| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Telekom Abuse Team: "Virus/Trojaner infiziert"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
07.02.2015, 11:18
| #1 |
 |  Telekom Abuse Team: "Virus/Trojaner infiziert" Hey, meine Eltern haben eine Mail vom Telekom Abuse Team erhalten: "...uns liegen Hinweise von Sicherheitsexperten vor, dass mindestens ein Rechner, der sich über Ihren Internetzugang mit dem Internet verbindet, mit einem Virus/Trojaner infiziert ist. ..." Wir haben mehrere Geräte(PC,Laptop,TV,Handys,...) mit unserem Wlan verbunden. Habe jetzt auf allen Rechnern Kaspersky laufen lassen, aber bei dem Scan wurde bei keinem PC etwas gefunden. Würde jetzt jeden Rechner nochmal mit Malwarebytes überprüfen. Oder gibt es andere Programme die ihr mir empfehlen könntet? Würde mich über Hilfe sehr freuen  |
|
07.02.2015, 11:23
| #2 |
| /// the machine /// TB-Ausbilder    | Telekom Abuse Team: "Virus/Trojaner infiziert" hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
07.02.2015, 11:40
| #3 |
| | Telekom Abuse Team: "Virus/Trojaner infiziert" Danke.
__________________Hier die FRST.txt: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2015
Ran by Christina (administrator) on CHRISTINA-PC on 07-02-2015 11:33:34
Running from C:\Users\Christina\Desktop
Loaded Profiles: Christina (Available profiles: Christina)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(ABBYY) C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry64.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Spotify Ltd) C:\Users\Christina\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(ICQ) C:\Users\Christina\AppData\Roaming\ICQM\icq.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR\WNDA4100\WNDA4100.EXE
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
() C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Microsoft) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_12_0_0_77_ActiveX.exe
(Spotify Ltd) C:\Users\Christina\AppData\Roaming\Spotify\spotify.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
() C:\Users\Christina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Christina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Christina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Christina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Christina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-10] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7477016 2013-04-24] (Logitech Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [413696 2009-01-06] (Apple Inc.)
HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [563744 2010-03-26] ()
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [128296 2009-12-22] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-12-22] (Acer Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-12-08] (Raptr, Inc)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.)
HKU\S-1-5-21-3084994950-1413212936-3447986044-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-03-24] (Google Inc.)
HKU\S-1-5-21-3084994950-1413212936-3447986044-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3619160 2015-02-03] (Electronic Arts)
HKU\S-1-5-21-3084994950-1413212936-3447986044-1000\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2676584 2011-06-08] (Hewlett-Packard Co.)
HKU\S-1-5-21-3084994950-1413212936-3447986044-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1942720 2015-01-23] (Valve Corporation)
HKU\S-1-5-21-3084994950-1413212936-3447986044-1000\...\Run: [Spotify Web Helper] => C:\Users\Christina\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-11] (Spotify Ltd)
HKU\S-1-5-21-3084994950-1413212936-3447986044-1000\...\Run: [icq] => C:\Users\Christina\AppData\Roaming\ICQM\icq.exe [27578728 2013-04-03] (ICQ)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Image Transfer Utility.lnk
ShortcutTarget: Image Transfer Utility.lnk -> C:\Program Files (x86)\Canon\ImageTransferUtility\ImageTransferUtility.exe (CANON INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA4100 Genie.lnk
ShortcutTarget: NETGEAR WNDA4100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNDA4100\WNDA4100.EXE (NETGEAR)
Startup: C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 3050A J611 series (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 3050A J611 series (Netzwerk).lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3084994950-1413212936-3447986044-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
HKU\S-1-5-21-3084994950-1413212936-3447986044-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m5811&r=17360113m505pe426v165w5511u502
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-3084994950-1413212936-3447986044-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE517DE519
SearchScopes: HKU\S-1-5-21-3084994950-1413212936-3447986044-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE517DE519
SearchScopes: HKU\S-1-5-21-3084994950-1413212936-3447986044-1000 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC8} URL = hxxp://search.icq.com/search/results.php?q=%s&ch_id=hm&search_mode=web
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3084994950-1413212936-3447986044-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Christina\AppData\Roaming\Mozilla\Firefox\Profiles\2xpt23xh.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Christina\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3084994950-1413212936-3447986044-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-06-02]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-06-02]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-06-02]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-06-02]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-06-02]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-08-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-08-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-08-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-08-17]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-08-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-25] ()
R2 ABBYY.Licensing.PDFTransformer.Site License.3.0; C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-10] (Kaspersky Lab ZAO)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-03] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-06-12] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-06-12] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-01-14] (LogMeIn, Inc.)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [File not signed]
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-03] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-08-04] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-03] ()
R2 RalinkRegistryWriter; C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry.exe [377088 2012-04-30] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry64.exe [455424 2012-04-30] (Ralink Technology, Corp.)
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [File not signed]
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2013-12-11] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [91008 2014-05-20] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628320 2014-05-20] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-12-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-10] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-06-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-06-02] (Kaspersky Lab ZAO)
S3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2012-05-12] (MotioninJoy) [File not signed]
R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2013-07-19] (Creative Technology Ltd.)
S3 BCMH43XX; system32\DRIVERS\bcmwlhigh664.sys [X]
S3 GPU-Z; \??\C:\Users\CHRIST~1\AppData\Local\Temp\GPU-Z.sys [X]
S3 NPF; system32\DRIVERS\npf.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-07 11:33 - 2015-02-07 11:34 - 00027755 _____ () C:\Users\Christina\Desktop\FRST.txt
2015-02-07 11:33 - 2015-02-07 11:33 - 00000000 ____D () C:\FRST
2015-02-07 11:32 - 2015-02-07 11:32 - 02131968 _____ (Farbar) C:\Users\Christina\Desktop\FRST64.exe
2015-02-07 11:00 - 2015-02-07 11:00 - 00129752 _____ () C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-07 10:59 - 2015-02-07 11:32 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-02-07 10:59 - 2015-02-07 10:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-03 17:04 - 2015-02-03 17:07 - 00000000 ____D () C:\Users\Christina\Documents\BFH Beta 2
2015-01-29 16:00 - 2015-01-29 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-01-29 16:00 - 2015-01-29 16:00 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-01-14 14:51 - 2014-12-19 04:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 14:51 - 2014-12-19 02:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 14:51 - 2014-12-12 06:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 14:51 - 2014-12-12 06:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-01-14 14:51 - 2014-12-12 06:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-01-14 14:51 - 2014-12-12 06:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-01-14 14:51 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-14 14:51 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-14 14:51 - 2014-12-12 06:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-01-14 14:51 - 2014-12-11 18:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 14:51 - 2014-12-06 05:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-14 14:51 - 2014-12-06 04:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-01-14 14:51 - 2014-12-06 04:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-07 11:17 - 2013-01-02 21:51 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-07 11:11 - 2013-01-03 16:14 - 00000000 ____D () C:\Users\Christina\AppData\Roaming\Spotify
2015-02-07 11:04 - 2014-10-08 13:04 - 00005168 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Christina-PC-Christina Christina-PC
2015-02-07 11:01 - 2013-01-13 15:18 - 00000264 _____ () C:\Windows\Tasks\HP Photo Creations Messager.job
2015-02-07 10:57 - 2013-01-28 21:50 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-07 10:56 - 2013-06-02 15:56 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-02-07 10:47 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-07 10:47 - 2009-07-14 05:45 - 00018512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-07 10:46 - 2013-01-02 21:21 - 02007325 _____ () C:\Windows\WindowsUpdate.log
2015-02-07 10:42 - 2013-10-31 15:05 - 00000000 ____D () C:\Users\Christina\AppData\Roaming\Raptr
2015-02-07 10:41 - 2013-01-02 22:37 - 00000000 ____D () C:\ProgramData\Origin
2015-02-07 10:38 - 2013-07-17 17:25 - 00000000 ____D () C:\Users\Christina\AppData\Local\LogMeIn Hamachi
2015-02-07 10:38 - 2013-01-02 22:37 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-02-07 10:38 - 2013-01-02 21:51 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-07 10:37 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-07 10:37 - 2009-07-14 05:51 - 00117235 _____ () C:\Windows\setupact.log
2015-02-06 22:28 - 2013-01-02 23:11 - 00000000 ____D () C:\Users\Christina\AppData\Roaming\TS3Client
2015-02-06 21:42 - 2013-04-28 17:50 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-02-05 20:45 - 2014-07-12 12:55 - 00000000 ____D () C:\Users\Christina\Desktop\Kleiderkreisel
2015-02-04 22:19 - 2013-04-28 17:50 - 00226680 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2015-02-04 20:12 - 2013-01-02 21:51 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-04 20:12 - 2013-01-02 21:51 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-04 15:11 - 2013-01-03 16:14 - 00000000 ____D () C:\Users\Christina\AppData\Local\Spotify
2015-02-04 15:04 - 2013-01-03 16:01 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2015-02-04 15:04 - 2013-01-02 21:18 - 00247696 _____ () C:\Windows\PFRO.log
2015-02-03 19:52 - 2014-09-04 19:36 - 00001346 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2015-02-03 17:06 - 2013-01-03 16:03 - 00000000 ____D () C:\Users\Christina\AppData\Local\PunkBuster
2015-02-03 17:03 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-03 17:02 - 2013-01-03 18:25 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-03 17:01 - 2013-01-02 21:45 - 00362855 _____ () C:\Windows\DirectX.log
2015-02-03 14:19 - 2013-01-02 22:39 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2015-02-02 22:15 - 2013-01-03 06:09 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-02-02 22:15 - 2013-01-03 06:09 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-02-02 22:15 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-02 19:55 - 2013-01-02 21:57 - 00000000 ____D () C:\Users\Christina\AppData\Roaming\Skype
2015-02-02 11:51 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-29 16:00 - 2013-07-17 17:25 - 00000930 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-01-25 20:00 - 2014-03-23 20:43 - 00000000 ____D () C:\Users\Christina\AppData\Local\Arma 3
2015-01-24 01:18 - 2014-11-22 14:55 - 00012561 _____ () C:\Users\Christina\Desktop\Serienübersicht.xlsx
2015-01-23 17:58 - 2010-03-23 15:50 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-01-23 17:56 - 2013-02-10 18:04 - 00000000 ____D () C:\Users\Christina\Documents\Electronic Arts
2015-01-23 17:54 - 2013-02-10 17:49 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2015-01-14 22:17 - 2014-09-15 19:24 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-14 22:17 - 2013-01-02 21:57 - 00000000 ____D () C:\ProgramData\Skype
2015-01-14 18:35 - 2013-12-17 14:31 - 00000000 ____D () C:\Users\Christina\AppData\Local\DayZ
2015-01-14 11:32 - 2013-10-02 18:48 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
==================== Files in the root of some directories =======
2013-12-22 16:09 - 2013-12-22 16:01 - 0012005 _____ () C:\Users\Christina\AppData\Roaming\alsoft.ini
2014-05-16 22:05 - 2014-05-16 22:22 - 0000282 _____ () C:\Users\Christina\AppData\Roaming\BreakingPoint_Login.ini
2014-05-16 22:05 - 2014-05-17 00:29 - 0001301 _____ () C:\Users\Christina\AppData\Roaming\BreakingPoint_Options.ini
2014-12-18 21:33 - 2015-01-13 23:06 - 0001439 _____ () C:\Users\Christina\AppData\Roaming\SpeedRunnersLog.txt
2014-12-18 22:23 - 2014-12-18 22:23 - 0001608 _____ () C:\Users\Christina\AppData\Roaming\TargetInvocationLog.txt
2014-12-07 15:37 - 2014-12-07 15:37 - 0004593 _____ () C:\Users\Christina\AppData\Local\recently-used.xbel
2013-04-05 21:12 - 2013-04-05 21:12 - 0007597 _____ () C:\Users\Christina\AppData\Local\Resmon.ResmonCfg
2013-01-13 15:17 - 2013-01-13 15:17 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-01-02 21:39 - 2013-01-02 21:42 - 0009371 _____ () C:\ProgramData\ArcadeDeluxe3.log
2010-03-23 16:03 - 2010-01-27 15:40 - 0131472 _____ () C:\ProgramData\FullRemove.exe
Some content of TEMP:
====================
C:\Users\Christina\AppData\Local\Temp\BgCSDetect.dll
C:\Users\Christina\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Christina\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Christina\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Christina\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Christina\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Christina\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Christina\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Christina\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Christina\AppData\Local\Temp\raptrpatch.exe
C:\Users\Christina\AppData\Local\Temp\raptr_stub.exe
C:\Users\Christina\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Christina\AppData\Local\Temp\sonarinst.exe
C:\Users\Christina\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Christina\AppData\Local\Temp\Uninstaller-27536.exe
C:\Users\Christina\AppData\Local\Temp\_is2C8D.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-24 16:45
==================== End Of Log ============================
Hier die Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2015
Ran by Christina at 2015-02-07 11:34:42
Running from C:\Users\Christina\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
AAVUpdateManager (HKLM-x32\...\{DF6FE172-006A-4324-AF7F-ACFE4BA290FE}) (Version: 12.00.0000 - Akademische Arbeitsgemeinschaft)
ABBYY PDF Transformer 3.0 (HKLM-x32\...\ABBYY PDF Transformer 3.0) (Version: 3.00.145.7091 - ABBYY)
ABBYY PDF Transformer 3.0 (Version: 3.00.145.7091 - ABBYY) Hidden
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.2.7222 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.2.7222 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.19 - NewTech Infosystems)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1) (Version: 6.1.0.2 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.02.0722 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3017 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media)
AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - BlueByte)
Apple Application Support (HKLM-x32\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
Assassin's Creed (HKLM-x32\...\Steam App 15100) (Version: - Ubisoft Montreal)
ATI AVIVO64 Codecs (Version: 10.12.0.41124 - ATI Technologies Inc.) Hidden
Backup Manager Advance (x32 Version: 2.0.2.19 - NewTech Infosystems) Hidden
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.5.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.1.0 - Electronic Arts)
Battlefield™ Hardline-Beta (HKLM-x32\...\{F5526D9D-13AD-4270-8707-AC921D168299}) (Version: 1.0.0.1 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.2.0.7 - )
Blocks That Matter (HKLM-x32\...\Steam App 111800) (Version: - Swing Swing Submarine)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brockhaus multimedial 2010 (HKLM-x32\...\{50D69C54-6963-49A6-B762-A9FF8F56AF0F}) (Version: 12.00.0000 - wissenmedia GmbH)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.10.0.16 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.4.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cook, Serve, Delicious! (HKLM-x32\...\Steam App 247020) (Version: - Vertigo Gaming)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version: - Oberon Media)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Deponia (HKLM-x32\...\Steam App 214340) (Version: - Daedalic Entertainment)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.4.83.1010 - Electronic Arts Inc.)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.237.100 - Electronic Arts Inc.)
DinerTown Tycoon (HKLM-x32\...\BFG-DinerTown Tycoon) (Version: - )
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media)
FEZ (HKLM-x32\...\Steam App 224760) (Version: - Polytron Corporation)
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version: - Oberon Media)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media)
Hotfix für Microsoft Visual C++ 2010 Express - DEU (KB2635973) (HKLM-x32\...\{DEEB5FE3-40F5-3C5B-8F85-5306EF3C08F4}.KB2635973) (Version: 1 - Microsoft Corporation)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3003 - Acer Incorporated)
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{D8057953-CCF0-48B3-B61D-762C580B2A10}) (Version: 25.0.571.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
HP Update (HKLM-x32\...\{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}) (Version: 5.003.000.004 - Hewlett-Packard)
ICQ 8.0 (build 6008, für aktuellen Benutzer) (HKU\S-1-5-21-3084994950-1413212936-3447986044-1000\...\ICQ) (Version: 8.0.6008.0 - Mail.Ru)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iTunes (HKLM\...\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}) (Version: 11.0.1.12 - Apple Inc.)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java SE Development Kit 7 Update 67 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170670}) (Version: 1.7.0.670 - Oracle)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Logitech Gaming Software 8.46 (HKLM\...\Logitech Gaming Software) (Version: 8.46.27 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.303 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.303 - LogMeIn, Inc.) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3084994950-1413212936-3447986044-1000\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
Nero 9 Essentials (HKLM-x32\...\{f174fe50-f02d-4952-a49d-bae9bf7d488a}) (Version: - Nero AG)
Net4Players Launcher Version 0.1 (HKLM-x32\...\{686082EC-BFF8-4C79-AA64-372A05B0662F}_is1) (Version: 0.1 - Net4Players Gaming Organization)
NETGEAR WNDA4100 Genie (HKLM-x32\...\InstallShield_{422FB885-2E3D-4F0C-8C47-BF4336B5318B}) (Version: 1.2.0.10 - NETGEAR)
NETGEAR WNDA4100 Genie (x32 Version: 1.2.0.10 - NETGEAR) Hidden
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NVIDIA PhysX (HKLM-x32\...\{9530AE42-DAE1-4619-9594-B23487285D17}) (Version: 9.11.1107 - NVIDIA Corporation)
Octodad: Dadliest Catch (HKLM-x32\...\Steam App 224480) (Version: - Young Horses)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.3.2637 - Electronic Arts, Inc.)
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}) (Version: 7.60.92.0 - Apple Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.4-1.0.12786.82 - raidcall.com)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5969 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version: - Frontier)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
Scribblenauts Unmasked (HKLM-x32\...\Steam App 249870) (Version: - 5th Cell Media)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sound Blaster Tactic(3D) (HKLM-x32\...\{92000C16-939B-44CA-802F-0D552019D7C8}) (Version: 1.0 - Creative Technology Limited)
SPEEDLINK USB GAMEPAD (HKLM-x32\...\{9C42F308-A660-4445-9269-A740EEDCC1F0}) (Version: 09.28.2009 - SPEEDLINK)
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version: - DoubleDutch Games)
Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version: - Oberon Media)
Spotify (HKU\S-1-5-21-3084994950-1413212936-3447986044-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
State of Decay (HKLM-x32\...\Steam App 241540) (Version: - Undead Labs)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stranded Deep (HKLM-x32\...\Steam App 313120) (Version: - Beam Team Games)
Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version: - Bossa Studios)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-3084994950-1413212936-3447986044-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.)
The Escapists (HKLM-x32\...\Steam App 298630) (Version: - Mouldy Toof Studios)
The Forest (HKLM-x32\...\Steam App 242760) (Version: - Endnight Games Ltd)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
Wildlife Park 3 (HKLM-x32\...\Steam App 287200) (Version: - b-Alive)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3084994950-1413212936-3447986044-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Christina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3084994950-1413212936-3447986044-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Christina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3084994950-1413212936-3447986044-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Christina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3084994950-1413212936-3447986044-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Christina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3084994950-1413212936-3447986044-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Christina\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
04-02-2015 22:49:11 Windows Update
05-02-2015 21:45:55 Windows Update
07-02-2015 00:56:30 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {11E6B9AA-13B7-44CC-8F58-776F1DB61F2A} - System32\Tasks\{21799139-A601-48CA-A79F-AEB4C1107060} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/202990
Task: {3EE7C629-863D-4255-9F62-B391135149A8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5CFE8D6C-0FB0-4ECF-83D7-61798B0ECDAC} - System32\Tasks\{F9ADEABE-09FD-4438-8116-1D5FA9A5E189} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/abandoninstall?page=tsProgressBar
Task: {68E5EA57-D9DC-4AC1-91DC-535DD79ABAA1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {92F0B97E-BE91-4C55-BC68-0FDE99A5AF44} - System32\Tasks\hpUrlLauncher.exe_{AE533BAE-14C7-4E86-8796-D0E4130A3226} => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\utils\hpUrlLauncher.exe [2011-06-08] (Hewlett-Packard Co.)
Task: {BEB6F7EE-9630-477A-A36F-D0461C810B50} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {C99B8EDB-57F5-4996-ACFB-FC7156D702C2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {CEB60C8E-DBA7-43BB-ACE2-CFE07B4C6214} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()
Task: {D0496398-79B0-435A-B5D4-5726F0039152} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Christina-PC-Christina Christina-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-11-04] (Microsoft Corporation)
Task: {DB9F564B-6129-475C-97EB-32468688F9B0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-12] (Microsoft Corporation)
Task: {DDEFC5D8-EC68-43E1-A199-B6EC2472138D} - System32\Tasks\{737C35CC-D289-4E34-A02A-48FEF4B50689} => pcalua.exe -a C:\Users\Christina\Downloads\pbsetup\pbsetup.exe -d C:\Users\Christina\Downloads\pbsetup
Task: {E55776B3-044D-4D6D-8963-941D84B994E3} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E733E0A0-1CC3-46BE-9F82-672E9732FD47} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
==================== Loaded Modules (whitelisted) ==============
2008-10-25 00:35 - 2008-10-25 00:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2014-10-08 10:50 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-01-03 18:25 - 2015-02-03 17:02 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-06-08 22:57 - 2011-06-08 22:57 - 02812776 _____ () C:\Windows\system32\HPScanTRDrv_DJ3050A_J611.dll
2009-12-14 03:19 - 2009-12-09 10:24 - 00076320 _____ () C:\OEM\USBDECTION\USBS3S4Detection.exe
2012-08-30 12:46 - 2013-10-03 09:42 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2010-03-26 03:29 - 2010-03-26 03:29 - 00563744 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
2013-09-27 20:18 - 2014-12-11 21:02 - 00374840 _____ () C:\Users\Christina\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-17 20:39 - 2013-06-02 16:14 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2009-02-03 01:33 - 2009-02-03 01:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 01:55 - 2008-09-29 01:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2014-01-29 21:38 - 2015-02-03 14:12 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-01-29 21:38 - 2015-02-03 14:12 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-01-29 21:38 - 2015-02-03 14:12 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-01-29 21:38 - 2015-02-03 14:12 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-01-29 21:38 - 2015-02-03 14:12 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-01-29 21:38 - 2015-02-03 14:12 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-01-29 21:38 - 2015-02-03 14:12 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-01-29 21:38 - 2015-02-03 14:12 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-08-28 21:48 - 2014-12-01 22:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-28 21:48 - 2014-12-01 22:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-28 21:48 - 2014-12-01 22:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-28 21:48 - 2014-12-01 22:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2013-03-25 13:23 - 2014-11-11 19:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-21 17:17 - 2014-12-02 01:29 - 05002752 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-21 17:17 - 2014-12-02 01:29 - 01612800 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-21 17:17 - 2014-12-02 01:29 - 01210368 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-23 11:49 - 2015-01-23 23:34 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-28 21:48 - 2014-12-01 22:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-02-10 15:35 - 2015-01-23 23:33 - 00696512 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-04-03 16:57 - 2013-04-03 16:57 - 00851456 _____ () C:\Users\Christina\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll
2012-08-30 12:39 - 2013-10-03 09:42 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2013-01-09 10:09 - 2013-01-09 10:09 - 00118784 _____ () C:\Program Files (x86)\NETGEAR\WNDA4100\Ralink.dll
2014-11-19 11:39 - 2014-11-19 11:39 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2010-03-26 03:29 - 2010-03-26 03:29 - 00154144 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll
2012-08-17 20:38 - 2012-08-17 20:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2013-02-10 15:35 - 2015-01-16 00:42 - 34641288 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2014-08-14 01:37 - 2014-08-14 01:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 01:37 - 2014-08-14 01:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2013-11-21 01:05 - 2013-11-21 01:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 01:56 - 2014-06-18 01:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 00:06 - 2010-11-23 00:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2014-08-18 10:10 - 2015-01-16 00:42 - 01709960 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2013-01-03 16:14 - 2014-12-11 21:02 - 36966968 _____ () C:\Users\Christina\AppData\Roaming\Spotify\Data\libcef.dll
2014-07-19 11:42 - 2014-12-11 21:02 - 00867896 _____ () C:\Users\Christina\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2013-09-27 20:18 - 2014-12-11 21:02 - 00886840 _____ () C:\Users\Christina\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-09-27 20:18 - 2014-12-11 21:02 - 00108600 _____ () C:\Users\Christina\AppData\Roaming\Spotify\Data\libegl.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F
AlternateDataStreams: C:\ProgramData\Temp:A4BF246C
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Registry Areas =====================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3084994950-1413212936-3447986044-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Christina\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-3084994950-1413212936-3447986044-500 - Administrator - Disabled)
Christina (S-1-5-21-3084994950-1413212936-3447986044-1000 - Administrator - Enabled) => C:\Users\Christina
Gast (S-1-5-21-3084994950-1413212936-3447986044-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/04/2015 10:14:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm csgo.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 206c
Startzeit: 01d040bf7f89dd23
Endzeit: 21
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Berichts-ID:
Error: (02/03/2015 11:13:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bfh.exe, Version: 1.0.0.0, Zeitstempel: 0x54cd64c8
Name des fehlerhaften Moduls: bfh.exe, Version: 1.0.0.0, Zeitstempel: 0x54cd64c8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000036bf3c3
ID des fehlerhaften Prozesses: 0x21c0
Startzeit der fehlerhaften Anwendung: 0xbfh.exe0
Pfad der fehlerhaften Anwendung: bfh.exe1
Pfad des fehlerhaften Moduls: bfh.exe2
Berichtskennung: bfh.exe3
Error: (02/03/2015 05:22:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: bfh.exe, Version: 1.0.0.0, Zeitstempel: 0x54cd64c8
Name des fehlerhaften Moduls: bfh.exe, Version: 1.0.0.0, Zeitstempel: 0x54cd64c8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000036bf3c3
ID des fehlerhaften Prozesses: 0x24c0
Startzeit der fehlerhaften Anwendung: 0xbfh.exe0
Pfad der fehlerhaften Anwendung: bfh.exe1
Pfad des fehlerhaften Moduls: bfh.exe2
Berichtskennung: bfh.exe3
Error: (02/02/2015 09:33:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm csgo.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1b44
Startzeit: 01d03f2732ad1c68
Endzeit: 50
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Berichts-ID:
Error: (02/02/2015 09:31:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm csgo.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 19b0
Startzeit: 01d03f26f3c37415
Endzeit: 25
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Berichts-ID:
Error: (02/02/2015 09:29:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm csgo.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1094
Startzeit: 01d03f26c0bbf64d
Endzeit: 37
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Berichts-ID:
Error: (02/02/2015 07:29:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm csgo.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 233c
Startzeit: 01d03f15f8e34b2f
Endzeit: 30
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
Berichts-ID:
Error: (02/02/2015 04:33:32 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (02/02/2015 04:33:29 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/02/2015 04:33:29 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"1".
Die abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (02/07/2015 11:24:19 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 20.
Error: (02/07/2015 00:57:48 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800b0100 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB2654428)
Error: (02/06/2015 11:31:32 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "PASCAL",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4801B5B5-A25C-4E87-80EF-0DC0776A5F9E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/06/2015 11:19:35 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "PASCAL",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4801B5B5-A25C-4E87-80EF-0DC0776A5F9E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/06/2015 11:17:25 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "SIGRIDPASCHK-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4801B5B5-A25C-4E87-80EF-0DC0776A5F9E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/06/2015 10:43:36 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "PASCAL",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4801B5B5-A25C-4E87-80EF-0DC0776A5F9E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/06/2015 05:43:43 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "PASCAL",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4801B5B5-A25C-4E87-80EF-0DC0776A5F9E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/05/2015 09:47:18 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800b0100 fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB2654428)
Error: (02/05/2015 06:53:01 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "PASCAL",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4801B5B5-A25C-4E87-80EF-0DC0776A5F9E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (02/05/2015 06:49:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Intel(R) Management & Security Application User Notification Service" wurde nicht richtig gestartet.
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-10-12 19:53:01.686
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-12 19:53:01.683
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-12 19:53:01.680
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-12 19:53:01.643
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-12 19:53:01.640
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-12 19:53:01.636
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 20:54:41.903
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 20:54:41.901
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 20:54:41.898
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-10 20:54:41.854
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz
Percentage of memory in use: 51%
Total physical RAM: 6071.06 MB
Available physical RAM: 2920.25 MB
Total Pagefile: 12140.31 MB
Available Pagefile: 8347.92 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:453.45 GB) (Free:52.9 GB) NTFS
Drive d: (DATA) (Fixed) (Total:453.96 GB) (Free:453.09 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E92CB9AB)
Partition 1: (Not Active) - (Size=24 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=454 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
07.02.2015, 15:46
| #4 |
| /// the machine /// TB-Ausbilder | Telekom Abuse Team: "Virus/Trojaner infiziert" Jetzt bitte von allen andern Windows Rechnern im Netz den FRST Scan
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.02.2015, 16:45
| #5 |
| | Telekom Abuse Team: "Virus/Trojaner infiziert" Laptop #1: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2015
Ran by Christina (administrator) on CHRISTINAVAIO on 07-02-2015 16:39:18
Running from C:\Users\Chris_000\Desktop
Loaded Profiles: Christina (Available profiles: Christina)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-10-09] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-10-09] (Atheros Communications)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-09-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-17] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40312 2013-09-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe [24504 2013-04-27] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-12] (Geek Software GmbH)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2014-10-16] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.)
