| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PC friert ab und zu ein (nervig) #Forumszweig wechsel.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
19.10.2014, 12:12
| #1 |
 |  PC friert ab und zu ein (nervig) #Forumszweig wechsel. Hallo Trojaner, habe seit einem Monate folgendes Problem, mein PC friert beim Surfen im Internet, beim Spielen von Games und allgemein einfach ein nach ca. 2 min läuft er normal wieder weiter. Es fängt meistens so an das man nicht mehr auf einer Seite runter scrollen kann und die Images nicht mehr laden. Beim zocken (Alt-Tab) friert er auch ein wenn man danach einen Browser öffnet. Liegt es eventuell daran das ich 3 Festplatten drin habe? Auf meiner SSD läuft Win7 64Bit die anderen 2 HDD´s dienen ehre als Datenspeicher für Video, Bilder und Spiele. Im Gerätemanager wird unter Netzwerkadapter "Microsoft-Teredo-Tunneling-Adapter" mit einem Ausrufezeichen aufgelistet hat das eventuell was damit zu tun? Prozessor: AMD FX-8320 Prozessor, Boxed, Sockel AM3+ Mainboard: ASRock 990FX Extreme4, AM3+, ATX Graka: Gigabyte Radeon R9 280X, 3GB DDR5, PCI-Express Festplatten: Plextor PX-128M5P 128GB SSD SATA 6GB's, HDD Samsung HD103SJ 1TB, HDD ST1000DM003-1CH162 1TB. Seagate Barracuda 7200 1000GB, SATA 6Gb/s (Neu) (Und ich habe noch eine alte Samsung SATA verbaut mit 1TB ist ca 2 Jahre alt.) RAM: GeIL EVO Leggera Series DDR3-1866, CL9 - 16 GB Kit Netzteil: WPM V2 700w Modular ATX 2.3 Betriebsystem: Win7 Home Premium 64Bit Hoffe mir kann da jemand helfen. Grüße und einen schönen Sonntag. |
|
19.10.2014, 13:36
| #2 |
| /// the machine /// TB-Ausbilder    |  PC friert ab und zu ein (nervig) #Forumszweig wechsel. hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
19.10.2014, 13:36
| #3 |
| /// the machine /// TB-Ausbilder | PC friert ab und zu ein (nervig) #Forumszweig wechsel. hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
19.10.2014, 20:26
| #4 |
| | PC friert ab und zu ein (nervig) #Forumszweig wechsel. [CODE]FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-10-2014 Ran by aS-Sa (administrator) on AS-AMD on 19-10-2014 21:21:51 Running from C:\Users\aS-Sa\Downloads Loaded Profiles: aS-Sa & (Available profiles: aS-Sa) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe () C:\Windows\SysWOW64\PnkBstrA.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.224\deploy\LoLLauncher.exe () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.8\deploy\LoLPatcher.exe () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.113\deploy\LolClient.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11855976 2011-05-18] (Realtek Semiconductor) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] () HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-14] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2014-10-01] (Malwarebytes Corporation) HKU\S-1-5-21-784360129-3451452421-2497412078-1000\...\MountPoints2: {d44b36d0-9b2c-11e3-9627-bc5ff4e71a77} - G:\setup.exe HKU\S-1-5-21-784360129-3451452421-2497412078-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {d44b36d0-9b2c-11e3-9627-bc5ff4e71a77} - G:\setup.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - iexplore.exe BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{8492F904-6226-4715-90BA-2CBA60FDB222}: [NameServer] 8.8.8.8,8.8.4.4 FireFox: ======== FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) Chrome: ======= CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Users\aS-Sa\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\aS-Sa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-01] CHR Extension: (Google Drive) - C:\Users\aS-Sa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-01] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\aS-Sa\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-10] CHR Extension: (YouTube) - C:\Users\aS-Sa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-10] CHR Extension: (Google-Suche) - C:\Users\aS-Sa\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-10] CHR Extension: (AdBlock) - C:\Users\aS-Sa\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-01] CHR Extension: (Google Wallet) - C:\Users\aS-Sa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-10] CHR Extension: (Google Mail) - C:\Users\aS-Sa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-10] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed] S2 amdacpusrsvc; C:\AMD\amdacpusrsvc.exe [82432 2014-04-17] () [File not signed] R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-14] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG) R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [919040 2014-05-17] (AnchorFree Inc.) [File not signed] S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-05-17] () R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [430344 2014-05-17] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-08-13] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [293088 2014-09-16] (Advanced Micro Devices) R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-14] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-14] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-08-15] (Avira Operations GmbH & Co. KG) R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2014-10-19] (REALiX(tm)) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-19] (Malwarebytes Corporation) S2 NSHE; C:\Windows\SysWOW64\Drivers\NSHE.SYS [97792 2008-11-23] (T0r0 2008) [File not signed] R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2014-05-19] (Razer Inc) U0 smnxosf; C:\Windows\System32\drivers\oknboq.sys [79064 2014-10-19] (Malwarebytes Corporation) R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-19 21:21 - 2014-10-19 21:21 - 02112512 _____ (Farbar) C:\Users\aS-Sa\Downloads\FRST64.exe 2014-10-19 21:21 - 2014-10-19 21:21 - 00013581 _____ () C:\Users\aS-Sa\Downloads\FRST.txt 2014-10-19 21:21 - 2014-10-19 21:21 - 00000000 ____D () C:\FRST 2014-10-19 15:47 - 2014-10-19 16:00 - 00000224 _____ () C:\Windows\setupact.log 2014-10-19 15:47 - 2014-10-19 15:47 - 00000000 _____ () C:\Windows\setuperr.log 2014-10-19 12:14 - 2014-10-19 12:14 - 00144025 _____ () C:\Users\aS-Sa\Desktop\uh.LOG 2014-10-19 12:12 - 2014-10-19 12:12 - 02695584 _____ (Martin Malík - REALiX ) C:\Users\aS-Sa\Downloads\hw64_446.exe 2014-10-19 12:12 - 2014-10-19 12:12 - 00027552 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO64A.SYS 2014-10-19 12:12 - 2014-10-19 12:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64 2014-10-19 12:12 - 2014-10-19 12:12 - 00000000 ____D () C:\Program Files\HWiNFO64 2014-10-19 12:11 - 2014-10-19 12:11 - 00000000 ____D () C:\Users\aS-Sa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z 2014-10-19 12:11 - 2014-10-19 12:11 - 00000000 ____D () C:\Program Files (x86)\GPU-Z 2014-10-19 12:10 - 2014-10-19 12:10 - 02176665 _____ () C:\Users\aS-Sa\Downloads\cpu-z-171.zip 2014-10-19 12:10 - 2014-10-19 12:10 - 01629982 _____ () C:\Users\aS-Sa\Downloads\GPU-Z.0.7.9.zip 2014-10-19 12:10 - 2014-10-19 12:10 - 00000000 ____D () C:\Users\aS-Sa\Downloads\GPU-Z.0.7.9 2014-10-19 12:10 - 2014-10-19 12:10 - 00000000 ____D () C:\Users\aS-Sa\Downloads\cpu-z-171 2014-10-19 11:25 - 2014-10-19 11:25 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\oknboq.sys 2014-10-19 10:35 - 2014-10-19 10:35 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-10-19 10:35 - 2014-10-19 10:35 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-10-19 10:35 - 2014-10-19 10:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-10-19 10:35 - 2014-10-19 10:35 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-10-19 10:35 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-10-19 10:35 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-10-19 10:35 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-10-19 10:33 - 2014-10-19 10:33 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\aS-Sa\Downloads\mbam-setup-2.0.3.1025.exe 2014-10-18 20:42 - 2014-10-18 20:42 - 00023384 _____ () C:\Users\aS-Sa\Downloads\TWD1-4_GER_DL_BRip_x264_-_GNB_v2-wdsosbnr2cn.dlc 2014-10-18 20:35 - 2014-10-18 20:35 - 00047408 _____ () C:\Users\aS-Sa\Downloads\UL_TheWalkingDead.s03-qd07tcn3z4ju.dlc 2014-10-18 20:34 - 2014-10-18 20:34 - 00040004 _____ () C:\Users\aS-Sa\Downloads\UL_TheWalkingDead.s02-hsy9scntwzd.dlc 2014-10-18 20:33 - 2014-10-18 20:33 - 00019844 _____ () C:\Users\aS-Sa\Downloads\UL_TheWalkingDead.s01-78x9scn1jt16x.dlc 2014-10-16 06:28 - 2014-10-10 04:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-10-16 06:28 - 2014-10-10 04:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-10-16 06:28 - 2014-10-10 04:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-10-16 06:28 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-10-16 06:28 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-10-16 06:28 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-10-16 06:28 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-10-16 06:28 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-10-16 06:28 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-10-16 06:28 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-10-16 06:28 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-10-16 06:28 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-10-16 06:28 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-10-16 06:28 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-10-16 06:28 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-10-16 06:28 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-10-16 06:28 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-10-16 06:28 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-10-16 06:28 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-10-16 06:28 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-10-16 06:28 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-10-16 06:28 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-10-16 06:28 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-10-16 06:28 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-10-16 06:28 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-10-16 06:28 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-10-16 06:28 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-10-16 06:28 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-10-16 06:28 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-10-16 06:28 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-10-16 06:28 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-10-16 06:28 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-10-16 06:28 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-10-16 06:28 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-10-16 06:28 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-10-16 06:28 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-10-16 06:28 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-10-16 06:28 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-10-16 06:28 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-10-16 06:28 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-10-16 06:28 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-10-16 06:28 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-10-16 06:28 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-10-16 06:28 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-10-16 06:28 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-10-16 06:28 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-10-16 06:28 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-10-16 06:28 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-10-16 06:28 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-10-16 06:28 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-10-16 06:28 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-10-16 06:28 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-10-16 06:28 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-10-16 06:28 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-10-16 06:28 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-10-16 06:28 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-10-16 06:28 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-10-16 06:28 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-10-16 06:28 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-10-16 06:28 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-10-16 06:28 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-10-16 06:28 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-10-16 06:28 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-10-16 06:28 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-10-16 06:28 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-10-16 06:28 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2014-10-16 06:28 - 2014-08-29 04:07 - 05780480 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-10-16 06:28 - 2014-08-29 04:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-10-16 06:28 - 2014-08-29 04:07 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2014-10-16 06:28 - 2014-08-29 04:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-10-16 06:28 - 2014-08-29 04:06 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-10-16 06:28 - 2014-08-29 03:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-10-16 06:28 - 2014-08-29 03:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-10-16 06:28 - 2014-08-29 03:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2014-10-16 06:28 - 2014-08-29 03:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2014-10-16 06:28 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-10-16 06:28 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-10-16 06:28 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-10-16 06:28 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-10-16 06:28 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-10-16 06:28 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-10-16 06:28 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2014-10-16 06:28 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-10-16 06:28 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-10-16 06:28 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-10-16 06:28 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-10-16 06:28 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-16 06:28 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2014-10-16 06:28 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2014-10-16 06:28 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-16 06:28 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2014-10-16 06:28 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-09 06:23 - 2014-10-09 06:23 - 00062096 _____ () C:\Windows\SysWOW64\CCCInstall_201410090623411335.log 2014-10-09 06:23 - 2014-10-09 06:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2014-10-09 06:23 - 2014-10-09 06:23 - 00000000 ____D () C:\ProgramData\ATI 2014-10-09 06:23 - 2014-10-09 06:23 - 00000000 ____D () C:\Program Files (x86)\AMD AVT 2014-10-05 21:53 - 2014-10-19 10:34 - 00007663 _____ () C:\Users\aS-Sa\AppData\Local\Resmon.ResmonCfg 2014-10-04 17:47 - 2014-10-04 17:47 - 00000000 ____D () C:\Users\aS-Sa\Documents\WB Games 2014-10-04 17:45 - 2014-10-04 17:45 - 00001082 _____ () C:\Users\aS-Sa\Desktop\ Mittelerde Mordors Schatten Premium Edition.lnk 2014-10-04 14:22 - 2014-10-04 14:22 - 00023850 _____ () C:\Users\aS-Sa\Downloads\111672.zip 2014-10-04 14:02 - 2014-10-04 14:02 - 00001120 _____ () C:\Users\Public\Desktop\Hotspot Shield.lnk 2014-10-04 14:02 - 2014-10-04 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield 2014-10-04 14:02 - 2014-10-04 14:02 - 00000000 ____D () C:\ProgramData\Hotspot Shield 2014-10-04 14:02 - 2014-05-17 04:35 - 00044744 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys 2014-10-04 14:01 - 2014-10-04 14:02 - 00000000 ____D () C:\Program Files (x86)\Hotspot Shield 2014-10-04 14:01 - 2014-10-04 14:01 - 00000000 ____D () C:\Users\aS-Sa\AppData\Roaming\Hotspot Shield 2014-10-02 06:38 - 2014-10-02 06:38 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-10-01 18:04 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-10-01 18:04 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2014-09-29 18:15 - 2014-09-29 18:15 - 00004257 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log 2014-09-29 18:15 - 2014-09-29 18:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-09-26 17:52 - 2014-09-26 18:26 - 00000000 ____D () C:\Users\aS-Sa\AppData\Local\Microsoft Games 2014-09-24 20:47 - 2014-09-24 20:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-09-24 20:47 - 2014-09-24 20:47 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-09-24 05:41 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-09-24 05:41 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-09-21 20:40 - 2014-09-21 20:40 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk 2014-09-21 20:40 - 2014-09-21 20:40 - 00000000 ____D () C:\Riot Games 2014-09-21 20:40 - 2014-09-21 20:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2014-09-21 18:14 - 2014-10-14 17:54 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2014-09-21 18:13 - 2014-10-15 06:02 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk 2014-09-21 18:12 - 2014-10-15 06:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-09-21 18:12 - 2014-09-21 18:12 - 00002066 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk 2014-09-21 18:12 - 2014-09-21 18:12 - 00000000 ____D () C:\Users\aS-Sa\AppData\Roaming\Avira 2014-09-21 18:11 - 2014-10-15 06:02 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-09-21 18:11 - 2014-10-14 17:54 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-09-21 18:11 - 2014-10-14 17:54 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-09-21 18:11 - 2014-09-21 18:13 - 00000000 ____D () C:\ProgramData\Avira 2014-09-21 18:11 - 2014-08-15 10:30 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-19 21:08 - 2014-02-10 02:32 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-19 20:49 - 2014-02-10 20:58 - 00000000 ____D () C:\Users\aS-Sa\AppData\Roaming\TS3Client 2014-10-19 20:47 - 2014-02-10 17:09 - 00000000 ____D () C:\Users\aS-Sa\AppData\Roaming\Skype 2014-10-19 19:58 - 2009-07-14 06:45 - 00033968 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-19 19:58 - 2009-07-14 06:45 - 00033968 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-19 18:50 - 2014-02-10 02:20 - 01490789 _____ () C:\Windows\WindowsUpdate.log 2014-10-19 18:08 - 2014-02-10 02:32 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-19 15:46 - 2014-02-10 20:58 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client 2014-10-19 12:23 - 2014-02-10 13:50 - 00000000 ____D () C:\Users\aS-Sa\AppData\Roaming\vlc 2014-10-19 11:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\L2Schemas 2014-10-19 09:51 - 2011-04-12 09:43 - 00698688 _____ () C:\Windows\system32\perfh007.dat 2014-10-19 09:51 - 2011-04-12 09:43 - 00148828 _____ () C:\Windows\system32\perfc007.dat 2014-10-19 09:51 - 2009-07-14 07:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-10-19 09:45 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-17 17:10 - 2014-02-10 02:32 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-10-16 17:09 - 2009-07-14 06:45 - 05064256 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-16 17:09 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-10-16 17:08 - 2014-05-06 22:00 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-10-16 06:44 - 2013-12-13 21:00 - 00000000 ____D () C:\Windows\system32\MRT 2014-10-16 06:42 - 2013-12-13 21:00 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-10-15 06:02 - 2014-02-10 02:24 - 00000000 ____D () C:\ProgramData\Package Cache 2014-10-14 23:28 - 2014-09-17 18:42 - 00001164 _____ () C:\Users\aS-Sa\Desktop\Router-Einstellungen.txt 2014-10-09 06:23 - 2014-02-10 02:25 - 00000000 ____D () C:\ProgramData\AMD 2014-10-09 06:23 - 2014-02-10 02:24 - 00000000 ____D () C:\Program Files\ATI Technologies 2014-10-09 06:20 - 2014-06-02 17:37 - 00000000 ____D () C:\AMD 2014-10-03 21:13 - 2014-03-02 22:32 - 00000000 ____D () C:\Users\aS-Sa\Desktop\Bild 2014-10-02 06:38 - 2014-07-17 19:49 - 00000000 ____D () C:\ProgramData\Apple 2014-10-02 06:38 - 2014-07-17 19:49 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-10-02 06:35 - 2014-07-17 19:45 - 00000000 ____D () C:\Users\aS-Sa\AppData\Roaming\WindSolutions 2014-10-02 06:35 - 2014-07-17 19:45 - 00000000 ____D () C:\ProgramData\WindSolutions 2014-09-29 18:15 - 2014-07-04 18:09 - 00000000 ____D () C:\ProgramData\Oracle 2014-09-29 18:15 - 2014-02-10 13:12 - 00000000 ____D () C:\Program Files (x86)\Java 2014-09-26 20:06 - 2014-08-07 21:31 - 00000000 ____D () C:\Users\aS-Sa\AppData\Local\NFS Underground 2 2014-09-26 15:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-09-25 06:13 - 2014-02-19 20:03 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-09-24 20:47 - 2014-02-10 17:09 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-09-24 20:47 - 2014-02-10 17:09 - 00000000 ____D () C:\ProgramData\Skype 2014-09-23 20:51 - 2014-05-11 17:58 - 00000000 ____D () C:\Users\aS-Sa\Desktop\Bewerbung 2014x 2014-09-21 20:39 - 2014-02-10 02:56 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin 2014-09-21 18:14 - 2014-02-21 07:45 - 00013779 _____ () C:\lxcr.log 2014-09-21 18:12 - 2014-02-10 02:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-09-21 18:07 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-09-21 18:03 - 2013-11-14 22:08 - 00000000 ____D () C:\Program Files (x86)\Riot 2014-09-20 13:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF Some content of TEMP: ==================== C:\Users\aS-Sa\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-11 18:42 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-10-2014
Ran by aS-Sa at 2014-10-19 21:22:11
Running from C:\Users\aS-Sa\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
ACP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Airline Tycoon 2 - Gold Edition (HKLM-x32\...\Airline Tycoon 2 - Gold Edition_is1) (Version: - )
AMD Accelerated Video Transcoding (Version: 13.30.100.40915 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0915.1813.30937 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0915.1813.30937 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.80830.0144 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In (Version: 2.07.0000 - AMD) Hidden
AMD USB Filter Driver (x32 Version: 1.0.14.91 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.12 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.)
Avira (HKLM-x32\...\{9bd9b85e-7792-483b-a318-cc51ff0877ed}) (Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.22.50000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Broadcom Gigabit NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.6.1.3 - Broadcom Corporation)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0915.1813.30937 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0915.1813.30937 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0915.1813.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0915.1812.30937 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0915.1813.30937 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
CopyTrans Control Center deinstallieren (HKCU\...\CopyTrans Suite) (Version: 3.003 - WindSolutions)
Debugging Tools for Windows (x86) (HKLM-x32\...\{48F95CE7-69D9-4967-81F7-D763CABFBD53}) (Version: 6.10.3.233 - Microsoft Corporation)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.63.5 - Electronic Arts)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Audio CD Burner version 2.0.26.530 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: 2.0.26.530 - DVDVideoSoft Ltd.)
Free Video to MP3 Converter version 5.0.32.1230 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.32.327 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.32.327 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hotspot Shield 3.42 (HKLM-x32\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
HWiNFO64 Version 4.46 (HKLM\...\HWiNFO64_is1) (Version: 4.46 - Martin Malík - REALiX)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.7.4 - www.leaguereplays.com)
LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.51.827.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1036 - Marvell)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mittelerde Mordors Schatten Premium Edition MULTi2 1.0 (HKLM-x32\...\Mittelerde Mordors Schatten Premium Edition MULTi2 1.0) (Version: - )
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
Need for Speed Underground 2 Version 1.2 (HKLM-x32\...\Need for Speed Underground 2_is1) (Version: 1.2 - EA Games)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6378 - Realtek Semiconductor Corp.)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27252 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM-x32\...\Vegas Pro 12.0 (64-bit)) (Version: 12.0 (64-bit) - Exµs ™)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wolfenstein - Enemy Territory (HKLM-x32\...\Wolfenstein - Enemy Territory) (Version: 2.60b - ACTIVISION)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-784360129-3451452421-2497412078-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-784360129-3451452421-2497412078-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-784360129-3451452421-2497412078-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-784360129-3451452421-2497412078-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-784360129-3451452421-2497412078-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-784360129-3451452421-2497412078-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
==================== Restore Points =========================
04-10-2014 12:02:18 Gerätetreiber-Paketinstallation: Anchorfree Inc Netzwerkdienst
09-10-2014 04:21:25 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
09-10-2014 04:21:32 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
16-10-2014 04:42:43 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {40C6D697-81B6-43F4-BA15-61A85AEA0D92} - System32\Tasks\{8697D75B-2FFA-4DBB-8A28-F150462AABE9} => E:\ETKA\PROG\EtStart.exe
Task: {90EED239-04FF-4A4B-99CF-1D4AE1F6547B} - System32\Tasks\{7A9FF4A8-82D4-40CB-8842-346DBC780171} => E:\FIFA 14\Game\fifa14-3dm.exe
Task: {936BF6AA-585F-4E61-B05A-24EDE1B3D881} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {BD7E4DA9-C142-4F81-A9FD-205BEFF98459} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-10] (Google Inc.)
