok
00:53:46.0781 0x0c2c [ 5989D711769200F0F3E145319250472B, 2740032FB3F92DAE5D5AA8D242AFAE79278E95E77F8FA236741320F4696F46FC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
00:53:46.0800 0x0c2c AMD External Events Utility - ok
00:53:46.0823 0x0c2c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
00:53:46.0834 0x0c2c amdide - ok
00:53:46.0859 0x0c2c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
00:53:46.0873 0x0c2c AmdK8 - ok
00:53:46.0884 0x0c2c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
00:53:46.0897 0x0c2c AmdPPM - ok
00:53:46.0936 0x0c2c [ EC7EBAB00A4D8448BAB68D1E49B4BEB9, 786B30C86FA7FEC6BA2569FF818044AA0F7C134693304ED0FF7BD0541F9A755F ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:53:46.0950 0x0c2c amdsata - ok
00:53:46.0991 0x0c2c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
00:53:47.0004 0x0c2c amdsbs - ok
00:53:47.0017 0x0c2c [ DB27766102C7BF7E95140A2AA81D042E, 489F812B596EA06E53D891CD05047AA17CDF752854BBD553BA65D10799AF78DF ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:53:47.0028 0x0c2c amdxata - ok
00:53:47.0075 0x0c2c [ 9C7F164B49CADC658D1B3C575782F346, 7C5FD203735041B6AEB2E551A63CE5F46DB41044BC72E7E77A72F316197C80DA ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
00:53:47.0087 0x0c2c AmUStor - ok
00:53:47.0218 0x0c2c [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
00:53:47.0235 0x0c2c AntiVirSchedulerService - ok
00:53:47.0279 0x0c2c [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
00:53:47.0294 0x0c2c AntiVirService - ok
00:53:47.0347 0x0c2c [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID C:\Windows\system32\drivers\appid.sys
00:53:47.0365 0x0c2c AppID - ok
00:53:47.0382 0x0c2c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:53:47.0413 0x0c2c AppIDSvc - ok
00:53:47.0446 0x0c2c [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo C:\Windows\System32\appinfo.dll
00:53:47.0461 0x0c2c Appinfo - ok
00:53:47.0480 0x0c2c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
00:53:47.0492 0x0c2c arc - ok
00:53:47.0524 0x0c2c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
00:53:47.0536 0x0c2c arcsas - ok
00:53:47.0608 0x0c2c [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
00:53:47.0620 0x0c2c ASLDRService - ok
00:53:47.0671 0x0c2c [ 2DB34EDD17D3A8DA7105A19C95A3DD68, 5F76C140118B181427969237E364FD70B14FA36533061FD4D8EB2F4751706739 ] ASMMAP64 C:\Program Files\ATKGFNEX\ASMMAP64.sys
00:53:47.0680 0x0c2c ASMMAP64 - ok
00:53:47.0786 0x0c2c [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:53:47.0801 0x0c2c aspnet_state - ok
00:53:47.0826 0x0c2c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:53:47.0856 0x0c2c AsyncMac - ok
00:53:47.0920 0x0c2c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
00:53:47.0931 0x0c2c atapi - ok
00:53:48.0003 0x0c2c [ 0ACC06FCF46F64ED4F11E57EE461C1F4, F2AB7198C7F7D36AB1D6D03C1FEFD929ED402002AC835B909FC14938BC0EE24B ] athr C:\Windows\system32\DRIVERS\athrx.sys
00:53:48.0102 0x0c2c athr - ok
00:53:48.0176 0x0c2c [ FB7602C5C508BE281368AAE0B61B51C6, 81FB4ABFA006974C20CA0E9FEB279A51CC4A9F0C1DA67075AA0EAD13F43B3782 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
00:53:48.0187 0x0c2c AtiHdmiService - ok
00:53:48.0425 0x0c2c [ B5FB227A09A9EC28163FA4B45487C3C7, DD290CEC3AFBB8E74F1F113A792239B009CBFCE8ED5A816AE8393164BB0535A8 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
00:53:48.0711 0x0c2c atikmdag - ok
00:53:48.0746 0x0c2c [ 7C157574A181B19B9DCF5F339E25337E, 7CA78363CD420BFE4BFE9A38683CA9E31023AC573D9092666CDAEE6AF4998B60 ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe
00:53:48.0752 0x0c2c ATKGFNEXSrv - detected UnsignedFile.Multi.Generic ( 1 )
00:53:51.0123 0x0c2c Detect skipped due to KSN trusted
00:53:51.0123 0x0c2c ATKGFNEXSrv - ok
00:53:51.0248 0x0c2c [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
00:53:51.0269 0x0c2c atksgt - ok
00:53:51.0313 0x0c2c [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:53:51.0363 0x0c2c AudioEndpointBuilder - ok
00:53:51.0402 0x0c2c [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv C:\Windows\System32\Audiosrv.dll
00:53:51.0458 0x0c2c AudioSrv - ok
00:53:51.0481 0x0c2c [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
00:53:51.0494 0x0c2c avgntflt - ok
00:53:51.0544 0x0c2c [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
00:53:51.0558 0x0c2c avipbb - ok
00:53:51.0624 0x0c2c [ 05ABC09DC0DFA5DF79A0BB39F60636B7, FEDE900D991F1FB40BA0A44E05181A6A506DC8B5F365E78E523CB6DF2CDACC15 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
00:53:51.0635 0x0c2c Avira.OE.ServiceHost - ok
00:53:51.0661 0x0c2c [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
00:53:51.0673 0x0c2c avkmgr - ok
00:53:51.0707 0x0c2c [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:53:51.0725 0x0c2c AxInstSV - ok
00:53:51.0780 0x0c2c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
00:53:51.0805 0x0c2c b06bdrv - ok
00:53:51.0842 0x0c2c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
00:53:51.0863 0x0c2c b57nd60a - ok
00:53:51.0905 0x0c2c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
00:53:51.0921 0x0c2c BDESVC - ok
00:53:51.0938 0x0c2c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
00:53:51.0969 0x0c2c Beep - ok
00:53:52.0016 0x0c2c [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE C:\Windows\System32\bfe.dll
00:53:52.0062 0x0c2c BFE - ok
00:53:52.0117 0x0c2c [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS C:\Windows\System32\qmgr.dll
00:53:52.0170 0x0c2c BITS - ok
00:53:52.0201 0x0c2c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:53:52.0217 0x0c2c blbdrive - ok
00:53:52.0269 0x0c2c [ 19D20159708E152267E53B66677A4995, 6401FA5C3EFF26BED075FEC68F868CD8D0598FDB45EA9381810615F7252F7A9A ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:53:52.0285 0x0c2c bowser - ok
00:53:52.0304 0x0c2c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
00:53:52.0321 0x0c2c BrFiltLo - ok
00:53:52.0337 0x0c2c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
00:53:52.0351 0x0c2c BrFiltUp - ok
00:53:52.0382 0x0c2c [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser C:\Windows\System32\browser.dll
00:53:52.0416 0x0c2c Browser - ok
00:53:52.0440 0x0c2c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:53:52.0461 0x0c2c Brserid - ok
00:53:52.0484 0x0c2c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:53:52.0500 0x0c2c BrSerWdm - ok
00:53:52.0517 0x0c2c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:53:52.0531 0x0c2c BrUsbMdm - ok
00:53:52.0547 0x0c2c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:53:52.0560 0x0c2c BrUsbSer - ok
00:53:52.0628 0x0c2c [ 3B6429C5B11408EF11EFEEE8C0F0682A, 2FC87B91122DC265B4CC2CFE58261DA604C89600F2683AB5294004C721127098 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
00:53:52.0647 0x0c2c BstHdAndroidSvc - ok
00:53:52.0701 0x0c2c [ 75EEDB477B68CF35D82F0654266053CE, E7A7F4E4781BE97603A0F08535D2EB247A1304B15EF7BAD748E63246AFFEFF35 ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
00:53:52.0715 0x0c2c BstHdDrv - ok
00:53:52.0740 0x0c2c [ 1DC18C9E1B4984389783E4F9DFC61AB1, 0F32EE280F5B9E0065A7AACED3D64373EC3BFC366906606A644AD0D4AD08E61C ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
00:53:52.0758 0x0c2c BstHdLogRotatorSvc - ok
00:53:52.0784 0x0c2c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
00:53:52.0800 0x0c2c BTHMODEM - ok
00:53:52.0847 0x0c2c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
00:53:52.0878 0x0c2c bthserv - ok
00:53:52.0912 0x0c2c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:53:52.0947 0x0c2c cdfs - ok
00:53:52.0986 0x0c2c [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:53:53.0005 0x0c2c cdrom - ok
00:53:53.0043 0x0c2c [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc C:\Windows\System32\certprop.dll
00:53:53.0078 0x0c2c CertPropSvc - ok
00:53:53.0111 0x0c2c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
00:53:53.0125 0x0c2c circlass - ok
00:53:53.0148 0x0c2c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
00:53:53.0167 0x0c2c CLFS - ok
00:53:53.0221 0x0c2c [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:53:53.0233 0x0c2c clr_optimization_v2.0.50727_32 - ok
00:53:53.0265 0x0c2c [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:53:53.0276 0x0c2c clr_optimization_v2.0.50727_64 - ok
00:53:53.0366 0x0c2c [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:53:53.0382 0x0c2c clr_optimization_v4.0.30319_32 - ok
00:53:53.0392 0x0c2c [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:53:53.0407 0x0c2c clr_optimization_v4.0.30319_64 - ok
00:53:53.0446 0x0c2c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:53:53.0458 0x0c2c CmBatt - ok
00:53:53.0479 0x0c2c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
00:53:53.0489 0x0c2c cmdide - ok
00:53:53.0535 0x0c2c [ 937BEB186A735ACA91D717044A49D17E, 3A2BF72670C94D1A7656289F5284F082AB089C96D451F8C5CD9D0211064D3FB1 ] CNG C:\Windows\system32\Drivers\cng.sys
00:53:53.0561 0x0c2c CNG - ok
00:53:53.0577 0x0c2c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:53:53.0588 0x0c2c Compbatt - ok
00:53:53.0613 0x0c2c [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
00:53:53.0630 0x0c2c CompositeBus - ok
00:53:53.0641 0x0c2c COMSysApp - ok
00:53:53.0654 0x0c2c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
00:53:53.0664 0x0c2c crcdisk - ok
00:53:53.0707 0x0c2c [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:53:53.0743 0x0c2c CryptSvc - ok
00:53:53.0782 0x0c2c [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:53:53.0835 0x0c2c DcomLaunch - ok
00:53:53.0877 0x0c2c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
00:53:53.0916 0x0c2c defragsvc - ok
00:53:53.0982 0x0c2c [ 9C253CE7311CA60FC11C774692A13208, 23507138576DB75AA8B7415140F7B5D8A90CB2661796223870461C721A36AEBF ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:53:53.0999 0x0c2c DfsC - ok
00:53:54.0038 0x0c2c [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp C:\Windows\system32\dhcpcore.dll
00:53:54.0061 0x0c2c Dhcp - ok
00:53:54.0093 0x0c2c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
00:53:54.0124 0x0c2c discache - ok
00:53:54.0165 0x0c2c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
00:53:54.0176 0x0c2c Disk - ok
00:53:54.0211 0x0c2c [ 85CF424C74A1D5EC33533E1DBFF9920A, 882D5FA0D5EC053D76A0C46A6047A621D607651693CF94E5506219EECCC8D079 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:53:54.0228 0x0c2c Dnscache - ok
00:53:54.0265 0x0c2c [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc C:\Windows\System32\dot3svc.dll
00:53:54.0306 0x0c2c dot3svc - ok
00:53:54.0343 0x0c2c [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS C:\Windows\system32\dps.dll
00:53:54.0381 0x0c2c DPS - ok
00:53:54.0416 0x0c2c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:53:54.0430 0x0c2c drmkaud - ok
00:53:54.0480 0x0c2c [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:53:54.0541 0x0c2c DXGKrnl - ok
00:53:54.0570 0x0c2c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
00:53:54.0603 0x0c2c EapHost - ok
00:53:54.0730 0x0c2c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
00:53:54.0840 0x0c2c ebdrv - ok
00:53:54.0878 0x0c2c [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] EFS C:\Windows\System32\lsass.exe
00:53:54.0892 0x0c2c EFS - ok
00:53:54.0968 0x0c2c [ 47C071994C3F649F23D9CD075AC9304A, B7AA2DD6AD14F18A19620F5FB79D50C630D3750E72DD67BF8D105CC4F5CE1D46 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:53:54.0997 0x0c2c ehRecvr - ok
00:53:55.0026 0x0c2c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
00:53:55.0044 0x0c2c ehSched - ok
00:53:55.0100 0x0c2c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
00:53:55.0123 0x0c2c elxstor - ok
00:53:55.0155 0x0c2c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
00:53:55.0168 0x0c2c ErrDev - ok
00:53:55.0240 0x0c2c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
00:53:55.0280 0x0c2c EventSystem - ok
00:53:55.0323 0x0c2c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
00:53:55.0361 0x0c2c exfat - ok
00:53:55.0385 0x0c2c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:53:55.0425 0x0c2c fastfat - ok
00:53:55.0488 0x0c2c [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax C:\Windows\system32\fxssvc.exe
00:53:55.0520 0x0c2c Fax - ok
00:53:55.0544 0x0c2c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
00:53:55.0555 0x0c2c fdc - ok
00:53:55.0589 0x0c2c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
00:53:55.0621 0x0c2c fdPHost - ok
00:53:55.0635 0x0c2c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
00:53:55.0669 0x0c2c FDResPub - ok
00:53:55.0702 0x0c2c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:53:55.0715 0x0c2c FileInfo - ok
00:53:55.0731 0x0c2c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:53:55.0817 0x0c2c Filetrace - ok
00:53:55.0840 0x0c2c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
00:53:55.0874 0x0c2c flpydisk - ok
00:53:55.0929 0x0c2c [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:53:55.0969 0x0c2c FltMgr - ok
00:53:56.0054 0x0c2c [ CB5E4B9C319E3C6BB363EB7E58A4A051, C9DCF2C2A6AFE0A0F3E23A265843D0C423C08B2E54702C5B389CF293D9A6BAC5 ] FontCache C:\Windows\system32\FntCache.dll
00:53:56.0117 0x0c2c FontCache - ok
00:53:56.0166 0x0c2c [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:53:56.0178 0x0c2c FontCache3.0.0.0 - ok
00:53:56.0191 0x0c2c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:53:56.0208 0x0c2c FsDepends - ok
00:53:56.0273 0x0c2c [ 8DE1B4F579F8F8897409856F3BB7A7D2, F6F6B2450951E875C3C236F7798F960FD4433EE6B0C57132CB3D32126BEE34E0 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
00:53:56.0292 0x0c2c fssfltr - ok
00:53:56.0397 0x0c2c [ 7B4C82899A967A7EB22DAB502770AE8E, 209FB59669070FCAAACB24B0CE81C375362BF1C519B15FDB5AA3EC2C87E2069B ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
00:53:56.0484 0x0c2c fsssvc - ok
00:53:56.0521 0x0c2c [ D3E3F93D67821A2DB2B3D9FAC2DC2064, 727FAA7E15A20ED3A37668D294ABDE6EAF1C87C34EE283C99EE3303E85001404 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:53:56.0541 0x0c2c Fs_Rec - ok