HKU\S-1-5-21-3187777731-295148701-2232249943-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3187777731-295148701-2232249943-1001\...\MountPoints2: {b3418a35-1e8e-11e4-824f-806e6f6e6963} - "D:\CR_USB.exe"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3187777731-295148701-2232249943-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
HKU\S-1-5-21-3187777731-295148701-2232249943-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-3187777731-295148701-2232249943-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-3187777731-295148701-2232249943-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
SearchScopes: HKU\S-1-5-21-3187777731-295148701-2232249943-1001 -> {DA708553-4825-4654-8815-8CA3AC2300AF} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} https://vpn.hrz.tu-darmstadt.de/CACHE/stc/1/binaries/vpnweb.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3187777731-295148701-2232249943-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Chris_000\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3187777731-295148701-2232249943-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013-04-27]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013-04-27]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013-04-27]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013-04-27]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013-04-27]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\urladvisor.crx [2012-08-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\online_banking_chrome.crx [2012-08-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\content_blocker_chrome.crx [2012-08-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\virtkbd.crx [2012-08-17]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ChromeExt\ab.crx [2012-08-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [219776 2012-10-09] (Qualcomm Atheros Commnucations)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356128 2013-10-29] (Kaspersky Lab ZAO)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-01-14] (LogMeIn, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-10-09] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-08-20] (Advanced Micro Devices)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-10-09] (Qualcomm Atheros)
S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-10-09] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-01-20] (LogMeIn Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-01-08] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [627296 2014-10-17] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-01-08] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2013-10-30] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-30] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [50448 2013-04-27] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178448 2013-04-27] (Kaspersky Lab ZAO)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-09-27] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2014-08-15] (Cisco Systems, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-07 16:39 - 2015-02-07 16:39 - 00020515 _____ () C:\Users\Chris_000\Desktop\FRST.txt
2015-02-07 16:38 - 2015-02-07 16:39 - 00000000 ____D () C:\FRST
2015-02-07 16:38 - 2015-02-07 16:38 - 02131968 _____ (Farbar) C:\Users\Chris_000\Desktop\FRST64.exe
2015-02-03 14:44 - 2015-02-03 14:44 - 00000205 _____ () C:\Users\Chris_000\Desktop\Design Pattern Katalog.url
2015-01-27 13:55 - 2015-01-27 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-01-27 13:55 - 2015-01-27 13:55 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-01-20 13:16 - 2015-01-20 13:16 - 00044296 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2015-01-13 13:03 - 2015-01-13 13:03 - 00000000 ____D () C:\WINDOWS\system32\appraiser
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-07 16:35 - 2014-10-05 22:46 - 00003966 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FE608E23-411F-4944-91EE-854027A3998D}
2015-02-07 16:35 - 2014-08-08 01:38 - 01390411 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-07 16:35 - 2013-04-27 14:26 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-02-07 16:33 - 2013-04-12 14:23 - 00000000 ____D () C:\Users\Chris_000\AppData\Local\LogMeIn Hamachi
2015-02-07 16:33 - 2013-01-26 17:44 - 00000000 ____D () C:\Users\Chris_000\AppData\Roaming\Skype
2015-02-07 16:32 - 2014-08-08 01:54 - 00000000 ___RD () C:\Users\Chris_000\OneDrive
2015-02-07 16:30 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-06 23:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-03 14:24 - 2014-10-17 22:46 - 00000000 ____D () C:\Users\Chris_000\workspace_neu
2015-02-03 14:22 - 2014-10-17 22:44 - 00000000 ____D () C:\Users\Chris_000\Documents\eclipse
2015-02-03 14:22 - 2014-10-17 22:34 - 00000000 ____D () C:\Users\Chris_000\AppData\Local\Eclipse
2015-02-03 14:16 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-28 00:05 - 2013-01-26 14:44 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3187777731-295148701-2232249943-1001
2015-01-27 13:55 - 2013-04-12 14:22 - 00000938 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-01-13 14:01 - 2013-04-01 14:24 - 00000232 _____ () C:\Users\Chris_000\Desktop\OpenLearnWare - Plattform für offene Lernmaterialien.url
2015-01-13 13:11 - 2014-10-16 18:24 - 00000000 ____D () C:\Users\Chris_000\Desktop\Software Engineering
2015-01-13 13:06 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-13 13:05 - 2014-03-18 02:50 - 00009734 _____ () C:\WINDOWS\PFRO.log
2015-01-13 13:05 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-13 13:03 - 2014-08-08 00:23 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-01-12 22:52 - 2014-07-17 18:30 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-01-12 22:22 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-12 22:21 - 2013-08-20 19:45 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-12 22:13 - 2013-01-27 23:57 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories =======
2013-10-31 13:28 - 2014-01-14 21:41 - 0000600 _____ () C:\Users\Chris_000\AppData\Roaming\winscp.rnd
2013-10-29 22:12 - 2014-10-16 18:46 - 0000600 _____ () C:\Users\Chris_000\AppData\Local\PUTTY.RND
2014-10-25 16:25 - 2014-10-25 16:25 - 0003987 _____ () C:\Users\Chris_000\AppData\Local\recently-used.xbel
Some content of TEMP:
====================
C:\Users\Chris_000\AppData\Local\Temp\20141017074104500jniverify.dll
C:\Users\Chris_000\AppData\Local\Temp\i4jdel0.exe
C:\Users\Chris_000\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-19 14:42
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2015
Ran by Christina at 2015-02-07 16:41:05
Running from C:\Users\Chris_000\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Reader X (10.1.8) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Catalyst Install Manager (HKLM\...\{AF091FA7-20BF-49D4-4C98-4E4AD04D6FB3}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden
Chronicles of Albian (x32 Version: 2.2.0.110 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco AnyConnect Diagnostics and Reporting Tool (HKLM-x32\...\{27FED182-0403-4215-AD61-950D3411F4B2}) (Version: 3.1.05187 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05187 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05187 - Cisco Systems, Inc.) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1923 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.5601.52 - CyberLink Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
gedit 2.30.1 (HKLM-x32\...\gedit_is1) (Version: 2.30.1 - GNOME)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Heroes of Hellas 3: Athens (x32 Version: 2.2.0.110 - WildTangent) Hidden
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 38645) (Version: 03.05.11 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.3.1004 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kaspersky Internet Security 2013 (HKLM-x32\...\InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}) (Version: 13.0.1.4190 - Kaspersky Lab)
Kaspersky Internet Security 2013 (x32 Version: 13.0.1.4190 - Kaspersky Lab) Hidden
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.303 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.303 - LogMeIn, Inc.) Hidden
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
PDF24 Creator 6.9.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.212 - Qualcomm Atheros Communications)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Racket v5.3.1 (x86_64) (HKLM-x32\...\Racket-x86_64-5.3.1) (Version: 5.3.1 - PLT Scheme Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.28121 - Realtek Semiconductor Corp.)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.16.2 - Synaptics Incorporated)
Texmaker (HKLM-x32\...\Texmaker) (Version: - )
Unity Web Player (HKU\S-1-5-21-3187777731-295148701-2232249943-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.0.1.10180 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.0.0.08200 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.2.0.08150 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.0.08140 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.0.0.08060 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.0.0.08240 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.0.0.08240 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.0.00.08170 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.0.0.08090 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.0.08240 - Sony Corporation)
VAIO Movie Creator Template Data (HKLM-x32\...\InstallShield_{00A663F1-6C03-48CA-8E85-55806AAE2615}) (Version: 4.0.00.08170 - Sony Corporation)
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.8.0.08212 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
Visual Paradigm 11.2 (HKLM\...\1106-5897-7327-6550) (Version: 11.2 - Visual Paradigm International Ltd.)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WildTangent Games App (x32 Version: 4.0.8.7 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent sony Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WinSCP 5.1.7 (HKLM-x32\...\winscp3_is1) (Version: 5.1.7 - Martin Prikryl)
Xming 6.9.0.31 (HKLM-x32\...\Xming_is1) (Version: 6.9.0.31 - Colin Harrison)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
12-01-2015 22:04:18 Windows Modules Installer
06-02-2015 23:02:00 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {01B5D7ED-C6A2-4A86-8174-3275F7241F24} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)
Task: {05B13A9D-A0B9-499F-909B-516E52D6EE96} - System32\Tasks\{C02BAF8C-7EFD-4327-BA28-74078AC0D361} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/abandoninstall?page=tsProgressBar
Task: {16F899CC-21C6-4170-ADD3-AD1E48BF52F2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {3EB3E36E-783A-441D-A709-0EF733B8737D} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {57CC8072-0E45-4D15-921F-9FE3BBAB62F2} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {5D4B1DB2-2B2B-4E6B-8446-3EACBDFB1A2F} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-07-31] (Sony Corporation)
Task: {6CDA4833-4C85-4879-8304-F25F3A4B70F2} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {7B2C295E-4DE5-46D8-86B0-61DBBC109850} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {83D692E8-8516-4574-AAB8-479FB8A008DA} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {886697D9-5600-494D-81F9-8C1DFC74EF09} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-10-19] (Sony Corporation)
Task: {8DE2D0B5-92F4-4A16-97CD-464E06B04404} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {91006DBE-6C2F-4E2E-A1BA-33354C6B9B0A} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {AA93A270-2746-40D9-877D-32E1371AC0EC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B375C6D0-EE6D-4ECF-93D4-3A1B06C99CB5} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)
Task: {B781DC8A-E2D2-4CD6-BD49-4AE7D191797B} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {BEAC03A5-3DC9-4271-BC62-4948A873047C} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-08-14] (Sony Corporation)
Task: {E14389C4-CC09-404D-ADDA-BF25F8D2D8BB} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {E3E88C47-2E95-4BF5-8E9F-5A31E5D081B9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-12] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Loaded Modules (whitelisted) ==============
2014-07-17 18:30 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-10-09 13:02 - 2012-10-09 13:02 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-10-09 12:57 - 2012-10-09 12:57 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2012-10-09 12:59 - 2012-10-09 12:59 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2012-10-09 13:02 - 2012-10-09 13:02 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2014-10-16 06:48 - 2014-10-16 06:48 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-08-17 20:39 - 2013-04-27 14:45 - 01310136 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kpcengine.2.2.dll
2012-10-19 02:39 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-08-17 20:38 - 2012-08-17 20:38 - 00479160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll
2012-10-19 03:20 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 10:34 - 2012-06-08 10:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Chris_000\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Registry Areas =====================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3187777731-295148701-2232249943-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Chris_000\Pictures\lg-g3-wallpaper-2.jpg
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-3187777731-295148701-2232249943-500 - Administrator - Disabled)
Christina (S-1-5-21-3187777731-295148701-2232249943-1001 - Administrator - Enabled) => C:\Users\Chris_000
Gast (S-1-5-21-3187777731-295148701-2232249943-501 - Limited - Disabled)
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Qualcomm Atheros AR3012 Bluetooth(R) Adapter
Description: Qualcomm Atheros AR3012 Bluetooth(R) Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/07/2015 04:32:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NetworkClient.EXE, Version: 1.1.1.9270, Zeitstempel: 0x52456d3d
Name des fehlerhaften Moduls: MSVCR110.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000135
Fehleroffset: 0x00000000000ec0b4
ID des fehlerhaften Prozesses: 0x1eb4
Startzeit der fehlerhaften Anwendung: 0xNetworkClient.EXE0
Pfad der fehlerhaften Anwendung: NetworkClient.EXE1
Pfad des fehlerhaften Moduls: NetworkClient.EXE2
Berichtskennung: NetworkClient.EXE3
Vollständiger Name des fehlerhaften Pakets: NetworkClient.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NetworkClient.EXE5
Error: (02/07/2015 01:11:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15156
Error: (02/07/2015 01:11:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15156
Error: (02/07/2015 01:11:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/06/2015 10:37:11 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database
Error: (02/06/2015 10:37:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NetworkClient.EXE, Version: 1.1.1.9270, Zeitstempel: 0x52456d3d
Name des fehlerhaften Moduls: MSVCR110.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000135
Fehleroffset: 0x00000000000ec0b4
ID des fehlerhaften Prozesses: 0xa74
Startzeit der fehlerhaften Anwendung: 0xNetworkClient.EXE0
Pfad der fehlerhaften Anwendung: NetworkClient.EXE1
Pfad des fehlerhaften Moduls: NetworkClient.EXE2
Berichtskennung: NetworkClient.EXE3
Vollständiger Name des fehlerhaften Pakets: NetworkClient.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NetworkClient.EXE5
Error: (02/03/2015 02:19:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 21 104.2.168.192.in-addr.arpa. PTR ChristinaVAIO.local.
Error: (02/03/2015 02:19:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.104:5353 14 104.2.168.192.in-addr.arpa. PTR Pascal.local.
Error: (02/03/2015 02:17:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NetworkClient.EXE, Version: 1.1.1.9270, Zeitstempel: 0x52456d3d
Name des fehlerhaften Moduls: MSVCR110.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22
Ausnahmecode: 0xc0000135
Fehleroffset: 0x00000000000ec0b4
ID des fehlerhaften Prozesses: 0x69c
Startzeit der fehlerhaften Anwendung: 0xNetworkClient.EXE0
Pfad der fehlerhaften Anwendung: NetworkClient.EXE1
Pfad des fehlerhaften Moduls: NetworkClient.EXE2
Berichtskennung: NetworkClient.EXE3
Vollständiger Name des fehlerhaften Pakets: NetworkClient.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NetworkClient.EXE5
Error: (01/28/2015 00:02:13 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
System errors:
=============
Error: (02/06/2015 11:23:51 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (02/06/2015 11:23:51 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (01/27/2015 01:55:58 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (01/19/2015 02:24:59 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.2.100 mit dem Computer mit der
Netzwerkhardwareadresse 00-9C-02-30-3C-B0 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.
Error: (01/14/2015 04:12:24 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.2.104 mit dem Computer mit der
Netzwerkhardwareadresse 28-C6-8E-4F-EC-7F ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.
Error: (01/11/2015 03:06:26 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.2.101 mit dem Computer mit der
Netzwerkhardwareadresse 00-9C-02-30-3C-B0 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.
Error: (12/29/2014 06:51:54 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (12/16/2014 10:08:44 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 192.168.2.108 mit dem Computer mit der
Netzwerkhardwareadresse 50-56-BF-33-F5-A9 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.
Error: (12/13/2014 03:19:33 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ClickToRunSvc erreicht.
Error: (12/13/2014 03:19:02 AM) (Source: NetBT) (EventID: 4311) (User: )
Description: Es ist ein Initialisierungsfehler aufgetreten, da der Treiber nicht erstellt werden konnte.
Verwenden Sie die Zeichenfolge "7A791927DC8A", um die Schnittstelle zu identifizieren, die nicht initialisiert werden
konnte. Sie stellt die MAC-Adresse der Schnittstelle mit dem Initialisierungsfehler oder die
GUID (Globally Unique Interface Identifier) dar, wenn NetBT keine Zuordnung
von der GUID zur MAC-Adresse herstellen konnte. Wenn weder die MAC-Adresse noch die GUID verfügbar
waren, dann stellt die Zeichenfolge einen Clustergerätenamen dar.
Microsoft Office Sessions:
=========================
Error: (02/07/2015 04:32:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: NetworkClient.EXE1.1.1.927052456d3dMSVCR110.dll6.3.9600.1727853eebd22c000013500000000000ec0b41eb401d042eb51841e3cC:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXEMSVCR110.dll90e2aef1-aede-11e4-bea8-5453ed2fd8ff
Error: (02/07/2015 01:11:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15156
Error: (02/07/2015 01:11:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15156
Error: (02/07/2015 01:11:35 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/06/2015 10:37:11 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883
Error: (02/06/2015 10:37:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: NetworkClient.EXE1.1.1.927052456d3dMSVCR110.dll6.3.9600.1727853eebd22c000013500000000000ec0b4a7401d042550a7c059fC:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXEMSVCR110.dll495e9387-ae48-11e4-bea8-5453ed2fd8ff
Error: (02/03/2015 02:19:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 21 104.2.168.192.in-addr.arpa. PTR ChristinaVAIO.local.
Error: (02/03/2015 02:19:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.2.104:5353 14 104.2.168.192.in-addr.arpa. PTR Pascal.local.
Error: (02/03/2015 02:17:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: NetworkClient.EXE1.1.1.927052456d3dMSVCR110.dll6.3.9600.1727853eebd22c000013500000000000ec0b469c01d03fb3af15a057C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXEMSVCR110.dllfd26e64f-aba6-11e4-bea8-5453ed2fd8ff
Error: (01/28/2015 00:02:13 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU B980 @ 2.40GHz
Percentage of memory in use: 47%
Total physical RAM: 4043.28 MB
Available physical RAM: 2111.55 MB
Total Pagefile: 4875.28 MB
Available Pagefile: 2789.44 MB
Total Virtual: 131072 MB
Available Virtual: 131071.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:435.46 GB) (Free:306.68 GB) NTFS
Drive d: (crosley USB) (CDROM) (Total:0.1 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: BBC6D977)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
07.02.2015, 16:57
| #6 |
| | Telekom Abuse Team: "Virus/Trojaner infiziert" PC #2: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2015
Ran by Pascal (administrator) on PASCAL on 07-02-2015 16:53:44
Running from C:\Users\Pascal\Desktop
Loaded Profiles: Pascal (Available profiles: Pascal)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> services.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
Failed to access process -> csrss.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
Failed to access process -> csrss.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
Failed to access process -> csrss.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
Failed to access process -> csrss.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\Pascal\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Pascal\AppData\Local\Akamai\netsession_win.exe
(Spotify Ltd) C:\Users\Pascal\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Spotify Ltd) C:\Users\Pascal\AppData\Roaming\Spotify\spotify.exe
() C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
() C:\Users\Pascal\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Pascal\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Pascal\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Pascal\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Pascal\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
Failed to access process -> svchost.exe
() C:\Users\Pascal\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2012-08-22] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-01-05] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3977576 2015-01-20] (LogMeIn Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKU\S-1-5-21-3303894935-130355564-178475123-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-3303894935-130355564-178475123-1001\...\Run: [RGSC] => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
HKU\S-1-5-21-3303894935-130355564-178475123-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-3303894935-130355564-178475123-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Pascal\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3303894935-130355564-178475123-1001\...\Run: [Spotify Web Helper] => C:\Users\Pascal\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-01-29] (Spotify Ltd)
HKU\S-1-5-21-3303894935-130355564-178475123-1001\...\Run: [Spotify] => C:\Users\Pascal\AppData\Roaming\Spotify\spotify.exe [6737976 2015-01-29] (Spotify Ltd)
HKU\S-1-5-21-3303894935-130355564-178475123-1001\...\MountPoints2: {ea57ad50-b11f-11e3-be6f-806e6f6e6963} - "E:\Autorun.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Genie.lnk
ShortcutTarget: NETGEAR WNDA3100v2 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKU\S-1-5-21-3303894935-130355564-178475123-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
HKU\S-1-5-21-3303894935-130355564-178475123-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
SearchScopes: HKLM -> {834FEEF3-8162-4953-8306-0C21A0148F1D} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {834FEEF3-8162-4953-8306-0C21A0148F1D} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3303894935-130355564-178475123-1001 -> {834FEEF3-8162-4953-8306-0C21A0148F1D} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKU\S-1-5-21-3303894935-130355564-178475123-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
FireFox:
========
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKU\S-1-5-21-3303894935-130355564-178475123-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Модуль перевірки посилань - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\url_advisor@kaspersky.com [2014-05-28]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Віртуальна клавіатура - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-05-28]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Модуль блокування небезпечних веб-сайтів - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\content_blocker@kaspersky.com [2014-05-28]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Chặn quảng cáo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\anti_banner@kaspersky.com [2014-05-28]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Безпечні платежі - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com [2014-05-28]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [blbkdnmdcafmfhinpmnlhhddbepgkeaa] - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx [2013-10-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2014-12-03] ()
R2 CLHNServiceForPowerDVD12; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [89864 2013-06-10] (CyberLink Corp.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-06-10] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [294664 2013-06-10] (CyberLink)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-06-07] (Hewlett-Packard Company) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129336 2013-01-31] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-31] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-01-14] (LogMeIn, Inc.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [5268336 2014-03-25] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-19] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2014-12-20] ()
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-01-05] (IDT, Inc.) [File not signed]
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-03-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [305200 2012-09-18] () [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-22] (Qualcomm Atheros Communications, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-15] (CyberLink)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-01-20] (LogMeIn Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-05-28] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-05-28] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [115296 2014-05-28] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-05-28] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-05-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-05-28] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-05-28] (Kaspersky Lab ZAO)
S3 NPF; C:\Windows\system32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R2 ntk_PowerDVD12; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [84168 2013-03-12] (Cyberlink Corp.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [29472 2012-09-05] (SerComm Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-07 16:53 - 2015-02-07 16:54 - 00023749 _____ () C:\Users\Pascal\Desktop\FRST.txt
2015-02-07 16:53 - 2015-02-07 16:53 - 02132992 _____ (Farbar) C:\Users\Pascal\Desktop\FRST64.exe
2015-02-07 16:53 - 2015-02-07 16:53 - 00000000 ____D () C:\FRST
2015-02-06 22:35 - 2015-02-06 23:18 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-02-04 14:23 - 2015-02-04 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-02-04 14:23 - 2015-02-04 14:23 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-02-04 14:23 - 2015-02-04 14:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-02-03 22:55 - 2015-02-03 22:56 - 00354360 _____ () C:\WINDOWS\Minidump\020315-28500-01.dmp
2015-02-03 22:09 - 2015-02-03 22:10 - 00363280 _____ () C:\WINDOWS\Minidump\020315-37015-01.dmp
2015-02-03 18:11 - 2015-02-03 18:12 - 00350728 _____ () C:\WINDOWS\Minidump\020315-27187-01.dmp
2015-02-03 18:02 - 2015-02-03 18:02 - 00353072 _____ () C:\WINDOWS\Minidump\020315-41000-01.dmp
2015-02-03 17:44 - 2015-02-03 17:45 - 00365176 _____ () C:\WINDOWS\Minidump\020315-25828-01.dmp
2015-02-02 15:10 - 2015-02-02 15:11 - 00413936 _____ () C:\WINDOWS\Minidump\020215-26218-01.dmp
2015-01-29 13:58 - 2015-02-04 14:00 - 00000000 ____D () C:\Users\Pascal\AppData\Local\Spotify
2015-01-29 13:58 - 2015-01-29 13:58 - 00001825 _____ () C:\Users\Pascal\Desktop\Spotify.lnk
2015-01-29 13:58 - 2015-01-29 13:58 - 00001811 _____ () C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-01-29 13:55 - 2015-02-07 16:21 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Spotify
2015-01-29 13:55 - 2015-01-29 13:55 - 00137888 _____ (Spotify Ltd) C:\Users\Pascal\Downloads\SpotifySetup.exe
2015-01-27 21:07 - 2015-01-27 21:07 - 00001802 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-01-27 21:07 - 2015-01-27 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-27 21:07 - 2015-01-27 21:07 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-27 21:07 - 2015-01-27 21:07 - 00000000 ____D () C:\Program Files\iTunes
2015-01-27 21:07 - 2015-01-27 21:07 - 00000000 ____D () C:\Program Files\iPod
2015-01-27 21:07 - 2015-01-27 21:07 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-22 21:04 - 2015-01-22 21:06 - 00000000 ____D () C:\Users\Pascal\Documents\GTA San Andreas User Files