Task: {C4D57B59-BAFD-4543-946E-E87BC5A79B5F} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {E78C96E1-2ED2-4E5B-9077-60C974D79D4A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-10] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-09-15 18:13 - 2014-09-15 18:13 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-05-17 00:34 - 2014-05-17 00:34 - 00430344 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2014-04-30 19:59 - 2014-08-13 12:51 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-09-15 18:13 - 2014-09-15 18:13 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-01-21 16:54 - 2014-09-21 20:41 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2014-09-21 20:41 - 2014-10-10 00:00 - 02448376 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.224\deploy\LoLLauncher.exe
2014-10-10 00:00 - 2014-10-10 00:00 - 04143096 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.8\deploy\LoLPatcher.exe
2014-09-21 20:52 - 2014-09-21 20:52 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.113\deploy\LolClient.exe
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-17 02:11 - 2014-05-17 02:11 - 00908584 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2014-05-17 02:37 - 2014-05-17 02:37 - 00506664 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-10-10 00:00 - 2014-10-10 00:00 - 01629176 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.8\deploy\RiotLauncher.dll
2014-09-21 20:41 - 2014-09-21 20:41 - 42975744 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.8\deploy\libcef.dll
2014-09-21 20:41 - 2014-09-21 20:41 - 01559552 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.8\deploy\icui18n.dll
2014-09-21 20:41 - 2014-09-21 20:41 - 01241088 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.8\deploy\icuuc.dll
2014-09-21 20:41 - 2014-09-21 20:41 - 04945408 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.8\deploy\v8.dll
2014-10-10 00:00 - 2014-10-10 00:00 - 01708032 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.8\deploy\RiotRadsIO.dll
2014-09-21 20:51 - 2014-09-21 20:51 - 04774248 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.113\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2014-10-17 17:10 - 2014-10-10 04:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-17 17:10 - 2014-10-10 04:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-17 17:10 - 2014-10-10 04:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-17 17:10 - 2014-10-10 04:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\aS-Sa\AppData\Local\Temp:Zw9J9RhheT73wGUEeOpSoYj
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LOLRecorder.lnk => C:\Windows\pss\LOLRecorder.lnk.CommonStartup
MSCONFIG\startupreg: lxcrmon.exe => "C:\Program Files (x86) (x86)\Lexmark 2400 Series\lxcrmon.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
========================= Accounts: ==========================
Administrator (S-1-5-21-784360129-3451452421-2497412078-500 - Administrator - Disabled)
aS-Sa (S-1-5-21-784360129-3451452421-2497412078-1000 - Administrator - Enabled) => C:\Users\aS-Sa
Gast (S-1-5-21-784360129-3451452421-2497412078-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
Name: ACP Kernel Service Driver
Description: ACP Kernel Service Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: amdacpksd
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/19/2014 01:06:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm HWiNFO64.EXE, Version 4.4.6.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1984
Startzeit: 01cfeb8c9d19e1e1
Endzeit: 15945
Anwendungspfad: C:\Program Files\HWiNFO64\HWiNFO64.EXE
Berichts-ID: fa6435ee-577f-11e4-ab9f-bc5ff4e71a77
Error: (10/19/2014 09:47:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/19/2014 09:45:40 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (10/19/2014 08:42:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/19/2014 08:40:21 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (10/18/2014 01:01:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/18/2014 00:59:39 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (10/18/2014 05:03:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/18/2014 05:01:16 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.
Error: (10/17/2014 04:52:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-09-05 21:26:21.606
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-09-05 21:26:21.558
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-07-03 21:07:52.898
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-07-03 21:07:52.856
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-28 19:16:42.236
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-28 19:16:42.189
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-28 19:08:23.967
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-28 19:08:23.936
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\atikmpag.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: AMD FX(tm)-8320 Eight-Core Processor
Percentage of memory in use: 25%
Total physical RAM: 16338.85 MB
Available physical RAM: 12119.05 MB
Total Pagefile: 32675.88 MB
Available Pagefile: 27785.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.02 GB) (Free:34.73 GB) NTFS
Drive e: (Neue Festplatte) (Fixed) (Total:931.41 GB) (Free:868.32 GB) NTFS
Drive f: (Alte Festplatte) (Fixed) (Total:931.5 GB) (Free:652.89 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3A4B3A4A)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: 8322DFEA)
Partition: GPT Partition Type.
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D7FBA931)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
20.10.2014, 17:35
| #5 |
| /// the machine /// TB-Ausbilder | PC friert ab und zu ein (nervig) #Forumszweig wechsel. hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.10.2014, 18:21
| #6 |
| | PC friert ab und zu ein (nervig) #Forumszweig wechsel.Code:
ATTFilter 19:19:10.0190 0x14fc TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
19:19:10.0190 0x14fc UEFI system
19:19:13.0981 0x14fc ============================================================
19:19:13.0982 0x14fc Current date / time: 2014/10/20 19:19:13.0981
19:19:13.0982 0x14fc SystemInfo:
19:19:13.0982 0x14fc
19:19:13.0982 0x14fc OS Version: 6.1.7601 ServicePack: 1.0
19:19:13.0982 0x14fc Product type: Workstation
19:19:13.0982 0x14fc ComputerName: AS-AMD
19:19:13.0982 0x14fc UserName: aS-Sa
19:19:13.0982 0x14fc Windows directory: C:\Windows
19:19:13.0982 0x14fc System windows directory: C:\Windows
19:19:13.0982 0x14fc Running under WOW64
19:19:13.0982 0x14fc Processor architecture: Intel x64
19:19:13.0982 0x14fc Number of processors: 8
19:19:13.0982 0x14fc Page size: 0x1000
19:19:13.0982 0x14fc Boot type: Normal boot
19:19:13.0982 0x14fc ============================================================
19:19:14.0127 0x14fc KLMD registered as C:\Windows\system32\drivers\14723908.sys
19:19:14.0211 0x14fc System UUID: {50F83869-C5B6-627B-EA83-0248E7B36575}
19:19:21.0757 0x14fc Drive \Device\Harddisk0\DR0 - Size: 0xE8E0CADE00 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:19:21.0757 0x14fc Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:19:21.0757 0x14fc Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:19:21.0764 0x14fc ============================================================
19:19:21.0764 0x14fc \Device\Harddisk0\DR0:
19:19:21.0764 0x14fc MBR partitions:
19:19:21.0764 0x14fc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74701AC1
19:19:21.0764 0x14fc \Device\Harddisk1\DR1:
19:19:21.0764 0x14fc GPT partitions:
19:19:21.0764 0x14fc \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {4FCADC3A-937A-4601-9B04-489E4D676B37}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
19:19:21.0764 0x14fc \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {F070A2E3-64FC-4E42-AABC-76CF0422A98D}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
19:19:21.0764 0x14fc \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {060D9017-3F4F-40A5-99FB-2766762F9274}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0xEE09800
19:19:21.0764 0x14fc MBR partitions:
19:19:21.0764 0x14fc \Device\Harddisk2\DR2:
19:19:21.0765 0x14fc MBR partitions:
19:19:21.0765 0x14fc \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
19:19:21.0765 0x14fc ============================================================
19:19:21.0765 0x14fc C: <-> \Device\Harddisk1\DR1\Partition3
19:19:21.0767 0x14fc E: <-> \Device\Harddisk2\DR2\Partition1
19:19:21.0767 0x14fc F: <-> \Device\Harddisk0\DR0\Partition1
19:19:21.0767 0x14fc ============================================================
19:19:21.0768 0x14fc Initialize success
19:19:21.0768 0x14fc ============================================================
19:19:34.0073 0x18c4 ============================================================
19:19:34.0073 0x18c4 Scan started
19:19:34.0073 0x18c4 Mode: Manual; SigCheck; TDLFS;
19:19:34.0073 0x18c4 ============================================================
19:19:34.0073 0x18c4 KSN ping started
19:19:36.0780 0x18c4 KSN ping finished: true
19:19:37.0112 0x18c4 ================ Scan system memory ========================
19:19:37.0112 0x18c4 System memory - ok
19:19:37.0113 0x18c4 ================ Scan services =============================
19:19:37.0163 0x18c4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
19:19:37.0238 0x18c4 1394ohci - ok
19:19:37.0259 0x18c4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:19:37.0278 0x18c4 ACPI - ok
19:19:37.0283 0x18c4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:19:37.0301 0x18c4 AcpiPmi - ok
19:19:37.0306 0x18c4 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:19:37.0321 0x18c4 AdobeARMservice - ok
19:19:37.0335 0x18c4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:19:37.0360 0x18c4 adp94xx - ok
19:19:37.0371 0x18c4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:19:37.0391 0x18c4 adpahci - ok
19:19:37.0398 0x18c4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:19:37.0414 0x18c4 adpu320 - ok
19:19:37.0420 0x18c4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:19:37.0453 0x18c4 AeLookupSvc - ok
19:19:37.0467 0x18c4 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
19:19:37.0495 0x18c4 AFD - ok
19:19:37.0500 0x18c4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
19:19:37.0513 0x18c4 agp440 - ok
19:19:37.0518 0x18c4 [ BC569A6C209D94F6643EE35710AEC1F6, 321988427CD33F7195EF419427B17443BDFEEDA27D296BD8CE0B495B51DE60D8 ] aksdf C:\Windows\system32\DRIVERS\aksdf.sys
19:19:37.0535 0x18c4 aksdf - ok
19:19:37.0540 0x18c4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
19:19:37.0556 0x18c4 ALG - ok
19:19:37.0560 0x18c4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
19:19:37.0571 0x18c4 aliide - ok
19:19:37.0579 0x18c4 [ F17B1902DFCED1C24DB57492A7896FF8, 966AB1A072A8AF98D7EDD2A388D919B50FC41A06E1C51B04B2C2F54F1BA7F0D5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:19:37.0604 0x18c4 AMD External Events Utility - ok
19:19:37.0608 0x18c4 AMD FUEL Service - ok
19:19:37.0617 0x18c4 [ 6190A6BBDCE4BEB0E2B3943862C64842, C84765DDECFF03E59D1AA672E1936031C3E3375284D52875341DF6C414AA6383 ] amdacpksd C:\Windows\system32\drivers\amdacpksd.sys