00:53:56.0579 0x0c2c [ AE87BA80D0EC3B57126ED2CDC15B24ED, 7E0EA3CDB78054D9A4E3B5142305943F2914536D80B8FC363414C8838D51D56C ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:53:56.0602 0x0c2c fvevol - ok
00:53:56.0643 0x0c2c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
00:53:56.0655 0x0c2c gagp30kx - ok
00:53:56.0703 0x0c2c [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc C:\Windows\System32\gpsvc.dll
00:53:56.0756 0x0c2c gpsvc - ok
00:53:56.0841 0x0c2c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:53:56.0852 0x0c2c gupdate - ok
00:53:56.0896 0x0c2c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:53:56.0905 0x0c2c gupdatem - ok
00:53:56.0934 0x0c2c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:53:56.0947 0x0c2c hcw85cir - ok
00:53:56.0983 0x0c2c [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:53:57.0007 0x0c2c HdAudAddService - ok
00:53:57.0033 0x0c2c [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
00:53:57.0051 0x0c2c HDAudBus - ok
00:53:57.0069 0x0c2c [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
00:53:57.0079 0x0c2c HECIx64 - ok
00:53:57.0095 0x0c2c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
00:53:57.0110 0x0c2c HidBatt - ok
00:53:57.0122 0x0c2c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
00:53:57.0140 0x0c2c HidBth - ok
00:53:57.0164 0x0c2c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
00:53:57.0180 0x0c2c HidIr - ok
00:53:57.0208 0x0c2c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
00:53:57.0241 0x0c2c hidserv - ok
00:53:57.0290 0x0c2c [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
00:53:57.0304 0x0c2c HidUsb - ok
00:53:57.0335 0x0c2c [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc C:\Windows\system32\kmsvc.dll
00:53:57.0369 0x0c2c hkmsvc - ok
00:53:57.0395 0x0c2c [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:53:57.0414 0x0c2c HomeGroupListener - ok
00:53:57.0439 0x0c2c [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:53:57.0457 0x0c2c HomeGroupProvider - ok
00:53:57.0502 0x0c2c [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
00:53:57.0514 0x0c2c HpSAMD - ok
00:53:57.0567 0x0c2c [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:53:57.0634 0x0c2c HTTP - ok
00:53:57.0652 0x0c2c [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:53:57.0661 0x0c2c hwpolicy - ok
00:53:57.0688 0x0c2c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
00:53:57.0705 0x0c2c i8042prt - ok
00:53:57.0730 0x0c2c [ BBB3B6DF1ABB0FE35802EDE85CC1C011, 6E1FA8519A7D417969244E807D2863B39656169A925966045036A989A5EB611D ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
00:53:57.0748 0x0c2c iaStor - ok
00:53:57.0783 0x0c2c [ B75E45C564E944A2657167D197AB29DA, 622EA73F4D9CAE17628C18148FB241817A0AE6D80A74B099204ED27C1A750B24 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:53:57.0802 0x0c2c iaStorV - ok
00:53:57.0871 0x0c2c [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:53:57.0898 0x0c2c idsvc - ok
00:53:57.0934 0x0c2c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
00:53:57.0949 0x0c2c iirsp - ok
00:53:58.0042 0x0c2c [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT C:\Windows\System32\ikeext.dll
00:53:58.0111 0x0c2c IKEEXT - ok
00:53:58.0231 0x0c2c [ DCF6AFBA140AF3F880A427C2656BE44D, 8D97B9E5B35106BA74253F3DCC5672F08C7112F56E2BA882A3BBB0D7102F965C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
00:53:58.0349 0x0c2c IntcAzAudAddService - ok
00:53:58.0386 0x0c2c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
00:53:58.0399 0x0c2c intelide - ok
00:53:58.0422 0x0c2c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:53:58.0438 0x0c2c intelppm - ok
00:53:58.0501 0x0c2c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:53:58.0545 0x0c2c IPBusEnum - ok
00:53:58.0573 0x0c2c [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:53:58.0615 0x0c2c IpFilterDriver - ok
00:53:58.0678 0x0c2c [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:53:58.0740 0x0c2c iphlpsvc - ok
00:53:58.0792 0x0c2c [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
00:53:58.0808 0x0c2c IPMIDRV - ok
00:53:58.0828 0x0c2c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:53:58.0873 0x0c2c IPNAT - ok
00:53:58.0916 0x0c2c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:53:58.0937 0x0c2c IRENUM - ok
00:53:58.0949 0x0c2c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
00:53:58.0959 0x0c2c isapnp - ok
00:53:58.0977 0x0c2c [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
00:53:58.0991 0x0c2c iScsiPrt - ok
00:53:59.0020 0x0c2c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:53:59.0033 0x0c2c kbdclass - ok
00:53:59.0050 0x0c2c [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
00:53:59.0064 0x0c2c kbdhid - ok
00:53:59.0096 0x0c2c [ E63EF8C3271D014F14E2469CE75FECB4, 3A8DFA4B446AFDC35F01FD5218D0BEBC510A1E3DE9976210F00D19767D0F9069 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
00:53:59.0105 0x0c2c kbfiltr - ok
00:53:59.0137 0x0c2c [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] KeyIso C:\Windows\system32\lsass.exe
00:53:59.0150 0x0c2c KeyIso - ok
00:53:59.0167 0x0c2c [ 16C1B906FC5EAD84769F90B736B6BF0E, 2FD11B1A6C208CBA4FB97DB2E48B9A487C7649B1FCF5F761B2A0E4D6A02E61EC ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:53:59.0179 0x0c2c KSecDD - ok
00:53:59.0204 0x0c2c [ 0B711550C56444879D71C7DAABDA6C83, A598E0817B0B943457068AD196FD5C9DB9C4135C9901B9B6EAFD1D3B3F4F0E2F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:53:59.0217 0x0c2c KSecPkg - ok
00:53:59.0247 0x0c2c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
00:53:59.0280 0x0c2c ksthunk - ok
00:53:59.0317 0x0c2c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
00:53:59.0357 0x0c2c KtmRm - ok
00:53:59.0392 0x0c2c [ B4A3A05B0F9C81D098B96AB6AA915042, 76A63A00926E8ADE44994CEE282B086A2F5573430874AC60A6CFE0F80D5CCE9A ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
00:53:59.0406 0x0c2c L1C - ok
00:53:59.0447 0x0c2c [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer C:\Windows\system32\srvsvc.dll
00:53:59.0467 0x0c2c LanmanServer - ok
00:53:59.0486 0x0c2c [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:53:59.0520 0x0c2c LanmanWorkstation - ok
00:53:59.0591 0x0c2c [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
00:53:59.0602 0x0c2c lirsgt - ok
00:53:59.0625 0x0c2c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:53:59.0658 0x0c2c lltdio - ok
00:53:59.0675 0x0c2c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:53:59.0711 0x0c2c lltdsvc - ok
00:53:59.0738 0x0c2c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:53:59.0768 0x0c2c lmhosts - ok
00:53:59.0793 0x0c2c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
00:53:59.0808 0x0c2c LSI_FC - ok
00:53:59.0821 0x0c2c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
00:53:59.0833 0x0c2c LSI_SAS - ok
00:53:59.0851 0x0c2c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
00:53:59.0863 0x0c2c LSI_SAS2 - ok
00:53:59.0900 0x0c2c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
00:53:59.0913 0x0c2c LSI_SCSI - ok
00:53:59.0930 0x0c2c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
00:53:59.0967 0x0c2c luafv - ok
00:53:59.0985 0x0c2c [ 085435AE1A124361304044029B5CC644, FEEDB68A3A31B31DD2550591E220A25FCAA8EF1A4BC87EA2750E73E2BE56848D ] lullaby C:\Windows\system32\DRIVERS\lullaby.sys
00:53:59.0995 0x0c2c lullaby - ok
00:54:00.0022 0x0c2c [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:54:00.0038 0x0c2c Mcx2Svc - ok
00:54:00.0059 0x0c2c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
00:54:00.0073 0x0c2c megasas - ok
00:54:00.0116 0x0c2c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
00:54:00.0134 0x0c2c MegaSR - ok
00:54:00.0176 0x0c2c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
00:54:00.0208 0x0c2c MMCSS - ok
00:54:00.0249 0x0c2c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
00:54:00.0280 0x0c2c Modem - ok
00:54:00.0295 0x0c2c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:54:00.0308 0x0c2c monitor - ok
00:54:00.0329 0x0c2c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:54:00.0340 0x0c2c mouclass - ok
00:54:00.0347 0x0c2c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:54:00.0359 0x0c2c mouhid - ok
00:54:00.0382 0x0c2c [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:54:00.0394 0x0c2c mountmgr - ok
00:54:00.0486 0x0c2c [ F60E017313E0F1EEB21D87C434CF538D, 5418A716AD23E21FFF7CDACD0C4EF2CD7F1D45E391E72196B4D036DBF9E9559C ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:54:00.0498 0x0c2c MozillaMaintenance - ok
00:54:00.0523 0x0c2c [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
00:54:00.0536 0x0c2c mpio - ok
00:54:00.0564 0x0c2c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:54:00.0600 0x0c2c mpsdrv - ok
00:54:00.0660 0x0c2c [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc C:\Windows\system32\mpssvc.dll
00:54:00.0711 0x0c2c MpsSvc - ok
00:54:00.0738 0x0c2c [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:54:00.0757 0x0c2c MRxDAV - ok
00:54:00.0793 0x0c2c [ 040D62A9D8AD28922632137ACDD984F2, D9457BDA88C2E3AA4E716C0657B77A4A3E212328CDABD5C18279B6440E1C1594 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:54:00.0812 0x0c2c mrxsmb - ok
00:54:00.0844 0x0c2c [ F0067552F8F9B33D7C59403AB808A3CB, 698B63528E1943BB4253BF7578DC128AA824C71BD04FF0521277E68B20656C02 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:54:00.0868 0x0c2c mrxsmb10 - ok
00:54:00.0878 0x0c2c [ 3C142D31DE9F2F193218A53FE2632051, 026B3A932A95D5160B64E470FC414F3D388D429317D5EAEA2D476F715C4CAE75 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:54:00.0895 0x0c2c mrxsmb20 - ok
00:54:00.0920 0x0c2c [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
00:54:00.0930 0x0c2c msahci - ok
00:54:00.0945 0x0c2c [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
00:54:00.0958 0x0c2c msdsm - ok
00:54:00.0977 0x0c2c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
00:54:00.0994 0x0c2c MSDTC - ok
00:54:01.0006 0x0c2c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:54:01.0037 0x0c2c Msfs - ok
00:54:01.0050 0x0c2c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:54:01.0086 0x0c2c mshidkmdf - ok
00:54:01.0091 0x0c2c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
00:54:01.0103 0x0c2c msisadrv - ok
00:54:01.0133 0x0c2c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:54:01.0167 0x0c2c MSiSCSI - ok
00:54:01.0170 0x0c2c msiserver - ok
00:54:01.0201 0x0c2c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:54:01.0235 0x0c2c MSKSSRV - ok
00:54:01.0250 0x0c2c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:54:01.0280 0x0c2c MSPCLOCK - ok
00:54:01.0293 0x0c2c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:54:01.0323 0x0c2c MSPQM - ok
00:54:01.0345 0x0c2c [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:54:01.0362 0x0c2c MsRPC - ok
00:54:01.0377 0x0c2c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
00:54:01.0387 0x0c2c mssmbios - ok
00:54:01.0391 0x0c2c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:54:01.0423 0x0c2c MSTEE - ok
00:54:01.0438 0x0c2c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
00:54:01.0449 0x0c2c MTConfig - ok
00:54:01.0491 0x0c2c [ 032D35C996F21D19A205A7C8F0B76F3C, 1A1C5BD7204BB937A05E201BCC0840B2C8E4B273D8E1D6D9407264FB4C57F014 ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
00:54:01.0500 0x0c2c MTsensor - ok
00:54:01.0509 0x0c2c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
00:54:01.0520 0x0c2c Mup - ok
00:54:01.0555 0x0c2c [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent C:\Windows\system32\qagentRT.dll
00:54:01.0598 0x0c2c napagent - ok
00:54:01.0647 0x0c2c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:54:01.0673 0x0c2c NativeWifiP - ok
00:54:01.0722 0x0c2c [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS C:\Windows\system32\drivers\ndis.sys
00:54:01.0753 0x0c2c NDIS - ok
00:54:01.0767 0x0c2c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:54:01.0800 0x0c2c NdisCap - ok
00:54:01.0815 0x0c2c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:54:01.0851 0x0c2c NdisTapi - ok
00:54:01.0868 0x0c2c [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:54:01.0909 0x0c2c Ndisuio - ok
00:54:01.0930 0x0c2c [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:54:01.0972 0x0c2c NdisWan - ok
00:54:02.0004 0x0c2c [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:54:02.0040 0x0c2c NDProxy - ok
00:54:02.0055 0x0c2c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:54:02.0091 0x0c2c NetBIOS - ok
00:54:02.0114 0x0c2c [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:54:02.0153 0x0c2c NetBT - ok
00:54:02.0185 0x0c2c [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] Netlogon C:\Windows\system32\lsass.exe
00:54:02.0196 0x0c2c Netlogon - ok
00:54:02.0228 0x0c2c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
00:54:02.0268 0x0c2c Netman - ok
00:54:02.0311 0x0c2c [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:54:02.0325 0x0c2c NetMsmqActivator - ok
00:54:02.0344 0x0c2c [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:54:02.0358 0x0c2c NetPipeActivator - ok
00:54:02.0386 0x0c2c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
00:54:02.0427 0x0c2c netprofm - ok
00:54:02.0509 0x0c2c [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:54:02.0524 0x0c2c NetTcpActivator - ok
00:54:02.0542 0x0c2c [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:54:02.0556 0x0c2c NetTcpPortSharing - ok
00:54:02.0590 0x0c2c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
00:54:02.0601 0x0c2c nfrd960 - ok
00:54:02.0629 0x0c2c [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc C:\Windows\System32\nlasvc.dll
00:54:02.0666 0x0c2c NlaSvc - ok
00:54:02.0683 0x0c2c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:54:02.0718 0x0c2c Npfs - ok
00:54:02.0739 0x0c2c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
00:54:02.0772 0x0c2c nsi - ok
00:54:02.0785 0x0c2c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:54:02.0819 0x0c2c nsiproxy - ok
00:54:02.0904 0x0c2c [ 378E0E0DFEA67D98AE6EA53ADBBD76BC, 2A78A36A729B271FE54A54E507EBC9AD9B9D764DBCB58AC3CBB8FC76D0075391 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:54:02.0960 0x0c2c Ntfs - ok