2015-01-21 20:46 - 2015-01-21 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-01-21 20:46 - 2015-01-21 20:46 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2015-01-20 13:16 - 2015-01-20 13:16 - 00044296 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2015-01-15 20:53 - 2015-01-15 20:54 - 00349368 _____ () C:\WINDOWS\Minidump\011515-26421-01.dmp
2015-01-15 19:05 - 2015-01-15 19:11 - 00065536 _____ () C:\WINDOWS\SysWOW64\㩣灜潲牧浡慤慴歜獡数獲祫氠扡慜灶㐱〮〮摜瑡屡潭畤敬彳湩敶瑮牯慤
2015-01-14 14:39 - 2014-12-19 07:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-01-14 14:39 - 2014-12-12 03:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-01-14 14:39 - 2014-12-12 01:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-01-14 14:39 - 2014-12-09 02:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-01-14 14:39 - 2014-12-06 04:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-01-14 14:39 - 2014-12-06 02:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-01-14 14:39 - 2014-10-29 02:24 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2015-01-14 14:39 - 2014-10-29 02:01 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2015-01-14 14:38 - 2014-12-08 20:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-01-14 14:38 - 2014-12-08 20:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-01-14 14:38 - 2014-12-08 20:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-01-14 14:38 - 2014-12-08 20:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-01-14 14:38 - 2014-12-08 20:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-01-14 14:38 - 2014-12-08 20:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-14 14:38 - 2014-12-08 20:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-01-14 14:38 - 2014-12-08 20:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-01-14 14:38 - 2014-12-06 02:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-14 14:38 - 2014-10-29 05:00 - 00465320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2015-01-14 14:38 - 2014-10-29 05:00 - 00139984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2015-01-14 14:38 - 2014-10-29 04:52 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-14 14:38 - 2014-10-29 04:52 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-14 14:38 - 2014-10-29 04:52 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-14 14:38 - 2014-10-29 04:52 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-14 14:38 - 2014-10-29 04:12 - 00413136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2015-01-14 14:38 - 2014-10-29 04:12 - 00136296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2015-01-14 14:38 - 2014-10-29 04:07 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-14 14:38 - 2014-10-29 04:07 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-14 14:38 - 2014-10-29 04:07 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-01-14 14:38 - 2014-10-29 03:44 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2015-01-14 14:38 - 2014-10-29 02:59 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2015-01-14 14:38 - 2014-10-29 02:02 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-02-07 16:47 - 2014-05-28 20:24 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-02-07 16:47 - 2014-03-21 19:01 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Skype
2015-02-07 16:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-07 15:55 - 2014-03-22 23:36 - 01713557 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-07 15:49 - 2014-03-21 19:00 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3303894935-130355564-178475123-1001
2015-02-07 15:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-07 14:28 - 2014-03-23 00:22 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E82974C0-270F-4FBE-85DD-2C9FC1BA5E58}
2015-02-07 14:27 - 2014-04-07 18:37 - 00000000 ___DO () C:\Users\Pascal\SkyDrive
2015-02-07 14:26 - 2014-08-05 20:44 - 00000000 ____D () C:\Users\Pascal\AppData\Local\LogMeIn Hamachi
2015-02-06 23:38 - 2014-03-21 18:58 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-06 23:02 - 2014-12-21 02:34 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\IHlpr
2015-02-06 22:34 - 2014-05-15 13:26 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\.minecraft
2015-02-06 19:16 - 2014-11-13 20:17 - 00000000 ____D () C:\Users\Pascal\Documents\Assassin's Creed Unity
2015-02-06 14:22 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-04 13:55 - 2013-11-14 08:27 - 02008172 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-04 13:55 - 2013-11-14 08:11 - 00851332 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-04 13:55 - 2013-11-14 08:11 - 00195966 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-04 13:53 - 2013-08-22 15:46 - 00320636 _____ () C:\WINDOWS\setupact.log
2015-02-03 23:12 - 2014-03-22 23:41 - 00000000 ____D () C:\Users\Pascal
2015-02-03 23:12 - 2014-03-22 23:37 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-03 23:12 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-03 22:55 - 2014-04-03 13:39 - 00000000 ____D () C:\WINDOWS\Minidump
2015-02-03 14:00 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-02 19:19 - 2014-03-21 21:31 - 00000000 ____D () C:\Users\Pascal\AppData\Local\CrashDumps
2015-01-30 19:50 - 2014-11-07 15:52 - 00000000 ____D () C:\Users\Pascal\Desktop\Wichtige Schulsachen die niemand braucht
2015-01-29 21:18 - 2013-11-13 23:18 - 01655074 _____ () C:\WINDOWS\PFRO.log
2015-01-27 21:07 - 2014-09-23 18:29 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-01-27 21:07 - 2014-06-20 13:27 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-25 19:34 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-01-24 21:20 - 2013-08-22 16:38 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-01-24 21:20 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-22 21:04 - 2013-08-22 12:22 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-01-22 21:04 - 2013-08-22 12:22 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-01-22 21:04 - 2013-08-22 12:17 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-01-22 21:04 - 2013-08-22 12:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-01-22 21:04 - 2013-08-22 12:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-01-22 21:04 - 2013-08-22 05:05 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-01-22 21:04 - 2013-08-22 05:03 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-01-22 21:04 - 2013-08-22 04:59 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-01-22 21:04 - 2013-08-22 04:56 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-01-22 21:04 - 2013-08-22 04:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-01-22 21:04 - 2013-08-22 04:51 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-01-22 21:04 - 2013-08-22 04:51 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-01-22 21:04 - 2013-08-22 04:51 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-01-22 21:04 - 2013-08-22 04:51 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-01-21 20:46 - 2014-08-05 20:44 - 00000945 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-01-17 14:26 - 2014-11-13 18:44 - 00000000 ____D () C:\Program Files\Assassin's Creed Unity
2015-01-15 19:28 - 2014-10-22 22:02 - 00000000 ____D () C:\download
2015-01-14 16:25 - 2014-03-21 23:37 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-14 16:23 - 2014-03-21 23:37 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories =======
2014-12-18 21:30 - 2014-12-26 17:14 - 0001474 _____ () C:\Users\Pascal\AppData\Roaming\SpeedRunnersLog.txt
2014-12-19 11:22 - 2014-12-19 14:01 - 0002916 _____ () C:\Users\Pascal\AppData\Roaming\TargetInvocationLog.txt
2014-06-18 17:45 - 2014-06-18 17:45 - 0012456 _____ () C:\Users\Pascal\AppData\Local\recently-used.xbel
Some content of TEMP:
====================
C:\Users\Pascal\AppData\Local\Temp\bdfilters.dll
C:\Users\Pascal\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Pascal\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Pascal\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Pascal\AppData\Local\Temp\jansi-32-git-Bukkit-1.6.4-R2.0-26-g31d7c5f-b2943jnks.dll
C:\Users\Pascal\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.2-R0.3-2-g85f5776-b3024jnks.dll
C:\Users\Pascal\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.2-R0.3-6-ga3ae0c6-b3029jnks.dll
C:\Users\Pascal\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.2-R0.3-66-g43d8943-b3078jnks.dll
C:\Users\Pascal\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.2-R0.3-7-g13c4801-b3030jnks.dll
C:\Users\Pascal\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.2-R0.3-66-g43d8943-b3078jnks.dll
C:\Users\Pascal\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.9-R0.2-18-ga04b586-b3107jnks.dll
C:\Users\Pascal\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Pascal\AppData\Local\Temp\jre-8u11-windows-au.exe
C:\Users\Pascal\AppData\Local\Temp\jre-8u25-windows-au.exe
C:\Users\Pascal\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Pascal\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Pascal\AppData\Local\Temp\nvStInst.exe
C:\Users\Pascal\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pascal\AppData\Local\Temp\sonarinst.exe
C:\Users\Pascal\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Pascal\AppData\Local\Temp\UninstallEADM.dll
C:\Users\Pascal\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-07 16:41
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-02-2015
Ran by Pascal at 2015-02-07 16:54:19
Running from C:\Users\Pascal\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A Valley Without Wind (HKLM-x32\...\Steam App 209330) (Version: - Arcen Games, LLC)
A Valley Without Wind 2 (HKLM-x32\...\Steam App 228320) (Version: - Arcen Games, LLC)
AI War: Fleet Command (HKLM-x32\...\Steam App 40400) (Version: - Arcen Games, LLC)
Akamai NetSession Interface (HKU\S-1-5-21-3303894935-130355564-178475123-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{0DEB2EEB-BE9A-44B1-9D90-183250B61785}) (Version: 20.13.3317.03143 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.13.3317.03143 - Alcor Micro Corp.) Hidden
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version: - Reloaded Productions)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (Obsolete) (HKLM-x32\...\Steam App 219540) (Version: - )
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
Assassin’s Creed® III (HKLM-x32\...\Steam App 208480) (Version: - Ubisoft Montreal)
Assassin's Creed (HKLM-x32\...\Steam App 15100) (Version: - Ubisoft Montreal)
Assassin's Creed Brotherhood (HKLM-x32\...\Steam App 48190) (Version: - Ubisoft Montreal)
Assassin's Creed II (HKLM-x32\...\Steam App 33230) (Version: - Ubisoft Montreal)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Assassin's Creed Revelations (HKLM-x32\...\Steam App 201870) (Version: - Ubisoft Montreal)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version: - Dylan Fitterer)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlefield™ Hardline Beta (HKLM-x32\...\{599276A7-F45D-40B1-A0B6-CF132A1CAD49}) (Version: 1.0.0.5 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version: - 2K Marin)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - Treyarch)
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version: - )
Camtasia Studio 8 (HKLM-x32\...\{C4E35316-77F1-4EBD-9785-C72E55B1D219}) (Version: 8.4.2.1768 - TechSmith Corporation)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
Chaos auf Deponia (HKLM-x32\...\Deponia 2) (Version: 1.0 - Daedalic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Crysis (HKLM-x32\...\Steam App 17300) (Version: - Crytek)
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version: - Crytek Studios)
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4.6522 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.3003 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.2.4016 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.2921 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3007 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1.3007 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Deponia (HKLM-x32\...\Deponia) (Version: 1.0 - Daedalic Entertainment)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.54.95 - Electronic Arts)
Die Sims™ 3 Inselparadies (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
Die Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
Drakonia Configurator (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version: - )
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version: - Trendy Entertainment)
Edna & Harvey: Harvey's New Eyes (HKLM-x32\...\Steam App 219910) (Version: - Daedalic Entertainment)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Fable - The Lost Chapters (HKLM-x32\...\Steam App 204030) (Version: - Lionhead Studios)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FarCry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft)
FEZ (HKLM-x32\...\Steam App 224760) (Version: - Polytron Corporation)
Flyff (HKLM-x32\...\{7E210E1C-52A1-40E3-817B-D504E9F64DFA}_is1) (Version: Flyff - WEBZEN Inc)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version: - Coffee Stain Studios)
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version: - Rockstar Games)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version: - Valve)
Hewlett-Packard ACLM.NET v1.2.2.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-3303894935-130355564-178475123-1001\...\HPConnectedMusic) (Version: 1.1 (build 106) hp - Meridian Audio Ltd)
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6668.4491 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{C88F84E5-AE23-44BD-922C-2ABEACACAF7A}) (Version: 7.2.23.56 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6435.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche Studios)
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version: - Avalanche Studios)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
Kingdoms of Amalur: Reckoning™ (HKLM-x32\...\Steam App 102500) (Version: - Big Huge Games)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.303 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.303 - LogMeIn, Inc.) Hidden
Max Payne 3 (HKLM-x32\...\Steam App 204100) (Version: - Rockstar Studios)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3303894935-130355564-178475123-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
NETGEAR WNDA3100v2 wireless USB 2.0 adapter (HKLM-x32\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 2.1.0.3 - NETGEAR)
No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version: - No More Room in Hell Team)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 340.43 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 340.43 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Outlast (HKLM-x32\...\Steam App 238320) (Version: - Red Barrels)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.30153 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.6208 - CyberLink Corp.) Hidden
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version: - Piranha Bytes)
Risen 3 - Titan Lords (HKLM-x32\...\Steam App 249230) (Version: - Piranha Bytes)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SPEEDLINK TORID (HKLM-x32\...\SPEEDLINK TORID) (Version: - )
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version: - DoubleDutch Games)
Spotify (HKU\S-1-5-21-3303894935-130355564-178475123-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)
Synergy (HKLM-x32\...\Steam App 17520) (Version: - Synergy Team)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Forest (HKLM-x32\...\Steam App 242760) (Version: - Endnight Games Ltd)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.5.7 - Electronic Arts)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.10 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.1 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3303894935-130355564-178475123-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Pascal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3303894935-130355564-178475123-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Pascal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3303894935-130355564-178475123-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Pascal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3303894935-130355564-178475123-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Pascal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
22-01-2015 18:17:43 Geplanter Prüfpunkt
27-01-2015 21:13:14 Windows Update
04-02-2015 14:03:29 Removed Microsoft Silverlight
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {22A9E840-A8F6-4355-ACF3-581CAFCD64F1} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-12] (CyberLink)
Task: {3F764F6D-4804-4E16-9823-1A076A688AFC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-06-07] (Hewlett-Packard Company)
Task: {4089D427-B8A4-4ECD-96A2-0CAB15DC6FC8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {6219CB4E-3863-412A-84D9-5995D61599DB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-06-06] (Hewlett-Packard)
Task: {777E4DC0-BD99-4EAF-B8F0-DEA59593FC6C} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {A0E46FF4-198F-4474-AD64-132940F83837} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-06-07] (Hewlett-Packard Company)
Task: {AAEA12CB-01ED-4BA7-9320-75EDD4FC66F6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-11-12] (Microsoft Corporation)
Task: {BAF7E216-BBE5-48A9-B543-A1A89958242F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-11-29] (Hewlett-Packard Company)
Task: {D9322004-9530-40EB-A77A-C12BE380CB26} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E5B6DB61-8DB3-485E-9C87-C7482FBAFB80} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-14] (Microsoft Corporation)
==================== Loaded Modules (whitelisted) ==============
2014-11-07 15:36 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-03-21 21:02 - 2014-12-20 16:56 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-03-21 19:32 - 2012-09-18 18:46 - 00305200 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
2014-03-22 23:37 - 2014-12-13 09:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-21 19:32 - 2012-09-18 18:46 - 08384800 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
2014-06-13 12:55 - 2013-10-29 12:43 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2014-06-13 12:55 - 2012-12-11 10:14 - 00240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2015-01-29 13:58 - 2015-01-29 13:58 - 00374840 _____ () C:\Users\Pascal\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-17 11:35 - 2013-06-17 11:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\dblite.dll
2013-05-08 13:52 - 2013-05-08 13:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\kpcengine.2.3.dll
2014-03-21 19:32 - 2012-09-21 15:25 - 00380928 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiLib.dll
2013-10-20 05:32 - 2013-01-24 00:57 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-10-20 05:35 - 2013-03-12 15:51 - 00626240 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2013-03-12 22:53 - 2013-03-12 22:53 - 00015424 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-01-29 13:58 - 2015-01-29 13:58 - 36966968 _____ () C:\Users\Pascal\AppData\Roaming\Spotify\Data\libcef.dll
2014-03-21 19:32 - 2012-09-18 09:34 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvcLib.dll
2014-06-13 12:55 - 2013-01-15 16:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2014-06-13 12:55 - 2013-11-05 15:31 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2015-01-29 13:58 - 2015-01-29 13:58 - 00867896 _____ () C:\Users\Pascal\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2015-01-29 13:58 - 2015-01-29 13:58 - 00886840 _____ () C:\Users\Pascal\AppData\Roaming\Spotify\Data\libglesv2.dll
2015-01-29 13:58 - 2015-01-29 13:58 - 00108600 _____ () C:\Users\Pascal\AppData\Roaming\Spotify\Data\libegl.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Pascal\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Pascal\SkyDrive.old:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Registry Areas =====================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3303894935-130355564-178475123-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\HP\HP_Svinoya_Norway_Sunset.jpg
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-3303894935-130355564-178475123-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3303894935-130355564-178475123-1003 - Limited - Enabled)
Gast (S-1-5-21-3303894935-130355564-178475123-501 - Limited - Disabled)
Pascal (S-1-5-21-3303894935-130355564-178475123-1001 - Administrator - Enabled) => C:\Users\Pascal
UpdatusUser (S-1-5-21-3303894935-130355564-178475123-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/06/2015 04:50:51 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database
Error: (02/04/2015 02:10:19 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: PASCAL)
Description: Die Anwendung oder der Dienst "Internet Explorer" konnte nicht heruntergefahren werden.
Error: (02/03/2015 11:03:38 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: PASCAL)
Description: Die Anwendung oder der Dienst "Internet Explorer" konnte nicht heruntergefahren werden.
Error: (02/03/2015 02:06:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PASCAL)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (02/03/2015 02:06:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PASCAL)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (02/03/2015 02:03:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CLHNServiceForPowerDVD12.exe, Version: 1.0.0.1222, Zeitstempel: 0x4ef2cbd3
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0xc6fa6eec
ID des fehlerhaften Prozesses: 0x1adc
Startzeit der fehlerhaften Anwendung: 0xCLHNServiceForPowerDVD12.exe0
Pfad der fehlerhaften Anwendung: CLHNServiceForPowerDVD12.exe1
Pfad des fehlerhaften Moduls: CLHNServiceForPowerDVD12.exe2
Berichtskennung: CLHNServiceForPowerDVD12.exe3
Vollständiger Name des fehlerhaften Pakets: CLHNServiceForPowerDVD12.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CLHNServiceForPowerDVD12.exe5
Error: (02/02/2015 07:19:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17416, Zeitstempel: 0x5452eed9
Name des fehlerhaften Moduls: urlmon.dll, Version: 11.0.9600.17496, Zeitstempel: 0x546fdf28
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00013efa
ID des fehlerhaften Prozesses: 0x1b98
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5
Error: (02/02/2015 05:11:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17416 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2224
Startzeit: 01d03f02be1fcd97
Endzeit: 14
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Berichts-ID: 19d4f267-aaf6-11e4-bf7a-78e3b5c4e953
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/01/2015 06:47:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17416 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: c84
Startzeit: 01d03e46f8c6e554
Endzeit: 1466
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Berichts-ID: 4a1a716d-aa3a-11e4-bf79-78e3b5c4e953
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/01/2015 06:46:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17416 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1274
Startzeit: 01d03e46e329011c
Endzeit: 20
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Berichts-ID: 359dc8ed-aa3a-11e4-bf79-78e3b5c4e953
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
System errors:
=============
Error: (02/07/2015 04:43:37 PM) (Source: Ntfs) (EventID: 138) (User: )
Description: Bei "C:\" wurde vom Transaktionsressourcen-Manager ein schwerwiegender Fehler festgestellt, und er wurde heruntergefahren. Der Fehlercode ist in den Daten enthalten.
Error: (02/07/2015 04:40:15 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (02/07/2015 03:49:39 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (02/07/2015 03:49:39 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (02/07/2015 03:49:39 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (02/07/2015 03:14:06 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (02/07/2015 03:14:06 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (02/07/2015 03:12:22 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (02/07/2015 03:12:22 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (02/07/2015 03:08:37 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Microsoft Office Sessions:
=========================
Error: (02/06/2015 04:50:51 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: -2147024883
Error: (02/04/2015 02:10:19 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: PASCAL)
Description: 2C:\Program Files (x86)\Internet Explorer\iexplore.exeInternet Explorer0121778480
Error: (02/03/2015 11:03:38 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: PASCAL)
Description: 1C:\Program Files (x86)\Internet Explorer\iexplore.exeInternet Explorer011175080
Error: (02/03/2015 02:06:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PASCAL)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (02/03/2015 02:06:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PASCAL)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141
Error: (02/03/2015 02:03:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CLHNServiceForPowerDVD12.exe1.0.0.12224ef2cbd3unknown0.0.0.000000000c0000005c6fa6eec1adc01d03fb1c99a7d26c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exeunknown08a7f8a8-aba5-11e4-bf7b-78e3b5c4e953
Error: (02/02/2015 07:19:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.174165452eed9urlmon.dll11.0.9600.17496546fdf28c000000500013efa1b9801d03f11383fe09fC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\WINDOWS\SYSTEM32\urlmon.dll0bef52d5-ab08-11e4-bf7a-78e3b5c4e953
Error: (02/02/2015 05:11:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17416222401d03f02be1fcd9714C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE19d4f267-aaf6-11e4-bf7a-78e3b5c4e953
Error: (02/01/2015 06:47:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17416c8401d03e46f8c6e5541466C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE4a1a716d-aa3a-11e4-bf79-78e3b5c4e953
Error: (02/01/2015 06:46:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17416127401d03e46e329011c20C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE359dc8ed-aa3a-11e4-bf79-78e3b5c4e953
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 21%
Total physical RAM: 16337.14 MB
Available physical RAM: 12750.89 MB
Total Pagefile: 32721.14 MB
Available Pagefile: 28756.78 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:916.16 GB) (Free:16.51 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:13.43 GB) (Free:1.61 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (GTAIV_Disk1) (CDROM) (Total:7.14 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 04C626E1)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
08.02.2015, 09:11
| #7 |
| /// the machine /// TB-Ausbilder | Telekom Abuse Team: "Virus/Trojaner infiziert" Soweit unauffällig, jetzt bitte von allen Rechnern: Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.02.2015, 13:29
| #8 |
| | Telekom Abuse Team: "Virus/Trojaner infiziert" PC #1: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.08.3.1004
www.malwarebytes.org
Database version:
main: v2015.02.08.04
rootkit: v2015.02.03.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Christina :: CHRISTINA-PC [administrator]
08.02.2015 12:15:38
mbar-log-2015-02-08 (12-15-38).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 374670
Time elapsed: 22 minute(s), 33 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 12:41:46.0865 0x0f64 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
12:41:54.0500 0x0f64 ============================================================
12:41:54.0500 0x0f64 Current date / time: 2015/02/08 12:41:54.0500
12:41:54.0500 0x0f64 SystemInfo:
12:41:54.0500 0x0f64
12:41:54.0500 0x0f64 OS Version: 6.1.7601 ServicePack: 1.0
12:41:54.0500 0x0f64 Product type: Workstation
12:41:54.0500 0x0f64 ComputerName: CHRISTINA-PC
12:41:54.0500 0x0f64 UserName: Christina
12:41:54.0501 0x0f64 Windows directory: C:\Windows
12:41:54.0501 0x0f64 System windows directory: C:\Windows
12:41:54.0501 0x0f64 Running under WOW64
12:41:54.0501 0x0f64 Processor architecture: Intel x64
12:41:54.0501 0x0f64 Number of processors: 4
12:41:54.0501 0x0f64 Page size: 0x1000
12:41:54.0501 0x0f64 Boot type: Normal boot
12:41:54.0501 0x0f64 ============================================================
12:41:54.0636 0x0f64 KLMD registered as C:\Windows\system32\drivers\68056254.sys
12:41:54.0953 0x0f64 System UUID: {14D01C98-81AA-8D1F-530C-B8649FA0134B}
12:41:55.0404 0x0f64 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:41:55.0439 0x0f64 ============================================================
12:41:55.0439 0x0f64 \Device\Harddisk0\DR0:
12:41:55.0439 0x0f64 MBR partitions:
12:41:55.0439 0x0f64 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3000800, BlocksNum 0x32000
12:41:55.0439 0x0f64 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3032800, BlocksNum 0x38AE7000
12:41:55.0439 0x0f64 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3BB19800, BlocksNum 0x38BEC800
12:41:55.0439 0x0f64 ============================================================
12:41:55.0504 0x0f64 C: <-> \Device\Harddisk0\DR0\Partition2
12:41:55.0656 0x0f64 D: <-> \Device\Harddisk0\DR0\Partition3
12:41:55.0656 0x0f64 ============================================================
12:41:55.0657 0x0f64 Initialize success
12:41:55.0657 0x0f64 ============================================================