19:19:37.0641 0x18c4 amdacpksd - ok
19:19:37.0646 0x18c4 [ E696F48E288CC3FFDB9AEBF6AFDB791C, 78532672634EA9AE1E6C823528136DF74407CCF5518B4919CC074498B1D321B6 ] amdacpusrsvc C:\AMD\amdacpusrsvc.exe
19:19:37.0656 0x18c4 amdacpusrsvc - detected UnsignedFile.Multi.Generic ( 1 )
19:19:40.0396 0x18c4 Detect skipped due to KSN trusted
19:19:40.0396 0x18c4 amdacpusrsvc - ok
19:19:40.0403 0x18c4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
19:19:40.0431 0x18c4 amdide - ok
19:19:40.0440 0x18c4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:19:40.0464 0x18c4 AmdK8 - ok
19:19:40.0815 0x18c4 [ 81FCDBBA547919D59DC134ED717658B4, 9A95C4400CAE00F25EE10BAE8949CF7317954742EB6F0831AAAEA4A2C220E56B ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
19:19:41.0229 0x18c4 amdkmdag - ok
19:19:41.0269 0x18c4 [ AF6B384E03D15471EDCEDDDEBAA363B2, 2D8CFA26D69A8FF0FAC6EBA2E5A62977B21ECBA0C65458072FEC4A886B3EDD73 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
19:19:41.0300 0x18c4 amdkmdap - ok
19:19:41.0304 0x18c4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:19:41.0316 0x18c4 AmdPPM - ok
19:19:41.0320 0x18c4 [ 53D8D46D51D390ABDB54ECA623165CB7, D16A3604412D0DC3EA68320FB6980D146ED60D587AAB6B65810C038AFF1EC237 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
19:19:41.0333 0x18c4 amdsata - ok
19:19:41.0341 0x18c4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:19:41.0358 0x18c4 amdsbs - ok
19:19:41.0362 0x18c4 [ 75C51148154E34EB3D7BB84749A758D5, 8865F223CBAE166A9BF6CBCDA66F63369F151CCB449A28E95560C36AD45D0C85 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:19:41.0372 0x18c4 amdxata - ok
19:19:41.0389 0x18c4 [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
19:19:41.0411 0x18c4 AntiVirSchedulerService - ok
19:19:41.0423 0x18c4 [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
19:19:41.0443 0x18c4 AntiVirService - ok
19:19:41.0447 0x18c4 [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
19:19:41.0459 0x18c4 AODDriver4.3 - ok
19:19:41.0463 0x18c4 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
19:19:41.0494 0x18c4 AppID - ok
19:19:41.0498 0x18c4 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:19:41.0531 0x18c4 AppIDSvc - ok
19:19:41.0535 0x18c4 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
19:19:41.0552 0x18c4 Appinfo - ok
19:19:41.0556 0x18c4 [ 608D6A90E989C6522F170E5526A64BF4, 36EDD07DF6BD2D20121F63CF720C289FCCF7C53574D37F99C2F9ED68298D655B ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:19:41.0568 0x18c4 Apple Mobile Device - ok
19:19:41.0576 0x18c4 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
19:19:41.0595 0x18c4 AppMgmt - ok
19:19:41.0600 0x18c4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
19:19:41.0614 0x18c4 arc - ok
19:19:41.0620 0x18c4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:19:41.0634 0x18c4 arcsas - ok
19:19:41.0647 0x18c4 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:19:41.0665 0x18c4 aspnet_state - ok
19:19:41.0669 0x18c4 [ E1AFEE1584C74050DE0DD16DE2A54BF3, 77C8D98159D8BCDC7917B04977949823D50C49D0D13587310E060A4B8893AE42 ] AsrAppCharger C:\Windows\system32\DRIVERS\AsrAppCharger.sys
19:19:41.0679 0x18c4 AsrAppCharger - ok
19:19:41.0683 0x18c4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:19:41.0712 0x18c4 AsyncMac - ok
19:19:41.0716 0x18c4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
19:19:41.0724 0x18c4 atapi - ok
19:19:41.0730 0x18c4 [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:19:41.0747 0x18c4 AtiHDAudioService - ok
19:19:41.0765 0x18c4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:19:41.0815 0x18c4 AudioEndpointBuilder - ok
19:19:41.0830 0x18c4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:19:41.0870 0x18c4 AudioSrv - ok
19:19:41.0877 0x18c4 [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
19:19:41.0891 0x18c4 avgntflt - ok
19:19:41.0897 0x18c4 [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
19:19:41.0913 0x18c4 avipbb - ok
19:19:41.0919 0x18c4 [ 485B85B3FF68FB7454984CB92A0532D9, 287F6C6ADF3D96C8AC1BD1FFAD82563DA72A26CF0DECDEA7E987A020EBE06552 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
19:19:41.0935 0x18c4 Avira.OE.ServiceHost - ok
19:19:41.0938 0x18c4 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
19:19:41.0950 0x18c4 avkmgr - ok
19:19:41.0955 0x18c4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:19:41.0980 0x18c4 AxInstSV - ok
19:19:41.0993 0x18c4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:19:42.0019 0x18c4 b06bdrv - ok
19:19:42.0029 0x18c4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:19:42.0049 0x18c4 b57nd60a - ok
19:19:42.0056 0x18c4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
19:19:42.0075 0x18c4 BDESVC - ok
19:19:42.0078 0x18c4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
19:19:42.0106 0x18c4 Beep - ok
19:19:42.0125 0x18c4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
19:19:42.0159 0x18c4 BFE - ok
19:19:42.0181 0x18c4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
19:19:42.0237 0x18c4 BITS - ok
19:19:42.0242 0x18c4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:19:42.0256 0x18c4 blbdrive - ok
19:19:42.0261 0x18c4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:19:42.0277 0x18c4 bowser - ok
19:19:42.0280 0x18c4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:19:42.0294 0x18c4 BrFiltLo - ok
19:19:42.0298 0x18c4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:19:42.0311 0x18c4 BrFiltUp - ok
19:19:42.0317 0x18c4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
19:19:42.0337 0x18c4 Browser - ok
19:19:42.0346 0x18c4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:19:42.0369 0x18c4 Brserid - ok
19:19:42.0374 0x18c4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:19:42.0390 0x18c4 BrSerWdm - ok
19:19:42.0393 0x18c4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:19:42.0408 0x18c4 BrUsbMdm - ok
19:19:42.0411 0x18c4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:19:42.0423 0x18c4 BrUsbSer - ok
19:19:42.0428 0x18c4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:19:42.0445 0x18c4 BTHMODEM - ok
19:19:42.0451 0x18c4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
19:19:42.0484 0x18c4 bthserv - ok
19:19:42.0489 0x18c4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:19:42.0521 0x18c4 cdfs - ok
19:19:42.0528 0x18c4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:19:42.0546 0x18c4 cdrom - ok
19:19:42.0551 0x18c4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
19:19:42.0585 0x18c4 CertPropSvc - ok
19:19:42.0589 0x18c4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
19:19:42.0615 0x18c4 circlass - ok
19:19:42.0626 0x18c4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
19:19:42.0647 0x18c4 CLFS - ok
19:19:42.0653 0x18c4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:19:42.0668 0x18c4 clr_optimization_v2.0.50727_32 - ok
19:19:42.0674 0x18c4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:19:42.0689 0x18c4 clr_optimization_v2.0.50727_64 - ok
19:19:42.0700 0x18c4 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:19:42.0722 0x18c4 clr_optimization_v4.0.30319_32 - ok
19:19:42.0727 0x18c4 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:19:42.0746 0x18c4 clr_optimization_v4.0.30319_64 - ok
19:19:42.0750 0x18c4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
19:19:42.0762 0x18c4 CmBatt - ok
19:19:42.0766 0x18c4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:19:42.0777 0x18c4 cmdide - ok
19:19:42.0791 0x18c4 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
19:19:42.0821 0x18c4 CNG - ok
19:19:42.0825 0x18c4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:19:42.0836 0x18c4 Compbatt - ok
19:19:42.0840 0x18c4 [ 0C5B0DF7EF9F719EBAE9F8FE70E083A9, 3C21F5688D7EF748B7D48625E85FB9D5A6A4ABCE1939AF4D6993D3AD5CE71FD2 ] CompFilter64 C:\Windows\system32\DRIVERS\lvbflt64.sys
19:19:42.0851 0x18c4 CompFilter64 - ok
19:19:42.0855 0x18c4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
19:19:42.0871 0x18c4 CompositeBus - ok
19:19:42.0874 0x18c4 COMSysApp - ok
19:19:42.0877 0x18c4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:19:42.0889 0x18c4 crcdisk - ok
19:19:42.0897 0x18c4 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:19:42.0917 0x18c4 CryptSvc - ok
19:19:42.0934 0x18c4 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
19:19:42.0961 0x18c4 CSC - ok
19:19:42.0980 0x18c4 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
19:19:43.0006 0x18c4 CscService - ok
19:19:43.0022 0x18c4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:19:43.0060 0x18c4 DcomLaunch - ok
19:19:43.0070 0x18c4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
19:19:43.0108 0x18c4 defragsvc - ok
19:19:43.0113 0x18c4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:19:43.0144 0x18c4 DfsC - ok
19:19:43.0154 0x18c4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:19:43.0179 0x18c4 Dhcp - ok
19:19:43.0183 0x18c4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
19:19:43.0213 0x18c4 discache - ok
19:19:43.0218 0x18c4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
19:19:43.0231 0x18c4 Disk - ok
19:19:43.0236 0x18c4 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
19:19:43.0252 0x18c4 dmvsc - ok
19:19:43.0259 0x18c4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:19:43.0279 0x18c4 Dnscache - ok
19:19:43.0288 0x18c4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
19:19:43.0328 0x18c4 dot3svc - ok
19:19:43.0334 0x18c4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
19:19:43.0363 0x18c4 DPS - ok
19:19:43.0366 0x18c4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:19:43.0378 0x18c4 drmkaud - ok
19:19:43.0401 0x18c4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:19:43.0434 0x18c4 DXGKrnl - ok
19:19:43.0442 0x18c4 [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD, 967829CE37158020F6026C588260FCFC6F9852DDDACD622FAF7AB75121DF5B3D ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
19:19:43.0459 0x18c4 E1G60 - ok
19:19:43.0465 0x18c4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
19:19:43.0500 0x18c4 EapHost - ok
19:19:43.0569 0x18c4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:19:43.0671 0x18c4 ebdrv - ok
19:19:43.0686 0x18c4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
19:19:43.0700 0x18c4 EFS - ok
19:19:43.0717 0x18c4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:19:43.0752 0x18c4 ehRecvr - ok
19:19:43.0757 0x18c4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
19:19:43.0776 0x18c4 ehSched - ok
19:19:43.0780 0x18c4 [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
19:19:43.0792 0x18c4 ElbyCDIO - ok
19:19:43.0807 0x18c4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:19:43.0832 0x18c4 elxstor - ok
19:19:43.0836 0x18c4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:19:43.0849 0x18c4 ErrDev - ok
19:19:43.0854 0x18c4 [ DF2F6C1E55F6E81CFC7F688380D85816, D9085466AA9D98AA01CD8ADEBD798CB326D4FD53A07BD199C3E6E500B4619355 ] EtronHub3 C:\Windows\system32\Drivers\EtronHub3.sys
19:19:43.0867 0x18c4 EtronHub3 - ok