00:54:02.0986 0x0c2c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
00:54:03.0018 0x0c2c Null - ok
00:54:03.0052 0x0c2c [ 785298579B5F9B4032152DFBB992FDB6, 873346A9B2C71C4F3F8B9C6B6AF34AD3675D029DAEA93876350ACBCEE19145D5 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
00:54:03.0065 0x0c2c nusb3hub - ok
00:54:03.0081 0x0c2c [ DF2750481B4964814467C974F2B0EEF1, 573FE5B5867C207355F0D6BBAE744EC5D2539F02DDC25E1470AE2D1E00954C3C ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
00:54:03.0098 0x0c2c nusb3xhc - ok
00:54:03.0122 0x0c2c [ A4D9C9A608A97F59307C2F2600EDC6A4, D786F4CA2D10BAC31CE14A338C442F7027D4BB2E955AB99BC44C2F241D383BBE ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:54:03.0135 0x0c2c nvraid - ok
00:54:03.0175 0x0c2c [ 6C1D5F70E7A6A3FD1C90D840EDC048B9, 8D5337742A0F5B04D636C163CE77D4A9B3684CF81170026912A402513B44BA77 ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:54:03.0190 0x0c2c nvstor - ok
00:54:03.0204 0x0c2c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
00:54:03.0217 0x0c2c nv_agp - ok
00:54:03.0293 0x0c2c [ 1F0E05DFF4F5A833168E49BE1256F002, A858267572033C185293B0FD15B2BFDA679D0771A14C0ADF24461B529DBAD8DF ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:54:03.0311 0x0c2c odserv - ok
00:54:03.0380 0x0c2c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
00:54:03.0394 0x0c2c ohci1394 - ok
00:54:03.0448 0x0c2c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:54:03.0459 0x0c2c ose - ok
00:54:03.0505 0x0c2c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:54:03.0529 0x0c2c p2pimsvc - ok
00:54:03.0567 0x0c2c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
00:54:03.0595 0x0c2c p2psvc - ok
00:54:03.0622 0x0c2c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
00:54:03.0639 0x0c2c Parport - ok
00:54:03.0654 0x0c2c [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:54:03.0668 0x0c2c partmgr - ok
00:54:03.0684 0x0c2c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
00:54:03.0708 0x0c2c PcaSvc - ok
00:54:03.0717 0x0c2c [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci C:\Windows\system32\DRIVERS\pci.sys
00:54:03.0734 0x0c2c pci - ok
00:54:03.0760 0x0c2c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
00:54:03.0773 0x0c2c pciide - ok
00:54:03.0802 0x0c2c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
00:54:03.0820 0x0c2c pcmcia - ok
00:54:03.0826 0x0c2c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
00:54:03.0841 0x0c2c pcw - ok
00:54:03.0892 0x0c2c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:54:03.0967 0x0c2c PEAUTH - ok
00:54:04.0172 0x0c2c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:54:04.0185 0x0c2c PerfHost - ok
00:54:04.0256 0x0c2c [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla C:\Windows\system32\pla.dll
00:54:04.0328 0x0c2c pla - ok
00:54:04.0387 0x0c2c [ 98B1721B8718164293B9701B98C52D77, 27F5F00D4AA394D4D8D0A0062EDC3F944B603E07CAAEDC5CC959BA1E8C208C2A ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:54:04.0411 0x0c2c PlugPlay - ok
00:54:04.0472 0x0c2c PnkBstrA - ok
00:54:04.0484 0x0c2c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:54:04.0498 0x0c2c PNRPAutoReg - ok
00:54:04.0528 0x0c2c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:54:04.0549 0x0c2c PNRPsvc - ok
00:54:04.0589 0x0c2c [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:54:04.0631 0x0c2c PolicyAgent - ok
00:54:04.0665 0x0c2c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
00:54:04.0699 0x0c2c Power - ok
00:54:04.0726 0x0c2c [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:54:04.0762 0x0c2c PptpMiniport - ok
00:54:04.0807 0x0c2c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
00:54:04.0821 0x0c2c Processor - ok
00:54:04.0850 0x0c2c [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc C:\Windows\system32\profsvc.dll
00:54:04.0887 0x0c2c ProfSvc - ok
00:54:04.0903 0x0c2c [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] ProtectedStorage C:\Windows\system32\lsass.exe
00:54:04.0916 0x0c2c ProtectedStorage - ok
00:54:04.0942 0x0c2c [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:54:04.0975 0x0c2c Psched - ok
00:54:05.0054 0x0c2c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
00:54:05.0098 0x0c2c ql2300 - ok
00:54:05.0112 0x0c2c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
00:54:05.0127 0x0c2c ql40xx - ok
00:54:05.0160 0x0c2c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
00:54:05.0181 0x0c2c QWAVE - ok
00:54:05.0198 0x0c2c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:54:05.0213 0x0c2c QWAVEdrv - ok
00:54:05.0232 0x0c2c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:54:05.0264 0x0c2c RasAcd - ok
00:54:05.0302 0x0c2c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:54:05.0337 0x0c2c RasAgileVpn - ok
00:54:05.0378 0x0c2c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
00:54:05.0411 0x0c2c RasAuto - ok
00:54:05.0438 0x0c2c [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:54:05.0472 0x0c2c Rasl2tp - ok
00:54:05.0524 0x0c2c [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan C:\Windows\System32\rasmans.dll
00:54:05.0563 0x0c2c RasMan - ok
00:54:05.0570 0x0c2c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:54:05.0603 0x0c2c RasPppoe - ok
00:54:05.0629 0x0c2c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:54:05.0662 0x0c2c RasSstp - ok
00:54:05.0687 0x0c2c [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:54:05.0728 0x0c2c rdbss - ok
00:54:05.0742 0x0c2c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
00:54:05.0757 0x0c2c rdpbus - ok
00:54:05.0786 0x0c2c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:54:05.0816 0x0c2c RDPCDD - ok
00:54:05.0822 0x0c2c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:54:05.0851 0x0c2c RDPENCDD - ok
00:54:05.0857 0x0c2c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:54:05.0889 0x0c2c RDPREFMP - ok
00:54:05.0942 0x0c2c [ 074AC702D8B8B660B0E1371555995386, 4D038797AF891BB6FE4503178C3A9C918620FEA80AFB36083B836B2547271952 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:54:05.0960 0x0c2c RDPWD - ok
00:54:05.0986 0x0c2c [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:54:06.0000 0x0c2c rdyboost - ok
00:54:06.0025 0x0c2c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:54:06.0057 0x0c2c RemoteAccess - ok
00:54:06.0091 0x0c2c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:54:06.0125 0x0c2c RemoteRegistry - ok
00:54:06.0147 0x0c2c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:54:06.0178 0x0c2c RpcEptMapper - ok
00:54:06.0193 0x0c2c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
00:54:06.0204 0x0c2c RpcLocator - ok
00:54:06.0228 0x0c2c [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs C:\Windows\system32\rpcss.dll
00:54:06.0269 0x0c2c RpcSs - ok
00:54:06.0300 0x0c2c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:54:06.0331 0x0c2c rspndr - ok
00:54:06.0357 0x0c2c [ 483C537E69FA97C77F7FE0E2E1C1F102, B5DCC1C669126C558057B328F86071F35B2FF55A0C595A05FC16F2E893BA48E4 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
00:54:06.0417 0x0c2c RTHDMIAzAudService - ok
00:54:06.0434 0x0c2c [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] SamSs C:\Windows\system32\lsass.exe
00:54:06.0447 0x0c2c SamSs - ok
00:54:06.0464 0x0c2c [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
00:54:06.0477 0x0c2c sbp2port - ok
00:54:06.0510 0x0c2c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:54:06.0551 0x0c2c SCardSvr - ok
00:54:06.0584 0x0c2c [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:54:06.0617 0x0c2c scfilter - ok
00:54:06.0680 0x0c2c [ 624D0F5FF99428BB90A5B8A4123E918E, 90A43E6F09B56CB86A3E3851F8E5ABB74905AEB70296F4B87BEDBC3027E65E86 ] Schedule C:\Windows\system32\schedsvc.dll
00:54:06.0721 0x0c2c Schedule - ok
00:54:06.0755 0x0c2c [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc C:\Windows\System32\certprop.dll
00:54:06.0789 0x0c2c SCPolicySvc - ok
00:54:06.0818 0x0c2c [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:54:06.0836 0x0c2c SDRSVC - ok
00:54:06.0856 0x0c2c [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon C:\Windows\system32\seclogon.dll
00:54:06.0889 0x0c2c seclogon - ok
00:54:06.0904 0x0c2c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
00:54:06.0941 0x0c2c SENS - ok
00:54:06.0960 0x0c2c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:54:06.0972 0x0c2c SensrSvc - ok
00:54:07.0002 0x0c2c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
00:54:07.0016 0x0c2c Serenum - ok
00:54:07.0035 0x0c2c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
00:54:07.0051 0x0c2c Serial - ok
00:54:07.0070 0x0c2c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
00:54:07.0083 0x0c2c sermouse - ok
00:54:07.0123 0x0c2c [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv C:\Windows\system32\sessenv.dll
00:54:07.0156 0x0c2c SessionEnv - ok
00:54:07.0171 0x0c2c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
00:54:07.0186 0x0c2c sffdisk - ok
00:54:07.0203 0x0c2c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
00:54:07.0218 0x0c2c sffp_mmc - ok
00:54:07.0230 0x0c2c [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
00:54:07.0244 0x0c2c sffp_sd - ok
00:54:07.0270 0x0c2c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
00:54:07.0283 0x0c2c sfloppy - ok
00:54:07.0338 0x0c2c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:54:07.0376 0x0c2c SharedAccess - ok
00:54:07.0412 0x0c2c [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:54:07.0438 0x0c2c ShellHWDetection - ok
00:54:07.0467 0x0c2c [ 1BC348CF6BAA90EC8E533EF6E6A69933, 2B26F6EB701F48E092DED6A7B888F24736F2899EE81D54DD4B1E9DF7CFD36E7A ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
00:54:07.0481 0x0c2c SiSGbeLH - ok
00:54:07.0503 0x0c2c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
00:54:07.0514 0x0c2c SiSRaid2 - ok
00:54:07.0534 0x0c2c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
00:54:07.0547 0x0c2c SiSRaid4 - ok
00:54:07.0565 0x0c2c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:54:07.0598 0x0c2c Smb - ok
00:54:07.0649 0x0c2c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:54:07.0662 0x0c2c SNMPTRAP - ok
00:54:07.0753 0x0c2c [ 2114518E55B380A3ACC28B2C27FD499A, 5EB378ECE4AD1E1C843CF21D46A5A3DE85CB8BBF1DF7292D54200F4ECFAE301A ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
00:54:07.0840 0x0c2c SNP2UVC - ok
00:54:07.0853 0x0c2c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
00:54:07.0864 0x0c2c spldr - ok
00:54:07.0910 0x0c2c [ F8E1FA03CB70D54A9892AC88B91D1E7B, 55EECAAD4C7EC0868BE937F4ADDA026AFDFCC614E94DE4B3248BFF2BE7FF13E8 ] Spooler C:\Windows\System32\spoolsv.exe
00:54:07.0937 0x0c2c Spooler - ok
00:54:08.0092 0x0c2c [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc C:\Windows\system32\sppsvc.exe
00:54:08.0195 0x0c2c sppsvc - ok
00:54:08.0276 0x0c2c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:54:08.0308 0x0c2c sppuinotify - ok
00:54:08.0342 0x0c2c [ 2408C0366D96BCDF63E8F1C78E4A29C5, 66F646890695B5D80536E88B1566C8765D89CFE25954ED650F6D773EFF045016 ] srv C:\Windows\system32\DRIVERS\srv.sys
00:54:08.0378 0x0c2c srv - ok
00:54:08.0393 0x0c2c [ 76548F7B818881B47D8D1AE1BE9C11F8, 8F1356B07A6A55746FC71B6DB0322128941AE890850196F2B19BC01E6FC9B41C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:54:08.0428 0x0c2c srv2 - ok
00:54:08.0449 0x0c2c [ 0AF6E19D39C70844C5CAA8FB0183C36E, 4494EEFDEA7198888D32E74727E5BC0AC628FFA70B1FE7EB59DBEEDC1A95D0DD ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:54:08.0467 0x0c2c srvnet - ok
00:54:08.0486 0x0c2c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:54:08.0521 0x0c2c SSDPSRV - ok
00:54:08.0532 0x0c2c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:54:08.0564 0x0c2c SstpSvc - ok
00:54:08.0625 0x0c2c [ 7E815DDD79CC73A02A33DF11FABE4E1E, A05A85CDB0CB0AA1AAC93AA801C39242BFE59082E2BC580F04EBFA71B5B61F07 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
00:54:08.0650 0x0c2c Steam Client Service - ok
00:54:08.0684 0x0c2c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
00:54:08.0695 0x0c2c stexstor - ok
00:54:08.0742 0x0c2c [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc C:\Windows\System32\wiaservc.dll
00:54:08.0788 0x0c2c stisvc - ok
00:54:08.0797 0x0c2c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
00:54:08.0807 0x0c2c swenum - ok
00:54:08.0841 0x0c2c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
00:54:08.0884 0x0c2c swprv - ok
00:54:08.0952 0x0c2c [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain C:\Windows\system32\sysmain.dll
00:54:09.0015 0x0c2c SysMain - ok
00:54:09.0034 0x0c2c [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:54:09.0053 0x0c2c TabletInputService - ok
00:54:09.0070 0x0c2c [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv C:\Windows\System32\tapisrv.dll
00:54:09.0108 0x0c2c TapiSrv - ok
00:54:09.0119 0x0c2c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
00:54:09.0150 0x0c2c TBS - ok
00:54:09.0249 0x0c2c [ F18F56EFC0BFB9C87BA01C37B27F4DA5, 868EF8102EAB18E5EEC4B3032392BB4559B442A489026381F86875193325F63C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:54:09.0306 0x0c2c Tcpip - ok
00:54:09.0394 0x0c2c [ F18F56EFC0BFB9C87BA01C37B27F4DA5, 868EF8102EAB18E5EEC4B3032392BB4559B442A489026381F86875193325F63C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:54:09.0447 0x0c2c TCPIP6 - ok
00:54:09.0472 0x0c2c [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:54:09.0503 0x0c2c tcpipreg - ok
00:54:09.0519 0x0c2c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:54:09.0529 0x0c2c TDPIPE - ok
00:54:09.0555 0x0c2c [ 7518F7BCFD4B308ABC9192BACAF6C970, CF08E547EF4059DA3F5A2FCBA98939E84092BB6E0E37F9BBCD1E4D9EBB8A58BB ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:54:09.0567 0x0c2c TDTCP - ok
00:54:09.0586 0x0c2c [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:54:09.0618 0x0c2c tdx - ok
00:54:09.0631 0x0c2c [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
00:54:09.0644 0x0c2c TermDD - ok
00:54:09.0693 0x0c2c [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService C:\Windows\System32\termsrv.dll
00:54:09.0743 0x0c2c TermService - ok
00:54:09.0761 0x0c2c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