12:42:22.0671 0x1a2c ============================================================
12:42:22.0672 0x1a2c Scan started
12:42:22.0672 0x1a2c Mode: Manual; SigCheck; TDLFS;
12:42:22.0672 0x1a2c ============================================================
12:42:22.0672 0x1a2c KSN ping started
12:42:25.0040 0x1a2c KSN ping finished: true
12:42:25.0648 0x1a2c ================ Scan system memory ========================
12:42:25.0648 0x1a2c System memory - ok
12:42:25.0649 0x1a2c ================ Scan services =============================
12:42:25.0799 0x1a2c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:42:25.0918 0x1a2c 1394ohci - ok
12:42:25.0987 0x1a2c [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
12:42:25.0999 0x1a2c AAV UpdateService - ok
12:42:26.0085 0x1a2c [ B33CF4DE909A5B30F526D82053A63C8E, ABF5BB962C038E545C18B96E686E072D780C907096C7BB341297AF31D3703ABD ] ABBYY.Licensing.PDFTransformer.Site License.3.0 C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe
12:42:26.0135 0x1a2c ABBYY.Licensing.PDFTransformer.Site License.3.0 - ok
12:42:26.0181 0x1a2c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:42:26.0200 0x1a2c ACPI - ok
12:42:26.0228 0x1a2c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:42:26.0292 0x1a2c AcpiPmi - ok
12:42:26.0375 0x1a2c [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:42:26.0398 0x1a2c AdobeARMservice - ok
12:42:26.0435 0x1a2c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:42:26.0461 0x1a2c adp94xx - ok
12:42:26.0487 0x1a2c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:42:26.0506 0x1a2c adpahci - ok
12:42:26.0521 0x1a2c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:42:26.0535 0x1a2c adpu320 - ok
12:42:26.0562 0x1a2c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:42:26.0707 0x1a2c AeLookupSvc - ok
12:42:26.0765 0x1a2c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
12:42:26.0812 0x1a2c AFD - ok
12:42:26.0843 0x1a2c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:42:26.0855 0x1a2c agp440 - ok
12:42:26.0868 0x1a2c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:42:26.0907 0x1a2c ALG - ok
12:42:26.0932 0x1a2c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:42:26.0943 0x1a2c aliide - ok
12:42:26.0993 0x1a2c [ F17B1902DFCED1C24DB57492A7896FF8, 966AB1A072A8AF98D7EDD2A388D919B50FC41A06E1C51B04B2C2F54F1BA7F0D5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:42:27.0031 0x1a2c AMD External Events Utility - ok
12:42:27.0050 0x1a2c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:42:27.0062 0x1a2c amdide - ok
12:42:27.0082 0x1a2c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:42:27.0125 0x1a2c AmdK8 - ok
12:42:27.0620 0x1a2c [ 81FCDBBA547919D59DC134ED717658B4, 9A95C4400CAE00F25EE10BAE8949CF7317954742EB6F0831AAAEA4A2C220E56B ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:42:28.0230 0x1a2c amdkmdag - ok
12:42:28.0304 0x1a2c [ AF6B384E03D15471EDCEDDDEBAA363B2, 2D8CFA26D69A8FF0FAC6EBA2E5A62977B21ECBA0C65458072FEC4A886B3EDD73 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:42:28.0334 0x1a2c amdkmdap - ok
12:42:28.0346 0x1a2c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:42:28.0358 0x1a2c AmdPPM - ok
12:42:28.0404 0x1a2c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:42:28.0416 0x1a2c amdsata - ok
12:42:28.0433 0x1a2c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:42:28.0448 0x1a2c amdsbs - ok
12:42:28.0456 0x1a2c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:42:28.0467 0x1a2c amdxata - ok
12:42:28.0512 0x1a2c [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys
12:42:28.0549 0x1a2c AppID - ok
12:42:28.0578 0x1a2c [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:42:28.0608 0x1a2c AppIDSvc - ok
12:42:28.0645 0x1a2c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:42:28.0670 0x1a2c Appinfo - ok
12:42:28.0729 0x1a2c [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:42:28.0742 0x1a2c Apple Mobile Device - ok
12:42:28.0764 0x1a2c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
12:42:28.0777 0x1a2c arc - ok
12:42:28.0789 0x1a2c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:42:28.0801 0x1a2c arcsas - ok
12:42:29.0014 0x1a2c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:42:29.0055 0x1a2c aspnet_state - ok
12:42:29.0082 0x1a2c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:42:29.0135 0x1a2c AsyncMac - ok
12:42:29.0170 0x1a2c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:42:29.0180 0x1a2c atapi - ok
12:42:29.0400 0x1a2c [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
12:42:29.0456 0x1a2c AtiHDAudioService - ok
12:42:29.0481 0x1a2c [ FB7602C5C508BE281368AAE0B61B51C6, 81FB4ABFA006974C20CA0E9FEB279A51CC4A9F0C1DA67075AA0EAD13F43B3782 ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
12:42:29.0503 0x1a2c AtiHdmiService - ok
12:42:30.0612 0x1a2c [ 81FCDBBA547919D59DC134ED717658B4, 9A95C4400CAE00F25EE10BAE8949CF7317954742EB6F0831AAAEA4A2C220E56B ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:42:31.0000 0x1a2c atikmdag - ok
12:42:31.0107 0x1a2c [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:42:31.0186 0x1a2c AudioEndpointBuilder - ok
12:42:31.0208 0x1a2c [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:42:31.0242 0x1a2c AudioSrv - ok
12:42:31.0355 0x1a2c [ 15D2DB9BFA8E833ED31FAB2BB088FDDA, 6198C0A5DA01DA146A9A054C3C882A1DBF9BA84466EBFDDA1C1062EF36F9B34B ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
12:42:31.0385 0x1a2c AVP - ok
12:42:31.0426 0x1a2c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:42:31.0530 0x1a2c AxInstSV - ok
12:42:31.0583 0x1a2c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:42:31.0648 0x1a2c b06bdrv - ok
12:42:31.0686 0x1a2c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:42:31.0716 0x1a2c b57nd60a - ok
12:42:31.0734 0x1a2c BCMH43XX - ok
12:42:31.0756 0x1a2c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:42:31.0773 0x1a2c BDESVC - ok
12:42:31.0781 0x1a2c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:42:31.0833 0x1a2c Beep - ok
12:42:31.0920 0x1a2c [ BE43A13207D6428947248AF7EE05E772, 4118288ECD13B77738070DC298A64732693EEF9679CCFA59FD523CCAACF6335B ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
12:42:31.0948 0x1a2c BEService - ok
12:42:32.0043 0x1a2c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:42:32.0099 0x1a2c BFE - ok
12:42:32.0156 0x1a2c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:42:32.0328 0x1a2c BITS - ok
12:42:32.0356 0x1a2c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:42:32.0373 0x1a2c blbdrive - ok
12:42:32.0463 0x1a2c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:42:32.0494 0x1a2c Bonjour Service - ok
12:42:32.0528 0x1a2c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:42:32.0570 0x1a2c bowser - ok
12:42:32.0589 0x1a2c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:42:32.0649 0x1a2c BrFiltLo - ok
12:42:32.0684 0x1a2c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:42:32.0719 0x1a2c BrFiltUp - ok
12:42:32.0745 0x1a2c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:42:32.0775 0x1a2c Browser - ok
12:42:32.0797 0x1a2c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:42:32.0879 0x1a2c Brserid - ok
12:42:32.0927 0x1a2c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:42:32.0971 0x1a2c BrSerWdm - ok
12:42:32.0992 0x1a2c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:42:33.0032 0x1a2c BrUsbMdm - ok
12:42:33.0051 0x1a2c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:42:33.0082 0x1a2c BrUsbSer - ok
12:42:33.0105 0x1a2c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:42:33.0131 0x1a2c BTHMODEM - ok
12:42:33.0173 0x1a2c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:42:33.0229 0x1a2c bthserv - ok
12:42:33.0254 0x1a2c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:42:33.0306 0x1a2c cdfs - ok
12:42:33.0366 0x1a2c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
12:42:33.0406 0x1a2c cdrom - ok
12:42:33.0472 0x1a2c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:42:33.0529 0x1a2c CertPropSvc - ok
12:42:33.0552 0x1a2c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:42:33.0591 0x1a2c circlass - ok
12:42:33.0616 0x1a2c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
12:42:33.0635 0x1a2c CLFS - ok
12:42:33.0808 0x1a2c [ 7E526C5B4DD233EBCF1EA3EC211E2913, 9DC99F18454001AF5462C773C174E2D6E503316550C7E9D7824E9CBC503FCA3B ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
12:42:33.0874 0x1a2c ClickToRunSvc - ok
12:42:33.0958 0x1a2c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:42:33.0982 0x1a2c clr_optimization_v2.0.50727_32 - ok
12:42:34.0035 0x1a2c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:42:34.0048 0x1a2c clr_optimization_v2.0.50727_64 - ok
12:42:34.0140 0x1a2c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:42:34.0169 0x1a2c clr_optimization_v4.0.30319_32 - ok
12:42:34.0202 0x1a2c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:42:34.0274 0x1a2c clr_optimization_v4.0.30319_64 - ok
12:42:34.0312 0x1a2c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:42:34.0339 0x1a2c CmBatt - ok
12:42:34.0357 0x1a2c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:42:34.0367 0x1a2c cmdide - ok
12:42:34.0405 0x1a2c [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
12:42:34.0433 0x1a2c CNG - ok
12:42:34.0461 0x1a2c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:42:34.0471 0x1a2c Compbatt - ok
12:42:34.0521 0x1a2c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:42:34.0546 0x1a2c CompositeBus - ok
12:42:34.0556 0x1a2c COMSysApp - ok
12:42:34.0563 0x1a2c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:42:34.0574 0x1a2c crcdisk - ok
12:42:34.0630 0x1a2c [ C8BD651E13895B93ED9EC5B4F1DF42BC, D86D6BF0BA3C09B49B3A52C86A7F3B3856A27F79EDD86A8FFA469D9A5F196E8D ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
12:42:34.0655 0x1a2c Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
12:42:44.0737 0x1a2c Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
12:42:48.0164 0x1a2c [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
12:42:48.0175 0x1a2c Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
12:42:48.0609 0x1968 Object required for P2P: [ 15D2DB9BFA8E833ED31FAB2BB088FDDA ] AVP
12:42:50.0618 0x1a2c Detect skipped due to KSN trusted
12:42:50.0618 0x1a2c Creative Audio Engine Licensing Service - ok
12:42:50.0672 0x1a2c [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:42:50.0716 0x1a2c CryptSvc - ok
12:42:50.0840 0x1a2c [ EDBA1382E5D7D1E71442B43E170CF8D4, 10E7A90FDC8498EBB8043A4B8BAD14104E68EBAE91149C5D1C1660E0D73995C9 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
12:42:50.0885 0x1a2c CTAudSvcService - detected UnsignedFile.Multi.Generic ( 1 )
12:42:51.0247 0x1968 Object send P2P result: true
12:42:53.0319 0x1a2c Detect skipped due to KSN trusted
12:42:53.0320 0x1a2c CTAudSvcService - ok
12:42:53.0388 0x1a2c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:42:53.0480 0x1a2c DcomLaunch - ok
12:42:53.0517 0x1a2c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:42:53.0582 0x1a2c defragsvc - ok
12:42:53.0609 0x1a2c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:42:53.0666 0x1a2c DfsC - ok
12:42:53.0729 0x1a2c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:42:53.0776 0x1a2c Dhcp - ok
12:42:53.0821 0x1a2c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:42:53.0866 0x1a2c discache - ok
12:42:53.0895 0x1a2c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:42:53.0907 0x1a2c Disk - ok
12:42:53.0945 0x1a2c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:42:53.0973 0x1a2c Dnscache - ok
12:42:54.0027 0x1a2c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:42:54.0079 0x1a2c dot3svc - ok
12:42:54.0137 0x1a2c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:42:54.0215 0x1a2c DPS - ok
12:42:54.0274 0x1a2c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:42:54.0285 0x1a2c drmkaud - ok
12:42:54.0347 0x1a2c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:42:54.0421 0x1a2c DXGKrnl - ok
12:42:54.0469 0x1a2c [ 52A482DC61F24B498C8268866B90BB44, C3D01124E4544B54474BCEF4971D1AEE64F6AEA4BE65B9C4916047FB1F948D2F ] e1kexpress C:\Windows\system32\DRIVERS\e1k62x64.sys
12:42:54.0489 0x1a2c e1kexpress - ok
12:42:54.0512 0x1a2c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:42:54.0565 0x1a2c EapHost - ok
12:42:54.0705 0x1a2c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:42:54.0877 0x1a2c ebdrv - ok
12:42:54.0913 0x1a2c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
12:42:54.0925 0x1a2c EFS - ok
12:42:55.0000 0x1a2c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:42:55.0086 0x1a2c ehRecvr - ok
12:42:55.0116 0x1a2c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:42:55.0147 0x1a2c ehSched - ok
12:42:55.0187 0x1a2c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:42:55.0217 0x1a2c elxstor - ok
12:42:55.0239 0x1a2c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:42:55.0262 0x1a2c ErrDev - ok
12:42:55.0316 0x1a2c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:42:55.0380 0x1a2c EventSystem - ok
12:42:55.0400 0x1a2c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:42:55.0455 0x1a2c exfat - ok
12:42:55.0472 0x1a2c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:42:55.0510 0x1a2c fastfat - ok
12:42:55.0557 0x1a2c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:42:55.0586 0x1a2c Fax - ok
12:42:55.0600 0x1a2c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:42:55.0625 0x1a2c fdc - ok
12:42:55.0636 0x1a2c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:42:55.0684 0x1a2c fdPHost - ok
12:42:55.0688 0x1a2c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:42:55.0726 0x1a2c FDResPub - ok
12:42:55.0738 0x1a2c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:42:55.0750 0x1a2c FileInfo - ok
12:42:55.0756 0x1a2c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:42:55.0801 0x1a2c Filetrace - ok
12:42:55.0817 0x1a2c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:42:55.0840 0x1a2c flpydisk - ok
12:42:55.0871 0x1a2c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:42:55.0888 0x1a2c FltMgr - ok
12:42:56.0008 0x1a2c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:42:56.0107 0x1a2c FontCache - ok
12:42:56.0172 0x1a2c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:42:56.0192 0x1a2c FontCache3.0.0.0 - ok
12:42:56.0219 0x1a2c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:42:56.0241 0x1a2c FsDepends - ok
12:42:56.0256 0x1a2c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:42:56.0267 0x1a2c Fs_Rec - ok
12:42:56.0297 0x1a2c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:42:56.0316 0x1a2c fvevol - ok
12:42:56.0330 0x1a2c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:42:56.0341 0x1a2c gagp30kx - ok
12:42:56.0363 0x1a2c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:42:56.0372 0x1a2c GEARAspiWDM - ok
12:42:56.0416 0x1a2c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:42:56.0479 0x1a2c gpsvc - ok
12:42:56.0606 0x1a2c GPU-Z - ok
12:42:56.0696 0x1a2c [ 816FD5A6F3C2F3D600900096632FC60E, D92401C4B56663F8A12B6390562608A125713408B00266C53844129679E48E9C ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
12:42:56.0731 0x1a2c Greg_Service - ok
12:42:56.0798 0x1a2c [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:42:56.0819 0x1a2c gupdate - ok
12:42:56.0824 0x1a2c [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:42:56.0834 0x1a2c gupdatem - ok
12:42:56.0869 0x1a2c [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:42:56.0882 0x1a2c gusvc - ok
12:42:56.0917 0x1a2c [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
12:42:56.0927 0x1a2c hamachi - ok
12:42:57.0063 0x1a2c [ 1AF89F124E46EECF2C13CBA0F45B3512, 86FF5B5B9F3F07972CB3ACAFCDD38DB465B184FD1B72CA0964736DBBC0402719 ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
12:42:57.0132 0x1a2c Hamachi2Svc - ok
12:42:57.0157 0x1a2c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:42:57.0178 0x1a2c hcw85cir - ok
12:42:57.0236 0x1a2c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:42:57.0271 0x1a2c HdAudAddService - ok
12:42:57.0295 0x1a2c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:42:57.0324 0x1a2c HDAudBus - ok
12:42:57.0347 0x1a2c [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:42:57.0359 0x1a2c HECIx64 - ok
12:42:57.0363 0x1a2c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:42:57.0393 0x1a2c HidBatt - ok
12:42:57.0400 0x1a2c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:42:57.0420 0x1a2c HidBth - ok
12:42:57.0431 0x1a2c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:42:57.0449 0x1a2c HidIr - ok
12:42:57.0467 0x1a2c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:42:57.0523 0x1a2c hidserv - ok
12:42:57.0557 0x1a2c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:42:57.0579 0x1a2c HidUsb - ok
12:42:57.0610 0x1a2c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:42:57.0665 0x1a2c hkmsvc - ok
12:42:57.0713 0x1a2c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:42:57.0731 0x1a2c HomeGroupListener - ok
12:42:57.0764 0x1a2c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:42:57.0781 0x1a2c HomeGroupProvider - ok
12:42:57.0816 0x1a2c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:42:57.0828 0x1a2c HpSAMD - ok
12:42:57.0900 0x1a2c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:42:58.0022 0x1a2c HTTP - ok
12:42:58.0048 0x1a2c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:42:58.0058 0x1a2c hwpolicy - ok
12:42:58.0098 0x1a2c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:42:58.0114 0x1a2c i8042prt - ok
12:42:58.0163 0x1a2c [ 660BF3255A1EB18ED803FD2FBA6AE400, 74A77E9828D62F2821D398EAA84BB15BF093EAD1BD5A7824362ED3D1A063C509 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
12:42:58.0181 0x1a2c IAANTMON - ok
12:42:58.0197 0x1a2c [ BE7D72FCF442C26975942007E0831241, A0FD29B3D1A1278787F8B3FBE7EC3216AAF328467974A6D90752639BB44DCD84 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
12:42:58.0216 0x1a2c iaStor - ok
12:42:58.0250 0x1a2c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:42:58.0278 0x1a2c iaStorV - ok
12:42:58.0379 0x1a2c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:42:58.0437 0x1a2c idsvc - ok
12:42:58.0484 0x1a2c IEEtwCollectorService - ok
12:42:58.0506 0x1a2c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:42:58.0529 0x1a2c iirsp - ok
12:42:58.0636 0x1a2c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:42:58.0705 0x1a2c IKEEXT - ok
12:42:58.0820 0x1a2c [ 42943BB3AB7A405B30EFF7C8283CC129, B914B5610565B794BE28664DE605C5726A0587F15034A026509885771C63B0D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:42:58.0924 0x1a2c IntcAzAudAddService - ok
12:42:58.0962 0x1a2c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:42:58.0973 0x1a2c intelide - ok
12:42:58.0991 0x1a2c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:42:59.0027 0x1a2c intelppm - ok
12:42:59.0052 0x1a2c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:42:59.0132 0x1a2c IPBusEnum - ok
12:42:59.0183 0x1a2c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:42:59.0258 0x1a2c IpFilterDriver - ok
12:42:59.0328 0x1a2c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:42:59.0386 0x1a2c iphlpsvc - ok
12:42:59.0414 0x1a2c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:42:59.0428 0x1a2c IPMIDRV - ok
12:42:59.0451 0x1a2c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:42:59.0488 0x1a2c IPNAT - ok
12:42:59.0582 0x1a2c [ 0F261EC4F514926177C70C1832374231, 7E61B89FE2651C0C7951E10454267174550677DEAB1C497571A9B0B583687304 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:42:59.0625 0x1a2c iPod Service - ok
12:42:59.0654 0x1a2c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:42:59.0717 0x1a2c IRENUM - ok
12:42:59.0745 0x1a2c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:42:59.0758 0x1a2c isapnp - ok
12:42:59.0841 0x1a2c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:42:59.0874 0x1a2c iScsiPrt - ok
12:42:59.0920 0x1a2c [ 75DDB94A2A24F9F7037D10A2DDA06D36, 8CA8AD4258045AA742DD97E977C8B03FE0689006B3EBF83689CD2CFDE746EF28 ] JRAID C:\Windows\system32\DRIVERS\jraid.sys
12:42:59.0941 0x1a2c JRAID - ok
12:42:59.0967 0x1a2c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:42:59.0988 0x1a2c kbdclass - ok
12:43:00.0023 0x1a2c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:43:00.0056 0x1a2c kbdhid - ok
12:43:00.0068 0x1a2c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
12:43:00.0085 0x1a2c KeyIso - ok
12:43:00.0136 0x1a2c [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
12:43:00.0157 0x1a2c kl1 - ok
12:43:00.0271 0x1a2c [ FEA38D7024CD9C27D58A862A19DCFA14, 522A15963A105AD551ED45E7BA2AFA7A90408FE7D349307A17F12FE761AFB903 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
12:43:00.0332 0x1a2c KLIF - ok
12:43:00.0375 0x1a2c [ 31B69BFF28348503E4BD10C2A4F66D05, 891318C2DDF85E43DFCEE73717AEFCE79BC3DCD83FCD58E6F794AB6BF1739688 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
12:43:00.0385 0x1a2c KLIM6 - ok
12:43:00.0403 0x1a2c [ AEB50941C6D67128B14F88DB9917C4E0, 2ACE46665DE298CC197660A442A3172B1FB460A40BD18AECEA786ACB011FDA43 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
12:43:00.0414 0x1a2c klkbdflt - ok
12:43:00.0452 0x1a2c [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
12:43:00.0464 0x1a2c klmouflt - ok
12:43:00.0476 0x1a2c [ 45ECF097BC6330C2054D7D43B7AD822B, 41684ED54E75FE6BEEA322E7CE888DFDD53EE1F45016E01CE10B84ABB02CBDA8 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
12:43:00.0488 0x1a2c kltdi - ok
12:43:00.0530 0x1a2c [ 1FCB657B581CC4DF17FD6571F93602DE, D5D95773D19AA47BA619D149FD6068198E2AA05C219C3936E327B3DFFDE6B10C ] kneps C:\Windows\system32\DRIVERS\kneps.sys
12:43:00.0549 0x1a2c kneps - ok
12:43:00.0597 0x1a2c [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:43:00.0624 0x1a2c KSecDD - ok
12:43:00.0651 0x1a2c [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:43:00.0669 0x1a2c KSecPkg - ok
12:43:00.0693 0x1a2c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:43:00.0733 0x1a2c ksthunk - ok
12:43:00.0773 0x1a2c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:43:00.0827 0x1a2c KtmRm - ok
12:43:00.0900 0x1a2c [ 305BB2AC00D46542E0A653AB63F4ABB1, E3BE57A0EBB1194656D20C11688863A7864B06223419F688D82881F9F49604B6 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
12:43:00.0930 0x1a2c LADF_CaptureOnly - ok
12:43:00.0950 0x1a2c [ 28CDDC7D478A6313F55077416DCBD0DE, EE4174FC9444856DF0693D1A5F16EB88352A3B012AA82D49C462980703981A7A ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
12:43:00.0961 0x1a2c LADF_RenderOnly - ok
12:43:01.0065 0x1a2c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:43:01.0138 0x1a2c LanmanServer - ok
12:43:01.0160 0x1a2c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:43:01.0221 0x1a2c LanmanWorkstation - ok
12:43:01.0249 0x1a2c [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
12:43:01.0259 0x1a2c LGBusEnum - ok
12:43:01.0276 0x1a2c [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
12:43:01.0286 0x1a2c LGVirHid - ok
12:43:01.0362 0x1a2c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:43:01.0441 0x1a2c lltdio - ok
12:43:01.0488 0x1a2c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:43:01.0550 0x1a2c lltdsvc - ok
12:43:01.0555 0x1a2c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:43:01.0589 0x1a2c lmhosts - ok
12:43:01.0657 0x1a2c [ DECDC94EE980974EDFE4663B28A127C1, 9546F6B6F049EAD3D503A18CA106A1716AFE46CA40769D3DB128A3C152E02D30 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
12:43:01.0684 0x1a2c LMIGuardianSvc - ok
12:43:01.0774 0x1a2c [ A1C148801B4AF64847AEB9F3AD9594EF, FF6ED89EA47DF74C33CD8BFAC48FAED1B979348ABA6B6D94EE07CBD21810F37B ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:43:01.0818 0x1a2c LMS - detected UnsignedFile.Multi.Generic ( 1 )
12:43:04.0257 0x1a2c Detect skipped due to KSN trusted
12:43:04.0257 0x1a2c LMS - ok
12:43:04.0288 0x1a2c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:43:04.0313 0x1a2c LSI_FC - ok
12:43:04.0340 0x1a2c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:43:04.0353 0x1a2c LSI_SAS - ok
12:43:04.0371 0x1a2c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:43:04.0383 0x1a2c LSI_SAS2 - ok
12:43:04.0399 0x1a2c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:43:04.0413 0x1a2c LSI_SCSI - ok
12:43:04.0459 0x1a2c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:43:04.0506 0x1a2c luafv - ok
12:43:04.0716 0x1a2c [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
12:43:04.0924 0x1a2c LVUVC64 - ok
12:43:05.0013 0x1a2c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:43:05.0043 0x1a2c Mcx2Svc - ok
12:43:05.0062 0x1a2c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:43:05.0081 0x1a2c megasas - ok
12:43:05.0115 0x1a2c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:43:05.0139 0x1a2c MegaSR - ok
12:43:05.0165 0x1a2c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:43:05.0204 0x1a2c MMCSS - ok
12:43:05.0220 0x1a2c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:43:05.0275 0x1a2c Modem - ok
12:43:05.0297 0x1a2c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:43:05.0318 0x1a2c monitor - ok
12:43:05.0386 0x1a2c [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
12:43:05.0405 0x1a2c MotioninJoyXFilter - detected UnsignedFile.Multi.Generic ( 1 )
12:43:09.0323 0x1a2c Detect skipped due to KSN trusted
12:43:09.0323 0x1a2c MotioninJoyXFilter - ok
12:43:09.0370 0x1a2c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:43:09.0390 0x1a2c mouclass - ok
12:43:09.0431 0x1a2c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:43:09.0461 0x1a2c mouhid - ok
12:43:09.0504 0x1a2c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:43:09.0528 0x1a2c mountmgr - ok
12:43:09.0601 0x1a2c [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:43:09.0625 0x1a2c MozillaMaintenance - ok
12:43:09.0702 0x1a2c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:43:09.0731 0x1a2c mpio - ok
12:43:09.0763 0x1a2c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:43:09.0811 0x1a2c mpsdrv - ok
12:43:09.0866 0x1a2c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:43:09.0977 0x1a2c MpsSvc - ok
12:43:10.0012 0x1a2c [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:43:10.0028 0x1a2c MRxDAV - ok
12:43:10.0080 0x1a2c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:43:10.0127 0x1a2c mrxsmb - ok
12:43:10.0151 0x1a2c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:43:10.0174 0x1a2c mrxsmb10 - ok
12:43:10.0194 0x1a2c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:43:10.0218 0x1a2c mrxsmb20 - ok
12:43:10.0241 0x1a2c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:43:10.0253 0x1a2c msahci - ok
12:43:10.0273 0x1a2c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:43:10.0286 0x1a2c msdsm - ok
12:43:10.0329 0x1a2c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:43:10.0346 0x1a2c MSDTC - ok
12:43:10.0377 0x1a2c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:43:10.0424 0x1a2c Msfs - ok
12:43:10.0461 0x1a2c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:43:10.0501 0x1a2c mshidkmdf - ok
12:43:10.0536 0x1a2c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:43:10.0549 0x1a2c msisadrv - ok
12:43:10.0598 0x1a2c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:43:10.0683 0x1a2c MSiSCSI - ok
12:43:10.0688 0x1a2c msiserver - ok
12:43:10.0734 0x1a2c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:43:10.0791 0x1a2c MSKSSRV - ok
12:43:10.0831 0x1a2c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:43:10.0876 0x1a2c MSPCLOCK - ok
12:43:10.0890 0x1a2c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:43:10.0945 0x1a2c MSPQM - ok
12:43:10.0975 0x1a2c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:43:10.0995 0x1a2c MsRPC - ok
12:43:11.0012 0x1a2c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:43:11.0024 0x1a2c mssmbios - ok
12:43:11.0046 0x1a2c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:43:11.0092 0x1a2c MSTEE - ok
12:43:11.0113 0x1a2c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:43:11.0142 0x1a2c MTConfig - ok
12:43:11.0153 0x1a2c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:43:11.0166 0x1a2c Mup - ok
12:43:11.0181 0x1a2c [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
12:43:11.0190 0x1a2c mwlPSDFilter - ok
12:43:11.0213 0x1a2c [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
12:43:11.0223 0x1a2c mwlPSDNServ - ok
12:43:11.0235 0x1a2c [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
12:43:11.0247 0x1a2c mwlPSDVDisk - ok
12:43:11.0307 0x1a2c [ 2F139207F618EC2933830227EEFFDDB4, 2942452EC631BF11CCCDA397C756CBBC0337F58B215A3F02DA263818CB3BE9A9 ] MWLService C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
12:43:11.0325 0x1a2c MWLService - ok
12:43:11.0357 0x1a2c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:43:11.0411 0x1a2c napagent - ok
12:43:11.0449 0x1a2c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:43:11.0488 0x1a2c NativeWifiP - ok
12:43:11.0564 0x1a2c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:43:11.0631 0x1a2c NDIS - ok
12:43:11.0652 0x1a2c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:43:11.0701 0x1a2c NdisCap - ok
12:43:11.0754 0x1a2c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:43:11.0794 0x1a2c NdisTapi - ok
12:43:11.0822 0x1a2c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:43:11.0865 0x1a2c Ndisuio - ok
12:43:11.0917 0x1a2c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:43:11.0980 0x1a2c NdisWan - ok
12:43:12.0024 0x1a2c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:43:12.0058 0x1a2c NDProxy - ok