19:19:43.0871 0x18c4 [ E093ABFB67A4B9D94F80611A7D0A8BB9, A23D58767F58CBDFAA4AD25779BBBC4FAD51CBD8FEB9C89284635631E4F084A6 ] EtronXHCI C:\Windows\system32\Drivers\EtronXHCI.sys
19:19:43.0884 0x18c4 EtronXHCI - ok
19:19:43.0898 0x18c4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
19:19:43.0939 0x18c4 EventSystem - ok
19:19:43.0947 0x18c4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
19:19:43.0980 0x18c4 exfat - ok
19:19:43.0988 0x18c4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:19:44.0023 0x18c4 fastfat - ok
19:19:44.0041 0x18c4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
19:19:44.0072 0x18c4 Fax - ok
19:19:44.0077 0x18c4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:19:44.0090 0x18c4 fdc - ok
19:19:44.0093 0x18c4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
19:19:44.0122 0x18c4 fdPHost - ok
19:19:44.0126 0x18c4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
19:19:44.0157 0x18c4 FDResPub - ok
19:19:44.0162 0x18c4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:19:44.0176 0x18c4 FileInfo - ok
19:19:44.0179 0x18c4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:19:44.0209 0x18c4 Filetrace - ok
19:19:44.0212 0x18c4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:19:44.0225 0x18c4 flpydisk - ok
19:19:44.0234 0x18c4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:19:44.0254 0x18c4 FltMgr - ok
19:19:44.0281 0x18c4 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
19:19:44.0327 0x18c4 FontCache - ok
19:19:44.0332 0x18c4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:19:44.0345 0x18c4 FontCache3.0.0.0 - ok
19:19:44.0349 0x18c4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:19:44.0362 0x18c4 FsDepends - ok
19:19:44.0366 0x18c4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:19:44.0378 0x18c4 Fs_Rec - ok
19:19:44.0386 0x18c4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:19:44.0407 0x18c4 fvevol - ok
19:19:44.0412 0x18c4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:19:44.0425 0x18c4 gagp30kx - ok
19:19:44.0444 0x18c4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
19:19:44.0489 0x18c4 gpsvc - ok
19:19:44.0496 0x18c4 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:19:44.0505 0x18c4 gupdate - ok
19:19:44.0509 0x18c4 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:19:44.0519 0x18c4 gupdatem - ok
19:19:44.0529 0x18c4 [ D8BF3C594BD17A37960362E6C6739B90, 612343B4C6FB91F5FA06CD7622B53005E89BC93746CD99A4325427E617C9A90B ] Hardlock C:\Windows\system32\drivers\hardlock.sys
19:19:44.0553 0x18c4 Hardlock - ok
19:19:44.0557 0x18c4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:19:44.0572 0x18c4 hcw85cir - ok
19:19:44.0582 0x18c4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:19:44.0608 0x18c4 HdAudAddService - ok
19:19:44.0614 0x18c4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:19:44.0628 0x18c4 HDAudBus - ok
19:19:44.0632 0x18c4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:19:44.0645 0x18c4 HidBatt - ok
19:19:44.0650 0x18c4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:19:44.0667 0x18c4 HidBth - ok
19:19:44.0671 0x18c4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
19:19:44.0687 0x18c4 HidIr - ok
19:19:44.0691 0x18c4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
19:19:44.0723 0x18c4 hidserv - ok
19:19:44.0726 0x18c4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:19:44.0740 0x18c4 HidUsb - ok
19:19:44.0745 0x18c4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:19:44.0778 0x18c4 hkmsvc - ok
19:19:44.0786 0x18c4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:19:44.0810 0x18c4 HomeGroupListener - ok
19:19:44.0817 0x18c4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:19:44.0836 0x18c4 HomeGroupProvider - ok
19:19:44.0841 0x18c4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:19:44.0855 0x18c4 HpSAMD - ok
19:19:44.0878 0x18c4 [ 77ED10C64F9DE2BF3F4F0B92541422F6, ADC7DDA8CBA47E7EE17BAB9EAA5DD51EB86A4DDB402EF1F24F81ECCA990583A6 ] hshld C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
19:19:44.0911 0x18c4 hshld - detected UnsignedFile.Multi.Generic ( 1 )
19:19:47.0626 0x18c4 Detect skipped due to KSN trusted
19:19:47.0626 0x18c4 hshld - ok
19:19:47.0636 0x18c4 [ 0063ACEBB5BBE8C563A6ADB09155E644, BC7C9AFB83F5345065BB070A5D992DCE13CB35027D8FE402B338D775C896317B ] HssDRV6 C:\Windows\system32\DRIVERS\hssdrv6.sys
19:19:47.0664 0x18c4 HssDRV6 - ok
19:19:47.0672 0x18c4 [ 7A97848FE7C47F9390427EBDDD92F9F1, 2C053D1433585B3FA0ED839CDFC80CAB3A2D670F5B1F6E3D80BC31EB5CE0E948 ] HssTrayService C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE
19:19:47.0693 0x18c4 HssTrayService - ok
19:19:47.0707 0x18c4 [ 5CB01FD5AA4885BC4811433B54393AF2, 018AC4FDE8099731C3D9F77EE66B6EB902DC246D4E68DD20962CD2D7C48C2123 ] HssWd C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
19:19:47.0735 0x18c4 HssWd - ok
19:19:47.0758 0x18c4 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:19:47.0823 0x18c4 HTTP - ok
19:19:47.0828 0x18c4 [ 94724AD8E21E3CFF22A2FAB7BBABF725, 226F76C7CF80AF734DB64111E95595EC5E02658482A574643900A6C61A69236C ] HWiNFO32 C:\Windows\system32\drivers\HWiNFO64A.SYS
19:19:47.0840 0x18c4 HWiNFO32 - ok
19:19:47.0843 0x18c4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:19:47.0854 0x18c4 hwpolicy - ok
19:19:47.0859 0x18c4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:19:47.0876 0x18c4 i8042prt - ok
19:19:47.0888 0x18c4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:19:47.0911 0x18c4 iaStorV - ok
19:19:47.0932 0x18c4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:19:47.0970 0x18c4 idsvc - ok
19:19:47.0975 0x18c4 IEEtwCollectorService - ok
19:19:47.0979 0x18c4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:19:47.0992 0x18c4 iirsp - ok
19:19:48.0013 0x18c4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
19:19:48.0051 0x18c4 IKEEXT - ok
19:19:48.0114 0x18c4 [ C7124DA48E557D8F88D0D7F1254557F4, 300BC8ACB5CCB15F80ECAEAD27F12925EE94C84FE8110143A3E0F30E19DDA87B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:19:48.0186 0x18c4 IntcAzAudAddService - ok
19:19:48.0194 0x18c4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
19:19:48.0206 0x18c4 intelide - ok
19:19:48.0210 0x18c4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
19:19:48.0226 0x18c4 intelppm - ok
19:19:48.0231 0x18c4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:19:48.0266 0x18c4 IPBusEnum - ok
19:19:48.0271 0x18c4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:19:48.0302 0x18c4 IpFilterDriver - ok
19:19:48.0318 0x18c4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:19:48.0342 0x18c4 iphlpsvc - ok
19:19:48.0347 0x18c4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:19:48.0364 0x18c4 IPMIDRV - ok
19:19:48.0369 0x18c4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:19:48.0402 0x18c4 IPNAT - ok
19:19:48.0406 0x18c4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:19:48.0422 0x18c4 IRENUM - ok
19:19:48.0425 0x18c4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:19:48.0437 0x18c4 isapnp - ok
19:19:48.0447 0x18c4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:19:48.0466 0x18c4 iScsiPrt - ok
19:19:48.0479 0x18c4 [ 1D7AAB58F4E21697AF8F46EAA81823DD, 551EA1B53224F99EDCFD8A9E754C5313CFF4BCBFFFB8DC54D3F3419527F8152C ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
19:19:48.0499 0x18c4 k57nd60a - ok
19:19:48.0503 0x18c4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:19:48.0516 0x18c4 kbdclass - ok
19:19:48.0520 0x18c4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:19:48.0533 0x18c4 kbdhid - ok
19:19:48.0537 0x18c4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
19:19:48.0547 0x18c4 KeyIso - ok
19:19:48.0552 0x18c4 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:19:48.0567 0x18c4 KSecDD - ok
19:19:48.0573 0x18c4 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:19:48.0589 0x18c4 KSecPkg - ok
19:19:48.0593 0x18c4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:19:48.0622 0x18c4 ksthunk - ok
19:19:48.0633 0x18c4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
19:19:48.0675 0x18c4 KtmRm - ok
19:19:48.0683 0x18c4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:19:48.0720 0x18c4 LanmanServer - ok
19:19:48.0726 0x18c4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:19:48.0759 0x18c4 LanmanWorkstation - ok
19:19:48.0765 0x18c4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:19:48.0796 0x18c4 lltdio - ok
19:19:48.0805 0x18c4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:19:48.0847 0x18c4 lltdsvc - ok
19:19:48.0851 0x18c4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:19:48.0881 0x18c4 lmhosts - ok
19:19:48.0888 0x18c4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:19:48.0902 0x18c4 LSI_FC - ok
19:19:48.0907 0x18c4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:19:48.0922 0x18c4 LSI_SAS - ok
19:19:48.0927 0x18c4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:19:48.0941 0x18c4 LSI_SAS2 - ok
19:19:48.0946 0x18c4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:19:48.0961 0x18c4 LSI_SCSI - ok
19:19:48.0967 0x18c4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
19:19:49.0000 0x18c4 luafv - ok
19:19:49.0012 0x18c4 [ A401CFF74982D8DF851F20307C806073, 1D7BA90C9E77FAAE59F60AB5310EC41D9C5B98F1F9A89A3CDB9169E6DEF565DA ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
19:19:49.0032 0x18c4 LVRS64 - ok
19:19:49.0131 0x18c4 [ 13384CB5F5813E65F31078D6ABFAAF38, A6E7374C15CAECC273197BF62F8F926BA30E9509270A8470756F4710E1DEA126 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
19:19:49.0258 0x18c4 LVUVC64 - ok
19:19:49.0269 0x18c4 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
19:19:49.0280 0x18c4 MBfilt - ok
19:19:49.0285 0x18c4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:19:49.0304 0x18c4 Mcx2Svc - ok
19:19:49.0308 0x18c4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
19:19:49.0320 0x18c4 megasas - ok
19:19:49.0330 0x18c4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:19:49.0349 0x18c4 MegaSR - ok
19:19:49.0356 0x18c4 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
19:19:49.0370 0x18c4 Microsoft Office Groove Audit Service - ok
19:19:49.0374 0x18c4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
19:19:49.0406 0x18c4 MMCSS - ok
19:19:49.0410 0x18c4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
19:19:49.0440 0x18c4 Modem - ok
19:19:49.0444 0x18c4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:19:49.0456 0x18c4 monitor - ok
19:19:49.0460 0x18c4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:19:49.0473 0x18c4 mouclass - ok
19:19:49.0477 0x18c4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:19:49.0490 0x18c4 mouhid - ok
19:19:49.0494 0x18c4 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:19:49.0508 0x18c4 mountmgr - ok
19:19:49.0514 0x18c4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
19:19:49.0531 0x18c4 mpio - ok
19:19:49.0536 0x18c4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:19:49.0567 0x18c4 mpsdrv - ok
19:19:49.0588 0x18c4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:19:49.0641 0x18c4 MpsSvc - ok
19:19:49.0648 0x18c4 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:19:49.0665 0x18c4 MRxDAV - ok