00:54:09.0779 0x0c2c Themes - ok
00:54:09.0805 0x0c2c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
00:54:09.0836 0x0c2c THREADORDER - ok
00:54:09.0889 0x0c2c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
00:54:09.0925 0x0c2c TrkWks - ok
00:54:09.0967 0x0c2c [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:54:09.0989 0x0c2c TrustedInstaller - ok
00:54:10.0010 0x0c2c [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:54:10.0049 0x0c2c tssecsrv - ok
00:54:10.0212 0x0c2c [ CDAD7034AF9562835F29FB50A5F54832, CEBEAAF387A6B6A7CE20839E29988F47A7CD381BEDD8B127ECD5E0548BCC68FA ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
00:54:10.0280 0x0c2c TuneUp.UtilitiesSvc - ok
00:54:10.0343 0x0c2c [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
00:54:10.0352 0x0c2c TuneUpUtilitiesDrv - ok
00:54:10.0407 0x0c2c [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:54:10.0442 0x0c2c tunnel - ok
00:54:10.0460 0x0c2c [ C45A3E051C65106A28982CAED125F855, 9164708ABC6B1BA804B8297AA4EEBC65C4BDD4D399AD6CBAB9C66BB7AA9020E8 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
00:54:10.0470 0x0c2c TurboB - ok
00:54:10.0607 0x0c2c [ BAEF86EBEAECE76573FA822DEA256F6C, B845AB0AACCCF4C2D4A8DD152C57C52416C5938FB3FEB670DB5434FA95620F3B ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
00:54:10.0618 0x0c2c TurboBoost - ok
00:54:10.0647 0x0c2c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
00:54:10.0659 0x0c2c uagp35 - ok
00:54:10.0710 0x0c2c [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:54:10.0748 0x0c2c udfs - ok
00:54:10.0779 0x0c2c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:54:10.0794 0x0c2c UI0Detect - ok
00:54:10.0855 0x0c2c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
00:54:10.0866 0x0c2c uliagpkx - ok
00:54:10.0892 0x0c2c [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
00:54:10.0913 0x0c2c umbus - ok
00:54:10.0934 0x0c2c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
00:54:10.0946 0x0c2c UmPass - ok
00:54:10.0993 0x0c2c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
00:54:11.0034 0x0c2c upnphost - ok
00:54:11.0063 0x0c2c [ 7B6A127C93EE590E4D79A5F2A76FE46F, 6F178916EF6D58D1E5B26C0D9D95C276B776505BFC9F716BB1E3ABD3B2B72FCE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:54:11.0083 0x0c2c usbccgp - ok
00:54:11.0114 0x0c2c [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
00:54:11.0131 0x0c2c usbcir - ok
00:54:11.0164 0x0c2c [ 92969BA5AC44E229C55A332864F79677, 4ED1E1049E7641D3FFF5D296F2D59060225CE52AB9F7B5CA618898B46A772F98 ] usbehci C:\Windows\system32\drivers\usbehci.sys
00:54:11.0177 0x0c2c usbehci - ok
00:54:11.0211 0x0c2c [ E7DF1CFD28CA86B35EF5ADD0735CEEF3, AA751288EC34D61D934D7E8C036B60BBCEDC2A746815623478BB015D87D6A998 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:54:11.0247 0x0c2c usbhub - ok
00:54:11.0280 0x0c2c [ F1BB1E55F1E7A65C5839CCC7B36D773E, 4F517F81FA5688D78D3627EA7D2EA16AD4EB410D7624FE483C7AF26951E579A9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
00:54:11.0292 0x0c2c usbohci - ok
00:54:11.0316 0x0c2c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
00:54:11.0330 0x0c2c usbprint - ok
00:54:11.0342 0x0c2c [ F39983647BC1F3E6100778DDFE9DCE29, 3BD36594F7C753680DB5A4354B1D6A33FC3011631D2D56DD4B2464AA99C85F7B ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:54:11.0355 0x0c2c USBSTOR - ok
00:54:11.0374 0x0c2c [ BC3070350A491D84B518D7CCA9ABD36F, 96FFF9F76A93CF4806297AE7C11A5C6D1E7A9980260E6CFC960F8247D5032161 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
00:54:11.0386 0x0c2c usbuhci - ok
00:54:11.0428 0x0c2c [ 7CB8C573C6E4A2714402CC0A36EAB4FE, FCD65AA3723617F58F77C4DA93CE910C712B8AA9411B5C4A60DC6C684EA53C1B ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
00:54:11.0443 0x0c2c usbvideo - ok
00:54:11.0471 0x0c2c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
00:54:11.0502 0x0c2c UxSms - ok
00:54:11.0529 0x0c2c [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] VaultSvc C:\Windows\system32\lsass.exe
00:54:11.0542 0x0c2c VaultSvc - ok
00:54:11.0564 0x0c2c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
00:54:11.0574 0x0c2c vdrvroot - ok
00:54:11.0604 0x0c2c [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds C:\Windows\System32\vds.exe
00:54:11.0632 0x0c2c vds - ok
00:54:11.0658 0x0c2c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:54:11.0673 0x0c2c vga - ok
00:54:11.0692 0x0c2c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
00:54:11.0724 0x0c2c VgaSave - ok
00:54:11.0745 0x0c2c [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
00:54:11.0760 0x0c2c vhdmp - ok
00:54:11.0784 0x0c2c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
00:54:11.0794 0x0c2c viaide - ok
00:54:11.0807 0x0c2c [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
00:54:11.0819 0x0c2c volmgr - ok
00:54:11.0831 0x0c2c [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:54:11.0849 0x0c2c volmgrx - ok
00:54:11.0861 0x0c2c [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
00:54:11.0877 0x0c2c volsnap - ok
00:54:11.0891 0x0c2c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
00:54:11.0904 0x0c2c vsmraid - ok
00:54:11.0986 0x0c2c [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS C:\Windows\system32\vssvc.exe
00:54:12.0066 0x0c2c VSS - ok
00:54:12.0089 0x0c2c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
00:54:12.0108 0x0c2c vwifibus - ok
00:54:12.0117 0x0c2c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
00:54:12.0140 0x0c2c vwififlt - ok
00:54:12.0167 0x0c2c [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
00:54:12.0183 0x0c2c vwifimp - ok
00:54:12.0229 0x0c2c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
00:54:12.0275 0x0c2c W32Time - ok
00:54:12.0298 0x0c2c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
00:54:12.0311 0x0c2c WacomPen - ok
00:54:12.0328 0x0c2c [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:54:12.0360 0x0c2c WANARP - ok
00:54:12.0365 0x0c2c [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:54:12.0394 0x0c2c Wanarpv6 - ok
00:54:12.0457 0x0c2c [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine C:\Windows\system32\wbengine.exe
00:54:12.0525 0x0c2c wbengine - ok
00:54:12.0820 0x0c2c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:54:12.0841 0x0c2c WbioSrvc - ok
00:54:13.0056 0x0c2c [ DD1BAE8EBFC653824D29CCF8C9054D68, 81D6640222FE276D721168745F6BB905D4E756909A9B2C706AF25465D748772D ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:54:13.0077 0x0c2c wcncsvc - ok
00:54:13.0103 0x0c2c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:54:13.0117 0x0c2c WcsPlugInService - ok
00:54:13.0145 0x0c2c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
00:54:13.0155 0x0c2c Wd - ok
00:54:13.0189 0x0c2c [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:54:13.0214 0x0c2c Wdf01000 - ok
00:54:13.0240 0x0c2c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:54:13.0258 0x0c2c WdiServiceHost - ok
00:54:13.0273 0x0c2c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:54:13.0292 0x0c2c WdiSystemHost - ok
00:54:13.0325 0x0c2c [ 733006127F235BE7C35354EBEE7B9A7B, 2C7E7030D586C36261F33F29883337695493D48CEA415D6DBA7C5635845A5B32 ] WebClient C:\Windows\System32\webclnt.dll
00:54:13.0345 0x0c2c WebClient - ok
00:54:13.0368 0x0c2c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:54:13.0404 0x0c2c Wecsvc - ok
00:54:13.0418 0x0c2c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:54:13.0451 0x0c2c wercplsupport - ok
00:54:13.0479 0x0c2c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
00:54:13.0511 0x0c2c WerSvc - ok
00:54:13.0533 0x0c2c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:54:13.0563 0x0c2c WfpLwf - ok
00:54:13.0597 0x0c2c [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
00:54:13.0611 0x0c2c WimFltr - ok
00:54:13.0620 0x0c2c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:54:13.0630 0x0c2c WIMMount - ok
00:54:13.0646 0x0c2c WinDefend - ok
00:54:13.0651 0x0c2c WinHttpAutoProxySvc - ok
00:54:13.0709 0x0c2c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:54:13.0748 0x0c2c Winmgmt - ok
00:54:13.0838 0x0c2c [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM C:\Windows\system32\WsmSvc.dll
00:54:13.0918 0x0c2c WinRM - ok
00:54:13.0978 0x0c2c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
00:54:14.0035 0x0c2c Wlansvc - ok
00:54:14.0172 0x0c2c [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
00:54:14.0230 0x0c2c wlidsvc - ok
00:54:14.0260 0x0c2c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
00:54:14.0272 0x0c2c WmiAcpi - ok
00:54:14.0308 0x0c2c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:54:14.0325 0x0c2c wmiApSrv - ok
00:54:14.0354 0x0c2c WMPNetworkSvc - ok
00:54:14.0386 0x0c2c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:54:14.0399 0x0c2c WPCSvc - ok
00:54:14.0418 0x0c2c [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:54:14.0434 0x0c2c WPDBusEnum - ok
00:54:14.0456 0x0c2c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:54:14.0487 0x0c2c ws2ifsl - ok
00:54:14.0525 0x0c2c [ 8F9F3969933C02DA96EB0F84576DB43E, C424D7B881A4DCC348433CF02044383013E32DB94CC66D1D20E1866CB3B0F952 ] wscsvc C:\Windows\System32\wscsvc.dll
00:54:14.0540 0x0c2c wscsvc - ok
00:54:14.0543 0x0c2c WSearch - ok
00:54:14.0629 0x0c2c [ 38340204A2D0228F1E87740FC5E554A7, 57181ED34E73DD17B590803C770A086C57754F229C6F587637B8FBB5D6519603 ] wuauserv C:\Windows\system32\wuaueng.dll
00:54:14.0720 0x0c2c wuauserv - ok
00:54:14.0751 0x0c2c [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:54:14.0784 0x0c2c WudfPf - ok
00:54:14.0825 0x0c2c [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:54:14.0857 0x0c2c WUDFRd - ok
00:54:14.0863 0x0c2c [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:54:14.0897 0x0c2c wudfsvc - ok
00:54:14.0915 0x0c2c [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
00:54:14.0937 0x0c2c WwanSvc - ok
00:54:15.0022 0x0c2c [ 74983ADDCA2D9618512C088D856D6615, C4592EFC1206BD813221814FD529AD38ED26E4AE086613EB95D3D5E20448A1F0 ] {B154377D-700F-42cc-9474-23858FBDF4BD} C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl
00:54:15.0034 0x0c2c {B154377D-700F-42cc-9474-23858FBDF4BD} - ok
00:54:15.0047 0x0c2c ================ Scan global ===============================
00:54:15.0067 0x0c2c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
00:54:15.0100 0x0c2c [ 0CB6EBF4B461A6043353C570BD72A1E1, B6DA0AE56A7DC373F60CA1EF69E4D55E6F2EEB0D62AB78D555C5F85EB389A356 ] C:\Windows\system32\winsrv.dll
00:54:15.0122 0x0c2c [ 0CB6EBF4B461A6043353C570BD72A1E1, B6DA0AE56A7DC373F60CA1EF69E4D55E6F2EEB0D62AB78D555C5F85EB389A356 ] C:\Windows\system32\winsrv.dll
00:54:15.0157 0x0c2c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
00:54:15.0182 0x0c2c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
00:54:15.0189 0x0c2c [ Global ] - ok
00:54:15.0189 0x0c2c ================ Scan MBR ==================================
00:54:15.0199 0x0c2c [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
00:54:15.0759 0x0c2c \Device\Harddisk0\DR0 - ok
00:54:15.0760 0x0c2c ================ Scan VBR ==================================
00:54:15.0774 0x0c2c [ 054BBC2F93DFFA6B1CF217C4331F6829 ] \Device\Harddisk0\DR0\Partition1
00:54:15.0788 0x0c2c \Device\Harddisk0\DR0\Partition1 - ok
00:54:15.0791 0x0c2c [ 49AB2F696E91DF00265D64A54C592637 ] \Device\Harddisk0\DR0\Partition2
00:54:15.0793 0x0c2c \Device\Harddisk0\DR0\Partition2 - ok
00:54:15.0794 0x0c2c ================ Scan generic autorun ======================
00:54:15.0856 0x0c2c [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
00:54:15.0875 0x0c2c AdobeAAMUpdater-1.0 - ok
00:54:15.0934 0x0c2c [ 819CB14FC5EF910B6D4C5AB77793C53F, 96F2FE5400C278D9C1E3FAA28B699DEC63F297D61C03A85FD63ADEA411B00869 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
00:54:15.0941 0x0c2c StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
00:54:18.0377 0x0c2c Detect skipped due to KSN trusted
00:54:18.0377 0x0c2c StartCCC - ok
00:54:18.0475 0x0c2c [ 087A06DB98D0E84C0DE90EE308707E63, 96E8CDC492115A93B1B244196947E45D3C30CF64F538EAB634E0B02BEFBF1607 ] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
00:54:18.0482 0x0c2c NUSB3MON - detected UnsignedFile.Multi.Generic ( 1 )
00:54:20.0846 0x0c2c Detect skipped due to KSN trusted
00:54:20.0846 0x0c2c NUSB3MON - ok
00:54:20.0985 0x0c2c [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
00:54:21.0006 0x0c2c avgnt - ok
00:54:21.0079 0x0c2c [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:54:21.0119 0x0c2c Sidebar - ok
00:54:21.0151 0x0c2c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:54:21.0167 0x0c2c mctadmin - ok
00:54:21.0222 0x0c2c [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:54:21.0270 0x0c2c Sidebar - ok
00:54:21.0294 0x0c2c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:54:21.0310 0x0c2c mctadmin - ok
00:54:21.0408 0x0c2c [ 7A6A4EDC0CEF9DE9CAFFDFE36D991FD4, 29078B41C8E977E06D925936325B1BE41F478CE53B1F5D2408A7C414240DC0B2 ] C:\Users\Daddy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
00:54:21.0447 0x0c2c Spotify Web Helper - ok
00:54:21.0448 0x0c2c Waiting for KSN requests completion. In queue: 80
00:54:22.0448 0x0c2c Waiting for KSN requests completion. In queue: 6
00:54:23.0449 0x0c2c Waiting for KSN requests completion. In queue: 6
00:54:24.0467 0x0c2c AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x41000 ( enabled : updated )
00:54:24.0474 0x0c2c Win FW state via NFP2: enabled
00:54:26.0849 0x0c2c ============================================================
00:54:26.0849 0x0c2c Scan finished
00:54:26.0849 0x0c2c ============================================================
00:54:26.0857 0x0a3c Detected object count: 0
00:54:26.0857 0x0a3c Actual detected object count: 0
00:54:53.0049 0x1168 Deinitialize success
Geändert von Mr.dub (20.09.2014 um 00:12 Uhr) |
|
20.09.2014, 00:08
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Boo/Cidox.b Adware/Junkware/Toolbars entfernen 1. Schritt: Malwarebytes Downloade Dir bitte  Malwarebytes Anti-Malware
(alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!) 2. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
3. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
4. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ --> Boo/Cidox.b |
|
20.09.2014, 01:05
| #7 |
| | Boo/Cidox.b ach du heilige scheiße, da muss ich ein Wörtchen mit der Freundin reden das waren 50 Funde  Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 20.09.2014 Suchlauf-Zeit: 01:18:37 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.09.19.09 Rootkit Datenbank: v2014.09.19.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 CPU: x64 Dateisystem: NTFS Benutzer: Daddy Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 320444 Verstrichene Zeit: 15 Min, 19 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 11 PUP.Optional.Ominent.A, HKLM\SOFTWARE\CLASSES\APPID\{9A246976-806F-4B2E-B3B9-A9A58F5685AA}, In Quarantäne, [e1a4cc23c0bbe84e74160a8460a24ab6], PUP.Optional.Ominent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{9A246976-806F-4B2E-B3B9-A9A58F5685AA}, In Quarantäne, [e1a4cc23c0bbe84e74160a8460a24ab6], PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, In Quarantäne, [dea7509f2f4c83b3ed9d339006fc837d], PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, In Quarantäne, [dea7509f2f4c83b3ed9d339006fc837d], PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, In Quarantäne, [572e12ddd3a8db5bb6a5d7b7d72b6f91], PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, In Quarantäne, [572e12ddd3a8db5bb6a5d7b7d72b6f91], PUP.Optional.SearchProtect.A, HKU\S-1-5-21-1479915848-3698468020-625273048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Löschen bei Neustart, [fa8b7b74df9c86b0155d5534ba48b848], PUP.Optional.Wajam.A, HKU\S-1-5-21-1479915848-3698468020-625273048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}, Löschen bei Neustart, [e99c6b8407740b2b6eaa622ec042758b], PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM, In Quarantäne, [3d4803ecccaf0b2bc3821040fa0aa25e], PUP.Optional.WeDownLoadManager.A, HKU\S-1-5-21-1479915848-3698468020-625273048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WEDLMNGR, Löschen bei Neustart, [394c6a8594e7ce68929728e62dd639c7], PUP.Optional.SweetIM.A, HKU\S-1-5-21-1479915848-3698468020-625273048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM, Löschen bei Neustart, [fa8bfdf20b70b581370d014f6a9a2dd3], Registrierungswerte: 2 PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM|simapp_id, 1590556101979078655, In Quarantäne, [3d4803ecccaf0b2bc3821040fa0aa25e] PUP.Optional.SweetIM.A, HKU\S-1-5-21-1479915848-3698468020-625273048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM|simapp_id, 1590556101979078655, Löschen bei Neustart, [fa8bfdf20b70b581370d014f6a9a2dd3] Registrierungsdaten: 1 PUP.Optional.Conduit.A, HKU\S-1-5-21-1479915848-3698468020-625273048-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://search.conduit.com/?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPF63F852A-B6EE-41A6-AA53-09BE44511160&SSPV=, Gut: (www.google.com), Schlecht: (hxxp://search.conduit.com/?ctid=CT3323737&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPF63F852A-B6EE-41A6-AA53-09BE44511160&SSPV=),Löschen bei Neustart,[7114628dfc7fba7c2c9652aa28dc18e8] Ordner: 3 PUP.Optional.Conduit.A, C:\Users\Daddy\AppData\Local\Temp\CT3323737, In Quarantäne, [592c5d922556a88e6a25bd1912f0f808], PUP.Optional.Extutil.A, C:\Users\Daddy\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, In Quarantäne, [473eb03f81fa15215bd6a5497e84f50b], PUP.Optional.Managera.A, C:\Users\Daddy\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, In Quarantäne, [067f7b743f3c2115b57deb037d8544bc], Dateien: 33 Trojan.Dropper.DLED, C:\ProgramData\Windows Genuine Advantage\{2A84DC0F-FBA5-40E9-A13F-CE6A371B1989}\api-ms-win-system-shsetup-l1-1-0.dll, In Quarantäne, [dda8717ea8d388ae3bf41fa313ee738d], Trojan.Agent.BPEN, C:\ProgramData\Windows Genuine Advantage\{9BCCE0E9-78FD-4F37-AFFB-E7010F7A6C8C}\msiexec.exe, In Quarantäne, [592c7d727a0170c6d8930eb01de419e7], Trojan.FakeMS.ED, C:\ProgramData\Windows Genuine Advantage\{AF35E7C0-4DC7-462A-8BE7-7AB218A28050}\api-ms-win-system-browser-l1-1-0.dll, In Quarantäne, [ee9728c7106b42f4f4aa269b4cb527d9], Trojan.Agent.BPEN, C:\ProgramData\Windows Genuine Advantage\{BEDACEC5-CAAA-4E43-AB81-FD21746F4199}\msiexec.exe, In Quarantäne, [a9dcce21601b4beb3038328cbe4350b0], Trojan.FakeMS.ED, C:\ProgramData\Windows Genuine Advantage\{C575432D-1789-4783-ACEF-132A949F0607}\api-ms-win-system-browser-l1-1-0.dll, In Quarantäne, [aadbd817037847ef613d269b07fa728e], Trojan.Dropper.DLED, C:\ProgramData\Windows Genuine Advantage\{F7B071A2-0CDE-4B9A-897B-EADC2F22F384}\api-ms-win-system-xrWPpb4-l1-1-0.dll, In Quarantäne, [384d5a95f88378be34fb576b3ac7d32d], PUP.Optional.SearchProtect.A, C:\Users\Daddy\AppData\Local\Temp\nsnF183.exe, In Quarantäne, [a3e202ed3e3d2c0a3ec3221826db5da3], PUP.Optional.SearchProtect.A, C:\Users\Daddy\AppData\Local\Temp\nss595A.exe, In Quarantäne, [473e9a55b2c92f07b64b42f8c04153ad], PUP.Optional.Conduit.A, C:\Users\Daddy\AppData\Local\Temp\SPSetup.exe, In Quarantäne, [7c09f5fac0bb6fc7d51e7ab420e10000], PUP.Optional.SearchProtect.A, C:\Users\Daddy\AppData\Local\Temp\nscB8AA.exe, In Quarantäne, [e1a46b84a6d5c472cb36c27860a1659b], PUP.Optional.Conduit.A, C:\Users\Daddy\AppData\Local\Temp\nse9714.exe, In Quarantäne, [c9bc32bdf982b1856493a1f15da454ac], PUP.Optional.Conduit.A, C:\Users\Daddy\AppData\Local\Temp\nseC251.exe, In Quarantäne, [e3a226c93f3c7fb7c92e632f827f19e7], PUP.Optional.Conduit.A, C:\Users\Daddy\AppData\Local\Temp\nseE648.exe, In Quarantäne, [23621dd2e89362d4f9fe484a42bfad53], PUP.Optional.Conduit.A, C:\Users\Daddy\AppData\Local\Temp\nseEA3F.exe, In Quarantäne, [f1946d82a9d264d2af48c3cfcb3602fe], PUP.Optional.SearchProtect.A, C:\Users\Daddy\AppData\Local\Temp\nshBB3A.exe, In Quarantäne, [d8ad5f904d2e7bbb0df40b2f7d84e11f], PUP.Optional.SearchProtect.A, C:\Users\Daddy\AppData\Local\Temp\nsx5C38.exe, In Quarantäne, [65205c93215a64d2936e67d3f1106d93], PUP.Optional.Conduit.A, C:\Users\Daddy\AppData\Local\Temp\nszBED7.exe, In Quarantäne, [e99c20cf42397abcda1d8a08a45d48b8], PUP.Optional.Conduit.A, C:\Users\Daddy\AppData\Local\Temp\utt7C3C.tmp.exe, In Quarantäne, [4d38816eaccfb2843af579b4a0613dc3], PUP.Optional.SearchProtect.A, C:\Users\Daddy\AppData\Local\Temp\nsp948C\SpSetup.exe, In Quarantäne, [b3d2be316d0ee15556c62b7253ae9b65], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsl3D04.exe, In Quarantäne, [196ccd22512afb3bbf429c9e7c853cc4], PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsqD2CC.exe, In Quarantäne, [bbca559a8fec3bfb5aa72f0bc63b4bb5], PUP.Optional.Superfish.A, C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, In Quarantäne, [b0d510dff586e650cd416cb54db6bf41], PUP.Optional.Superfish.A, C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, In Quarantäne, [e3a239b6403b4cea709e81a0ab5813ed], PUP.Optional.Wajam.A, C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.wajam.com_0.localstorage, In Quarantäne, [f2930ce3a9d2d462bffff72baa590000], PUP.Optional.Wajam.A, C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.wajam.com_0.localstorage-journal, In Quarantäne, [89fc4ca37803f93d12ac5bc729dab947], PUP.Optional.Websteroids.A, C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d.websteroidsapp.com_0.localstorage, In Quarantäne, [a1e45798b7c448eebecebe6de023669a], PUP.Optional.Websteroids.A, C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_d.websteroidsapp.com_0.localstorage-journal, In Quarantäne, [a7de05ea23580c2a206c70bbe71c7c84], PUP.Optional.Conduit.A, C:\Users\Daddy\AppData\Local\Temp\CT3323737\ddt.csf, In Quarantäne, [592c5d922556a88e6a25bd1912f0f808], PUP.Optional.Extutil.A, C:\Users\Daddy\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, In Quarantäne, [473eb03f81fa15215bd6a5497e84f50b], PUP.Optional.Extutil.A, C:\Users\Daddy\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, In Quarantäne, [473eb03f81fa15215bd6a5497e84f50b], PUP.Optional.Extutil.A, C:\Users\Daddy\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, In Quarantäne, [473eb03f81fa15215bd6a5497e84f50b], PUP.Optional.Managera.A, C:\Users\Daddy\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, In Quarantäne, [067f7b743f3c2115b57deb037d8544bc], PUP.Optional.Managera.A, C:\Users\Daddy\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, In Quarantäne, [067f7b743f3c2115b57deb037d8544bc], Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.306 - Bericht erstellt am 20/09/2014 um 01:44:25
# Aktualisiert 15/08/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium (64 bits)
# Benutzername : Daddy - DADDY-PC
# Gestartet von : C:\Users\Daddy\Desktop\adwcleaner_3.306.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Users\Daddy\AppData\Local\Temp\AskSearch
Ordner Gelöscht : C:\Users\Daddy\AppData\Roaming\dvdvideosoftiehelpers
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKLM\SOFTWARE\DeviceVM
Schlüssel Gelöscht : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DeviceVM
***** [ Browser ] *****
-\\ Internet Explorer v9.0.8112.16421
-\\ Google Chrome v37.0.2062.120
[ Datei : C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=M7AA2478A-C1D8-4DE1-8B42-216B989AC664&SearchSource=58&CUI=&UM=5&UP=SPF63F852A-B6EE-41A6-AA53-09BE44511160&q={searchTerms}&SSPV=
Gelöscht [Search Provider] : hxxp://eu.wowarmory.com/search.xml?searchQuery={searchTerms}&searchType=all
*************************
AdwCleaner[R0].txt - [2873 octets] - [20/09/2014 01:42:35]
AdwCleaner[S0].txt - [2695 octets] - [20/09/2014 01:44:25]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2755 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.7 (09.18.2014:2)
OS: Windows 7 Home Premium x64
Ran by Daddy on 20.09.2014 at 1:53:48,76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DAA0E028-948E-4052-AE09-9E30A6C11D43}
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.09.2014 at 1:59:28,94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Daddy (administrator) on DADDY-PC on 20-09-2014 02:01:59
Running from C:\Users\Daddy\Desktop
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS CopyProtect\ASPG.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Spotify Ltd) C:\Users\Daddy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-21] (NEC Electronics Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-07] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [807696 2013-12-20] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1479915848-3698468020-625273048-1000\...\Run: [Spotify Web Helper] => C:\Users\Daddy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-08-27] (Spotify Ltd)
HKU\S-1-5-21-1479915848-3698468020-625273048-1000\...\MountPoints2: F - F:\LaunchU3.exe -a
HKU\S-1-5-21-1479915848-3698468020-625273048-1000\...\MountPoints2: {28dc369f-039f-11df-bcea-e0cb4e560368} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1479915848-3698468020-625273048-1000\...\MountPoints2: {5cbbe385-02d0-11df-898a-e0cb4e560368} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1479915848-3698468020-625273048-1000\...\MountPoints2: {e2d2cf65-030e-11df-9307-e0cb4e560368} - H:\Autorun.exe
IFEO\hd-apkhandler.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\hd-runapp.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\hd-startlauncher.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\service\AsusWSShellExt64.dll (eCareme Technologies, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\Daddy\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\Daddy\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Daddy\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Daddy\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Daddy\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Daddy\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: Anti-Banner - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru [2011-07-26]
FF Extension: Modul zur Link-Untersuchung - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru [2011-07-26]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012-04-23]
Chrome:
=======
CHR Profile: C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-05-15]
CHR Extension: (Google Translate) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-02-22]
CHR Extension: (Google Drive) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-23]
CHR Extension: (Slinky Elegant) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmanlajnpdncmhfkiccmbgeocgbncfln [2014-02-22]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-22]
CHR Extension: (Google Search) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-23]
CHR Extension: (Facebook Customizer (by Adblock Plus)) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\deoeenbkoccjaefmmhpmlegngdjohdcm [2014-05-02]
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2014-02-22]
CHR Extension: (AdBlock) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-02]
CHR Extension: (Dropbox) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-02-22]
CHR Extension: (Google Play) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-02-22]
CHR Extension: (Google Maps) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-02-22]
CHR Extension: (Hangouts) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2014-02-23]
CHR Extension: (Google Wallet) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-03]
CHR Extension: (Google Chrome to Phone Extension) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2014-02-22]
CHR Extension: (Context Menu Search) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpcmghnefmdhljkoiapafejjohldoga [2014-07-30]
CHR Extension: (Gmail) - C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-23]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-07] (Avira Operations GmbH & Co. KG)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-01] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-18] (TuneUp Software)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-08-03] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-14] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-08-03] ()
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-07] ()
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl [146928 2009-09-02] (CyberLink Corp.)