12:43:12.0203 0x1a2c [ 7D2633295EB6FF2B938185874884059D, B3A4E52ABCB2E2720D8ADB0B68C222D4AB98E838D40B6A731D15EB1D6C9DEA15 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
12:43:12.0279 0x1a2c Nero BackItUp Scheduler 4.0 - ok
12:43:12.0299 0x1a2c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:43:12.0351 0x1a2c NetBIOS - ok
12:43:12.0384 0x1a2c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:43:12.0447 0x1a2c NetBT - ok
12:43:12.0480 0x1a2c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
12:43:12.0505 0x1a2c Netlogon - ok
12:43:12.0550 0x1a2c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:43:12.0606 0x1a2c Netman - ok
12:43:12.0711 0x1a2c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:43:12.0763 0x1a2c NetMsmqActivator - ok
12:43:12.0819 0x1a2c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:43:12.0873 0x1a2c NetPipeActivator - ok
12:43:12.0959 0x1a2c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:43:13.0042 0x1a2c netprofm - ok
12:43:13.0172 0x1a2c [ 2616B7F4AC7E2F54EC85D4597408D0E0, 501FD71F24AB97598E00B5790B4BDEC9F0AE5791A2833F3FB6FCA5338922ACB2 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
12:43:13.0264 0x1a2c netr28ux - ok
12:43:13.0283 0x1a2c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:43:13.0297 0x1a2c NetTcpActivator - ok
12:43:13.0303 0x1a2c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:43:13.0317 0x1a2c NetTcpPortSharing - ok
12:43:13.0349 0x1a2c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:43:13.0360 0x1a2c nfrd960 - ok
12:43:13.0390 0x1a2c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
12:43:13.0424 0x1a2c NlaSvc - ok
12:43:13.0456 0x1a2c NPF - ok
12:43:13.0465 0x1a2c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:43:13.0505 0x1a2c Npfs - ok
12:43:13.0516 0x1a2c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:43:13.0563 0x1a2c nsi - ok
12:43:13.0575 0x1a2c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:43:13.0627 0x1a2c nsiproxy - ok
12:43:13.0762 0x1a2c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:43:13.0862 0x1a2c Ntfs - ok
12:43:13.0925 0x1a2c [ BD691091AC7D9713D8F0B07C6B099E6C, 4A69ED227CCBBCB76F78078CEE42506A875759FFB519CB9C40173EF8ACD6D6D2 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
12:43:13.0948 0x1a2c NTI IScheduleSvc - ok
12:43:13.0963 0x1a2c [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
12:43:13.0973 0x1a2c NTIDrvr - ok
12:43:13.0978 0x1a2c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:43:14.0017 0x1a2c Null - ok
12:43:14.0055 0x1a2c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:43:14.0090 0x1a2c nvraid - ok
12:43:14.0108 0x1a2c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:43:14.0122 0x1a2c nvstor - ok
12:43:14.0144 0x1a2c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:43:14.0156 0x1a2c nv_agp - ok
12:43:14.0254 0x1a2c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:43:14.0283 0x1a2c odserv - ok
12:43:14.0305 0x1a2c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:43:14.0327 0x1a2c ohci1394 - ok
12:43:14.0553 0x1a2c [ 4F2ED8FB21F127DC1FA98D4CA2279E75, 96DB5DF9C55757EB2F761309036F87D8C55BAB2851FBB716A02A9248712CB13A ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
12:43:14.0635 0x1a2c Origin Client Service - ok
12:43:14.0673 0x1a2c [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:43:14.0688 0x1a2c ose - ok
12:43:14.0951 0x1a2c [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:43:15.0181 0x1a2c osppsvc - ok
12:43:15.0224 0x1a2c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:43:15.0267 0x1a2c p2pimsvc - ok
12:43:15.0298 0x1a2c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:43:15.0334 0x1a2c p2psvc - ok
12:43:15.0370 0x1a2c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:43:15.0397 0x1a2c Parport - ok
12:43:15.0427 0x1a2c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:43:15.0439 0x1a2c partmgr - ok
12:43:15.0464 0x1a2c [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:43:15.0496 0x1a2c PcaSvc - ok
12:43:15.0512 0x1a2c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:43:15.0529 0x1a2c pci - ok
12:43:15.0554 0x1a2c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:43:15.0565 0x1a2c pciide - ok
12:43:15.0586 0x1a2c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:43:15.0602 0x1a2c pcmcia - ok
12:43:15.0618 0x1a2c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:43:15.0629 0x1a2c pcw - ok
12:43:15.0758 0x1a2c [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:43:15.0826 0x1a2c PEAUTH - ok
12:43:15.0900 0x1a2c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:43:15.0928 0x1a2c PerfHost - ok
12:43:16.0000 0x1a2c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:43:16.0076 0x1a2c pla - ok
12:43:16.0129 0x1a2c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:43:16.0167 0x1a2c PlugPlay - ok
12:43:16.0206 0x1a2c [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
12:43:16.0218 0x1a2c PnkBstrA - ok
12:43:16.0259 0x1a2c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:43:16.0283 0x1a2c PNRPAutoReg - ok
12:43:16.0303 0x1a2c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:43:16.0324 0x1a2c PNRPsvc - ok
12:43:16.0380 0x1a2c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:43:16.0446 0x1a2c PolicyAgent - ok
12:43:16.0493 0x1a2c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:43:16.0544 0x1a2c Power - ok
12:43:16.0570 0x1a2c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:43:16.0608 0x1a2c PptpMiniport - ok
12:43:16.0645 0x1a2c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:43:16.0670 0x1a2c Processor - ok
12:43:16.0705 0x1a2c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
12:43:16.0740 0x1a2c ProfSvc - ok
12:43:16.0757 0x1a2c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:43:16.0771 0x1a2c ProtectedStorage - ok
12:43:16.0800 0x1a2c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:43:16.0847 0x1a2c Psched - ok
12:43:16.0902 0x1a2c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:43:16.0986 0x1a2c ql2300 - ok
12:43:17.0008 0x1a2c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:43:17.0020 0x1a2c ql40xx - ok
12:43:17.0054 0x1a2c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:43:17.0077 0x1a2c QWAVE - ok
12:43:17.0103 0x1a2c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:43:17.0132 0x1a2c QWAVEdrv - ok
12:43:17.0303 0x1a2c [ 37C3272E58976598BEF1CDF321019209, 1DCADE8B172A7E87E932573157666BC43E8296544E73E2BB0D0F0A6A9485A249 ] RalinkRegistryWriter C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry.exe
12:43:17.0333 0x1a2c RalinkRegistryWriter - ok
12:43:17.0418 0x1a2c [ 25DAAD73732B51A46B11C6DF788F3322, F5EB92F1FF7BC80DA5DB0E86E3ABA45D02F93F59D98823821DBB4A0CDBF04E43 ] RalinkRegistryWriter64 C:\Program Files (x86)\NETGEAR\WNDA4100\Service\RaRegistry64.exe
12:43:17.0442 0x1a2c RalinkRegistryWriter64 - ok
12:43:17.0454 0x1a2c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:43:17.0489 0x1a2c RasAcd - ok
12:43:17.0544 0x1a2c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:43:17.0619 0x1a2c RasAgileVpn - ok
12:43:17.0641 0x1a2c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:43:17.0685 0x1a2c RasAuto - ok
12:43:17.0712 0x1a2c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:43:17.0746 0x1a2c Rasl2tp - ok
12:43:17.0782 0x1a2c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:43:17.0826 0x1a2c RasMan - ok
12:43:17.0842 0x1a2c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:43:17.0897 0x1a2c RasPppoe - ok
12:43:17.0928 0x1a2c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:43:17.0967 0x1a2c RasSstp - ok
12:43:18.0073 0x1a2c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:43:18.0142 0x1a2c rdbss - ok
12:43:18.0153 0x1a2c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:43:18.0168 0x1a2c rdpbus - ok
12:43:18.0184 0x1a2c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:43:18.0220 0x1a2c RDPCDD - ok
12:43:18.0258 0x1a2c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:43:18.0322 0x1a2c RDPENCDD - ok
12:43:18.0327 0x1a2c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:43:18.0372 0x1a2c RDPREFMP - ok
12:43:18.0402 0x1a2c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:43:18.0432 0x1a2c RDPWD - ok
12:43:18.0474 0x1a2c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:43:18.0493 0x1a2c rdyboost - ok
12:43:18.0523 0x1a2c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:43:18.0583 0x1a2c RemoteAccess - ok
12:43:18.0606 0x1a2c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:43:18.0645 0x1a2c RemoteRegistry - ok
12:43:18.0676 0x1a2c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:43:18.0714 0x1a2c RpcEptMapper - ok
12:43:18.0745 0x1a2c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:43:18.0785 0x1a2c RpcLocator - ok
12:43:18.0830 0x1a2c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:43:18.0877 0x1a2c RpcSs - ok
12:43:18.0895 0x1a2c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:43:18.0941 0x1a2c rspndr - ok
12:43:18.0957 0x1a2c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
12:43:18.0967 0x1a2c SamSs - ok
12:43:19.0000 0x1a2c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:43:19.0012 0x1a2c sbp2port - ok
12:43:19.0092 0x1a2c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:43:19.0178 0x1a2c SCardSvr - ok
12:43:19.0205 0x1a2c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:43:19.0253 0x1a2c scfilter - ok
12:43:19.0332 0x1a2c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:43:19.0458 0x1a2c Schedule - ok
12:43:19.0480 0x1a2c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:43:19.0515 0x1a2c SCPolicySvc - ok
12:43:19.0545 0x1a2c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:43:19.0587 0x1a2c SDRSVC - ok
12:43:19.0624 0x1a2c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:43:19.0662 0x1a2c secdrv - ok
12:43:19.0712 0x1a2c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:43:19.0784 0x1a2c seclogon - ok
12:43:19.0816 0x1a2c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:43:19.0868 0x1a2c SENS - ok
12:43:19.0887 0x1a2c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:43:19.0909 0x1a2c SensrSvc - ok
12:43:19.0916 0x1a2c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:43:19.0927 0x1a2c Serenum - ok
12:43:19.0942 0x1a2c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:43:19.0988 0x1a2c Serial - ok
12:43:20.0029 0x1a2c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:43:20.0065 0x1a2c sermouse - ok
12:43:20.0119 0x1a2c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:43:20.0154 0x1a2c SessionEnv - ok
12:43:20.0185 0x1a2c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:43:20.0214 0x1a2c sffdisk - ok
12:43:20.0235 0x1a2c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:43:20.0250 0x1a2c sffp_mmc - ok
12:43:20.0256 0x1a2c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:43:20.0273 0x1a2c sffp_sd - ok
12:43:20.0280 0x1a2c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:43:20.0294 0x1a2c sfloppy - ok
12:43:20.0338 0x1a2c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:43:20.0388 0x1a2c SharedAccess - ok
12:43:20.0461 0x1a2c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:43:20.0560 0x1a2c ShellHWDetection - ok
12:43:20.0586 0x1a2c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:43:20.0598 0x1a2c SiSRaid2 - ok
12:43:20.0618 0x1a2c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:43:20.0630 0x1a2c SiSRaid4 - ok
12:43:20.0732 0x1a2c [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:43:20.0765 0x1a2c SkypeUpdate - ok
12:43:20.0795 0x1a2c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:43:20.0832 0x1a2c Smb - ok
12:43:20.0880 0x1a2c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:43:20.0907 0x1a2c SNMPTRAP - ok
12:43:20.0927 0x1a2c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:43:20.0938 0x1a2c spldr - ok
12:43:20.0977 0x1a2c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:43:21.0018 0x1a2c Spooler - ok
12:43:21.0170 0x1a2c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:43:21.0391 0x1a2c sppsvc - ok
12:43:21.0415 0x1a2c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:43:21.0450 0x1a2c sppuinotify - ok
12:43:21.0507 0x1a2c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:43:21.0571 0x1a2c srv - ok
12:43:21.0592 0x1a2c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:43:21.0628 0x1a2c srv2 - ok
12:43:21.0647 0x1a2c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:43:21.0664 0x1a2c srvnet - ok
12:43:21.0687 0x1a2c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:43:21.0727 0x1a2c SSDPSRV - ok
12:43:21.0742 0x1a2c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:43:21.0789 0x1a2c SstpSvc - ok
12:43:21.0893 0x1a2c [ AC8B882D658AF3070167F59AE92E5CA3, 7781475B6A49DCE239FEE2B32767A7E58188EF04BC4BB29E04B40DAFD8214E85 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:43:21.0923 0x1a2c Steam Client Service - ok
12:43:21.0956 0x1a2c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:43:21.0977 0x1a2c stexstor - ok
12:43:22.0022 0x1a2c [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\drivers\serscan.sys
12:43:22.0053 0x1a2c StillCam - ok
12:43:22.0114 0x1a2c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:43:22.0174 0x1a2c stisvc - ok
12:43:22.0195 0x1a2c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
12:43:22.0208 0x1a2c swenum - ok
12:43:22.0267 0x1a2c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:43:22.0325 0x1a2c swprv - ok
12:43:22.0445 0x1a2c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:43:22.0571 0x1a2c SysMain - ok
12:43:22.0616 0x1a2c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:43:22.0640 0x1a2c TabletInputService - ok
12:43:22.0673 0x1a2c [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
12:43:22.0685 0x1a2c tap0901 - ok
12:43:22.0726 0x1a2c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:43:22.0789 0x1a2c TapiSrv - ok
12:43:22.0806 0x1a2c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:43:22.0863 0x1a2c TBS - ok
12:43:22.0994 0x1a2c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:43:23.0058 0x1a2c Tcpip - ok
12:43:23.0108 0x1a2c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:43:23.0162 0x1a2c TCPIP6 - ok
12:43:23.0193 0x1a2c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:43:23.0235 0x1a2c tcpipreg - ok
12:43:23.0267 0x1a2c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:43:23.0291 0x1a2c TDPIPE - ok
12:43:23.0323 0x1a2c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:43:23.0336 0x1a2c TDTCP - ok
12:43:23.0368 0x1a2c [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:43:23.0409 0x1a2c tdx - ok
12:43:23.0434 0x1a2c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
12:43:23.0450 0x1a2c TermDD - ok
12:43:23.0519 0x1a2c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
12:43:23.0560 0x1a2c TermService - ok
12:43:23.0577 0x1a2c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:43:23.0627 0x1a2c Themes - ok
12:43:23.0653 0x1a2c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:43:23.0688 0x1a2c THREADORDER - ok
12:43:23.0703 0x1a2c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:43:23.0738 0x1a2c TrkWks - ok
12:43:23.0819 0x1a2c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:43:23.0891 0x1a2c TrustedInstaller - ok
12:43:23.0928 0x1a2c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:43:23.0939 0x1a2c tssecsrv - ok
12:43:23.0978 0x1a2c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:43:23.0989 0x1a2c TsUsbFlt - ok
12:43:24.0062 0x1a2c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:43:24.0115 0x1a2c tunnel - ok
12:43:24.0146 0x1a2c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:43:24.0175 0x1a2c uagp35 - ok
12:43:24.0191 0x1a2c [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
12:43:24.0200 0x1a2c UBHelper - ok
12:43:24.0237 0x1a2c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:43:24.0289 0x1a2c udfs - ok
12:43:24.0362 0x1a2c [ E5DA87DAB3A32FA03F13FCFAE4255084, B2155BD7A87F5A07FF4E30A9BA6650489519B0BD58B26367856D29C7DDC31981 ] UHSfiltv C:\Windows\system32\drivers\UHSfiltv.sys
12:43:24.0385 0x1a2c UHSfiltv - ok
12:43:24.0408 0x1a2c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:43:24.0442 0x1a2c UI0Detect - ok
12:43:24.0454 0x1a2c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:43:24.0466 0x1a2c uliagpkx - ok
12:43:24.0508 0x1a2c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
12:43:24.0537 0x1a2c umbus - ok
12:43:24.0557 0x1a2c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:43:24.0586 0x1a2c UmPass - ok
12:43:24.0631 0x1a2c [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
12:43:24.0652 0x1a2c UMVPFSrv - ok
12:43:24.0790 0x1a2c [ 41118D920B2B268C0ADC36421248CDCF, 4F99C4913DCFE02B0783FD97F02558E4DD4D7C98553D95A8E26FAAA0C0D67616 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:43:24.0913 0x1a2c UNS - detected UnsignedFile.Multi.Generic ( 1 )
12:43:27.0336 0x1a2c Detect skipped due to KSN trusted
12:43:27.0336 0x1a2c UNS - ok
12:43:27.0399 0x1a2c [ 70DDE3A86DBEB1D6C3C30AD687B1877A, 2DAE797240DB8F521F1C9D1171524790052E186B060D58A1B102FBFFC80CE48E ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
12:43:27.0423 0x1a2c Updater Service - ok
12:43:27.0445 0x1a2c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:43:27.0509 0x1a2c upnphost - ok
12:43:27.0555 0x1a2c [ 43228F8EDD1B0BCDD3145AD246E63D39, 108D8793E9F94C0A0E895398599B359121751F2E7BAA8B7BD24838AEF646726D ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:43:27.0576 0x1a2c USBAAPL64 - ok
12:43:27.0599 0x1a2c [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:43:27.0625 0x1a2c usbaudio - ok
12:43:27.0687 0x1a2c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:43:27.0721 0x1a2c usbccgp - ok
12:43:27.0747 0x1a2c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:43:27.0775 0x1a2c usbcir - ok
12:43:27.0800 0x1a2c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:43:27.0826 0x1a2c usbehci - ok
12:43:27.0881 0x1a2c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:43:27.0903 0x1a2c usbhub - ok
12:43:27.0928 0x1a2c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:43:27.0955 0x1a2c usbohci - ok
12:43:27.0988 0x1a2c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:43:28.0025 0x1a2c usbprint - ok
12:43:28.0069 0x1a2c [ B5E6C4F280EBF0B16F74A5B415F2E0DF, 4B1F7C95F267A29FC8AE4F285E2B19200C7E3F8505B1E75797A7A9EDE4CD1EDE ] USBS3S4Detection C:\OEM\USBDECTION\USBS3S4Detection.exe
12:43:28.0084 0x1a2c USBS3S4Detection - ok
12:43:28.0121 0x1a2c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:43:28.0137 0x1a2c USBSTOR - ok
12:43:28.0167 0x1a2c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:43:28.0179 0x1a2c usbuhci - ok
12:43:28.0222 0x1a2c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:43:28.0239 0x1a2c usbvideo - ok
12:43:28.0257 0x1a2c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:43:28.0309 0x1a2c UxSms - ok
12:43:28.0335 0x1a2c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
12:43:28.0347 0x1a2c VaultSvc - ok
12:43:28.0366 0x1a2c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:43:28.0378 0x1a2c vdrvroot - ok
12:43:28.0447 0x1a2c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:43:28.0547 0x1a2c vds - ok
12:43:28.0579 0x1a2c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:43:28.0595 0x1a2c vga - ok
12:43:28.0622 0x1a2c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:43:28.0656 0x1a2c VgaSave - ok
12:43:28.0697 0x1a2c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:43:28.0713 0x1a2c vhdmp - ok
12:43:28.0735 0x1a2c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:43:28.0746 0x1a2c viaide - ok
12:43:28.0762 0x1a2c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:43:28.0775 0x1a2c volmgr - ok
12:43:28.0807 0x1a2c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:43:28.0829 0x1a2c volmgrx - ok
12:43:28.0856 0x1a2c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:43:28.0874 0x1a2c volsnap - ok
12:43:28.0909 0x1a2c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:43:28.0923 0x1a2c vsmraid - ok
12:43:29.0004 0x1a2c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:43:29.0147 0x1a2c VSS - ok
12:43:29.0162 0x1a2c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:43:29.0191 0x1a2c vwifibus - ok
12:43:29.0236 0x1a2c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:43:29.0274 0x1a2c vwififlt - ok
12:43:29.0294 0x1a2c [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:43:29.0312 0x1a2c vwifimp - ok
12:43:29.0361 0x1a2c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:43:29.0411 0x1a2c W32Time - ok
12:43:29.0425 0x1a2c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:43:29.0437 0x1a2c WacomPen - ok
12:43:29.0500 0x1a2c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:43:29.0560 0x1a2c WANARP - ok
12:43:29.0564 0x1a2c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:43:29.0598 0x1a2c Wanarpv6 - ok
12:43:29.0702 0x1a2c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:43:29.0811 0x1a2c wbengine - ok
12:43:29.0825 0x1a2c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:43:29.0849 0x1a2c WbioSrvc - ok
12:43:29.0886 0x1a2c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:43:29.0926 0x1a2c wcncsvc - ok
12:43:29.0939 0x1a2c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:43:29.0983 0x1a2c WcsPlugInService - ok
12:43:29.0999 0x1a2c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:43:30.0011 0x1a2c Wd - ok
12:43:30.0056 0x1a2c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:43:30.0118 0x1a2c Wdf01000 - ok
12:43:30.0154 0x1a2c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:43:30.0192 0x1a2c WdiServiceHost - ok
12:43:30.0197 0x1a2c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:43:30.0218 0x1a2c WdiSystemHost - ok
12:43:30.0252 0x1a2c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:43:30.0273 0x1a2c WebClient - ok
12:43:30.0293 0x1a2c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:43:30.0337 0x1a2c Wecsvc - ok
12:43:30.0349 0x1a2c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:43:30.0385 0x1a2c wercplsupport - ok
12:43:30.0398 0x1a2c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:43:30.0452 0x1a2c WerSvc - ok
12:43:30.0489 0x1a2c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:43:30.0527 0x1a2c WfpLwf - ok
12:43:30.0549 0x1a2c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:43:30.0560 0x1a2c WIMMount - ok
12:43:30.0584 0x1a2c WinDefend - ok
12:43:30.0590 0x1a2c WinHttpAutoProxySvc - ok
12:43:30.0647 0x1a2c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:43:30.0727 0x1a2c Winmgmt - ok
12:43:30.0807 0x1a2c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
12:43:30.0945 0x1a2c WinRM - ok
12:43:31.0001 0x1a2c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:43:31.0016 0x1a2c WinUsb - ok
12:43:31.0064 0x1a2c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:43:31.0127 0x1a2c Wlansvc - ok
12:43:31.0170 0x1a2c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:43:31.0210 0x1a2c WmiAcpi - ok
12:43:31.0252 0x1a2c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:43:31.0289 0x1a2c wmiApSrv - ok
12:43:31.0316 0x1a2c WMPNetworkSvc - ok
12:43:31.0343 0x1a2c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:43:31.0384 0x1a2c WPCSvc - ok
12:43:31.0419 0x1a2c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:43:31.0462 0x1a2c WPDBusEnum - ok
12:43:31.0490 0x1a2c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:43:31.0533 0x1a2c ws2ifsl - ok
12:43:31.0544 0x1a2c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:43:31.0564 0x1a2c wscsvc - ok
12:43:31.0567 0x1a2c WSearch - ok
12:43:31.0689 0x1a2c [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
12:43:31.0798 0x1a2c wuauserv - ok
12:43:31.0828 0x1a2c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:43:31.0852 0x1a2c WudfPf - ok
12:43:31.0886 0x1a2c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:43:31.0904 0x1a2c WUDFRd - ok
12:43:31.0933 0x1a2c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:43:31.0967 0x1a2c wudfsvc - ok
12:43:31.0999 0x1a2c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:43:32.0036 0x1a2c WwanSvc - ok
12:43:32.0084 0x1a2c [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
12:43:32.0098 0x1a2c xusb21 - ok
12:43:32.0210 0x1a2c ================ Scan global ===============================
12:43:32.0226 0x1a2c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:43:32.0259 0x1a2c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:43:32.0271 0x1a2c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:43:32.0298 0x1a2c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:43:32.0319 0x1a2c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:43:32.0329 0x1a2c [ Global ] - ok
12:43:32.0330 0x1a2c ================ Scan MBR ==================================
12:43:32.0347 0x1a2c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:43:32.0772 0x1a2c \Device\Harddisk0\DR0 - ok
12:43:32.0773 0x1a2c ================ Scan VBR ==================================
12:43:32.0776 0x1a2c [ CEFEA18FEA31FFE7F6362F3BC50B664C ] \Device\Harddisk0\DR0\Partition1
12:43:32.0827 0x1a2c \Device\Harddisk0\DR0\Partition1 - ok
12:43:32.0832 0x1a2c [ 066004D2B98650DD4BA43D50F4AA3724 ] \Device\Harddisk0\DR0\Partition2
12:43:32.0871 0x1a2c \Device\Harddisk0\DR0\Partition2 - ok
12:43:32.0908 0x1a2c [ B377EA4BABB330F44B04F1629FACBBB7 ] \Device\Harddisk0\DR0\Partition3
12:43:32.0911 0x1a2c \Device\Harddisk0\DR0\Partition3 - ok
12:43:32.0911 0x1a2c ================ Scan generic autorun ======================
12:43:32.0967 0x1a2c [ D1930CA970D4250D891F432419E3D6C9, C839ED92D5BCC293081E05F2B199848C37A478A361BA6C3255421A297211C915 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
12:43:32.0981 0x1a2c IAAnotif - ok
12:43:33.0042 0x1a2c [ 3F09D12C0DF3BFF61E80309063F165D2, BE2EDF10141094112EE79A457E6C0B547C2F424E9ADEC3F5C89F6B2604F8288D ] C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
12:43:33.0065 0x1a2c mwlDaemon - ok
12:43:33.0376 0x1a2c [ 0D7CF635D9888072015EBE3B232DFB99, 25F8BB678DA47D4C7D002964597A04EE651E1492C43C217E3987FBC8DA66FDE6 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:43:33.0570 0x1a2c RtHDVCpl - ok
12:43:33.0870 0x1a2c [ 4258314E89922345DB619A0938356E67, 49B16E890903FA6E034DE262CEAFD697B03D7B0D27F2B6F06116852D9C0AAD21 ] C:\Program Files\Logitech Gaming Software\LCore.exe
12:43:34.0044 0x1a2c Launch LCore - ok
12:43:34.0077 0x1a2c [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
12:43:34.0091 0x1a2c Logitech Download Assistant - ok
12:43:34.0130 0x1a2c [ DB4E2D9C09A5762CB2551222B5E443B2, 318AD09D1821E38B7D7ACC0A06965057B494A752C9E34FD1CA41247DC703F985 ] C:\Windows\RaidTool\xInsIDE.exe
12:43:34.0144 0x1a2c JMB36X IDE Setup - detected UnsignedFile.Multi.Generic ( 1 )
12:43:36.0588 0x1a2c Detect skipped due to KSN trusted
12:43:36.0588 0x1a2c JMB36X IDE Setup - ok
12:43:36.0661 0x1a2c [ D9CB30BF12B3670650C85637EA1AB6EA, AFA4943A853ACE460007D3AFE5D45B4C972BF51777ACF4C0E84684DA6A014131 ] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
12:43:36.0684 0x1a2c BackupManagerTray - ok
12:43:36.0734 0x1a2c [ 0AB3C83FCB8EF6F56E4FB22089F0D3B9, AAD1A8E260D82324B33FCB8EF9709EB8E763FF037F3E289F42A674BF6FB59234 ] C:\Program Files (x86)\QuickTime\QTTask.exe
12:43:36.0794 0x1a2c QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
12:43:39.0284 0x1a2c Detect skipped due to KSN trusted
12:43:39.0285 0x1a2c QuickTime Task - ok
12:43:39.0358 0x1a2c [ AD16557CECFB17CF7393D28DC40F6D09, 1D44F79F39E4A9413605DD6F1C63366970475C5E2A3FFF7636A80EFDA0D5E0E8 ] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
12:43:39.0383 0x1a2c Hotkey Utility - ok
12:43:39.0421 0x1a2c [ EF533F9D1E4F51C783D4349A7C3F518F, 5A4B84CFC96F13AF4B5EC1F693152A37DA37FC08150EE37913EC5D6EEEFD490E ] C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
12:43:39.0445 0x1a2c EgisTecLiveUpdate - ok
12:43:39.0515 0x1a2c [ 981E539199217491DF663368C02F4B94, BF17C28733E94D986FEA311DCD6D6507A4FD58515FD5F7C6ABA5A2A92045A511 ] C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe
12:43:39.0567 0x1a2c NortonOnlineBackupReminder - ok
12:43:39.0605 0x1a2c [ F2CC8B9E7761F1CEE4C2ADF1B7A81AA4, EA78163DD3209BA7F6FDDFCEA096F0FBA03251F20546E496513A841B8B4E11CF ] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
12:43:39.0626 0x1a2c ArcadeDeluxeAgent - ok
12:43:39.0665 0x1a2c [ 05CA9B3B22B7992A98967A8399E12B1E, 1B5FD21035CECF63962D3DB43ED0B7C3A60B40E75D1CCE8E7E0FE49A8EF0F13C ] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
12:43:39.0688 0x1a2c PlayMovie - ok
12:43:39.0726 0x1a2c [ C26B09276755E0698B31CF0BAE0BF182, A95B567626C0573DF0F136818AA7E487BC4995552E9B7A041437539E49B99473 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
12:43:39.0737 0x1a2c APSDaemon - ok
12:43:39.0777 0x1a2c [ E4401CF27225C1D6E664E86195978562, F572A2757C2A649E25F52F7071E6A2CCF298C60A8F2B15A0E2D800F890C4FD93 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
12:43:39.0790 0x1a2c iTunesHelper - ok
12:43:39.0844 0x1a2c [ 6E95474CB9E22BC9768EFA176C6A0A29, 0AE08EA94B239F4418BF49A734E36AFEE624CF5C2EB1C24820131D24FD0A7C27 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
12:43:39.0861 0x1a2c HP Software Update - ok
12:43:39.0955 0x1a2c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:43:40.0074 0x1a2c Sidebar - ok
12:43:40.0098 0x1a2c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:43:40.0119 0x1a2c mctadmin - ok
12:43:40.0154 0x1a2c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:43:40.0194 0x1a2c Sidebar - ok
12:43:40.0200 0x1a2c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:43:40.0218 0x1a2c mctadmin - ok
12:43:40.0254 0x1a2c [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