19:19:49.0672 0x18c4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:19:49.0690 0x18c4 mrxsmb - ok
19:19:49.0700 0x18c4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:19:49.0721 0x18c4 mrxsmb10 - ok
19:19:49.0727 0x18c4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:19:49.0743 0x18c4 mrxsmb20 - ok
19:19:49.0747 0x18c4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
19:19:49.0759 0x18c4 msahci - ok
19:19:49.0765 0x18c4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:19:49.0781 0x18c4 msdsm - ok
19:19:49.0787 0x18c4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
19:19:49.0806 0x18c4 MSDTC - ok
19:19:49.0812 0x18c4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:19:49.0841 0x18c4 Msfs - ok
19:19:49.0844 0x18c4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:19:49.0873 0x18c4 mshidkmdf - ok
19:19:49.0877 0x18c4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:19:49.0888 0x18c4 msisadrv - ok
19:19:49.0894 0x18c4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:19:49.0931 0x18c4 MSiSCSI - ok
19:19:49.0934 0x18c4 msiserver - ok
19:19:49.0937 0x18c4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:19:49.0965 0x18c4 MSKSSRV - ok
19:19:49.0968 0x18c4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:19:49.0998 0x18c4 MSPCLOCK - ok
19:19:50.0008 0x18c4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:19:50.0037 0x18c4 MSPQM - ok
19:19:50.0048 0x18c4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:19:50.0069 0x18c4 MsRPC - ok
19:19:50.0075 0x18c4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:19:50.0083 0x18c4 mssmbios - ok
19:19:50.0087 0x18c4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:19:50.0116 0x18c4 MSTEE - ok
19:19:50.0119 0x18c4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:19:50.0132 0x18c4 MTConfig - ok
19:19:50.0137 0x18c4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
19:19:50.0150 0x18c4 Mup - ok
19:19:50.0159 0x18c4 [ 77073C1AF9C0921FF18EE628049BB1A9, 5143FA3DCB5D1C1B0FEF939F43CB6D99FD0F6C21839D94A6696D256BB01047ED ] mv91xx C:\Windows\system32\DRIVERS\mv91xx.sys
19:19:50.0178 0x18c4 mv91xx - ok
19:19:50.0192 0x18c4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
19:19:50.0235 0x18c4 napagent - ok
19:19:50.0246 0x18c4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:19:50.0272 0x18c4 NativeWifiP - ok
19:19:50.0295 0x18c4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
19:19:50.0322 0x18c4 NDIS - ok
19:19:50.0327 0x18c4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:19:50.0357 0x18c4 NdisCap - ok
19:19:50.0360 0x18c4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:19:50.0390 0x18c4 NdisTapi - ok
19:19:50.0394 0x18c4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:19:50.0424 0x18c4 Ndisuio - ok
19:19:50.0431 0x18c4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:19:50.0465 0x18c4 NdisWan - ok
19:19:50.0470 0x18c4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:19:50.0499 0x18c4 NDProxy - ok
19:19:50.0503 0x18c4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:19:50.0533 0x18c4 NetBIOS - ok
19:19:50.0542 0x18c4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:19:50.0579 0x18c4 NetBT - ok
19:19:50.0582 0x18c4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
19:19:50.0592 0x18c4 Netlogon - ok
19:19:50.0603 0x18c4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
19:19:50.0643 0x18c4 Netman - ok
19:19:50.0649 0x18c4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:19:50.0668 0x18c4 NetMsmqActivator - ok
19:19:50.0673 0x18c4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:19:50.0685 0x18c4 NetPipeActivator - ok
19:19:50.0698 0x18c4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
19:19:50.0742 0x18c4 netprofm - ok
19:19:50.0747 0x18c4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:19:50.0759 0x18c4 NetTcpActivator - ok
19:19:50.0764 0x18c4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:19:50.0776 0x18c4 NetTcpPortSharing - ok
19:19:50.0780 0x18c4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:19:50.0793 0x18c4 nfrd960 - ok
19:19:50.0803 0x18c4 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:19:50.0820 0x18c4 NlaSvc - ok
19:19:50.0828 0x18c4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:19:50.0858 0x18c4 Npfs - ok
19:19:50.0861 0x18c4 NSHE - ok
19:19:50.0865 0x18c4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
19:19:50.0897 0x18c4 nsi - ok
19:19:50.0901 0x18c4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:19:50.0930 0x18c4 nsiproxy - ok
19:19:50.0969 0x18c4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:19:51.0024 0x18c4 Ntfs - ok
19:19:51.0029 0x18c4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
19:19:51.0057 0x18c4 Null - ok
19:19:51.0064 0x18c4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:19:51.0080 0x18c4 nvraid - ok
19:19:51.0086 0x18c4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:19:51.0103 0x18c4 nvstor - ok
19:19:51.0108 0x18c4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:19:51.0123 0x18c4 nv_agp - ok
19:19:51.0136 0x18c4 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:19:51.0162 0x18c4 odserv - ok
19:19:51.0167 0x18c4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:19:51.0183 0x18c4 ohci1394 - ok
19:19:51.0188 0x18c4 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:19:51.0204 0x18c4 ose - ok
19:19:51.0216 0x18c4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:19:51.0234 0x18c4 p2pimsvc - ok
19:19:51.0247 0x18c4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
19:19:51.0275 0x18c4 p2psvc - ok
19:19:51.0280 0x18c4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
19:19:51.0296 0x18c4 Parport - ok
19:19:51.0300 0x18c4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:19:51.0315 0x18c4 partmgr - ok
19:19:51.0321 0x18c4 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
19:19:51.0346 0x18c4 PcaSvc - ok
19:19:51.0353 0x18c4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
19:19:51.0364 0x18c4 pci - ok
19:19:51.0367 0x18c4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
19:19:51.0378 0x18c4 pciide - ok
19:19:51.0386 0x18c4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:19:51.0404 0x18c4 pcmcia - ok
19:19:51.0408 0x18c4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
19:19:51.0421 0x18c4 pcw - ok
19:19:51.0438 0x18c4 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:19:51.0488 0x18c4 PEAUTH - ok
19:19:51.0520 0x18c4 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:19:51.0565 0x18c4 PeerDistSvc - ok
19:19:51.0593 0x18c4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:19:51.0608 0x18c4 PerfHost - ok
19:19:51.0644 0x18c4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
19:19:51.0711 0x18c4 pla - ok
19:19:51.0725 0x18c4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:19:51.0752 0x18c4 PlugPlay - ok
19:19:51.0756 0x18c4 PnkBstrA - ok
19:19:51.0759 0x18c4 [ AAB547E4278174BEF5DF44A4811D1673, 9A434E78AB5EE7AC08F8102CD7AC70B1A43F9D7FA23CF8B338015105C8B67B84 ] PNPMEM C:\Windows\system32\DRIVERS\pnpmem.sys
19:19:51.0773 0x18c4 PNPMEM - ok
19:19:51.0777 0x18c4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:19:51.0792 0x18c4 PNRPAutoReg - ok
19:19:51.0802 0x18c4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:19:51.0819 0x18c4 PNRPsvc - ok
19:19:51.0833 0x18c4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:19:51.0877 0x18c4 PolicyAgent - ok
19:19:51.0885 0x18c4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
19:19:51.0916 0x18c4 Power - ok
19:19:51.0921 0x18c4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:19:51.0954 0x18c4 PptpMiniport - ok
19:19:51.0959 0x18c4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
19:19:51.0974 0x18c4 Processor - ok
19:19:51.0981 0x18c4 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
19:19:52.0003 0x18c4 ProfSvc - ok
19:19:52.0007 0x18c4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:19:52.0017 0x18c4 ProtectedStorage - ok
19:19:52.0023 0x18c4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:19:52.0050 0x18c4 Psched - ok
19:19:52.0085 0x18c4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:19:52.0132 0x18c4 ql2300 - ok
19:19:52.0140 0x18c4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:19:52.0156 0x18c4 ql40xx - ok
19:19:52.0164 0x18c4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
19:19:52.0190 0x18c4 QWAVE - ok
19:19:52.0194 0x18c4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:19:52.0212 0x18c4 QWAVEdrv - ok
19:19:52.0215 0x18c4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:19:52.0244 0x18c4 RasAcd - ok
19:19:52.0249 0x18c4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:19:52.0279 0x18c4 RasAgileVpn - ok
19:19:52.0284 0x18c4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
19:19:52.0319 0x18c4 RasAuto - ok
19:19:52.0324 0x18c4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:19:52.0357 0x18c4 Rasl2tp - ok
19:19:52.0367 0x18c4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
19:19:52.0407 0x18c4 RasMan - ok
19:19:52.0412 0x18c4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:19:52.0445 0x18c4 RasPppoe - ok
19:19:52.0450 0x18c4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:19:52.0481 0x18c4 RasSstp - ok
19:19:52.0492 0x18c4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:19:52.0530 0x18c4 rdbss - ok
19:19:52.0534 0x18c4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:19:52.0549 0x18c4 rdpbus - ok
19:19:52.0552 0x18c4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:19:52.0580 0x18c4 RDPCDD - ok
19:19:52.0588 0x18c4 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:19:52.0605 0x18c4 RDPDR - ok
19:19:52.0609 0x18c4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:19:52.0637 0x18c4 RDPENCDD - ok
19:19:52.0641 0x18c4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:19:52.0669 0x18c4 RDPREFMP - ok
19:19:52.0674 0x18c4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:19:52.0687 0x18c4 RdpVideoMiniport - ok
19:19:52.0694 0x18c4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:19:52.0713 0x18c4 RDPWD - ok
19:19:52.0721 0x18c4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:19:52.0739 0x18c4 rdyboost - ok
19:19:52.0744 0x18c4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:19:52.0779 0x18c4 RemoteAccess - ok
19:19:52.0785 0x18c4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:19:52.0820 0x18c4 RemoteRegistry - ok
19:19:52.0825 0x18c4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:19:52.0857 0x18c4 RpcEptMapper - ok
19:19:52.0860 0x18c4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
19:19:52.0873 0x18c4 RpcLocator - ok
19:19:52.0887 0x18c4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
19:19:52.0925 0x18c4 RpcSs - ok
19:19:52.0933 0x18c4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:19:52.0964 0x18c4 rspndr - ok
19:19:52.0968 0x18c4 [ B6105E2B2F81D8CBA5A5E005F97EA4F5, CDFDEEEB1C351DF0C55B4FFE318B93939DC57AC9919B64B2FC67F6D39CF4A77F ] rzendpt C:\Windows\system32\DRIVERS\rzendpt.sys
19:19:52.0980 0x18c4 rzendpt - ok
19:19:52.0987 0x18c4 [ D30A8C2D23A7AB6664028A9C72E1809E, 1F2486F02A332CA68BA82B69B0188861EA0BA470D0A8CA1C0A4A771D84BC3613 ] rzudd C:\Windows\system32\DRIVERS\rzudd.sys