U3 tmlwf; No ImagePath
U3 tmwfp; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-20 02:00 - 2014-09-20 02:02 - 00016355 _____ () C:\Users\Daddy\Desktop\FRST.txt
2014-09-20 01:59 - 2014-09-20 01:59 - 00000772 _____ () C:\Users\Daddy\Desktop\JRT.txt
2014-09-20 01:53 - 2014-09-20 01:53 - 00000000 ____D () C:\Windows\ERUNT
2014-09-20 01:52 - 2014-09-20 01:52 - 01019328 _____ (Thisisu) C:\Users\Daddy\Desktop\JRT.exe
2014-09-20 01:51 - 2014-09-20 01:44 - 00002839 _____ () C:\Users\Daddy\Desktop\AdwCleaner[S0].txt
2014-09-20 01:42 - 2014-09-20 01:48 - 00000000 ____D () C:\AdwCleaner
2014-09-20 01:40 - 2014-09-20 01:40 - 01361203 _____ () C:\Users\Daddy\Desktop\adwcleaner_3.306.exe
2014-09-20 01:36 - 2014-09-20 01:36 - 00009342 _____ () C:\Users\Daddy\Desktop\mbam.txt
2014-09-20 01:17 - 2014-09-20 01:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-20 01:17 - 2014-09-20 01:17 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-20 01:17 - 2014-09-20 01:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-20 01:17 - 2014-09-20 01:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-20 01:17 - 2014-09-20 01:17 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-09-20 01:17 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-20 01:17 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-20 01:17 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-20 01:14 - 2014-09-20 01:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Daddy\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-20 00:36 - 2014-09-20 02:01 - 00000000 ____D () C:\FRST
2014-09-20 00:21 - 2014-09-20 00:28 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-09-20 00:20 - 2014-09-20 00:20 - 02105856 _____ (Farbar) C:\Users\Daddy\Desktop\FRST64.exe
2014-09-19 23:54 - 2014-09-19 23:54 - 490967222 _____ () C:\Windows\MEMORY.DMP
2014-09-19 23:54 - 2014-09-19 23:54 - 00275960 _____ () C:\Windows\Minidump\091914-22978-01.dmp
2014-09-19 22:50 - 2014-09-19 22:50 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Daddy\Desktop\tdsskiller.exe
2014-09-19 21:58 - 2014-09-19 21:58 - 00003288 ____N () C:\bootsqm.dat
2014-09-19 20:38 - 2014-09-20 01:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-19 20:38 - 2014-09-19 20:38 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-19 20:38 - 2014-09-19 20:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-19 20:38 - 2014-09-19 20:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-19 20:38 - 2014-09-19 20:38 - 00000000 ____D () C:\Windows\system32\Macromed
2014-09-19 20:31 - 2014-09-19 20:31 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-09-18 21:45 - 2014-09-18 21:45 - 12789816 _____ () C:\Users\Daddy\Downloads\Warriors-MP3.zip
2014-09-16 19:14 - 2014-09-16 19:17 - 00000000 ____D () C:\Users\Daddy\Desktop\alex mod
2014-09-12 18:38 - 2014-09-12 18:38 - 00275960 _____ () C:\Windows\Minidump\091214-19983-01.dmp
2014-09-09 11:52 - 2014-09-09 11:52 - 00275960 _____ () C:\Windows\Minidump\090914-21840-01.dmp
2014-09-07 16:04 - 2014-09-07 16:04 - 00000824 _____ () C:\Users\Daddy\Desktop\teeworlds.lnk
2014-09-07 15:06 - 2014-09-08 18:47 - 00000000 ____D () C:\Users\Daddy\AppData\Roaming\Teeworlds
2014-09-05 18:12 - 2014-09-05 18:21 - 00393216 _____ () C:\Windows\system32\Ikeext.etl
2014-08-31 13:50 - 2014-08-31 13:50 - 00275960 _____ () C:\Windows\Minidump\083114-31590-01.dmp
2014-08-30 14:11 - 2014-08-30 14:11 - 00000000 ____D () C:\Users\Daddy\Documents\NeocoreGames
2014-08-29 17:10 - 2014-08-29 17:23 - 34888568 _____ (Riot Games) C:\Users\Daddy\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-08-27 00:27 - 2014-08-27 00:28 - 00000000 ____D () C:\Users\Daddy\LAN
2014-08-27 00:10 - 2014-08-27 00:11 - 00011264 ___SH () C:\Users\Daddy\Downloads\Thumbs.db
2014-08-27 00:10 - 2014-08-27 00:10 - 00010752 ___SH () C:\Users\Daddy\Desktop\Thumbs.db
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-20 02:02 - 2014-09-20 02:00 - 00016355 _____ () C:\Users\Daddy\Desktop\FRST.txt
2014-09-20 02:01 - 2014-09-20 00:36 - 00000000 ____D () C:\FRST
2014-09-20 01:59 - 2014-09-20 01:59 - 00000772 _____ () C:\Users\Daddy\Desktop\JRT.txt
2014-09-20 01:56 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-20 01:56 - 2009-07-14 06:45 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-20 01:53 - 2014-09-20 01:53 - 00000000 ____D () C:\Windows\ERUNT
2014-09-20 01:52 - 2014-09-20 01:52 - 01019328 _____ (Thisisu) C:\Users\Daddy\Desktop\JRT.exe
2014-09-20 01:52 - 2010-01-09 00:38 - 01302548 _____ () C:\Windows\WindowsUpdate.log
2014-09-20 01:51 - 2012-04-23 18:01 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000UA.job
2014-09-20 01:49 - 2014-05-25 22:55 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-20 01:49 - 2010-01-22 19:43 - 00366928 _____ () C:\Windows\PFRO.log
2014-09-20 01:49 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-20 01:49 - 2009-07-14 06:51 - 00184479 _____ () C:\Windows\setupact.log
2014-09-20 01:48 - 2014-09-20 01:42 - 00000000 ____D () C:\AdwCleaner
2014-09-20 01:44 - 2014-09-20 01:51 - 00002839 _____ () C:\Users\Daddy\Desktop\AdwCleaner[S0].txt
2014-09-20 01:40 - 2014-09-20 01:40 - 01361203 _____ () C:\Users\Daddy\Desktop\adwcleaner_3.306.exe
2014-09-20 01:36 - 2014-09-20 01:36 - 00009342 _____ () C:\Users\Daddy\Desktop\mbam.txt
2014-09-20 01:26 - 2014-09-19 20:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-20 01:23 - 2014-05-25 22:55 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-20 01:18 - 2014-09-20 01:17 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-20 01:17 - 2014-09-20 01:17 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-20 01:17 - 2014-09-20 01:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-09-20 01:17 - 2014-09-20 01:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-20 01:17 - 2014-09-20 01:17 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-09-20 01:15 - 2014-09-20 01:14 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Daddy\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-20 00:28 - 2014-09-20 00:21 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-09-20 00:20 - 2014-09-20 00:20 - 02105856 _____ (Farbar) C:\Users\Daddy\Desktop\FRST64.exe
2014-09-20 00:11 - 2010-01-29 20:35 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8284BB31-0CBF-4504-9CF4-17F940177E7E}
2014-09-19 23:54 - 2014-09-19 23:54 - 490967222 _____ () C:\Windows\MEMORY.DMP
2014-09-19 23:54 - 2014-09-19 23:54 - 00275960 _____ () C:\Windows\Minidump\091914-22978-01.dmp
2014-09-19 23:54 - 2010-01-22 20:56 - 00000000 ____D () C:\Windows\Minidump
2014-09-19 22:50 - 2014-09-19 22:50 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Daddy\Desktop\tdsskiller.exe
2014-09-19 21:58 - 2014-09-19 21:58 - 00003288 ____N () C:\bootsqm.dat
2014-09-19 21:46 - 2009-07-29 07:10 - 00000000 __SHD () C:\Recovery
2014-09-19 21:09 - 2010-01-09 01:48 - 00001755 _____ () C:\Windows\system32\ServiceFilter.ini
2014-09-19 20:38 - 2014-09-19 20:38 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-19 20:38 - 2014-09-19 20:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-19 20:38 - 2014-09-19 20:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-19 20:38 - 2014-09-19 20:38 - 00000000 ____D () C:\Windows\system32\Macromed
2014-09-19 20:31 - 2014-09-19 20:31 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-09-19 16:12 - 2010-01-16 20:53 - 00000000 ____D () C:\Users\Daddy
2014-09-19 12:52 - 2012-04-23 18:41 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-18 23:12 - 2009-08-04 11:51 - 00698374 _____ () C:\Windows\system32\perfh007.dat
2014-09-18 23:12 - 2009-08-04 11:51 - 00149038 _____ () C:\Windows\system32\perfc007.dat
2014-09-18 23:12 - 2009-07-14 07:13 - 01616954 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-18 21:45 - 2014-09-18 21:45 - 12789816 _____ () C:\Users\Daddy\Downloads\Warriors-MP3.zip
2014-09-18 17:51 - 2012-04-23 18:01 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000Core.job
2014-09-16 19:17 - 2014-09-16 19:14 - 00000000 ____D () C:\Users\Daddy\Desktop\alex mod
2014-09-16 19:14 - 2014-03-15 23:43 - 00000000 ___RD () C:\Users\Daddy\Dokumente
2014-09-14 03:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-12 18:44 - 2014-02-22 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-12 18:44 - 2013-11-01 18:40 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-12 18:44 - 2012-07-14 18:30 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-12 18:38 - 2014-09-12 18:38 - 00275960 _____ () C:\Windows\Minidump\091214-19983-01.dmp
2014-09-12 14:02 - 2011-07-26 13:20 - 00000000 ____D () C:\Users\Daddy\AppData\Roaming\Skype
2014-09-12 13:55 - 2014-08-11 02:01 - 00000000 ___RD () C:\Users\Daddy\Desktop\*
2014-09-09 11:52 - 2014-09-09 11:52 - 00275960 _____ () C:\Windows\Minidump\090914-21840-01.dmp
2014-09-08 18:47 - 2014-09-07 15:06 - 00000000 ____D () C:\Users\Daddy\AppData\Roaming\Teeworlds
2014-09-07 16:04 - 2014-09-07 16:04 - 00000824 _____ () C:\Users\Daddy\Desktop\teeworlds.lnk
2014-09-05 18:21 - 2014-09-05 18:12 - 00393216 _____ () C:\Windows\system32\Ikeext.etl
2014-09-05 18:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-08-31 20:59 - 2014-05-18 10:45 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-08-31 20:59 - 2014-05-18 10:45 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-08-31 20:59 - 2014-02-22 18:21 - 00000000 ____D () C:\Users\Daddy\Downloads\Games
2014-08-31 20:59 - 2010-01-09 01:10 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-31 13:50 - 2014-08-31 13:50 - 00275960 _____ () C:\Windows\Minidump\083114-31590-01.dmp
2014-08-30 14:11 - 2014-08-30 14:11 - 00000000 ____D () C:\Users\Daddy\Documents\NeocoreGames
2014-08-30 13:58 - 2010-01-16 22:30 - 00000000 ____D () C:\Users\Daddy\Documents\My Games
2014-08-30 02:54 - 2014-05-10 17:32 - 00000000 ____D () C:\Users\Daddy\AppData\Local\Battle.net
2014-08-29 17:23 - 2014-08-29 17:10 - 34888568 _____ (Riot Games) C:\Users\Daddy\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-08-29 16:31 - 2010-07-30 00:13 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-08-29 14:11 - 2012-05-26 19:47 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-08-29 14:09 - 2014-05-10 17:32 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-27 16:35 - 2014-04-30 17:19 - 00000000 ____D () C:\Users\Daddy\AppData\Roaming\Spotify
2014-08-27 16:04 - 2014-04-30 17:20 - 00000000 ____D () C:\Users\Daddy\AppData\Local\Spotify
2014-08-27 00:28 - 2014-08-27 00:27 - 00000000 ____D () C:\Users\Daddy\LAN
2014-08-27 00:11 - 2014-08-27 00:10 - 00011264 ___SH () C:\Users\Daddy\Downloads\Thumbs.db
2014-08-27 00:10 - 2014-08-27 00:10 - 00010752 ___SH () C:\Users\Daddy\Desktop\Thumbs.db
Some content of TEMP:
====================
C:\Users\Daddy\AppData\Local\Temp\AdobeApplicationManager.exe
C:\Users\Daddy\AppData\Local\Temp\AskSLib.dll
C:\Users\Daddy\AppData\Local\Temp\avgnt.exe
C:\Users\Daddy\AppData\Local\Temp\ETDUninst.dll
C:\Users\Daddy\AppData\Local\Temp\Gw2.exe
C:\Users\Daddy\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\Daddy\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\Daddy\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Daddy\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Daddy\AppData\Local\Temp\Quarantine.exe
C:\Users\Daddy\AppData\Local\Temp\sonarinst.exe
C:\Users\Daddy\AppData\Local\Temp\tmd_34012332.exe
C:\Users\Daddy\AppData\Local\Temp\tmd_34013515.exe
C:\Users\Daddy\AppData\Local\Temp\tmd_34014036.exe
C:\Users\Daddy\AppData\Local\Temp\tmd_34014716.exe
C:\Users\Daddy\AppData\Local\Temp\tmd_34015670.exe
C:\Users\Daddy\AppData\Local\Temp\tmp101d6250.exe
C:\Users\Daddy\AppData\Local\Temp\UpdateFlashPlayer_d67338fd.exe
C:\Users\Daddy\AppData\Local\Temp\{68CB2CC0-30D1-411C-A47A-8813A14F810E}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-16 18:29
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Daddy at 2014-09-20 02:02:20
Running from C:\Users\Daddy\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6425.1000 - Microsoft Corporation)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
Actualização do Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0816-0000-0000000FF1CE}_PROHYBRIDR_{CCDE3C71-5F35-477F-BA90-1A399C91C10C}) (Version: - Microsoft)
Actualização do Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0816-0000-0000000FF1CE}_PROHYBRIDR_{CF0BC77F-1B63-44BF-BCFE-3A8CBB9077D1}) (Version: - Microsoft)
Actualização do Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0816-0000-0000000FF1CE}_PROHYBRIDR_{A1A8C49E-BB40-4852-853E-B5A1F6BB2A3C}) (Version: - Microsoft)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
ÅíçìåñùìÝíç Ýêäïóç Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0408-0000-0000000FF1CE}_PROHYBRIDR_{08A4BDB3-7A63-4F59-B9FA-EE80ADE88DC2}) (Version: - Microsoft)
ÅíçìåñùìÝíç Ýêäïóç Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0408-0000-0000000FF1CE}_PROHYBRIDR_{C52A655D-F8AE-485D-908D-62CEC754B6A4}) (Version: - Microsoft)
ÅíçìåñùìÝíç Ýêäïóç Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0408-0000-0000000FF1CE}_PROHYBRIDR_{054186C0-F351-472E-84E8-D5E16FA08241}) (Version: - Microsoft)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}) (Version: 1.5.17.25482 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.5.17.25482 - Alcor Micro Corp.) Hidden
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.7 - ASUS)
ASUS AP Bank (HKLM-x32\...\ASUS AP Bank_is1) (Version: 1.0.0.0 - ASUSTEK)
ASUS CopyProtect (HKLM-x32\...\{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}) (Version: 1.0.0015 - ASUS)
ASUS FancyStart (HKLM-x32\...\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}) (Version: 1.0.6 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.25 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Video Magic (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3301 - CyberLink Corp.)