12:43:40.0266 0x1a2c swg - ok
12:43:40.0462 0x1a2c [ 1BFCA8EBFBDC43B5C7C3BCF92A47DD77, EA4A4B5E4BFB31451A472A3E5F23CA163EB53B7D08C892454D6905B034ABBBF6 ] C:\Program Files (x86)\Origin\Origin.exe
12:43:40.0550 0x1a2c EADM - ok
12:43:40.0705 0x1a2c [ BD13B6E4F250358DCE617047FF3512D4, C7D3291191B4D76738C291B582ECF97D538FFCAE1D23B5F594AA237022FD82E7 ] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
12:43:40.0772 0x1a2c HP Deskjet 3050A J611 series (NET) - ok
12:43:41.0155 0x1a2c [ 60A5CF720CE4017796DE9EB5F0B8F970, B696934264D121E6D1707CDE75CD9807157AAA33C71146D4A31739E0696C563A ] C:\Program Files (x86)\Steam\steam.exe
12:43:41.0255 0x1a2c Steam - ok
12:43:41.0443 0x1a2c [ 08DFA176E4FC0E63ACD8EC854449D2B0, B8CA204C3F318CD9D12F61CDDA5C66184A48D6206F019AD11DB2605FDBEB288D ] C:\Users\Christina\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
12:43:41.0500 0x1a2c Spotify Web Helper - ok
12:43:41.0512 0x1a2c icq - ok
12:43:41.0596 0x1a2c [ 83DB0B48A15DA940EE98D9D718B28F12, C0BF03063E52B50BCD6FC82B34869CDD17E00F15593D0FFEC036E977A71FEEA2 ] C:\Windows\system32\Macromed\Flash\FlashUtil64_12_0_0_77_ActiveX.exe
12:43:41.0617 0x1a2c FlashPlayerUpdate - ok
12:43:41.0618 0x1a2c Waiting for KSN requests completion. In queue: 266
12:43:42.0618 0x1a2c Waiting for KSN requests completion. In queue: 266
12:43:43.0618 0x1a2c Waiting for KSN requests completion. In queue: 266
12:43:44.0163 0x14ac Object required for P2P: [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig
12:43:44.0618 0x1a2c Waiting for KSN requests completion. In queue: 242
12:43:45.0618 0x1a2c Waiting for KSN requests completion. In queue: 242
12:43:46.0608 0x14ac Object send P2P result: true
12:43:46.0611 0x14ac Object required for P2P: [ 0A92CB65770442ED0DC44834632F66AD ] nvraid
12:43:46.0618 0x1a2c Waiting for KSN requests completion. In queue: 209
12:43:47.0618 0x1a2c Waiting for KSN requests completion. In queue: 209
12:43:48.0618 0x1a2c Waiting for KSN requests completion. In queue: 209
12:43:49.0618 0x1a2c Waiting for KSN requests completion. In queue: 209
12:43:50.0618 0x1a2c Waiting for KSN requests completion. In queue: 209
12:43:51.0618 0x1a2c Waiting for KSN requests completion. In queue: 209
12:43:52.0618 0x1a2c Waiting for KSN requests completion. In queue: 209
12:43:53.0618 0x1a2c Waiting for KSN requests completion. In queue: 209
12:43:54.0618 0x1a2c Waiting for KSN requests completion. In queue: 209
12:43:55.0619 0x1a2c Waiting for KSN requests completion. In queue: 209
12:43:56.0619 0x1a2c Waiting for KSN requests completion. In queue: 209
12:43:57.0619 0x1a2c Waiting for KSN requests completion. In queue: 209
12:43:58.0619 0x1a2c Waiting for KSN requests completion. In queue: 209
12:43:59.0619 0x1a2c Waiting for KSN requests completion. In queue: 209
12:44:00.0619 0x1a2c Waiting for KSN requests completion. In queue: 209
12:44:01.0619 0x1a2c Waiting for KSN requests completion. In queue: 209
12:44:02.0076 0x14ac Object send P2P result: true
12:44:02.0083 0x14ac Object required for P2P: [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia
12:44:02.0619 0x1a2c Waiting for KSN requests completion. In queue: 193
12:44:03.0619 0x1a2c Waiting for KSN requests completion. In queue: 193
12:44:04.0533 0x14ac Object send P2P result: true
12:44:04.0535 0x14ac Object required for P2P: [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx
12:44:04.0619 0x1a2c Waiting for KSN requests completion. In queue: 178
12:44:05.0619 0x1a2c Waiting for KSN requests completion. In queue: 178
12:44:06.0619 0x1a2c Waiting for KSN requests completion. In queue: 178
12:44:07.0017 0x14ac Object send P2P result: true
12:44:07.0028 0x14ac Object required for P2P: [ 765A92D428A8DB88B960DA5A8D6089DC ] usbohci
12:44:07.0619 0x1a2c Waiting for KSN requests completion. In queue: 79
12:44:08.0619 0x1a2c Waiting for KSN requests completion. In queue: 79
12:44:09.0470 0x14ac Object send P2P result: true
12:44:09.0470 0x14ac Object required for P2P: [ 1F775DA4CF1A3A1834207E975A72E9D7 ] usbvideo
12:44:09.0619 0x1a2c Waiting for KSN requests completion. In queue: 74
12:44:10.0619 0x1a2c Waiting for KSN requests completion. In queue: 74
12:44:11.0619 0x1a2c Waiting for KSN requests completion. In queue: 74
12:44:12.0239 0x14ac Object send P2P result: true
12:44:12.0637 0x1a2c AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\wmiav.exe ( 13.0.1.4190 ), 0x41000 ( enabled : updated )
12:44:12.0639 0x1a2c FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\wmifw.exe ( 13.0.1.4190 ), 0x41010 ( enabled )
12:44:14.0989 0x1a2c ============================================================
12:44:14.0989 0x1a2c Scan finished
12:44:14.0989 0x1a2c ============================================================
12:44:14.0997 0x16a4 Detected object count: 1
12:44:14.0997 0x16a4 Actual detected object count: 1
12:44:45.0931 0x16a4 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
12:44:45.0931 0x16a4 Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.08.3.1004
www.malwarebytes.org
Database version:
main: v2015.02.08.04
rootkit: v2015.02.03.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17498
Christina :: CHRISTINAVAIO [administrator]
08.02.2015 12:26:20
mbar-log-2015-02-08 (12-26-20).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 367782
Time elapsed: 40 minute(s), 46 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
08.02.2015, 13:30
| #9 |
| | Telekom Abuse Team: "Virus/Trojaner infiziert"Code:
ATTFilter 13:23:07.0362 0x1ea8 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
13:23:07.0362 0x1ea8 UEFI system
13:23:12.0675 0x1ea8 ============================================================
13:23:12.0675 0x1ea8 Current date / time: 2015/02/08 13:23:12.0675
13:23:12.0675 0x1ea8 SystemInfo:
13:23:12.0675 0x1ea8
13:23:12.0675 0x1ea8 OS Version: 6.3.9600 ServicePack: 0.0
13:23:12.0675 0x1ea8 Product type: Workstation
13:23:12.0675 0x1ea8 ComputerName: CHRISTINAVAIO
13:23:12.0675 0x1ea8 UserName: Christina
13:23:12.0675 0x1ea8 Windows directory: C:\WINDOWS
13:23:12.0675 0x1ea8 System windows directory: C:\WINDOWS
13:23:12.0675 0x1ea8 Running under WOW64
13:23:12.0675 0x1ea8 Processor architecture: Intel x64
13:23:12.0675 0x1ea8 Number of processors: 2
13:23:12.0675 0x1ea8 Page size: 0x1000
13:23:12.0675 0x1ea8 Boot type: Normal boot
13:23:12.0675 0x1ea8 ============================================================
13:23:14.0472 0x1ea8 KLMD registered as C:\WINDOWS\system32\drivers\83939387.sys
13:23:17.0035 0x1ea8 System UUID: {11E3F98B-597D-4B67-B3EE-61C042E40193}
13:23:18.0692 0x1ea8 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:23:18.0707 0x1ea8 ============================================================
13:23:18.0707 0x1ea8 \Device\Harddisk0\DR0:
13:23:18.0723 0x1ea8 GPT partitions:
13:23:18.0739 0x1ea8 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {F4019732-066E-4E12-8273-346C5641494F}, UniqueGUID: {66783FBE-801D-41F3-9948-F47A1C5AAC67}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000
13:23:18.0739 0x1ea8 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1FAC8909-9644-4E0C-8F34-C96B9B8A023E}, Name: Basic data partition, StartLBA 0x82800, BlocksNum 0x2E1000
13:23:18.0739 0x1ea8 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {10E3BE27-8E68-41B4-9F2F-B6D5C9C91143}, Name: EFI system partition, StartLBA 0x363800, BlocksNum 0x82000
13:23:18.0739 0x1ea8 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {3CC707F1-6CB9-47F4-B5BE-80822984C630}, Name: Microsoft reserved partition, StartLBA 0x3E5800, BlocksNum 0x40000
13:23:18.0739 0x1ea8 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {71DC03D1-34A0-4DE3-8C0B-F13B813F923B}, Name: Basic data partition, StartLBA 0x425800, BlocksNum 0x366EE000
13:23:18.0739 0x1ea8 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {58B799C5-ED2B-4384-A729-12BFF27464BF}, Name: , StartLBA 0x36B13800, BlocksNum 0xE1000
13:23:18.0739 0x1ea8 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D2A79B1B-CF4E-4A38-AE77-1D5417354458}, Name: Basic data partition, StartLBA 0x36BF4800, BlocksNum 0x3791800
13:23:18.0739 0x1ea8 MBR partitions:
13:23:18.0739 0x1ea8 ============================================================
13:23:18.0770 0x1ea8 C: <-> \Device\Harddisk0\DR0\Partition5
13:23:18.0770 0x1ea8 ============================================================
13:23:18.0770 0x1ea8 Initialize success
13:23:18.0770 0x1ea8 ============================================================
13:23:27.0506 0x25f4 ============================================================
13:23:27.0506 0x25f4 Scan started
13:23:27.0506 0x25f4 Mode: Manual; SigCheck; TDLFS;
13:23:27.0506 0x25f4 ============================================================
13:23:27.0506 0x25f4 KSN ping started
13:23:29.0834 0x25f4 KSN ping finished: true
13:23:31.0569 0x25f4 ================ Scan system memory ========================
13:23:31.0569 0x25f4 System memory - ok
13:23:31.0569 0x25f4 ================ Scan services =============================
13:23:31.0772 0x25f4 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
13:23:31.0866 0x25f4 1394ohci - ok
13:23:31.0944 0x25f4 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
13:23:31.0959 0x25f4 3ware - ok
13:23:32.0006 0x25f4 [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
13:23:32.0069 0x25f4 ACPI - ok
13:23:32.0069 0x25f4 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
13:23:32.0084 0x25f4 acpiex - ok
13:23:32.0100 0x25f4 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
13:23:32.0116 0x25f4 acpipagr - ok
13:23:32.0147 0x25f4 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
13:23:32.0272 0x25f4 AcpiPmi - ok
13:23:32.0287 0x25f4 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
13:23:32.0334 0x25f4 acpitime - ok
13:23:32.0350 0x25f4 [ D0B11E40EA74A98A5E133DF1F5276240, BAD5885CD8CC271D59DFA95159EFC3AC36D2BA11B6DA593AAED0C45F1C2F280F ] acsock C:\WINDOWS\system32\DRIVERS\acsock64.sys
13:23:32.0366 0x25f4 acsock - ok
13:23:32.0506 0x25f4 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:23:32.0506 0x25f4 AdobeARMservice - ok
13:23:32.0600 0x25f4 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
13:23:32.0709 0x25f4 ADP80XX - ok
13:23:32.0756 0x25f4 [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
13:23:32.0834 0x25f4 AeLookupSvc - ok
13:23:32.0912 0x25f4 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
13:23:33.0037 0x25f4 AFD - ok
13:23:33.0084 0x25f4 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
13:23:33.0116 0x25f4 agp440 - ok
13:23:33.0147 0x25f4 [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
13:23:33.0241 0x25f4 ahcache - ok
13:23:33.0319 0x25f4 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\WINDOWS\System32\alg.exe
13:23:33.0397 0x25f4 ALG - ok
13:23:33.0444 0x25f4 [ 6CF81DD5083D7F94A7E76E50429A949C, 19240502A6406924F889D1AFA975B975A300776D8B2D0557181DF13649622E2B ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
13:23:33.0553 0x25f4 AMD External Events Utility - ok
13:23:33.0584 0x25f4 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
13:23:33.0678 0x25f4 AmdK8 - ok
13:23:34.0631 0x25f4 [ 71F8D8B977ACC5973FA042BF906E709F, 8106C5F5C8E40344CCCDB912845786DF287BDF068D7A6EF9D26B00FA1754C1BC ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
13:23:35.0868 0x25f4 amdkmdag - ok
13:23:35.0993 0x25f4 [ 4AA027F91A8093B1CDF453B5394F6715, E6D15E959637C102A34F73F66BFDC38436575A2FEFFC3976ACF399A472F126A5 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
13:23:36.0118 0x25f4 amdkmdap - ok
13:23:36.0165 0x25f4 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
13:23:36.0212 0x25f4 AmdPPM - ok
13:23:36.0243 0x25f4 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
13:23:36.0274 0x25f4 amdsata - ok
13:23:36.0306 0x25f4 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
13:23:36.0352 0x25f4 amdsbs - ok
13:23:36.0368 0x25f4 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
13:23:36.0399 0x25f4 amdxata - ok
13:23:36.0446 0x25f4 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\WINDOWS\system32\drivers\appid.sys
13:23:36.0540 0x25f4 AppID - ok
13:23:36.0587 0x25f4 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
13:23:36.0649 0x25f4 AppIDSvc - ok
13:23:36.0696 0x25f4 [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo C:\WINDOWS\System32\appinfo.dll
13:23:36.0774 0x25f4 Appinfo - ok
13:23:36.0868 0x25f4 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:23:36.0884 0x25f4 Apple Mobile Device - ok
13:23:36.0978 0x25f4 [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
13:23:37.0087 0x25f4 AppReadiness - ok
13:23:37.0212 0x25f4 [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
13:23:37.0493 0x25f4 AppXSvc - ok
13:23:37.0556 0x25f4 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
13:23:37.0587 0x25f4 arcsas - ok
13:23:37.0603 0x25f4 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
13:23:37.0634 0x25f4 atapi - ok
13:23:37.0681 0x25f4 [ 51C6777AD7649F6C3ED389151CFD9DE6, B010089D83A9D96DC5D1C525B8EA913CF2F80FA0254684A16DD29CCA9BE84620 ] AthBTPort C:\WINDOWS\system32\DRIVERS\btath_flt.sys
13:23:37.0697 0x25f4 AthBTPort - ok
13:23:37.0759 0x25f4 [ CA9E443BEDE3A372BD8D6CC2D62113CA, 6AEE7FACBA24BB43C499C1B862A7F28C7C2050CD1227BD074F6266EE36347ECA ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
13:23:37.0790 0x25f4 AtherosSvc - ok
13:23:38.0087 0x25f4 [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr C:\WINDOWS\system32\DRIVERS\athw8x.sys
13:23:38.0478 0x25f4 athr - ok
13:23:38.0525 0x25f4 [ 506907D2E7F3A5B67DBD39C00A788B7C, 618C91FB9F49C69F88A993F164D7E9E4B7CAD0F34DCF77CF0C6F259A28448171 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdW86.sys
13:23:38.0540 0x25f4 AtiHDAudioService - ok
13:23:38.0572 0x25f4 [ 7F70B1044272982AAEA7C16E83424770, A7694D38DF5A0E1040688017DB811EF0788874FE505ADD572DE4D4647073DC12 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
13:23:38.0634 0x25f4 AudioEndpointBuilder - ok
13:23:38.0790 0x25f4 [ C0484CA5C7F87E38909746B63C7FC868, 65159639E2300AEA886184E9D47D449350DAF69A8AA2F9DBD6BD8A474BA73177 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
13:23:38.0900 0x25f4 Audiosrv - ok
13:23:38.0994 0x25f4 [ 15D2DB9BFA8E833ED31FAB2BB088FDDA, 6198C0A5DA01DA146A9A054C3C882A1DBF9BA84466EBFDDA1C1062EF36F9B34B ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
13:23:39.0040 0x25f4 AVP - ok
13:23:39.0087 0x25f4 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
13:23:39.0150 0x25f4 AxInstSV - ok
13:23:39.0212 0x25f4 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
13:23:39.0275 0x25f4 b06bdrv - ok
13:23:39.0306 0x25f4 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
13:23:39.0369 0x25f4 BasicDisplay - ok
13:23:39.0384 0x25f4 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
13:23:39.0447 0x25f4 BasicRender - ok
13:23:39.0494 0x25f4 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
13:23:39.0509 0x25f4 bcmfn2 - ok
13:23:39.0509 0x1a40 Object required for P2P: [ 374E27295F0A9DCAA8FC96370F9BEEA5 ] AFD
13:23:39.0556 0x25f4 [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
13:23:39.0650 0x25f4 BDESVC - ok
13:23:39.0681 0x25f4 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:23:39.0775 0x25f4 Beep - ok
13:23:39.0853 0x25f4 [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE C:\WINDOWS\System32\bfe.dll
13:23:39.0962 0x25f4 BFE - ok
13:23:40.0056 0x25f4 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\WINDOWS\System32\qmgr.dll
13:23:40.0259 0x25f4 BITS - ok
13:23:40.0369 0x25f4 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:23:40.0416 0x25f4 Bonjour Service - ok
13:23:40.0447 0x25f4 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
13:23:40.0541 0x25f4 bowser - ok
13:23:40.0587 0x25f4 [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
13:23:40.0681 0x25f4 BrokerInfrastructure - ok
13:23:40.0728 0x25f4 [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser C:\WINDOWS\System32\browser.dll
13:23:40.0791 0x25f4 Browser - ok
13:23:40.0853 0x25f4 [ B600D86961C6DF87EEB637D4C4ABB663, 1847B661373AFC14607682C51A786D5E450E10A10ADCEE4A3951055552531301 ] BTATH_A2DP C:\WINDOWS\system32\drivers\btath_a2dp.sys
13:23:40.0916 0x25f4 BTATH_A2DP - ok
13:23:40.0931 0x25f4 [ 43C965027229D9FF6E52E4C71C03B09E, AF0E39EAD8B17A65F885272BEF12BF91578289C183FB39BB803183BE0E5547D1 ] btath_avdt C:\WINDOWS\system32\drivers\btath_avdt.sys
13:23:40.0962 0x25f4 btath_avdt - ok
13:23:41.0009 0x25f4 [ 23CEDCD7527A26B222732A158F76EB24, 5A45D7FC8DFB96A938EEB8604B79413A10C0C16A17D3139B712263211D8215E9 ] BTATH_BUS C:\WINDOWS\System32\drivers\btath_bus.sys
13:23:41.0025 0x25f4 BTATH_BUS - ok
13:23:41.0072 0x25f4 [ 3DD64966A764BCAFF07C9DC064BD410E, 456252339BCA224549E4CBCD5A0501AF10340211CFD567C577067ABF5DABB21F ] BTATH_HCRP C:\WINDOWS\System32\drivers\btath_hcrp.sys
13:23:41.0103 0x25f4 BTATH_HCRP - ok
13:23:41.0119 0x25f4 [ B68EE0721EAC305AB1C9C989CDF1AEFF, 3F7CE8E244836E23456E519E48E53E4B9331C9AD9BAF13C208C922404575638A ] BTATH_LWFLT C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
13:23:41.0150 0x25f4 BTATH_LWFLT - ok
13:23:41.0197 0x25f4 [ 057DA8351AD21AE485A11A8237DC9263, 151C0A591A26E26C7700F00EC8E95C6D8A5406869109A0CA01A3C38D1C5FBA2A ] BTATH_RCP C:\WINDOWS\System32\drivers\btath_rcp.sys
13:23:41.0212 0x25f4 BTATH_RCP - ok
13:23:41.0275 0x25f4 [ AABB87C9AE0537A6DCDAC8AE11CC1F5A, 5D2A58CF28685012DDD3B32E84FC440C92881950CF5B30254EDA94105C5C89E7 ] BTATH_VDP C:\WINDOWS\system32\drivers\btath_vdp.sys
13:23:41.0322 0x25f4 BTATH_VDP - ok
13:23:41.0400 0x25f4 [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
13:23:41.0478 0x25f4 BtFilter - ok
13:23:41.0525 0x25f4 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
13:23:41.0556 0x25f4 BthAvrcpTg - ok
13:23:41.0587 0x25f4 [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
13:23:41.0695 0x25f4 BthEnum - ok
13:23:41.0695 0x25f4 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
13:23:41.0742 0x25f4 BthHFEnum - ok
13:23:41.0773 0x25f4 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
13:23:41.0820 0x25f4 bthhfhid - ok
13:23:41.0867 0x25f4 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
13:23:41.0929 0x25f4 BthLEEnum - ok
13:23:41.0945 0x25f4 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
13:23:41.0961 0x1a40 Object send P2P result: true
13:23:41.0992 0x25f4 BTHMODEM - ok
13:23:42.0039 0x25f4 [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
13:23:42.0133 0x25f4 BthPan - ok
13:23:42.0273 0x25f4 [ 97B9076611291AE4C4C107BC915BD026, 0A77873AAF1ADB76CAB98A84D2242781E34E2699632E45EB92ED7DB20B2BE0C1 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
13:23:42.0430 0x25f4 BTHPORT - ok
13:23:42.0476 0x25f4 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\WINDOWS\system32\bthserv.dll
13:23:42.0570 0x25f4 bthserv - ok
13:23:42.0648 0x25f4 [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
13:23:42.0742 0x25f4 BTHUSB - ok
13:23:42.0789 0x25f4 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
13:23:42.0851 0x25f4 cdfs - ok
13:23:42.0945 0x25f4 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
13:23:42.0992 0x25f4 cdrom - ok
13:23:43.0039 0x25f4 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
13:23:43.0117 0x25f4 CertPropSvc - ok
13:23:43.0148 0x25f4 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
13:23:43.0195 0x25f4 circlass - ok
13:23:43.0273 0x25f4 [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
13:23:43.0336 0x25f4 CLFS - ok
13:23:43.0555 0x11bc Object required for P2P: [ 15D2DB9BFA8E833ED31FAB2BB088FDDA ] AVP
13:23:43.0695 0x25f4 [ 7E526C5B4DD233EBCF1EA3EC211E2913, 9DC99F18454001AF5462C773C174E2D6E503316550C7E9D7824E9CBC503FCA3B ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
13:23:43.0898 0x25f4 ClickToRunSvc - ok
13:23:43.0961 0x25f4 [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
13:23:43.0992 0x25f4 CLVirtualDrive - ok
13:23:44.0039 0x25f4 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
13:23:44.0086 0x25f4 CmBatt - ok
13:23:44.0164 0x25f4 [ 4E1207CE16E615B0B7A70DC889F4500E, 1778D5AC0AF5F5DD1551192F4CDBCCB9878995155CF337EBB03460A6FD5C6B78 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
13:23:44.0258 0x25f4 CNG - ok
13:23:44.0273 0x25f4 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
13:23:44.0320 0x25f4 CompositeBus - ok
13:23:44.0320 0x25f4 COMSysApp - ok
13:23:44.0352 0x25f4 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
13:23:44.0445 0x25f4 condrv - ok
13:23:44.0508 0x25f4 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
13:23:44.0570 0x25f4 CryptSvc - ok
13:23:44.0634 0x25f4 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
13:23:44.0665 0x25f4 dam - ok
13:23:44.0759 0x25f4 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:23:44.0899 0x25f4 DcomLaunch - ok
13:23:45.0024 0x25f4 [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
13:23:45.0181 0x25f4 defragsvc - ok
13:23:45.0274 0x25f4 [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
13:23:45.0368 0x25f4 DeviceAssociationService - ok
13:23:45.0415 0x25f4 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
13:23:45.0509 0x25f4 DeviceInstall - ok
13:23:45.0540 0x25f4 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
13:23:45.0649 0x25f4 Dfsc - ok
13:23:45.0728 0x25f4 [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
13:23:45.0821 0x25f4 Dhcp - ok
13:23:45.0884 0x25f4 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
13:23:45.0915 0x25f4 disk - ok
13:23:45.0946 0x25f4 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
13:23:46.0024 0x25f4 dmvsc - ok
13:23:46.0087 0x25f4 [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:23:46.0181 0x25f4 Dnscache - ok
13:23:46.0181 0x11bc Object send P2P result: true
13:23:46.0196 0x11bc Object required for P2P: [ 43C965027229D9FF6E52E4C71C03B09E ] btath_avdt
13:23:46.0243 0x25f4 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\WINDOWS\System32\dot3svc.dll
13:23:46.0321 0x25f4 dot3svc - ok
13:23:46.0337 0x25f4 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\WINDOWS\system32\dps.dll
13:23:46.0446 0x25f4 DPS - ok
13:23:46.0493 0x25f4 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
13:23:46.0509 0x25f4 drmkaud - ok
13:23:46.0571 0x25f4 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
13:23:46.0634 0x25f4 DsmSvc - ok
13:23:46.0775 0x25f4 [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
13:23:46.0962 0x25f4 DXGKrnl - ok
13:23:47.0056 0x25f4 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\WINDOWS\System32\eapsvc.dll
13:23:47.0118 0x25f4 Eaphost - ok
13:23:47.0384 0x25f4 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
13:23:47.0777 0x25f4 ebdrv - ok
13:23:47.0870 0x25f4 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\WINDOWS\System32\lsass.exe
13:23:47.0902 0x25f4 EFS - ok
13:23:47.0917 0x25f4 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
13:23:47.0948 0x25f4 EhStorClass - ok
13:23:47.0980 0x25f4 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
13:23:48.0027 0x25f4 EhStorTcgDrv - ok
13:23:48.0042 0x25f4 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
13:23:48.0105 0x25f4 ErrDev - ok
13:23:48.0199 0x25f4 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\WINDOWS\system32\es.dll
13:23:48.0308 0x25f4 EventSystem - ok
13:23:48.0370 0x25f4 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
13:23:48.0449 0x25f4 exfat - ok
13:23:48.0480 0x25f4 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
13:23:48.0527 0x25f4 fastfat - ok
13:23:48.0605 0x25f4 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\WINDOWS\system32\fxssvc.exe
13:23:48.0621 0x11bc Object send P2P result: true
13:23:48.0762 0x25f4 Fax - ok
13:23:48.0793 0x25f4 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
13:23:48.0840 0x25f4 fdc - ok
13:23:48.0871 0x25f4 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\WINDOWS\system32\fdPHost.dll
13:23:48.0934 0x25f4 fdPHost - ok
13:23:48.0965 0x25f4 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\WINDOWS\system32\fdrespub.dll
13:23:49.0043 0x25f4 FDResPub - ok
13:23:49.0059 0x25f4 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\WINDOWS\system32\fhsvc.dll
13:23:49.0152 0x25f4 fhsvc - ok
13:23:49.0199 0x25f4 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
13:23:49.0231 0x25f4 FileInfo - ok
13:23:49.0231 0x25f4 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
13:23:49.0293 0x25f4 Filetrace - ok
13:23:49.0324 0x25f4 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
13:23:49.0356 0x25f4 flpydisk - ok
13:23:49.0434 0x25f4 [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
13:23:49.0481 0x25f4 FltMgr - ok
13:23:49.0621 0x25f4 [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\WINDOWS\system32\FntCache.dll
13:23:49.0824 0x25f4 FontCache - ok
13:23:49.0981 0x25f4 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:23:50.0012 0x25f4 FontCache3.0.0.0 - ok
13:23:50.0028 0x25f4 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
13:23:50.0059 0x25f4 FsDepends - ok
13:23:50.0059 0x25f4 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:23:50.0090 0x25f4 Fs_Rec - ok
13:23:50.0184 0x25f4 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
13:23:50.0293 0x25f4 fvevol - ok
13:23:50.0309 0x25f4 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
13:23:50.0356 0x25f4 FxPPM - ok
13:23:50.0387 0x25f4 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
13:23:50.0418 0x25f4 gagp30kx - ok
13:23:50.0465 0x25f4 [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
13:23:50.0496 0x25f4 GamesAppService - ok
13:23:50.0543 0x25f4 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
13:23:50.0559 0x25f4 GEARAspiWDM - ok
13:23:50.0590 0x25f4 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
13:23:50.0638 0x25f4 gencounter - ok
13:23:50.0669 0x25f4 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
13:23:50.0716 0x25f4 GPIOClx0101 - ok
13:23:50.0841 0x25f4 [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
13:23:51.0028 0x25f4 gpsvc - ok
13:23:51.0060 0x25f4 [ 0E57453205AD9648E4770F7D21D49454, C34FAA1195EAF4581EF124E9D2CCAC43FE7E99255940B172FF086D1F148BFD17 ] hamachi C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
13:23:51.0091 0x25f4 hamachi - ok
13:23:51.0294 0x25f4 [ 1AF89F124E46EECF2C13CBA0F45B3512, 86FF5B5B9F3F07972CB3ACAFCDD38DB465B184FD1B72CA0964736DBBC0402719 ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
13:23:51.0497 0x25f4 Hamachi2Svc - ok
13:23:51.0575 0x25f4 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
13:23:51.0638 0x25f4 HDAudBus - ok
13:23:51.0653 0x25f4 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
13:23:51.0700 0x25f4 HidBatt - ok
13:23:51.0732 0x25f4 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
13:23:51.0778 0x25f4 HidBth - ok
13:23:51.0825 0x25f4 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
13:23:51.0857 0x25f4 hidi2c - ok
13:23:51.0903 0x25f4 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
13:23:51.0935 0x25f4 HidIr - ok
13:23:51.0982 0x25f4 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\WINDOWS\system32\hidserv.dll
13:23:52.0028 0x25f4 hidserv - ok
13:23:52.0075 0x25f4 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
13:23:52.0216 0x25f4 HidUsb - ok
13:23:52.0278 0x25f4 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
13:23:52.0357 0x25f4 hkmsvc - ok
13:23:52.0388 0x25f4 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
13:23:52.0528 0x25f4 HomeGroupListener - ok
13:23:52.0638 0x25f4 [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
13:23:52.0732 0x25f4 HomeGroupProvider - ok
13:23:52.0778 0x25f4 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
13:23:52.0810 0x25f4 HpSAMD - ok
13:23:52.0903 0x25f4 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
13:23:53.0028 0x25f4 HTTP - ok
13:23:53.0075 0x25f4 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
13:23:53.0107 0x25f4 hwpolicy - ok
13:23:53.0122 0x25f4 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
13:23:53.0169 0x25f4 hyperkbd - ok
13:23:53.0185 0x25f4 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
13:23:53.0216 0x25f4 HyperVideo - ok
13:23:53.0247 0x25f4 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
13:23:53.0294 0x25f4 i8042prt - ok
13:23:53.0325 0x25f4 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
13:23:53.0341 0x25f4 iaLPSSi_GPIO - ok
13:23:53.0388 0x25f4 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
13:23:53.0404 0x25f4 iaLPSSi_I2C - ok
13:23:53.0497 0x25f4 [ F5A9FBAE160BD1837C2F1B85324A6762, 49D819127BEA098A229BF5024FEA169413E65659A8ADE6D9A6B88EBAF46D6B24 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
13:23:53.0560 0x25f4 iaStorA - ok
13:23:53.0624 0x25f4 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
13:23:53.0765 0x25f4 iaStorAV - ok
13:23:53.0843 0x25f4 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
13:23:53.0905 0x25f4 iaStorV - ok
13:23:54.0108 0x25f4 [ 15C9BF6968A0990D8F4161A6ABEB7229, BBF73B50938DB9EA50EE0CFF37277E44FE50EA666FA6E5AF542C8C40DBAD84CA ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
13:23:54.0358 0x25f4 IconMan_R - ok
13:23:54.0358 0x25f4 IEEtwCollectorService - ok
13:23:54.0483 0x25f4 [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT C:\WINDOWS\System32\ikeext.dll
13:23:54.0608 0x25f4 IKEEXT - ok
13:23:54.0940 0x25f4 [ DDC860724AEF8F8E42AC61E6585769C6, 62AD5772E8097B03E161E6F14582E2A4BBA0DFA1A1E7F664D881D464E136DBD2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
13:23:55.0347 0x25f4 IntcAzAudAddService - ok
13:23:55.0440 0x25f4 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