19:19:53.0001 0x18c4 rzudd - ok
19:19:53.0005 0x18c4 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:19:53.0017 0x18c4 s3cap - ok
19:19:53.0020 0x18c4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
19:19:53.0030 0x18c4 SamSs - ok
19:19:53.0035 0x18c4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:19:53.0050 0x18c4 sbp2port - ok
19:19:53.0057 0x18c4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:19:53.0095 0x18c4 SCardSvr - ok
19:19:53.0099 0x18c4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:19:53.0129 0x18c4 scfilter - ok
19:19:53.0154 0x18c4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
19:19:53.0216 0x18c4 Schedule - ok
19:19:53.0223 0x18c4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:19:53.0249 0x18c4 SCPolicySvc - ok
19:19:53.0256 0x18c4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:19:53.0278 0x18c4 SDRSVC - ok
19:19:53.0281 0x18c4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:19:53.0310 0x18c4 secdrv - ok
19:19:53.0314 0x18c4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
19:19:53.0344 0x18c4 seclogon - ok
19:19:53.0349 0x18c4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
19:19:53.0382 0x18c4 SENS - ok
19:19:53.0386 0x18c4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:19:53.0402 0x18c4 SensrSvc - ok
19:19:53.0405 0x18c4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:19:53.0418 0x18c4 Serenum - ok
19:19:53.0424 0x18c4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:19:53.0439 0x18c4 Serial - ok
19:19:53.0443 0x18c4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:19:53.0456 0x18c4 sermouse - ok
19:19:53.0466 0x18c4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
19:19:53.0500 0x18c4 SessionEnv - ok
19:19:53.0503 0x18c4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:19:53.0517 0x18c4 sffdisk - ok
19:19:53.0520 0x18c4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:19:53.0534 0x18c4 sffp_mmc - ok
19:19:53.0538 0x18c4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:19:53.0552 0x18c4 sffp_sd - ok
19:19:53.0555 0x18c4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:19:53.0568 0x18c4 sfloppy - ok
19:19:53.0579 0x18c4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:19:53.0622 0x18c4 SharedAccess - ok
19:19:53.0634 0x18c4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:19:53.0674 0x18c4 ShellHWDetection - ok
19:19:53.0678 0x18c4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:19:53.0691 0x18c4 SiSRaid2 - ok
19:19:53.0696 0x18c4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:19:53.0709 0x18c4 SiSRaid4 - ok
19:19:53.0714 0x18c4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:19:53.0747 0x18c4 Smb - ok
19:19:53.0753 0x18c4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:19:53.0767 0x18c4 SNMPTRAP - ok
19:19:53.0770 0x18c4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
19:19:53.0781 0x18c4 spldr - ok
19:19:53.0797 0x18c4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
19:19:53.0825 0x18c4 Spooler - ok
19:19:53.0899 0x18c4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
19:19:54.0033 0x18c4 sppsvc - ok
19:19:54.0042 0x18c4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:19:54.0077 0x18c4 sppuinotify - ok
19:19:54.0090 0x18c4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:19:54.0117 0x18c4 srv - ok
19:19:54.0130 0x18c4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:19:54.0155 0x18c4 srv2 - ok
19:19:54.0162 0x18c4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:19:54.0180 0x18c4 srvnet - ok
19:19:54.0187 0x18c4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:19:54.0224 0x18c4 SSDPSRV - ok
19:19:54.0228 0x18c4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:19:54.0260 0x18c4 SstpSvc - ok
19:19:54.0264 0x18c4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:19:54.0276 0x18c4 stexstor - ok
19:19:54.0292 0x18c4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
19:19:54.0327 0x18c4 stisvc - ok
19:19:54.0332 0x18c4 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:19:54.0345 0x18c4 storflt - ok
19:19:54.0349 0x18c4 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:19:54.0362 0x18c4 storvsc - ok
19:19:54.0365 0x18c4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:19:54.0376 0x18c4 swenum - ok
19:19:54.0390 0x18c4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
19:19:54.0437 0x18c4 swprv - ok
19:19:54.0443 0x18c4 [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc C:\Windows\system32\drivers\Synth3dVsc.sys
19:19:54.0457 0x18c4 Synth3dVsc - ok
19:19:54.0495 0x18c4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
19:19:54.0563 0x18c4 SysMain - ok
19:19:54.0571 0x18c4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:19:54.0596 0x18c4 TabletInputService - ok
19:19:54.0601 0x18c4 [ BCF5E78E87D258088346E399E406E501, FD75AC5A7085E08AB00A2D0CE01970873598E381B6542DC5EBAC240D727AF6D7 ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys
19:19:54.0614 0x18c4 taphss6 - ok
19:19:54.0625 0x18c4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
19:19:54.0665 0x18c4 TapiSrv - ok
19:19:54.0672 0x18c4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
19:19:54.0703 0x18c4 TBS - ok
19:19:54.0746 0x18c4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:19:54.0809 0x18c4 Tcpip - ok
19:19:54.0851 0x18c4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:19:54.0898 0x18c4 TCPIP6 - ok
19:19:54.0905 0x18c4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:19:54.0919 0x18c4 tcpipreg - ok
19:19:54.0925 0x18c4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:19:54.0937 0x18c4 TDPIPE - ok
19:19:54.0941 0x18c4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:19:54.0953 0x18c4 TDTCP - ok
19:19:54.0959 0x18c4 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:19:54.0990 0x18c4 tdx - ok
19:19:55.0104 0x18c4 [ 3925953FB6F91E9D45858F63AF777D24, 0398C124B717D1D1F70AF1B8E8D18363E853A44F632CFACDA15EFDE394F7DA18 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
19:19:55.0222 0x18c4 TeamViewer9 - ok
19:19:55.0234 0x18c4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:19:55.0247 0x18c4 TermDD - ok
19:19:55.0251 0x18c4 [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt C:\Windows\system32\drivers\terminpt.sys
19:19:55.0264 0x18c4 terminpt - ok
19:19:55.0282 0x18c4 [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService C:\Windows\System32\termsrv.dll
19:19:55.0316 0x18c4 TermService - ok
19:19:55.0321 0x18c4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
19:19:55.0341 0x18c4 Themes - ok
19:19:55.0346 0x18c4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
19:19:55.0373 0x18c4 THREADORDER - ok
19:19:55.0379 0x18c4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
19:19:55.0414 0x18c4 TrkWks - ok
19:19:55.0421 0x18c4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:19:55.0453 0x18c4 TrustedInstaller - ok
19:19:55.0458 0x18c4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:19:55.0472 0x18c4 tssecsrv - ok
19:19:55.0477 0x18c4 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:19:55.0491 0x18c4 TsUsbFlt - ok
19:19:55.0495 0x18c4 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:19:55.0509 0x18c4 TsUsbGD - ok
19:19:55.0514 0x18c4 [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
19:19:55.0531 0x18c4 tsusbhub - ok
19:19:55.0537 0x18c4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:19:55.0571 0x18c4 tunnel - ok
19:19:55.0575 0x18c4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:19:55.0589 0x18c4 uagp35 - ok
19:19:55.0599 0x18c4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:19:55.0638 0x18c4 udfs - ok
19:19:55.0652 0x18c4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:19:55.0674 0x18c4 UI0Detect - ok
19:19:55.0679 0x18c4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:19:55.0697 0x18c4 uliagpkx - ok
19:19:55.0701 0x18c4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:19:55.0716 0x18c4 umbus - ok
19:19:55.0719 0x18c4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
19:19:55.0731 0x18c4 UmPass - ok
19:19:55.0739 0x18c4 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
19:19:55.0760 0x18c4 UmRdpService - ok
19:19:55.0770 0x18c4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
19:19:55.0812 0x18c4 upnphost - ok
19:19:55.0817 0x18c4 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
19:19:55.0833 0x18c4 USBAAPL64 - ok
19:19:55.0838 0x18c4 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:19:55.0854 0x18c4 usbaudio - ok
19:19:55.0859 0x18c4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:19:55.0875 0x18c4 usbccgp - ok
19:19:55.0880 0x18c4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:19:55.0898 0x18c4 usbcir - ok
19:19:55.0902 0x18c4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:19:55.0916 0x18c4 usbehci - ok
19:19:55.0920 0x18c4 [ 5A4AC5D05A7C97C68596416C05D6F2B4, 1CDE5172B763D2D65379B9F3ABACC080AF676DB9354EC98A455E620C4CE3E18A ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
19:19:55.0932 0x18c4 usbfilter - ok
19:19:55.0943 0x18c4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:19:55.0967 0x18c4 usbhub - ok
19:19:55.0971 0x18c4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
19:19:55.0983 0x18c4 usbohci - ok
19:19:55.0987 0x18c4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:19:56.0003 0x18c4 usbprint - ok
19:19:56.0007 0x18c4 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:19:56.0020 0x18c4 usbscan - ok
19:19:56.0025 0x18c4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:19:56.0041 0x18c4 USBSTOR - ok
19:19:56.0045 0x18c4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:19:56.0058 0x18c4 usbuhci - ok
19:19:56.0062 0x18c4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
19:19:56.0093 0x18c4 UxSms - ok
19:19:56.0097 0x18c4 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
19:19:56.0107 0x18c4 VaultSvc - ok
19:19:56.0111 0x18c4 [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone C:\Windows\system32\DRIVERS\VClone.sys
19:19:56.0123 0x18c4 VClone - ok
19:19:56.0127 0x18c4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:19:56.0139 0x18c4 vdrvroot - ok
19:19:56.0154 0x18c4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
19:19:56.0198 0x18c4 vds - ok
19:19:56.0203 0x18c4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:19:56.0218 0x18c4 vga - ok
19:19:56.0222 0x18c4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:19:56.0251 0x18c4 VgaSave - ok
19:19:56.0254 0x18c4 VGPU - ok
19:19:56.0262 0x18c4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:19:56.0281 0x18c4 vhdmp - ok
19:19:56.0285 0x18c4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
19:19:56.0296 0x18c4 viaide - ok
19:19:56.0303 0x18c4 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:19:56.0322 0x18c4 vmbus - ok
19:19:56.0326 0x18c4 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:19:56.0339 0x18c4 VMBusHID - ok
19:19:56.0344 0x18c4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:19:56.0357 0x18c4 volmgr - ok
19:19:56.0369 0x18c4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:19:56.0390 0x18c4 volmgrx - ok
19:19:56.0399 0x18c4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:19:56.0420 0x18c4 volsnap - ok