ASUS Video Magic (x32 Version: 6.0.3301 - CyberLink Corp.) Hidden
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.19 - asus)
ASUS WebStorage (HKLM\...\ASUS WebStorage) (Version: 2.0.36.1260 - eCareme Technologies, Inc.)
ASUS_N_Series_Screensaver (HKLM-x32\...\ASUS_N_Series_Screensaver) (Version: - )
ATI Catalyst Install Manager (HKLM\...\{FEC0590D-D4DE-DB7C-C625-657FC30CF927}) (Version: 3.0.754.0 - ATI Technologies, Inc.)
ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0054 - ASUS)
ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0006 - ASUS)
ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0008 - ASUS)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{44181DF6-2751-48C7-B918-72F14508F127}) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.1118.1260.23275 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help English (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help French (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help German (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.1118.1259.23275 - ATI) Hidden
ccc-core-static (x32 Version: 2009.1118.1260.23275 - ATI) Hidden
ccc-utility64 (Version: 2009.1118.1260.23275 - ATI) Hidden
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.4 - ASUS)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink MediaShow Espresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 5.0.0526 - CyberLink Corp.)
CyberLink MediaShow Espresso (x32 Version: 5.0.0526 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3509a - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3509a - CyberLink Corp.) Hidden
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2311 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.2311 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Darksiders (HKLM-x32\...\Steam App 50620) (Version: - Vigil Games)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version: - Vigil Games)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - Ihr Firmenname)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Express Gate (HKLM-x32\...\{B5A5627C-0173-4DB2-ADA8-740479370F67}) (Version: 1.2.13.31 - DeviceVM, Inc.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.4 - ASUS)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.43.806 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.43.806 - DVDVideoSoft Ltd.)
Frontlines: Fuel of War (HKLM-x32\...\{C711E88C-9DC2-4254-A989-D6E017844DDF}) (Version: 1.3.0 - THQ)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.115.11 - Intel)
iTNC530 (340494) (HKLM-x32\...\{4E31D9A6-245B-41A6-949D-C7B029A703D2}) (Version: - )
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 37 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.370 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version: - 4A Games)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel 2007 Help - Aggiornamento (KB963678) (HKLM-x32\...\{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{9F57BDED-B51B-4D2F-B360-5B4EFAAF0F1A}) (Version: - Microsoft)
Microsoft Office Excel 2007 Help §ó·sµ{¦¡ (KB963678) (HKLM-x32\...\{90120000-0016-0404-0000-0000000FF1CE}_PROHYBRIDR_{15EEA099-97F0-4952-8597-88472FF062D2}) (Version: - Microsoft)
Microsoft Office Excel 2007 Help Actualización (KB963678) (HKLM-x32\...\{90120000-0016-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{59E09C3D-4878-47D9-87DB-6D0018026889}) (Version: - Microsoft)
Microsoft Office Excel MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office IME (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office IME (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.3 (HKLM-x32\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook 2007 Help - Aggiornamento (KB963677) (HKLM-x32\...\{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{2278E02A-AB15-4BF7-B2B4-5C0EEB4B7EEB}) (Version: - Microsoft)
Microsoft Office Outlook 2007 Help Actualización (KB963677) (HKLM-x32\...\{90120000-001A-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{59C244C2-0C37-4E85-8F7E-DBDD3958B694}) (Version: - Microsoft)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Powerpoint 2007 Help - Aggiornamento (KB963669) (HKLM-x32\...\{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{C76C02F1-B07F-4974-876A-A18DEC9887C8}) (Version: - Microsoft)
Microsoft Office Powerpoint 2007 Help §ó·sµ{¦¡ (KB963669) (HKLM-x32\...\{90120000-0018-0404-0000-0000000FF1CE}_PROHYBRIDR_{A7688131-70CB-4945-BAFA-11053AC34D75}) (Version: - Microsoft)
Microsoft Office Powerpoint 2007 Help Actualización (KB963669) (HKLM-x32\...\{90120000-0018-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{F318245D-05AE-4681-A749-A036CE44AF29}) (Version: - Microsoft)
Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Hybrid 2007 (x32 Version: 12.0.6425.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Arabic) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Basque) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Catalan) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Galician) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Russian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Chinese (Traditional)) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Dutch) 2007 (x32 Version: 12.0.4518.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (French) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Greek) 2007 (x32 Version: 12.0.4518.1029 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Hebrew) 2007 (x32 Version: 12.0.4518.1016 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Italian) 2007 (x32 Version: 12.0.4518.1018 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Portugal)) 2007 (x32 Version: 12.0.4518.1029 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Spanish) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Chinese (Traditional)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Dutch) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Greek) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Hebrew) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Portuguese (Portugal)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word 2007 Help - Aggiornamento (KB963665) (HKLM-x32\...\{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{E5B82DB3-DD7D-4C45-BC5E-09864B26F9BC}) (Version: - Microsoft)
Microsoft Office Word 2007 Help §ó·sµ{¦¡ (KB963665) (HKLM-x32\...\{90120000-001B-0404-0000-0000000FF1CE}_PROHYBRIDR_{AD30F628-2AAE-43E0-A0D8-CDFA976E6A9E}) (Version: - Microsoft)
Microsoft Office Word 2007 Help Actualización (KB963665) (HKLM-x32\...\{90120000-001B-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{377BA42A-1C84-45D6-94B8-6D00887D172D}) (Version: - Microsoft)
Microsoft Office Word MUI (Chinese (Traditional)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Dutch) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Greek) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Hebrew) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Portuguese (Portugal)) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mini Ninjas (HKLM-x32\...\Steam App 35000) (Version: - IO Interactive)
Mise à jour Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{B761869A-B85C-40E2-994C-A1CE78AC8F2C}) (Version: - Microsoft)
Mise à jour Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{51EFB347-1F3D-4BAC-8B79-F056B904FE21}) (Version: - Microsoft)
Mise à jour Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{C3DCA38E-005E-41BA-A52A-7C3429F351C3}) (Version: - Microsoft)
Mise à jour Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{81536A04-DBFB-4DB3-978F-0F284590C223}) (Version: - Microsoft)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.18.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0 - NEC Electronics Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
òãëåï òáåø îñðï ãåàø äæáì ùì Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-040D-0000-0000000FF1CE}_PROHYBRIDR_{18E2D7BF-CC18-4CE8-B875-D2934B6086E2}) (Version: - Microsoft)
òãëåï òáåø îñðï ãåàø äæáì ùì Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-040D-0000-0000000FF1CE}_PROHYBRIDR_{54B50AC9-2088-4F43-B39A-0F10F53D425E}) (Version: - Microsoft)
òãëåï òáåø îñðï ãåàø äæáì ùì Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-040D-0000-0000000FF1CE}_PROHYBRIDR_{CAB664CE-BBA4-4A81-A358-6CC6F7852FC9}) (Version: - Microsoft)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - Robot Entertainment)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5995 - Realtek Semiconductor Corp.)
Skype™ 5.3 (HKLM-x32\...\{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}) (Version: 5.3.120 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.2600 - SRS Labs, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Incredible Adventures of Van Helsing (HKLM-x32\...\Steam App 215530) (Version: - NeocoreGames)
Tom Clancy's Ghost Recon Phantoms - EU (HKLM-x32\...\Steam App 272350) (Version: - Ubisoft Singapore)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - Runic Games)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.221 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version: - Microsoft)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version: - Microsoft)
Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.29.0 - ASUS)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.14 - ASUS)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1479915848-3698468020-625273048-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Daddy\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1479915848-3698468020-625273048-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Daddy\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {03FB7F63-5D99-48EC-9211-C4B530E13022} - System32\Tasks\{7CE09AFD-F27D-4CC6-95DF-6B78B6C0737A} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {04FDDD85-815E-4A9F-9C21-66FD7B9135FB} - System32\Tasks\{5320897F-DAD3-479F-967B-957E295E5F78} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {0E8B92FF-2344-42EC-940A-A7EAADFE2AEF} - System32\Tasks\{1AE9A9AA-F359-4C3E-866B-22EE2BD42932} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {13F69D18-EF62-4803-8651-40586B4AF5A7} - System32\Tasks\{7D0C89A6-220B-479A-9B1E-AAA3DEA304BB} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {1C88F5C9-CA1B-4280-9AFF-904574457AF7} - System32\Tasks\{49FBB1A9-7005-496A-B715-7D3962B5E024} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {24E7EF90-132F-4B78-BEFF-4D6B6ECF9D8E} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {2B174B4D-076C-446E-B5F5-B04A6F260FFB} - System32\Tasks\ASPG => C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe [2009-06-29] (ASUS)
Task: {35EABD2C-7C07-479F-9063-85675E9143D8} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-09-24] ()
Task: {38D61FA6-8F8F-4193-B111-7FF1ADD77226} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {3A738DE0-C3D1-4241-AFEA-180513F73F1A} - System32\Tasks\{0D8E092B-7116-4886-BCAC-7627887EF2AA} => D:\instalProgramm\Heidenhein530\itnclaunch.EXE
Task: {3D66CA82-4A87-4BA3-9DEF-1A36F5CB9F02} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-19] (Adobe Systems Incorporated)
Task: {3E68CC0A-8389-407C-B4AC-E007F7B2ED9D} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-19] (ASUS)
Task: {410ED00F-F415-47D1-89C8-6E862CA00E54} - System32\Tasks\{6D6A9425-F02A-43D6-A553-C587497647D4} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {48969814-923F-43CF-80F3-CCFCF784B12A} - System32\Tasks\{36B9F202-3088-4A3E-8B26-47D0161CA57E} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {4BBE6869-0A00-42ED-8027-28BB3F043CBA} - System32\Tasks\{607FA0ED-22CE-403C-837B-D549F42090A1} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {4CC6320B-D55F-4294-9BA5-38DD55FD365D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-25] (Google Inc.)
Task: {4D323374-00EE-4734-B9C5-B47F71926DD1} - System32\Tasks\{494EE43C-A27A-43A0-937B-5B4EA1D6E8FB} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {4D77AADB-6644-4333-884A-4C1BD8148B14} - System32\Tasks\{E8DADE2A-5473-42C6-9344-14506B5983B5} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {4D8174D8-8C48-4798-989F-E1D11AC01D19} - System32\Tasks\{2F6A8821-B72B-4910-A57E-98FD5947BC08} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {4DAADFD2-C855-43BA-9B51-57E089636DA0} - System32\Tasks\{8CED5A9F-82EB-4418-BF6E-CDE2DDD8C6A7} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {52440FE5-978C-4486-AB75-1C9C65D646B8} - System32\Tasks\{26BB7E51-C4CD-4E48-B6FA-FB511AB151C0} => D:\Games\Age of Methology\Aomx_NoCD_Loader.exe
Task: {557CF159-390C-43F6-82BF-4187958A6CBA} - System32\Tasks\{05E31DAB-50C1-41BA-8954-7B04BA17DA5C} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {59D4328B-BBF7-43F0-A6C3-8BCA27D9FDF3} - System32\Tasks\{31B41EC3-EBA4-4626-B54E-3CA65FF1C52D} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {6007466A-A073-41AA-BB76-6D26ECBCFE1D} - System32\Tasks\{D1CBAB85-EC92-4A2F-88D2-6214CF46A01F} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {64AC7B93-F5F9-4A71-A314-219580DFE7CB} - System32\Tasks\{10FE5C06-6AA8-464C-BA26-83E0FD85E4E5} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {6645F1A3-4028-4450-8C64-3D1BF9334054} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-12-18] (TuneUp Software)
Task: {693B50B5-C49C-42A1-A042-82FF3398EBFB} - System32\Tasks\{641B5D20-6881-4819-ABA0-2AF5C8EEF11C} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {6986E9B5-4985-4AD4-9CB0-B7E80BF17FC3} - System32\Tasks\{DBBBD1E3-BA6A-4163-9960-C2EEA8A6C5DE} => D:\Programm\EXSLWINX\SERVER\START.EXE
Task: {69A7F967-803D-4AB2-A263-89732B0D8C26} - System32\Tasks\{A2A5F72B-9E61-46CF-B641-388450FFDB53} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {723429FF-39A4-4FCC-83C1-A616479148F0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000UA => C:\Users\Daddy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-23] (Google Inc.)