13:23:55.0519 0x25f4 Intel(R) Capability Licensing Service Interface - ok
13:23:55.0581 0x25f4 [ 9656F8E29F6C3161A3E99BCD3A472FF9, 30AD00B53CCB2E4121508729F3471D3C0568F1C32324C398382C97E8BC43ECF0 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
13:23:55.0597 0x25f4 Intel(R) ME Service - ok
13:23:55.0612 0x25f4 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
13:23:55.0644 0x25f4 intelide - ok
13:23:55.0675 0x25f4 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
13:23:55.0706 0x25f4 intelpep - ok
13:23:55.0753 0x25f4 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
13:23:55.0800 0x25f4 intelppm - ok
13:23:55.0831 0x25f4 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:23:55.0894 0x25f4 IpFilterDriver - ok
13:23:55.0987 0x25f4 [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
13:23:56.0112 0x25f4 iphlpsvc - ok
13:23:56.0159 0x25f4 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
13:23:56.0253 0x25f4 IPMIDRV - ok
13:23:56.0300 0x25f4 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
13:23:56.0394 0x25f4 IPNAT - ok
13:23:56.0456 0x25f4 [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:23:56.0519 0x25f4 iPod Service - ok
13:23:56.0534 0x25f4 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
13:23:56.0581 0x25f4 IRENUM - ok
13:23:56.0597 0x25f4 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
13:23:56.0628 0x25f4 isapnp - ok
13:23:56.0691 0x25f4 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
13:23:56.0753 0x25f4 iScsiPrt - ok
13:23:56.0784 0x25f4 [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:23:56.0816 0x25f4 jhi_service - ok
13:23:56.0862 0x25f4 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
13:23:56.0894 0x25f4 kbdclass - ok
13:23:56.0909 0x25f4 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
13:23:56.0956 0x25f4 kbdhid - ok
13:23:56.0956 0x25f4 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
13:23:57.0050 0x25f4 kdnic - ok
13:23:57.0081 0x25f4 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\WINDOWS\system32\lsass.exe
13:23:57.0112 0x25f4 KeyIso - ok
13:23:57.0191 0x25f4 [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys
13:23:57.0237 0x25f4 kl1 - ok
13:23:57.0284 0x25f4 [ F2EB9202FCCC81E0902D3C5A70037A44, 9554851BB68228500E69536B0C484B32FC92B85A76A7F1F268549212D0D5CFCA ] klelam C:\WINDOWS\system32\DRIVERS\klelam.sys
13:23:57.0316 0x25f4 klelam - ok
13:23:57.0378 0x25f4 [ E2C39E0FF41CAB5FA94CEFF7EA664103, EBD502679519C436217E0EB5A72084D23EBC4FEBE285DE144C50B14EC981DDBC ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
13:23:57.0456 0x25f4 KLIF - ok
13:23:57.0519 0x25f4 [ B6822DEFE601629F19E0A2D7F0D623F2, FD71A2AA3FC4698B5436D185E2F2A3EB6A111AE8F35606E1658E2D18CE744F13 ] KLIM6 C:\WINDOWS\system32\DRIVERS\klim6.sys
13:23:57.0534 0x25f4 KLIM6 - ok
13:23:57.0566 0x25f4 [ AEEC4E904850525C4D4552AF4A971BA3, C8E5267A5CE244096162118DFE72D2EA494DD34ECAEC74B7EB0DF770761E06C0 ] klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
13:23:57.0581 0x25f4 klkbdflt - ok
13:23:57.0663 0x25f4 [ 8849D8F6259D3494E8C5C9482EE40A08, 62C60FD28916407AEF3C4F8B8FF7E5FCDFAE261E772E672E3E06F0D0CA6D6729 ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
13:23:57.0679 0x25f4 klmouflt - ok
13:23:57.0726 0x25f4 [ 781EFBB7BDE229C1615892E2A2D98721, 82D017AE1ADE75075F83B62256A9DC14F6D764ADF6E79CF2717854BCA5F5F1C5 ] klwfp C:\WINDOWS\system32\DRIVERS\klwfp.sys
13:23:57.0757 0x25f4 klwfp - ok
13:23:57.0773 0x25f4 [ 1FCB657B581CC4DF17FD6571F93602DE, D5D95773D19AA47BA619D149FD6068198E2AA05C219C3936E327B3DFFDE6B10C ] kneps C:\WINDOWS\system32\DRIVERS\kneps.sys
13:23:57.0804 0x25f4 kneps - ok
13:23:57.0835 0x25f4 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
13:23:57.0866 0x25f4 KSecDD - ok
13:23:57.0913 0x25f4 [ 6D2EE96150E35B9EA49F2B481DE0369A, AC5915219FD81D89E444F6E86D71F7C495108FC35E7BD683321FC7006161AFE1 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
13:23:57.0944 0x25f4 KSecPkg - ok
13:23:57.0976 0x25f4 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
13:23:58.0023 0x25f4 ksthunk - ok
13:23:58.0101 0x25f4 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
13:23:58.0179 0x25f4 KtmRm - ok
13:23:58.0241 0x25f4 [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
13:23:58.0382 0x25f4 LanmanServer - ok
13:23:58.0460 0x25f4 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
13:23:58.0507 0x25f4 LanmanWorkstation - ok
13:23:58.0601 0x25f4 [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
13:23:58.0710 0x25f4 lfsvc - ok
13:23:58.0741 0x25f4 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
13:23:58.0788 0x25f4 lltdio - ok
13:23:58.0851 0x25f4 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
13:23:58.0913 0x25f4 lltdsvc - ok
13:23:58.0960 0x25f4 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
13:23:59.0023 0x25f4 lmhosts - ok
13:23:59.0116 0x25f4 [ DECDC94EE980974EDFE4663B28A127C1, 9546F6B6F049EAD3D503A18CA106A1716AFE46CA40769D3DB128A3C152E02D30 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
13:23:59.0163 0x25f4 LMIGuardianSvc - ok
13:23:59.0210 0x25f4 [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:23:59.0241 0x25f4 LMS - ok
13:23:59.0304 0x25f4 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
13:23:59.0335 0x25f4 LSI_SAS - ok
13:23:59.0366 0x25f4 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
13:23:59.0398 0x25f4 LSI_SAS2 - ok
13:23:59.0429 0x25f4 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
13:23:59.0460 0x25f4 LSI_SAS3 - ok
13:23:59.0476 0x25f4 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
13:23:59.0523 0x25f4 LSI_SSS - ok
13:23:59.0616 0x25f4 [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\WINDOWS\System32\lsm.dll
13:23:59.0730 0x25f4 LSM - ok
13:23:59.0761 0x25f4 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
13:23:59.0808 0x25f4 luafv - ok
13:23:59.0839 0x25f4 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
13:23:59.0871 0x25f4 megasas - ok
13:23:59.0949 0x25f4 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
13:24:00.0027 0x25f4 megasr - ok
13:24:00.0074 0x25f4 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
13:24:00.0089 0x25f4 MEIx64 - ok
13:24:00.0136 0x25f4 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\WINDOWS\system32\mmcss.dll
13:24:00.0214 0x25f4 MMCSS - ok
13:24:00.0261 0x25f4 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
13:24:00.0324 0x25f4 Modem - ok
13:24:00.0339 0x25f4 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
13:24:00.0418 0x25f4 monitor - ok
13:24:00.0464 0x25f4 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
13:24:00.0496 0x25f4 mouclass - ok
13:24:00.0527 0x25f4 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
13:24:00.0590 0x25f4 mouhid - ok
13:24:00.0605 0x25f4 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
13:24:00.0636 0x25f4 mountmgr - ok
13:24:00.0652 0x25f4 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
13:24:00.0714 0x25f4 mpsdrv - ok
13:24:00.0808 0x25f4 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
13:24:00.0933 0x25f4 MpsSvc - ok
13:24:00.0980 0x25f4 [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
13:24:01.0074 0x25f4 MRxDAV - ok
13:24:01.0152 0x25f4 [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:24:01.0277 0x25f4 mrxsmb - ok
13:24:01.0308 0x25f4 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
13:24:01.0418 0x25f4 mrxsmb10 - ok
13:24:01.0465 0x25f4 [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
13:24:01.0558 0x25f4 mrxsmb20 - ok
13:24:01.0605 0x25f4 [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
13:24:01.0731 0x25f4 MsBridge - ok
13:24:01.0778 0x25f4 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\WINDOWS\System32\msdtc.exe
13:24:01.0825 0x25f4 MSDTC - ok
13:24:01.0888 0x25f4 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:24:01.0919 0x25f4 Msfs - ok
13:24:01.0966 0x25f4 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
13:24:01.0997 0x25f4 msgpiowin32 - ok
13:24:02.0028 0x25f4 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
13:24:02.0060 0x25f4 mshidkmdf - ok
13:24:02.0075 0x25f4 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
13:24:02.0122 0x25f4 mshidumdf - ok
13:24:02.0169 0x25f4 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
13:24:02.0200 0x25f4 msisadrv - ok
13:24:02.0247 0x25f4 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
13:24:02.0294 0x25f4 MSiSCSI - ok
13:24:02.0310 0x25f4 msiserver - ok
13:24:02.0325 0x25f4 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:24:02.0372 0x25f4 MSKSSRV - ok
13:24:02.0419 0x25f4 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
13:24:02.0466 0x25f4 MsLldp - ok
13:24:02.0482 0x25f4 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:24:02.0528 0x25f4 MSPCLOCK - ok
13:24:02.0560 0x25f4 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
13:24:02.0607 0x25f4 MSPQM - ok
13:24:02.0638 0x25f4 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
13:24:02.0716 0x25f4 MsRPC - ok
13:24:02.0732 0x25f4 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
13:24:02.0763 0x25f4 mssmbios - ok
13:24:02.0778 0x25f4 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
13:24:02.0825 0x25f4 MSTEE - ok
13:24:02.0841 0x25f4 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
13:24:02.0888 0x25f4 MTConfig - ok
13:24:02.0903 0x25f4 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
13:24:02.0935 0x25f4 Mup - ok
13:24:02.0966 0x25f4 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
13:24:02.0997 0x25f4 mvumis - ok
13:24:03.0060 0x25f4 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\WINDOWS\system32\qagentRT.dll
13:24:03.0138 0x25f4 napagent - ok
13:24:03.0216 0x25f4 [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
13:24:03.0310 0x25f4 NativeWifiP - ok
13:24:03.0357 0x25f4 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
13:24:03.0419 0x25f4 NcaSvc - ok
13:24:03.0435 0x25f4 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\WINDOWS\System32\ncbservice.dll
13:24:03.0513 0x25f4 NcbService - ok
13:24:03.0528 0x25f4 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
13:24:03.0622 0x25f4 NcdAutoSetup - ok
13:24:03.0747 0x25f4 [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
13:24:03.0888 0x25f4 NDIS - ok
13:24:03.0904 0x25f4 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
13:24:03.0935 0x25f4 NdisCap - ok
13:24:03.0966 0x25f4 [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
13:24:04.0044 0x25f4 NdisImPlatform - ok
13:24:04.0075 0x25f4 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:24:04.0122 0x25f4 NdisTapi - ok
13:24:04.0154 0x25f4 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:24:04.0185 0x25f4 Ndisuio - ok
13:24:04.0200 0x25f4 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
13:24:04.0247 0x25f4 NdisVirtualBus - ok
13:24:04.0279 0x25f4 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:24:04.0341 0x25f4 NdisWan - ok
13:24:04.0357 0x25f4 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:24:04.0404 0x25f4 NdisWanLegacy - ok
13:24:04.0435 0x25f4 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
13:24:04.0482 0x25f4 NDProxy - ok
13:24:04.0544 0x25f4 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
13:24:04.0591 0x25f4 Ndu - ok
13:24:04.0622 0x25f4 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
13:24:04.0656 0x25f4 NetBIOS - ok
13:24:04.0703 0x25f4 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:24:04.0781 0x25f4 NetBT - ok
13:24:04.0812 0x25f4 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\WINDOWS\system32\lsass.exe
13:24:04.0843 0x25f4 Netlogon - ok
13:24:04.0906 0x25f4 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\WINDOWS\System32\netman.dll
13:24:04.0968 0x25f4 Netman - ok
13:24:05.0031 0x25f4 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
13:24:05.0156 0x25f4 netprofm - ok
13:24:05.0234 0x25f4 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:24:05.0296 0x25f4 NetTcpPortSharing - ok
13:24:05.0328 0x25f4 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
13:24:05.0375 0x25f4 netvsc - ok
13:24:05.0500 0x25f4 [ EB8ACA4B01FE07FD38CF927D04D70148, C81F338837B9C9B09D9B274BF5113CD08EB5FD45FD17299FE7E8CB61D3AD44C3 ] NetworkSupport C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe
13:24:05.0578 0x25f4 NetworkSupport - ok
13:24:05.0656 0x25f4 [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
13:24:05.0734 0x25f4 NlaSvc - ok
13:24:05.0750 0x25f4 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:24:05.0797 0x25f4 Npfs - ok
13:24:05.0844 0x25f4 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
13:24:05.0922 0x25f4 npsvctrig - ok
13:24:05.0953 0x25f4 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\WINDOWS\system32\nsisvc.dll
13:24:06.0016 0x25f4 nsi - ok
13:24:06.0062 0x25f4 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
13:24:06.0109 0x25f4 nsiproxy - ok
13:24:06.0297 0x25f4 [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
13:24:06.0531 0x25f4 Ntfs - ok
13:24:06.0562 0x25f4 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
13:24:06.0609 0x25f4 Null - ok
13:24:06.0656 0x25f4 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
13:24:06.0703 0x25f4 nvraid - ok
13:24:06.0735 0x25f4 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
13:24:06.0781 0x25f4 nvstor - ok
13:24:06.0813 0x25f4 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
13:24:06.0844 0x25f4 nv_agp - ok
13:24:06.0938 0x25f4 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:24:06.0969 0x25f4 ose - ok
13:24:07.0047 0x25f4 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
13:24:07.0156 0x25f4 p2pimsvc - ok
13:24:07.0235 0x25f4 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
13:24:07.0313 0x25f4 p2psvc - ok
13:24:07.0360 0x25f4 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
13:24:07.0422 0x25f4 Parport - ok
13:24:07.0438 0x25f4 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
13:24:07.0485 0x25f4 partmgr - ok
13:24:07.0563 0x25f4 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
13:24:07.0625 0x25f4 PcaSvc - ok
13:24:07.0703 0x25f4 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
13:24:07.0750 0x25f4 pci - ok
13:24:07.0813 0x25f4 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
13:24:07.0828 0x25f4 pciide - ok
13:24:07.0860 0x25f4 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
13:24:07.0906 0x25f4 pcmcia - ok
13:24:07.0922 0x25f4 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
13:24:07.0953 0x25f4 pcw - ok
13:24:07.0969 0x25f4 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
13:24:08.0016 0x25f4 pdc - ok
13:24:08.0094 0x25f4 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
13:24:08.0203 0x25f4 PEAUTH - ok
13:24:08.0391 0x25f4 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
13:24:08.0469 0x25f4 PerfHost - ok
13:24:08.0625 0x25f4 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\WINDOWS\system32\pla.dll
13:24:08.0813 0x25f4 pla - ok
13:24:08.0891 0x25f4 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
13:24:08.0938 0x25f4 PlugPlay - ok
13:24:09.0016 0x25f4 [ 0554C64486399581EC5686CCBB975DFE, 5527ED1456A41B5A1502575DF5400DD88449AF3400BD20E2709C3C20B7198B87 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
13:24:09.0094 0x25f4 PMBDeviceInfoProvider - ok
13:24:09.0157 0x25f4 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
13:24:09.0188 0x25f4 PNRPAutoReg - ok
13:24:09.0250 0x25f4 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
13:24:09.0297 0x25f4 PNRPsvc - ok
13:24:09.0360 0x25f4 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
13:24:09.0438 0x25f4 PolicyAgent - ok
13:24:09.0485 0x25f4 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\WINDOWS\system32\umpo.dll
13:24:09.0563 0x25f4 Power - ok
13:24:09.0845 0x25f4 [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
13:24:10.0142 0x25f4 PrintNotify - ok
13:24:10.0205 0x25f4 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
13:24:10.0251 0x25f4 Processor - ok
13:24:10.0314 0x25f4 [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
13:24:10.0392 0x25f4 ProfSvc - ok
13:24:10.0423 0x25f4 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
13:24:10.0486 0x25f4 Psched - ok
13:24:10.0548 0x25f4 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\WINDOWS\system32\qwave.dll
13:24:10.0611 0x25f4 QWAVE - ok
13:24:10.0658 0x25f4 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
13:24:10.0705 0x25f4 QWAVEdrv - ok
13:24:10.0751 0x25f4 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:24:10.0783 0x25f4 RasAcd - ok
13:24:10.0830 0x25f4 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:24:10.0876 0x25f4 RasAuto - ok
13:24:10.0939 0x25f4 [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:24:11.0048 0x25f4 RasMan - ok
13:24:11.0080 0x25f4 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:24:11.0126 0x25f4 RasPppoe - ok
13:24:11.0205 0x25f4 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:24:11.0376 0x25f4 rdbss - ok
13:24:11.0423 0x25f4 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
13:24:11.0642 0x25f4 rdpbus - ok
13:24:11.0658 0x25f4 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
13:24:11.0720 0x25f4 RDPDR - ok
13:24:11.0767 0x25f4 [ 9F08A6608F98B5407E7DDBCF306573EF, 92812F97CFDB2EC128BC48143DE215B7D012B15D3FB4D2199222AD8C31DA5016 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
13:24:11.0798 0x25f4 RdpVideoMiniport - ok
13:24:11.0814 0x25f4 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
13:24:11.0877 0x25f4 rdyboost - ok
13:24:11.0955 0x25f4 [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
13:24:12.0080 0x25f4 ReFS - ok
13:24:12.0142 0x25f4 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:24:12.0189 0x25f4 RemoteAccess - ok
13:24:12.0252 0x25f4 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
13:24:12.0330 0x25f4 RemoteRegistry - ok
13:24:12.0392 0x25f4 [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
13:24:12.0455 0x25f4 RFCOMM - ok
13:24:12.0502 0x25f4 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
13:24:12.0548 0x25f4 RpcEptMapper - ok
13:24:12.0611 0x25f4 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\WINDOWS\system32\locator.exe
13:24:12.0642 0x25f4 RpcLocator - ok
13:24:12.0736 0x25f4 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\WINDOWS\system32\rpcss.dll
13:24:12.0830 0x25f4 RpcSs - ok
13:24:12.0892 0x25f4 [ FD2F7ABB0B3C777CDC9D342CADBF0131, 8C7D8C753E100B8B005FF089299062448E5FEE88E84E4CE9E050CE3F2AAC5BCB ] RSPCIESTOR C:\WINDOWS\system32\DRIVERS\RtsPStor.sys
13:24:12.0939 0x25f4 RSPCIESTOR - ok
13:24:12.0986 0x25f4 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
13:24:13.0033 0x25f4 rspndr - ok
13:24:13.0142 0x25f4 [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
13:24:13.0236 0x25f4 RTL8168 - ok
13:24:13.0267 0x25f4 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
13:24:13.0298 0x25f4 s3cap - ok
13:24:13.0345 0x25f4 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\WINDOWS\system32\lsass.exe
13:24:13.0377 0x25f4 SamSs - ok
13:24:13.0439 0x25f4 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
13:24:13.0470 0x25f4 sbp2port - ok
13:24:13.0533 0x25f4 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
13:24:13.0595 0x25f4 SCardSvr - ok
13:24:13.0611 0x25f4 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
13:24:13.0671 0x25f4 ScDeviceEnum - ok
13:24:13.0733 0x25f4 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
13:24:13.0764 0x25f4 scfilter - ok
13:24:13.0889 0x25f4 [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:24:14.0077 0x25f4 Schedule - ok
13:24:14.0139 0x25f4 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
13:24:14.0186 0x25f4 SCPolicySvc - ok
13:24:14.0233 0x25f4 [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
13:24:14.0296 0x25f4 sdbus - ok
13:24:14.0311 0x25f4 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
13:24:14.0343 0x25f4 sdstor - ok
13:24:14.0405 0x25f4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
13:24:14.0452 0x25f4 secdrv - ok
13:24:14.0499 0x25f4 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\WINDOWS\system32\seclogon.dll
13:24:14.0546 0x25f4 seclogon - ok
13:24:14.0577 0x25f4 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\WINDOWS\System32\sens.dll
13:24:14.0639 0x25f4 SENS - ok
13:24:14.0671 0x25f4 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
13:24:14.0796 0x25f4 SensrSvc - ok
13:24:14.0843 0x25f4 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
13:24:14.0874 0x25f4 SerCx - ok
13:24:14.0905 0x25f4 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
13:24:14.0936 0x25f4 SerCx2 - ok
13:24:14.0968 0x25f4 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
13:24:14.0999 0x25f4 Serenum - ok
13:24:15.0014 0x25f4 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
13:24:15.0061 0x25f4 Serial - ok
13:24:15.0093 0x25f4 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
13:24:15.0124 0x25f4 sermouse - ok
13:24:15.0202 0x25f4 [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
13:24:15.0296 0x25f4 SessionEnv - ok
13:24:15.0327 0x25f4 [ 415B1326C40A2E1F251A3845B9C7DF31, D7BD668962B71DC3877366EB0C0BD5CDB1FF564A5866EE58DB90838D78227AD6 ] SFEP C:\WINDOWS\System32\drivers\SFEP.sys
13:24:15.0389 0x25f4 SFEP - ok
13:24:15.0421 0x25f4 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
13:24:15.0452 0x25f4 sfloppy - ok
13:24:15.0530 0x25f4 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:24:15.0624 0x25f4 SharedAccess - ok
13:24:15.0736 0x25f4 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:24:15.0861 0x25f4 ShellHWDetection - ok
13:24:15.0908 0x25f4 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
13:24:15.0939 0x25f4 SiSRaid2 - ok
13:24:15.0970 0x25f4 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
13:24:16.0001 0x25f4 SiSRaid4 - ok
13:24:16.0064 0x25f4 [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:24:16.0095 0x25f4 SkypeUpdate - ok
13:24:16.0142 0x25f4 [ 31EB63D59A3B097E12D07FAFD2D7A959, 8C0FC4123CB818C6C22C25C8A305B6ABC299E063C68ECA537F7D152AB932C97C ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
13:24:16.0157 0x25f4 SmbDrvI - ok
13:24:16.0204 0x25f4 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\WINDOWS\System32\smphost.dll
13:24:16.0282 0x25f4 smphost - ok
13:24:16.0329 0x25f4 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
13:24:16.0376 0x25f4 SNMPTRAP - ok
13:24:16.0517 0x25f4 [ CC7041283CE3AEC7912636F0918B5A37, E08E7AC7F84E1B7243BA9E4F75E35F26DEEB8F319AE4EF5488A007F396498987 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
13:24:16.0533 0x25f4 SOHCImp - ok
13:24:16.0595 0x25f4 [ F318A96C1B42215F8A03D4325AB977AD, 21A97928B16F794E8E028A3F5B1D81180EC3884BEBD3D2B24E48D4A30BB13B72 ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
13:24:16.0658 0x25f4 SOHDms - ok
13:24:16.0673 0x25f4 [ 91B5B1FEC3F396A99C2AC3C37ACF84D0, 8FD5D3617ADAA9525DFBDFFF768A36F5C44C05ABA44C784B4A24B8B2A6586913 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
13:24:16.0689 0x25f4 SOHDs - ok
13:24:16.0720 0x25f4 [ AA0F913B69BCEC9655ECAAA2312B29D9, 655D6E5B36ABC1C632096243F7FF55C4168A2009A5A43C8FDA5EFA67F972ADF3 ] SOWS C:\WINDOWS\System32\drivers\sows.sys
13:24:16.0798 0x25f4 SOWS - ok
13:24:16.0876 0x25f4 [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
13:24:16.0939 0x25f4 spaceport - ok
13:24:16.0986 0x25f4 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
13:24:17.0017 0x25f4 SpbCx - ok
13:24:17.0111 0x25f4 [ C03E480E63A80D73FABE28D24D3B6B47, F8C68DC63A5492587F9343158348ADD99A99AF34DC7ED29E5562EE90C0AB8F25 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
13:24:17.0173 0x25f4 SpfService - ok
13:24:17.0267 0x25f4 [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler C:\WINDOWS\System32\spoolsv.exe
13:24:17.0392 0x25f4 Spooler - ok
13:24:17.0923 0x25f4 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
13:24:18.0611 0x25f4 sppsvc - ok
13:24:18.0720 0x25f4 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:24:18.0830 0x25f4 srv - ok
13:24:18.0892 0x25f4 [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
13:24:18.0986 0x25f4 srv2 - ok
13:24:19.0048 0x25f4 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
13:24:19.0111 0x25f4 srvnet - ok
13:24:19.0173 0x25f4 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:24:19.0236 0x25f4 SSDPSRV - ok
13:24:19.0283 0x25f4 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
13:24:19.0345 0x25f4 SstpSvc - ok
13:24:19.0392 0x25f4 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
13:24:19.0424 0x25f4 stexstor - ok
13:24:19.0517 0x25f4 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\WINDOWS\System32\wiaservc.dll
13:24:19.0689 0x25f4 stisvc - ok
13:24:19.0736 0x25f4 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
13:24:19.0767 0x25f4 storahci - ok
13:24:19.0783 0x25f4 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
13:24:19.0830 0x25f4 storflt - ok
13:24:19.0845 0x25f4 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
13:24:19.0877 0x25f4 stornvme - ok
13:24:19.0908 0x25f4 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\WINDOWS\system32\storsvc.dll
13:24:20.0002 0x25f4 StorSvc - ok
13:24:20.0033 0x25f4 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
13:24:20.0080 0x25f4 storvsc - ok
13:24:20.0127 0x25f4 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\WINDOWS\system32\svsvc.dll
13:24:20.0189 0x25f4 svsvc - ok
13:24:20.0205 0x25f4 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
13:24:20.0220 0x25f4 swenum - ok
13:24:20.0330 0x25f4 [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\WINDOWS\System32\swprv.dll
13:24:20.0486 0x25f4 swprv - ok
13:24:20.0564 0x25f4 [ 059AA9D476A71CCE202B023226B40C4A, 080F413ECB7AE1638EC99B0C5574285AC64621126C6BF1F71450A344C5BAC2C5 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
13:24:20.0611 0x25f4 SynTP - ok
13:24:20.0736 0x25f4 [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\WINDOWS\system32\sysmain.dll
13:24:20.0877 0x25f4 SysMain - ok
13:24:20.0924 0x25f4 [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
13:24:21.0002 0x25f4 SystemEventsBroker - ok
13:24:21.0049 0x25f4 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
13:24:21.0111 0x25f4 TabletInputService - ok
13:24:21.0143 0x25f4 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:24:21.0221 0x25f4 TapiSrv - ok
13:24:21.0424 0x25f4 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
13:24:21.0705 0x25f4 Tcpip - ok
13:24:21.0908 0x25f4 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:24:22.0158 0x25f4 TCPIP6 - ok
13:24:22.0221 0x25f4 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
13:24:22.0315 0x25f4 tcpipreg - ok
13:24:22.0346 0x25f4 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
13:24:22.0408 0x25f4 tdx - ok
13:24:22.0455 0x25f4 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
13:24:22.0486 0x25f4 terminpt - ok
13:24:22.0596 0x25f4 [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService C:\WINDOWS\System32\termsrv.dll
13:24:22.0736 0x25f4 TermService - ok
13:24:22.0783 0x25f4 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\WINDOWS\system32\themeservice.dll
13:24:22.0846 0x25f4 Themes - ok
13:24:22.0893 0x25f4 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
13:24:22.0924 0x25f4 THREADORDER - ok
13:24:22.0986 0x25f4 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
13:24:23.0033 0x0f28 Object required for P2P: [ 131F1C8573E7BFB41C54FBF5309CCD94 ] BthEnum
13:24:23.0065 0x25f4 TimeBroker - ok
13:24:23.0111 0x25f4 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
13:24:23.0158 0x25f4 TPM - ok
13:24:23.0205 0x25f4 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\WINDOWS\System32\trkwks.dll
13:24:23.0252 0x25f4 TrkWks - ok
13:24:23.0330 0x25f4 [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
13:24:23.0424 0x25f4 TrustedInstaller - ok
13:24:23.0440 0x25f4 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
13:24:23.0502 0x25f4 TsUsbFlt - ok
13:24:23.0549 0x25f4 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
13:24:23.0580 0x25f4 TsUsbGD - ok
13:24:23.0627 0x25f4 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
13:24:23.0674 0x25f4 tunnel - ok
13:24:23.0721 0x25f4 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
13:24:23.0752 0x25f4 uagp35 - ok
13:24:23.0768 0x25f4 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
13:24:23.0799 0x25f4 UASPStor - ok
13:24:23.0846 0x25f4 [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
13:24:23.0893 0x25f4 UCX01000 - ok
13:24:23.0924 0x25f4 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
13:24:24.0002 0x25f4 udfs - ok
13:24:24.0034 0x25f4 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
13:24:24.0065 0x25f4 UEFI - ok
13:24:24.0112 0x25f4 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
13:24:24.0174 0x25f4 UI0Detect - ok
13:24:24.0190 0x25f4 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
13:24:24.0221 0x25f4 uliagpkx - ok
13:24:24.0252 0x25f4 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
13:24:24.0284 0x25f4 umbus - ok
13:24:24.0331 0x25f4 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
13:24:24.0362 0x25f4 UmPass - ok
13:24:24.0424 0x25f4 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
13:24:24.0487 0x25f4 UmRdpService - ok
13:24:24.0581 0x25f4 [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:24:24.0627 0x25f4 UNS - ok
13:24:24.0690 0x25f4 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\WINDOWS\System32\upnphost.dll
13:24:24.0784 0x25f4 upnphost - ok
13:24:24.0815 0x25f4 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
13:24:24.0893 0x25f4 USBAAPL64 - ok