19:19:56.0427 0x18c4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:19:56.0443 0x18c4 vsmraid - ok
19:19:56.0478 0x18c4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
19:19:56.0552 0x18c4 VSS - ok
19:19:56.0557 0x18c4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:19:56.0573 0x18c4 vwifibus - ok
19:19:56.0584 0x18c4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
19:19:56.0626 0x18c4 W32Time - ok
19:19:56.0631 0x18c4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:19:56.0645 0x18c4 WacomPen - ok
19:19:56.0650 0x18c4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:19:56.0681 0x18c4 WANARP - ok
19:19:56.0685 0x18c4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:19:56.0712 0x18c4 Wanarpv6 - ok
19:19:56.0742 0x18c4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:19:56.0792 0x18c4 WatAdminSvc - ok
19:19:56.0828 0x18c4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
19:19:56.0883 0x18c4 wbengine - ok
19:19:56.0893 0x18c4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:19:56.0918 0x18c4 WbioSrvc - ok
19:19:56.0931 0x18c4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:19:56.0960 0x18c4 wcncsvc - ok
19:19:56.0964 0x18c4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:19:56.0982 0x18c4 WcsPlugInService - ok
19:19:56.0986 0x18c4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
19:19:56.0998 0x18c4 Wd - ok
19:19:57.0019 0x18c4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:19:57.0052 0x18c4 Wdf01000 - ok
19:19:57.0058 0x18c4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:19:57.0079 0x18c4 WdiServiceHost - ok
19:19:57.0083 0x18c4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:19:57.0098 0x18c4 WdiSystemHost - ok
19:19:57.0107 0x18c4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
19:19:57.0129 0x18c4 WebClient - ok
19:19:57.0137 0x18c4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:19:57.0177 0x18c4 Wecsvc - ok
19:19:57.0182 0x18c4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:19:57.0216 0x18c4 wercplsupport - ok
19:19:57.0221 0x18c4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
19:19:57.0255 0x18c4 WerSvc - ok
19:19:57.0259 0x18c4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:19:57.0287 0x18c4 WfpLwf - ok
19:19:57.0290 0x18c4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:19:57.0302 0x18c4 WIMMount - ok
19:19:57.0305 0x18c4 WinDefend - ok
19:19:57.0310 0x18c4 WinHttpAutoProxySvc - ok
19:19:57.0322 0x18c4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:19:57.0359 0x18c4 Winmgmt - ok
19:19:57.0404 0x18c4 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
19:19:57.0496 0x18c4 WinRM - ok
19:19:57.0505 0x18c4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:19:57.0523 0x18c4 WinUsb - ok
19:19:57.0545 0x18c4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:19:57.0590 0x18c4 Wlansvc - ok
19:19:57.0595 0x18c4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:19:57.0606 0x18c4 WmiAcpi - ok
19:19:57.0615 0x18c4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:19:57.0635 0x18c4 wmiApSrv - ok
19:19:57.0637 0x18c4 WMPNetworkSvc - ok
19:19:57.0642 0x18c4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:19:57.0657 0x18c4 WPCSvc - ok
19:19:57.0663 0x18c4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:19:57.0683 0x18c4 WPDBusEnum - ok
19:19:57.0687 0x18c4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:19:57.0716 0x18c4 ws2ifsl - ok
19:19:57.0721 0x18c4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
19:19:57.0742 0x18c4 wscsvc - ok
19:19:57.0745 0x18c4 WSearch - ok
19:19:57.0799 0x18c4 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
19:19:57.0877 0x18c4 wuauserv - ok
19:19:57.0887 0x18c4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:19:57.0903 0x18c4 WudfPf - ok
19:19:57.0912 0x18c4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:19:57.0931 0x18c4 WUDFRd - ok
19:19:57.0936 0x18c4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:19:57.0954 0x18c4 wudfsvc - ok
19:19:57.0962 0x18c4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
19:19:57.0986 0x18c4 WwanSvc - ok
19:19:57.0992 0x18c4 ================ Scan global ===============================
19:19:57.0996 0x18c4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:19:58.0009 0x18c4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:19:58.0026 0x18c4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
19:19:58.0033 0x18c4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:19:58.0047 0x18c4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
19:19:58.0054 0x18c4 [ Global ] - ok
19:19:58.0054 0x18c4 ================ Scan MBR ==================================
19:19:58.0056 0x18c4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:19:58.0104 0x18c4 \Device\Harddisk0\DR0 - ok
19:19:58.0106 0x18c4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
19:19:58.0122 0x18c4 \Device\Harddisk1\DR1 - ok
19:19:58.0124 0x18c4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
19:19:58.0194 0x18c4 \Device\Harddisk2\DR2 - ok
19:19:58.0194 0x18c4 ================ Scan VBR ==================================
19:19:58.0196 0x18c4 [ 616B9296B45BCC2335B0393D690B8AFD ] \Device\Harddisk0\DR0\Partition1
19:19:58.0226 0x18c4 \Device\Harddisk0\DR0\Partition1 - ok
19:19:58.0228 0x18c4 [ 30DD02AD34C3EE7F5F7DBCE16DC8D166 ] \Device\Harddisk1\DR1\Partition1
19:19:58.0229 0x18c4 \Device\Harddisk1\DR1\Partition1 - ok
19:19:58.0231 0x18c4 [ A1A1CC4BA4AE1C51FC0245E9B1587FFB ] \Device\Harddisk1\DR1\Partition2
19:19:58.0231 0x18c4 \Device\Harddisk1\DR1\Partition2 - ok
19:19:58.0234 0x18c4 [ 49959F114C3ECFCB228CF7DAE6B38017 ] \Device\Harddisk1\DR1\Partition3
19:19:58.0235 0x18c4 \Device\Harddisk1\DR1\Partition3 - ok
19:19:58.0237 0x18c4 [ 9638D80FC23DC4A8369B55D6EFF7690B ] \Device\Harddisk2\DR2\Partition1
19:19:58.0281 0x18c4 \Device\Harddisk2\DR2\Partition1 - ok
19:19:58.0281 0x18c4 ================ Scan generic autorun ======================
19:19:58.0516 0x18c4 [ 7180CC6A80918BB5F9A50F6FFF51AC33, 5D1FF27BB2AE0F3A722F396D4E0E4E7EBCEF806B49533D2292AFB8C7529CBBC6 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
19:19:58.0836 0x18c4 RTHDVCPL - ok
19:19:58.0862 0x18c4 [ 887E31727394E2998A471A01A521EAB4, E68D0C778BAAB307E6BDDA151787D31FC16AD83ADE3FE848353998D111A9AC0C ] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
19:19:58.0881 0x18c4 DivXMediaServer - detected UnsignedFile.Multi.Generic ( 1 )
19:20:01.0880 0x18c4 Detect skipped due to KSN trusted
19:20:01.0880 0x18c4 DivXMediaServer - ok
19:20:01.0889 0x18c4 [ 8FFDB89A0FB7C8ABC3A8825E38047341, B9107FAA3A885CD9A08C20F78D31C3642FA76812E417F41C4F2ADF7D90CA8C72 ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
19:20:01.0914 0x18c4 LWS - ok
19:20:01.0941 0x18c4 [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
19:20:01.0976 0x18c4 Adobe ARM - ok
19:20:01.0982 0x18c4 [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
19:20:01.0994 0x18c4 GrooveMonitor - ok
19:20:02.0039 0x18c4 [ 16AFB34618E1286FF856DC600AC49C79, 431EC110507685A0F4472EAE35383B4C1E3DC0B56E01CDECFB18F753181DC995 ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
19:20:02.0094 0x18c4 DivXUpdate - ok
19:20:02.0122 0x18c4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:20:02.0174 0x18c4 Sidebar - ok
19:20:02.0180 0x18c4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:20:02.0200 0x18c4 mctadmin - ok
19:20:02.0225 0x18c4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:20:02.0261 0x18c4 Sidebar - ok
19:20:02.0266 0x18c4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:20:02.0281 0x18c4 mctadmin - ok
19:20:02.0282 0x18c4 Waiting for KSN requests completion. In queue: 297
19:20:03.0282 0x18c4 Waiting for KSN requests completion. In queue: 297
19:20:04.0282 0x18c4 Waiting for KSN requests completion. In queue: 8
19:20:05.0305 0x18c4 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.266 ), 0x41000 ( enabled : updated )
19:20:05.0320 0x18c4 Win FW state via NFP2: enabled
19:20:08.0066 0x18c4 ============================================================
19:20:08.0066 0x18c4 Scan finished
19:20:08.0066 0x18c4 ============================================================
19:20:08.0079 0x14ec Detected object count: 0
19:20:08.0079 0x14ec Actual detected object count: 0
19:20:54.0636 0x1a3c Deinitialize success
|
|
21.10.2014, 12:00
| #7 |
| /// the machine /// TB-Ausbilder | PC friert ab und zu ein (nervig) #Forumszweig wechsel. Wenn er einfriert, kannst Du dann die Maus noch bewegen? ProcessExplorer als Ersatz für den Windows Taskmanager installieren Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden. Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt. Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.10.2014, 12:26
| #8 |
| | PC friert ab und zu ein (nervig) #Forumszweig wechsel. So hab alles so gemacht wie es beschrieben ist. Wie du auf dem Bild sehen kannst ist "System Idle Process" unter CPU/History das auffälligste.  h: |
|
22.10.2014, 07:19
| #9 |
| /// the machine /// TB-Ausbilder | PC friert ab und zu ein (nervig) #Forumszweig wechsel. Das muss auch so sein, ist der Leerlaufprozess. Was ist mit meiner Frage wegen der Maus? Lass Process Explorer mal offen, wenn er wieder einfriert schau mal was die CPU macht.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.10.2014, 22:44
| #10 |
| | PC friert ab und zu ein (nervig) #Forumszweig wechsel. Also ich werde mal darauf achten wenn er wieder einfriert. Ja ich kann die Maus bewegen nur Internetseiten, Bilder, Ordner und Programme lassen sich nicht öffnen. |
|
23.10.2014, 19:39
| #11 |
| /// the machine /// TB-Ausbilder | PC friert ab und zu ein (nervig) #Forumszweig wechsel. Ok, also die Festplatte steht schon mal nicht. Ja beobachte mal den Process Explorer.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.10.2014, 20:02
| #12 |
| | PC friert ab und zu ein (nervig) #Forumszweig wechsel. Also immer wenn er einfriert bekomme ich leider auch diesen neuen Task-Manager nicht auf. Bis er sich wieder fängt und danach sieht alles wie immer aus. Ich weiß nicht mehr weiter. |
|
26.10.2014, 15:09
| #13 |
| /// the machine /// TB-Ausbilder | PC friert ab und zu ein (nervig) #Forumszweig wechsel. Den Process Explorer aufmachen und offen lassen 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.10.2014, 19:45
| #14 |
| | PC friert ab und zu ein (nervig) #Forumszweig wechsel. Also es scheint das der Process Chrom.exe Probleme macht. Der schießt immer beim einfrieren in die höhe. |
|
28.10.2014, 19:02
| #15 |
| /// the machine /// TB-Ausbilder | PC friert ab und zu ein (nervig) #Forumszweig wechsel. Revo Uninstaller - Download - Filepony damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren. Dann: https://support.google.com/chrome/answer/3296214?hl=de
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu PC friert ab und zu ein (nervig) #Forumszweig wechsel. |
| allgemein, amd, bilder, browser, festplatte, festplatten, folge, friert, home, internet, jahre, min, nervig, netzwerkadapter, neu, nicht mehr, problem, seite, speicher, spiele, surfen, trojaner, video, win, win7 |
Linear-Darstellung