Task: {76043709-D083-422E-9BA2-8A796852F385} - System32\Tasks\{780431C9-23E9-42B6-B10B-A70599291CBA} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {89D93805-A4D1-4663-94B9-82BF919FEDE8} - System32\Tasks\{5B90A7D2-6D0B-4799-95A1-5B6E52C7B3E2} => D:\Programm\EXSLWINX\SERVER\START.EXE
Task: {8C2FAF10-77AF-419A-8A74-3AD966CEF703} - System32\Tasks\{30B3D042-F41F-480B-B11C-ECD101665044} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {98F2A7E1-597B-4D5F-ACB2-854E962E8140} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-11-07] (ATK)
Task: {99841740-F097-4D61-9AA2-41D408664D9E} - System32\Tasks\{CEC6E2F5-3C23-408B-8FDA-34C16D2C1360} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {9C1B9D41-825A-4463-9B4A-E92FCF7A3B01} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000Core => C:\Users\Daddy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-23] (Google Inc.)
Task: {9C7C43D9-0E96-43A4-B5D5-B3AA584B9198} - System32\Tasks\{E15888B0-8F1E-401D-8144-7695B9325BB1} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {9D09A5CD-6EDE-4382-B28B-B20A143FC65C} - System32\Tasks\{AEF5FBFA-CA52-472B-97E8-FC5E6893A756} => D:\instalProgramm\Heidenhein530\itnclaunch.EXE
Task: {A1BF1D2D-CE47-44D1-8DDE-CD553F10EE05} - System32\Tasks\{C470D71A-3519-44CC-8066-96A3224D308E} => D:\instalProgramm\Heidenhein530\itnclaunch.EXE
Task: {A7E7B620-CF25-4105-B18A-150A375953AB} - System32\Tasks\{A471E529-3D65-470F-A463-15758124F143} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {A838D148-7567-4012-8743-4C1D662C41FC} - System32\Tasks\{C1AEC165-46AE-4B9C-9958-22D272FEEEBA} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {ABE662F0-C969-4F59-8AA2-B909D95D9164} - System32\Tasks\Google Updater and Installer => C:\Users\Daddy\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-23] (Google Inc.)
Task: {AC8B95FD-2D22-4C72-B2A7-A77E3ECD7DDB} - System32\Tasks\{191E7276-23ED-4C67-AA4A-F9709B102C0D} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {AD1F90BA-DCBD-4966-B2DE-93E38E056838} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {BB64D2E1-448B-41C7-B8FB-0398FC9CAA75} - System32\Tasks\{0A888769-12DB-4EDC-B5CF-C7B84D527FD8} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2011-06-15] (Skype Technologies S.A.)
Task: {BFECEE00-AD3A-4442-92BA-B336336BB48D} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C6C0B8E9-F5E7-43FF-B751-92AB33C7F2DE} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2009-11-12] ()
Task: {C7422ED8-20DF-4F40-A594-067CF0BB1D02} - System32\Tasks\{EAD94CDE-E99A-4441-B7C2-AA0B19937CF4} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {C88308E3-4169-4D5D-90FF-F5D2364283F6} - System32\Tasks\{3996EB8C-5DA5-485D-A362-565DF638AE5E} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {CB0ABD3C-5877-4E19-9AF2-4FB2F25CAF0D} - System32\Tasks\{6A84EC5D-5E30-4604-85AD-0EAFE37B72D8} => D:\Programm\EXSLWINX\SERVER\START.EXE
Task: {DF9DBF63-6458-48E0-BDB6-7BF35EDED54F} - System32\Tasks\P4G Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14] (Microsoft Corporation)
Task: {E05C4D93-54E1-41C4-A1A3-5D99D3F03214} - System32\Tasks\P4GIntlCtrl => C:\Program Files\P4G\IntlCtrl.exe [2009-09-23] (TODO: <Company name>)
Task: {E2AA4FCA-1D4A-4E43-814B-56125941B55F} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {E69B5094-F91A-4C39-9FF5-3F25F3B02769} - System32\Tasks\{8ED09C41-6258-4FDC-9E23-6E45C6443E07} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {E835947D-E6BE-4B23-808A-7B84619EA857} - System32\Tasks\{EB22B261-09C8-4C69-8061-4AE6DDB547A8} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {EB759989-8844-4458-A7AE-093099D2F2ED} - System32\Tasks\{B35B384D-FDDD-4B70-BB1C-E912892B2508} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {EF3022F0-A857-43AD-97DB-00C3E68E701D} - System32\Tasks\{781FFB95-89B9-4A06-A967-37A5976C7996} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {EF9EF285-EC84-434B-BC50-95865B04468F} - System32\Tasks\{EA16595C-E528-47A7-A9C3-A881B326746E} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {F2336DD4-0215-469C-AFA3-77F9C21E1313} - System32\Tasks\{757B5A5A-7444-4C4D-93BE-13B1150C89B0} => D:\Programm\EXSLWINX\SERVER\SLSTART.EXE
Task: {F2D80A1C-C4FA-4E95-B6BE-8DF344F8919F} - System32\Tasks\{4568D84C-4507-4470-BA3B-3FB391088878} => D:\Programm\EXSLWINX\SERVER\slkffs.exe
Task: {F43044BA-EF13-41E3-8C4A-42E7B72A62EE} - System32\Tasks\{3139785A-5976-4507-AA87-8D61079CFDA2} => D:\Programm\EXSLWINX\SERVER\COMTEST.EXE
Task: {FEF12DE6-41FD-4FCD-B53B-54AD8E39FC7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-25] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000Core.job => C:\Users\Daddy\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1479915848-3698468020-625273048-1000UA.job => C:\Users\Daddy\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2010-01-09 01:48 - 2007-08-08 10:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2010-01-23 21:00 - 2013-11-01 18:46 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2009-09-24 23:50 - 2009-09-24 23:50 - 00053888 _____ () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
2009-10-23 23:40 - 2009-10-23 23:40 - 00041984 _____ () C:\Program Files\P4G\DevMng.dll
2009-09-11 22:27 - 2009-09-11 22:27 - 00029184 _____ () C:\Program Files\P4G\OvrClk.dll
2010-01-09 01:48 - 2007-03-10 04:58 - 00124416 _____ () C:\Program Files\ATKGFNEX\AGFNEX64.dll
2010-01-09 01:48 - 2007-11-30 21:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2008-10-01 09:02 - 2008-10-01 09:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2009-11-12 20:10 - 2009-11-12 20:10 - 01597440 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2013-12-18 11:01 - 2013-12-18 11:01 - 00742200 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2008-10-23 20:21 - 2008-10-23 20:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-01-09 01:41 - 2010-01-09 01:41 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-02-22 19:22 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Daddy\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2009-11-03 00:20 - 2009-11-03 00:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-03 00:23 - 2009-11-03 00:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-09-11 14:30 - 2014-09-04 05:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-11 14:30 - 2014-09-04 05:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-11 14:30 - 2014-09-04 05:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-11 14:30 - 2014-09-04 05:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-11 14:30 - 2014-09-04 05:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:734E442A
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:B88E99C8
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\60155534.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\70804624.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\60155534.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\70804624.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk => C:\Windows\pss\FancyStart daemon.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SRS Premium Sound.lnk => C:\Windows\pss\SRS Premium Sound.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ATKMEDIA => C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
MSCONFIG\startupreg: ATKOSD2 => C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EeeStorageBackup => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe MySyncFolder
MSCONFIG\startupreg: HControlUser => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
MSCONFIG\startupreg: MDS_Menu => "C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\MediaShowEspresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.0"
MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe"
MSCONFIG\startupreg: RemoteControl9 => "C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Setwallpaper => c:\programdata\SetWallpaper.cmd
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: UfSeAgnt.exe => "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-05-10 21:35:19.276
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-10 21:35:19.229
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-10 21:28:51.039
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-05-10 21:28:50.930
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Percentage of memory in use: 38%
Total physical RAM: 4020.53 MB
Available physical RAM: 2465.15 MB
Total Pagefile: 8039.2 MB
Available Pagefile: 5884.94 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:2 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:334.67 GB) (Free:97.89 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 76692CA8)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=1C)
Partition 2: (Active) - (Size=116.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=334.7 GB) - (Type=OF Extended)
==================== End Of Log ============================
|
|
20.09.2014, 01:14
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Boo/Cidox.b Naja, 50 Funde ist nicht wirklich viel. Viele Elemente derselben Kategorie werden halt öfter im Protokoll erwähnt, die Anzahl ist auch nicht wirklich entscheidend, sondern welcher Typ an Schädlingen gefunden wird; in diesem Fall ist es nur Adware/Junkware (PUP = Potentialle Unwanted Program, auf Deutsch gesagt: Werbescheiße!) Der Cidox war aber ein dickerer Fisch. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Task: {52440FE5-978C-4486-AB75-1C9C65D646B8} - System32\Tasks\{26BB7E51-C4CD-4E48-B6FA-FB511AB151C0} => D:\Games\Age of Methology\Aomx_NoCD_Loader.exe
D:\Games\Age of Methology\Aomx_NoCD_Loader.exe
AlternateDataStreams: C:\ProgramData\Temp:734E442A
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:B88E99C8
Hosts:
EmptyTemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.09.2014, 01:28
| #9 |
| | Boo/Cidox.b Denn Cidox hab ich mir selber vorhin geholt ca. 3-4 std. her hab mir ein video auf Youtube (Vollbild Modus) angesehen und dann kam so eine pop-up Aktualisierungs Meldung wie sie in Java immer vorkommt, da das video einfriert bis man Ja oder Nein gedrückt hat, hab ich blitzartig Ja gedrückt... nicht mal gesehen was für'n scheiß ich da eigentlich zugestimmt habe. Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Daddy at 2014-09-20 02:18:28 Run:2
Running from C:\Users\Daddy\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Task: {52440FE5-978C-4486-AB75-1C9C65D646B8} - System32\Tasks\{26BB7E51-C4CD-4E48-B6FA-FB511AB151C0} => D:\Games\Age of Methology\Aomx_NoCD_Loader.exe
D:\Games\Age of Methology\Aomx_NoCD_Loader.exe
AlternateDataStreams: C:\ProgramData\Temp:734E442A
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:B88E99C8
Hosts:
EmptyTemp:
*****************
"HKLM\SOFTWARE\Policies\Google" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{52440FE5-978C-4486-AB75-1C9C65D646B8}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52440FE5-978C-4486-AB75-1C9C65D646B8}" => Key deleted successfully.
C:\Windows\System32\Tasks\{26BB7E51-C4CD-4E48-B6FA-FB511AB151C0} not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{26BB7E51-C4CD-4E48-B6FA-FB511AB151C0}" => Key deleted successfully.
"D:\Games\Age of Methology\Aomx_NoCD_Loader.exe" => File/Directory not found.
"C:\ProgramData\Temp" => ":734E442A" ADS not found.
"C:\ProgramData\Temp" => ":AB689DEA" ADS not found.
"C:\ProgramData\Temp" => ":B88E99C8" ADS not found.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 906 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
|
|
20.09.2014, 01:31
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Boo/Cidox.bZitat:
 aber schimpf ruhig mal deine Freundin aus, die sich nur die Werbung reingeholt hat, yeah   Okay, dann Kontrollscans mit MBAM und ESET bitte: Downloade Dir bitte Malwarebytes Anti-Malware
ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.09.2014, 03:33
| #11 | |
| | Boo/Cidox.bZitat:
 Ich weis nicht wovon du redest.  Spaß bei Seite, ja war schon ziemlicher Fail von mir heute. Ich weis sogar woher der kommt, vom "Free YouTube to MP3 Converter" von dvdvideosoft. Da kommt hin und wieder bei der Werbeanzeige ein Pop up. Ein Fund ESET: Win32/AdWare.1ClickDownload.AT Anwendung Direkt einen Wiederherstellungspunkt setzen wenn der wieder sauber ist. Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 20.09.2014 Suchlauf-Zeit: 02:33:27 Logdatei: MBAM.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.09.20.01 Rootkit Datenbank: v2014.09.19.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 CPU: x64 Dateisystem: NTFS Benutzer: Daddy Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 317470 Verstrichene Zeit: 14 Min, 12 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=99daec2ae37bf24fb757cf00075d703e
# engine=20235
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-20 02:24:01
# local_time=2014-09-20 04:24:01 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7600 NT
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 11395 18811396 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 75633361 162809691 0 0
# scanned=264303
# found=1
# cleaned=0
# scan_time=5447
sh=F079C03641FFA1FFD2B5E902839362F14EE96B9F ft=1 fh=6fd9347adf4c9e13 vn="Win32/AdWare.1ClickDownload.AT Anwendung" ac=I fn="C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000"
|
|
20.09.2014, 14:59
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Boo/Cidox.b Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000
Hosts:
EmptyTemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
20.09.2014, 15:35
| #13 |
| | Boo/Cidox.b Hab mich hier im Forum noch etwas schlau gemacht und. *Bin nochmal mit TFC drüber gegangen. *Tuneup in die Hölle geschickt. *Avira mit Avast ersetzt. Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Daddy at 2014-09-20 16:30:36 Run:3
Running from C:\Users\Daddy\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000
Hosts:
EmptyTemp:
*****************
C:\Users\Daddy\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000 => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 233 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Geändert von Mr.dub (20.09.2014 um 15:48 Uhr) |
|
20.09.2014, 22:57
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Boo/Cidox.b Hast du sehr gut gemacht! Sieht soweit ok aus  Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ist aber nur optional. Um Usertracking zu verhindern kann man gut die Firefox-Erweiterung Ghostery verwenden. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
21.09.2014, 00:26
| #15 |
| | Boo/Cidox.b Alles klar, benutze Google Chrome als Browser. Da müsste es bestimmt auch was für geben bzw. Avast als Chrome App hab ich mir drauf gezogen, prüft seiten ob sie seriös sind etc pp. ob das wirklich was bringt oder nur Ressourcen frisst werden wir die kommenden paar Wochen sehen  Keine neuen Funde/Warnungen bis jetzt, werde nochmal ein paar komplette Scans machen. Ich bedanke mich vielmals soweit für deine Professionelle Hilfe.   |
|
Linear-Darstellung