13:24:24.0940 0x25f4 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
13:24:24.0987 0x25f4 usbccgp - ok
13:24:25.0081 0x25f4 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
13:24:25.0112 0x25f4 usbcir - ok
13:24:25.0159 0x25f4 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
13:24:25.0190 0x25f4 usbehci - ok
13:24:25.0268 0x25f4 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
13:24:25.0346 0x25f4 usbhub - ok
13:24:25.0409 0x25f4 [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
13:24:25.0487 0x25f4 USBHUB3 - ok
13:24:25.0534 0x0f28 Object send P2P result: true
13:24:25.0549 0x0f28 Object required for P2P: [ 08BFE413B0B4AA8DFA4B5684CE06D3DC ] iaStorAV
13:24:25.0549 0x25f4 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
13:24:25.0768 0x25f4 usbohci - ok
13:24:25.0815 0x25f4 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
13:24:25.0924 0x25f4 usbprint - ok
13:24:25.0971 0x25f4 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
13:24:26.0018 0x25f4 USBSTOR - ok
13:24:26.0049 0x25f4 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
13:24:26.0127 0x25f4 usbuhci - ok
13:24:26.0190 0x25f4 [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
13:24:26.0237 0x25f4 usbvideo - ok
13:24:26.0315 0x25f4 [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
13:24:26.0377 0x25f4 USBXHCI - ok
13:24:26.0440 0x25f4 [ A3C75F5220CAB16A29784433DC241A5B, A9F283114388D02AD20298B7C74367E70FE457FF03B9544A00DBB8A45C68965F ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
13:24:26.0456 0x25f4 VAIO Event Service - ok
13:24:26.0549 0x25f4 [ 8EF62038EBD54C240486A36F9259C64A, D2EA5718C13D5E62DCA06013E67E651847172950ED7ED7CA7C25CC8422D54260 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
13:24:26.0612 0x25f4 VAIO Power Management - ok
13:24:26.0627 0x25f4 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\WINDOWS\system32\lsass.exe
13:24:26.0666 0x25f4 VaultSvc - ok
13:24:26.0807 0x25f4 [ 5B9E9B509770422967D2126E7D4F01EA, 085FCD962AA02144C13F352A0E2DC0B2F3D5C6C22485101DB8E83920DCB23C0B ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
13:24:26.0932 0x25f4 VCFw - ok
13:24:26.0963 0x25f4 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
13:24:26.0995 0x25f4 vdrvroot - ok
13:24:27.0120 0x25f4 [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\WINDOWS\System32\vds.exe
13:24:27.0291 0x25f4 vds - ok
13:24:27.0338 0x25f4 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
13:24:27.0385 0x25f4 VerifierExt - ok
13:24:27.0448 0x25f4 [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
13:24:27.0541 0x25f4 vhdmp - ok
13:24:27.0557 0x25f4 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
13:24:27.0573 0x25f4 viaide - ok
13:24:27.0604 0x25f4 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
13:24:27.0635 0x25f4 vmbus - ok
13:24:27.0666 0x25f4 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
13:24:27.0682 0x25f4 VMBusHID - ok
13:24:27.0760 0x25f4 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
13:24:27.0838 0x25f4 vmicguestinterface - ok
13:24:27.0885 0x25f4 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
13:24:27.0963 0x25f4 vmicheartbeat - ok
13:24:28.0010 0x0f28 Object send P2P result: true
13:24:28.0010 0x25f4 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
13:24:28.0026 0x0f28 Object required for P2P: [ E2C39E0FF41CAB5FA94CEFF7EA664103 ] KLIF
13:24:28.0088 0x25f4 vmickvpexchange - ok
13:24:28.0135 0x25f4 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
13:24:28.0198 0x25f4 vmicrdv - ok
13:24:28.0245 0x25f4 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
13:24:28.0307 0x25f4 vmicshutdown - ok
13:24:28.0354 0x25f4 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
13:24:28.0432 0x25f4 vmictimesync - ok
13:24:28.0479 0x25f4 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
13:24:28.0541 0x25f4 vmicvss - ok
13:24:28.0588 0x25f4 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
13:24:28.0620 0x25f4 volmgr - ok
13:24:28.0651 0x25f4 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
13:24:28.0716 0x25f4 volmgrx - ok
13:24:28.0794 0x25f4 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
13:24:28.0857 0x25f4 volsnap - ok
13:24:28.0888 0x25f4 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
13:24:28.0919 0x25f4 vpci - ok
13:24:28.0997 0x25f4 [ 6C60B5B5E6510BBC0CC3BA78722E8C80, F9E445566C314FF2F22382C051A090083741E86986729E905F07767DD9B84ABE ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
13:24:29.0060 0x25f4 vpnagent - ok
13:24:29.0122 0x25f4 [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva C:\WINDOWS\system32\DRIVERS\vpnva64-6.sys
13:24:29.0138 0x25f4 vpnva - ok
13:24:29.0232 0x25f4 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
13:24:29.0263 0x25f4 vsmraid - ok
13:24:29.0388 0x25f4 [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\WINDOWS\system32\vssvc.exe
13:24:29.0560 0x25f4 VSS - ok
13:24:29.0591 0x25f4 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
13:24:29.0654 0x25f4 VSTXRAID - ok
13:24:29.0794 0x25f4 [ C1FAE2E81955DCCD79034A23EC4F3F37, 61B6477C6068B5542D3EE9C6336FBD7589F1CFFD3E850473A539619033533286 ] VUAgent C:\Program Files\Sony\VAIO Update\vuagent.exe
13:24:29.0982 0x25f4 VUAgent - ok
13:24:30.0076 0x25f4 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
13:24:30.0247 0x25f4 vwifibus - ok
13:24:30.0279 0x25f4 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
13:24:30.0326 0x25f4 vwififlt - ok
13:24:30.0341 0x25f4 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
13:24:30.0372 0x25f4 vwifimp - ok
13:24:30.0435 0x0f28 Object send P2P result: true
13:24:30.0451 0x0f28 Object required for P2P: [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64
13:24:30.0466 0x25f4 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\WINDOWS\system32\w32time.dll
13:24:30.0544 0x25f4 W32Time - ok
13:24:30.0576 0x25f4 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
13:24:30.0607 0x25f4 WacomPen - ok
13:24:30.0748 0x25f4 [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\WINDOWS\system32\wbengine.exe
13:24:30.0935 0x25f4 wbengine - ok
13:24:31.0013 0x25f4 [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
13:24:31.0154 0x25f4 WbioSrvc - ok
13:24:31.0185 0x25f4 [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
13:24:31.0263 0x25f4 Wcmsvc - ok
13:24:31.0310 0x25f4 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
13:24:31.0435 0x25f4 wcncsvc - ok
13:24:31.0467 0x25f4 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
13:24:31.0592 0x25f4 WcsPlugInService - ok
13:24:31.0623 0x25f4 [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
13:24:31.0638 0x25f4 WdBoot - ok
13:24:31.0732 0x25f4 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
13:24:31.0842 0x25f4 Wdf01000 - ok
13:24:31.0888 0x25f4 [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
13:24:31.0935 0x25f4 WdFilter - ok
13:24:31.0982 0x25f4 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
13:24:32.0045 0x25f4 WdiServiceHost - ok
13:24:32.0060 0x25f4 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
13:24:32.0123 0x25f4 WdiSystemHost - ok
13:24:32.0154 0x25f4 [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
13:24:32.0201 0x25f4 WdNisDrv - ok
13:24:32.0248 0x25f4 WdNisSvc - ok
13:24:32.0326 0x25f4 [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient C:\WINDOWS\System32\webclnt.dll
13:24:32.0404 0x25f4 WebClient - ok
13:24:32.0451 0x25f4 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
13:24:32.0513 0x25f4 Wecsvc - ok
13:24:32.0529 0x25f4 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
13:24:32.0576 0x25f4 WEPHOSTSVC - ok
13:24:32.0592 0x25f4 [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
13:24:32.0701 0x25f4 wercplsupport - ok
13:24:32.0717 0x25f4 [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
13:24:32.0779 0x25f4 WerSvc - ok
13:24:32.0826 0x25f4 [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
13:24:32.0873 0x25f4 WFPLWFS - ok
13:24:32.0889 0x0f28 Object send P2P result: true
13:24:32.0920 0x0f28 Object required for P2P: [ 19764658C1468C2C0CEF133D28414A6B ] RTL8168
13:24:32.0936 0x25f4 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
13:24:32.0967 0x25f4 WiaRpc - ok
13:24:32.0983 0x25f4 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
13:24:33.0014 0x25f4 WIMMount - ok
13:24:33.0029 0x25f4 WinDefend - ok
13:24:33.0139 0x25f4 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
13:24:33.0295 0x25f4 WinHttpAutoProxySvc - ok
13:24:33.0373 0x25f4 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:24:33.0436 0x25f4 Winmgmt - ok
13:24:33.0623 0x25f4 [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
13:24:33.0936 0x25f4 WinRM - ok
13:24:33.0998 0x25f4 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
13:24:34.0045 0x25f4 WinUsb - ok
13:24:34.0186 0x25f4 [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
13:24:34.0358 0x25f4 WlanSvc - ok
13:24:34.0514 0x25f4 [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
13:24:34.0702 0x25f4 wlidsvc - ok
13:24:34.0733 0x25f4 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
13:24:34.0764 0x25f4 WmiAcpi - ok
13:24:34.0827 0x25f4 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
13:24:34.0920 0x25f4 wmiApSrv - ok
13:24:34.0952 0x25f4 WMPNetworkSvc - ok
13:24:35.0014 0x25f4 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
13:24:35.0045 0x25f4 Wof - ok
13:24:35.0264 0x25f4 [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
13:24:35.0389 0x0f28 Object send P2P result: true
13:24:35.0389 0x0f28 Object required for P2P: [ 0ED2E318ABB68C1A35A8B8038BDB4C90 ] storahci
13:24:35.0514 0x25f4 workfolderssvc - ok
13:24:35.0561 0x25f4 [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
13:24:35.0592 0x25f4 wpcfltr - ok
13:24:35.0639 0x25f4 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
13:24:35.0702 0x25f4 WPCSvc - ok
13:24:35.0749 0x25f4 [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
13:24:35.0811 0x25f4 WPDBusEnum - ok
13:24:35.0842 0x25f4 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
13:24:35.0874 0x25f4 WpdUpFltr - ok
13:24:35.0905 0x25f4 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
13:24:35.0952 0x25f4 ws2ifsl - ok
13:24:35.0999 0x25f4 [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\WINDOWS\System32\wscsvc.dll
13:24:36.0092 0x25f4 wscsvc - ok
13:24:36.0124 0x25f4 [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
13:24:36.0155 0x25f4 WSDPrintDevice - ok
13:24:36.0171 0x25f4 WSearch - ok
13:24:36.0452 0x25f4 [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\WINDOWS\System32\WSService.dll
13:24:36.0858 0x25f4 WSService - ok
13:24:37.0171 0x25f4 [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
13:24:37.0561 0x25f4 wuauserv - ok
13:24:37.0608 0x25f4 [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
13:24:37.0681 0x25f4 WudfPf - ok
13:24:37.0710 0x25f4 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
13:24:37.0757 0x25f4 WUDFRd - ok
13:24:37.0773 0x25f4 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:24:37.0819 0x25f4 WUDFSensorLP - ok
13:24:37.0835 0x25f4 [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
13:24:37.0851 0x0f28 Object send P2P result: true
13:24:37.0882 0x25f4 wudfsvc - ok
13:24:37.0913 0x25f4 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:24:37.0944 0x25f4 WUDFWpdFs - ok
13:24:37.0976 0x25f4 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:24:38.0023 0x25f4 WUDFWpdMtp - ok
13:24:38.0085 0x25f4 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
13:24:38.0179 0x25f4 WwanSvc - ok
13:24:38.0257 0x25f4 [ 03CD249A16CF815FFFD347DC61EF9E6D, 3DE860B1BACF3F1D48B773FD6F4E25977F5193F01897278AED6CD276595356CE ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
13:24:38.0288 0x25f4 ZAtheros Bt and Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
13:24:40.0710 0x25f4 Detect skipped due to KSN trusted
13:24:40.0710 0x25f4 ZAtheros Bt and Wlan Coex Agent - ok
13:24:40.0741 0x25f4 ================ Scan global ===============================
13:24:40.0820 0x25f4 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
13:24:40.0882 0x25f4 [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
13:24:40.0929 0x25f4 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
13:24:41.0007 0x25f4 [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
13:24:41.0038 0x25f4 [ Global ] - ok
13:24:41.0038 0x25f4 ================ Scan MBR ==================================
13:24:41.0054 0x25f4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:24:41.0335 0x25f4 \Device\Harddisk0\DR0 - ok
13:24:41.0335 0x25f4 ================ Scan VBR ==================================
13:24:41.0398 0x25f4 [ CD6192E5A41B2D4D6F052F8971F19691 ] \Device\Harddisk0\DR0\Partition1
13:24:41.0413 0x25f4 \Device\Harddisk0\DR0\Partition1 - ok
13:24:41.0413 0x25f4 [ CAFA10D947E4A681ADAD52A972828258 ] \Device\Harddisk0\DR0\Partition2
13:24:41.0429 0x25f4 \Device\Harddisk0\DR0\Partition2 - ok
13:24:41.0445 0x25f4 [ 83DFAE6BD1A9E7051301DA7BA79CBF5A ] \Device\Harddisk0\DR0\Partition3
13:24:41.0460 0x25f4 \Device\Harddisk0\DR0\Partition3 - ok
13:24:41.0476 0x25f4 [ CA139E4C6472338501A1B6ACD959D7E8 ] \Device\Harddisk0\DR0\Partition4
13:24:41.0476 0x25f4 \Device\Harddisk0\DR0\Partition4 - ok
13:24:41.0491 0x25f4 [ FF14D928CB4AA87330E35E21BEFCD0AA ] \Device\Harddisk0\DR0\Partition5
13:24:41.0507 0x25f4 \Device\Harddisk0\DR0\Partition5 - ok
13:24:41.0538 0x25f4 [ 4BBEA4F1DCFA237F19487E739A4E5156 ] \Device\Harddisk0\DR0\Partition6
13:24:41.0570 0x25f4 \Device\Harddisk0\DR0\Partition6 - ok
13:24:41.0585 0x25f4 [ 347065496804F270C39AC6CA00F8D340 ] \Device\Harddisk0\DR0\Partition7
13:24:41.0601 0x25f4 \Device\Harddisk0\DR0\Partition7 - ok
13:24:41.0601 0x25f4 ================ Scan generic autorun ======================
13:24:41.0741 0x25f4 [ 5E53A66C680A06E26B1234CB0C3CD99B, D782E724FF487459704BFA2BC5BA5E6E7E85BC9D71ECF68BE78F9C74449EB207 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
13:24:41.0851 0x25f4 RtHDVBg - ok
13:24:41.0929 0x25f4 [ B1DBF4838F7B264AA4A0B7D6B7BA67EA, 4E235190F210FE42164C2F10B843F4ED33E96CD37191A8D2B50258B5456E5BF0 ] C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
13:24:41.0991 0x25f4 BtTray - ok
13:24:42.0023 0x25f4 [ 1AFC9A70826B988EFC013F75F43A8E6E, D962378513CA2C9CF5F55869A11298E9D228B87A8F5916DA4B829F4ABC271BC0 ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
13:24:42.0038 0x25f4 BtvStack - ok
13:24:42.0085 0x25f4 [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\Windows\system32\rundll32.exe
13:24:42.0148 0x25f4 Logitech Download Assistant - ok
13:24:42.0148 0x25f4 SynTPEnh - ok
13:24:42.0257 0x25f4 [ 081E2D5A7875895A4A857B3DA8335695, 48D7968F2B6397B4090C4D6DCB3288041A92BF8207CD4AE807E66BCFC7DC7466 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
13:24:42.0351 0x25f4 StartCCC - ok
13:24:42.0382 0x25f4 [ 2E2F360FF158A67F8128EFAAF974189C, 5EDAAF7CCF381B5E767030F2DC52C37F972C4EA36F33BD7D9C422F74AF232DDD ] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
13:24:42.0413 0x25f4 ISBMgr.exe - ok
13:24:42.0507 0x25f4 [ 717CECF8A6F55295A2A8B9ED4C64D800, DFB90D541F7EC5E23159B31E1E103DA4418B121E8C384CE054111A5FAFFE3CD5 ] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
13:24:42.0585 0x25f4 PMBVolumeWatcher - ok
13:24:42.0663 0x25f4 [ 0C18568BE622D14A796AC683B88425DE, B2BFE014A0D8D09DAF3E05A42951838683C95DAD3943C21DDC0C3DB231F9C02F ] c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
13:24:42.0679 0x25f4 Adobe Reader Speed Launcher - ok
13:24:42.0789 0x25f4 [ 48BE298F7FD1BEF4D8FBACB04D8D95C4, D375B3F6E850E4B0EC81BAA0E554C356BE2248AA77C6C56F5267CA05460FE4EB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:24:42.0883 0x25f4 Adobe ARM - ok
13:24:42.0929 0x25f4 [ D5AA702664BA73DF84AC5C7FCA0C1C18, 246AFF395F08C202498224E7F20DC9E769E61B7E234EBFE207758AD805AA7B9E ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
13:24:42.0961 0x25f4 Intel AppUp(SM) center - ok
13:24:43.0039 0x25f4 [ 09E60B4FE341A94A300830C008907099, 5F07868953FAA8FFA9E6477F6BAC52DEEDF3EA4A3F8AF5B4E15878D8240223AB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
13:24:43.0054 0x25f4 APSDaemon - ok
13:24:43.0133 0x25f4 [ 21EF7690E40D0749302785BE795D3374, A84E15AF1D0D8D32AE5B24F6A210A106453A695EF0E8C65DE9E86518397EEE1C ] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe
13:24:43.0179 0x25f4 AVP - ok
13:24:43.0242 0x25f4 [ 887CAA31048EB8ED09A0CBD0E6F46F09, BBCED0BD4EB00C3FECFC9448223D4C441A868787877291F5489B07B43FAB65A4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13:24:43.0304 0x25f4 SunJavaUpdateSched - ok
13:24:43.0336 0x25f4 [ 4DDC9B851FFCA263272B1BFF99B53C82, F2B28072C639A29CB40863EFBD5790422CC1A043E700558E9E6A2302B8A670FB ] C:\Program Files (x86)\PDF24\pdf24.exe
13:24:43.0383 0x25f4 PDFPrint - ok
13:24:43.0445 0x25f4 [ F7D9D141F9C64EDA38294710E9450F3C, 95267ACE721E8C3C7CE35AE1FE294CF13AE0485743F209A4E42085B0ACE435CB ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
13:24:43.0508 0x25f4 Cisco AnyConnect Secure Mobility Agent for Windows - ok
13:24:43.0570 0x25f4 [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
13:24:43.0586 0x25f4 iTunesHelper - ok
13:24:43.0680 0x25f4 [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
13:24:43.0726 0x25f4 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
13:24:46.0149 0x25f4 Detect skipped due to KSN trusted
13:24:46.0149 0x25f4 QuickTime Task - ok
13:24:46.0509 0x25f4 [ 96C63502BC3C1F8394C5535ACB526FCD, 862C2668260C27E606EE6D59BDD4B729597EC2BF6CB642F4F85CB96C3383C3E7 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
13:24:46.0806 0x25f4 LogMeIn Hamachi Ui - ok
13:24:48.0313 0x25f4 [ 58920E6A409046BA06548D9D139CE0F0, 73FB33F5A76A3445C494482D520448EE02C0B1B7D3DD2E97BE3A9B15F89C5911 ] C:\Program Files (x86)\Skype\Phone\Skype.exe
13:24:48.0626 0x14e4 Object required for P2P: [ AC263C2F66405589528995AA41040599 ] WinUsb
13:24:50.0111 0x25f4 Skype - ok
13:24:50.0158 0x25f4 Waiting for KSN requests completion. In queue: 41
13:24:51.0158 0x14e4 Object send P2P result: true
13:24:51.0173 0x25f4 Waiting for KSN requests completion. In queue: 2
13:24:52.0189 0x25f4 Waiting for KSN requests completion. In queue: 2
13:24:52.0580 0x1194 Object required for P2P: [ 96C63502BC3C1F8394C5535ACB526FCD ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
13:24:53.0205 0x25f4 Waiting for KSN requests completion. In queue: 1
13:24:54.0205 0x25f4 Waiting for KSN requests completion. In queue: 1
13:24:55.0221 0x25f4 Waiting for KSN requests completion. In queue: 1
13:24:55.0362 0x1194 Object send P2P result: true
13:24:56.0487 0x25f4 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\wmiav.exe ( 13.0.1.4190 ), 0x41000 ( enabled : updated )
13:24:56.0502 0x25f4 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
13:24:56.0534 0x25f4 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\wmifw.exe ( 13.0.1.4190 ), 0x41010 ( enabled )
13:24:58.0893 0x25f4 ============================================================
13:24:58.0893 0x25f4 Scan finished
13:24:58.0893 0x25f4 ============================================================
13:24:58.0909 0x0574 Detected object count: 0
13:24:58.0909 0x0574 Actual detected object count: 0
13:25:19.0867 0x0e6c Deinitialize success
|
|
08.02.2015, 14:25
| #10 |
| | Telekom Abuse Team: "Virus/Trojaner infiziert" PC #2: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.08.3.1004
www.malwarebytes.org
Database version:
main: v2015.02.08.04
rootkit: v2015.02.03.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17498
Pascal :: PASCAL [administrator]
08.02.2015 13:42:50
mbar-log-2015-02-08 (13-42-50).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 425178
Time elapsed: 32 minute(s), 37 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 14:21:20.0249 0x6b5c TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
14:21:20.0249 0x6b5c UEFI system
14:21:22.0702 0x6b5c ============================================================
14:21:22.0702 0x6b5c Current date / time: 2015/02/08 14:21:22.0702
14:21:22.0702 0x6b5c SystemInfo:
14:21:22.0702 0x6b5c
14:21:22.0702 0x6b5c OS Version: 6.3.9600 ServicePack: 0.0
14:21:22.0702 0x6b5c Product type: Workstation
14:21:22.0702 0x6b5c ComputerName: PASCAL
14:21:22.0702 0x6b5c UserName: Pascal
14:21:22.0702 0x6b5c Windows directory: C:\WINDOWS
14:21:22.0702 0x6b5c System windows directory: C:\WINDOWS
14:21:22.0702 0x6b5c Running under WOW64
14:21:22.0702 0x6b5c Processor architecture: Intel x64
14:21:22.0702 0x6b5c Number of processors: 4
14:21:22.0702 0x6b5c Page size: 0x1000
14:21:22.0702 0x6b5c Boot type: Normal boot
14:21:22.0702 0x6b5c ============================================================
14:21:23.0582 0x6b5c KLMD registered as C:\WINDOWS\system32\drivers\82070445.sys
14:21:24.0338 0x6b5c System UUID: {009A6443-8DC2-D885-3285-4A41E4FA86C9}
14:21:25.0061 0x6b5c Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:21:25.0081 0x6b5c ============================================================
14:21:25.0081 0x6b5c \Device\Harddisk0\DR0:
14:21:25.0081 0x6b5c GPT partitions:
14:21:25.0082 0x6b5c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E3311534-6F40-498E-B5A9-45A2CDE2FFB5}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1FF800
14:21:25.0082 0x6b5c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {EE53C636-414F-4CF9-8FE6-864FBA71D947}, Name: EFI system partition, StartLBA 0x200000, BlocksNum 0xB4000
14:21:25.0082 0x6b5c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {BFCDA56C-FEB1-4FC9-A9D5-87C9A973DDBF}, Name: Microsoft reserved partition, StartLBA 0x2B4000, BlocksNum 0x40000
14:21:25.0082 0x6b5c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {417F68DF-AB2A-46A4-B56B-D4FCA7B12922}, Name: Basic data partition, StartLBA 0x2F4000, BlocksNum 0x72851000
14:21:25.0082 0x6b5c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5888D87A-02CE-40C7-A973-01983687AD7C}, Name: , StartLBA 0x72B45000, BlocksNum 0xE1000
14:21:25.0082 0x6b5c \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {753C45CC-1823-4480-BBC5-F79F5DE7073E}, Name: Basic data partition, StartLBA 0x72C26000, BlocksNum 0x1ADE000
14:21:25.0082 0x6b5c MBR partitions:
14:21:25.0082 0x6b5c ============================================================
14:21:25.0110 0x6b5c C: <-> \Device\Harddisk0\DR0\Partition4
14:21:25.0152 0x6b5c D: <-> \Device\Harddisk0\DR0\Partition6
14:21:25.0152 0x6b5c ============================================================
14:21:25.0152 0x6b5c Initialize success
14:21:25.0152 0x6b5c ============================================================
14:21:31.0624 0x6748 ============================================================
14:21:31.0624 0x6748 Scan started
14:21:31.0624 0x6748 Mode: Manual; SigCheck; TDLFS;
14:21:31.0624 0x6748 ============================================================
14:21:31.0624 0x6748 KSN ping started
14:21:34.0003 0x6748 KSN ping finished: true
14:21:36.0739 0x6748 ================ Scan system memory ========================
14:21:36.0739 0x6748 System memory - ok
14:21:36.0740 0x6748 ================ Scan services =============================
14:21:36.0942 0x6748 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
14:21:37.0142 0x6748 1394ohci - ok
14:21:37.0178 0x6748 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
14:21:37.0191 0x6748 3ware - ok
14:21:37.0278 0x6748 [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
14:21:37.0308 0x6748 ACPI - ok
14:21:37.0320 0x6748 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
14:21:37.0328 0x6748 acpiex - ok
14:21:37.0382 0x6748 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
14:21:37.0410 0x6748 acpipagr - ok
14:21:37.0459 0x6748 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
14:21:37.0539 0x6748 AcpiPmi - ok
14:21:37.0541 0x6748 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
14:21:37.0556 0x6748 acpitime - ok
14:21:37.0580 0x6748 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
14:21:37.0600 0x6748 ADP80XX - ok
14:21:37.0663 0x6748 [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
14:21:37.0709 0x6748 AeLookupSvc - ok
14:21:37.0780 0x6748 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
14:21:37.0893 0x6748 AFD - ok
14:21:37.0926 0x6748 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
14:21:37.0955 0x6748 agp440 - ok
14:21:38.0005 0x6748 [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
14:21:38.0078 0x6748 ahcache - ok
14:21:38.0130 0x6748 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\WINDOWS\System32\alg.exe
14:21:38.0253 0x6748 ALG - ok
14:21:38.0278 0x6748 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
14:21:38.0374 0x6748 AmdK8 - ok
14:21:38.0398 0x6748 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
14:21:38.0426 0x6748 AmdPPM - ok
14:21:38.0445 0x6748 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
14:21:38.0456 0x6748 amdsata - ok
14:21:38.0557 0x6748 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
14:21:38.0577 0x6748 amdsbs - ok
14:21:38.0587 0x6748 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
14:21:38.0594 0x6748 amdxata - ok
14:21:38.0652 0x6748 [ 7AF76466E5887A897EC1959208DE3BB3, 8B4672B9640DE6A7395A888713CB6D7AC780C040ABA4005B93A539AD395C2AA8 ] AmUStor C:\WINDOWS\system32\drivers\AmUStor.SYS
14:21:38.0668 0x6748 AmUStor - ok
14:21:38.0790 0x6748 [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
14:21:38.0877 0x6748 AppHostSvc - ok
14:21:38.0948 0x6748 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\WINDOWS\system32\drivers\appid.sys
14:21:39.0008 0x6748 AppID - ok
14:21:39.0072 0x6748 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
14:21:39.0105 0x6748 AppIDSvc - ok
14:21:39.0170 0x6748 [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo C:\WINDOWS\System32\appinfo.dll
14:21:39.0247 0x6748 Appinfo - ok
14:21:39.0344 0x6748 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:21:39.0362 0x6748 Apple Mobile Device - ok
14:21:39.0435 0x6748 [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
14:21:39.0484 0x6748 AppReadiness - ok
14:21:39.0533 0x6748 [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
14:21:39.0701 0x6748 AppXSvc - ok
14:21:39.0725 0x6748 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
14:21:39.0743 0x6748 arcsas - ok
14:21:39.0907 0x6748 [ AA2E8C6B8D7EA7BAF04C988801927F48, 4B82043F1B9C67CDCDC71102F7AEE05EEA8F9775A5CB33AE80F4DCDB42521C40 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:21:39.0921 0x6748 aspnet_state - ok
14:21:39.0976 0x6748 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
14:21:39.0982 0x6748 atapi - ok
14:21:40.0100 0x6748 [ 37B33DDE5490A2DF56DFB46580356E3F, 40FE378C9010B06FD7ADE30F76F916D5BDBB26525CF3D11D5780E2247B6099D8 ] athr C:\WINDOWS\system32\DRIVERS\athwbx.sys
14:21:40.0195 0x6748 athr - ok
14:21:40.0254 0x6748 [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
14:21:40.0352 0x6748 AudioEndpointBuilder - ok
14:21:40.0448 0x6748 [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
14:21:40.0483 0x6748 Audiosrv - ok
14:21:40.0732 0x6748 [ 0D2F8F4055903A762AD46204E5A42E86, D3270039E4F066C69D844060388D3F895137C37C0FBE4C106BE1C71AE9DBC17A ] AVP C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
14:21:40.0746 0x6748 AVP - ok
14:21:40.0789 0x6748 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
14:21:40.0862 0x6748 AxInstSV - ok
14:21:40.0887 0x6748 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
14:21:40.0908 0x6748 b06bdrv - ok
14:21:40.0960 0x6748 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
14:21:41.0040 0x6748 BasicDisplay - ok
14:21:41.0110 0x6748 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
14:21:41.0188 0x6748 BasicRender - ok
14:21:41.0213 0x6748 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
14:21:41.0224 0x6748 bcmfn2 - ok
14:21:41.0320 0x6748 [ 6FA3557EA5FA09BA705298CC6B0E9F5A, 3C8EA2080973619DEC613FC2F2022AA1A931EE9640C32C6DF6B50C46671BE5F5 ] BCMH43XX C:\WINDOWS\system32\DRIVERS\bcmwlhigh664.sys
14:21:41.0345 0x6748 BCMH43XX - ok
14:21:41.0426 0x6748 [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
14:21:41.0542 0x6748 BDESVC - ok
14:21:41.0597 0x6748 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:21:41.0659 0x6748 Beep - ok
14:21:41.0689 0x6748 [ BE43A13207D6428947248AF7EE05E772, 4118288ECD13B77738070DC298A64732693EEF9679CCFA59FD523CCAACF6335B ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
14:21:41.0700 0x6748 BEService - ok
14:21:41.0816 0x6748 [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE C:\WINDOWS\System32\bfe.dll
14:21:41.0892 0x6748 BFE - ok
14:21:42.0024 0x6748 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\WINDOWS\System32\qmgr.dll
14:21:42.0143 0x6748 BITS - ok
14:21:42.0218 0x6748 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:21:42.0254 0x6748 Bonjour Service - ok
14:21:42.0269 0x6748 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
14:21:42.0336 0x6748 bowser - ok
14:21:42.0392 0x6748 [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
14:21:42.0431 0x6748 BrokerInfrastructure - ok
14:21:42.0478 0x6748 [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser C:\WINDOWS\System32\browser.dll
14:21:42.0565 0x6748 Browser - ok
14:21:42.0705 0x6748 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
14:21:42.0792 0x6748 BthAvrcpTg - ok
14:21:42.0816 0x6748 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
14:21:42.0854 0x6748 BthHFEnum - ok
14:21:42.0861 0x6748 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
14:21:42.0882 0x6748 bthhfhid - ok
14:21:42.0894 0x6748 [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
14:21:42.0914 0x6748 BTHMODEM - ok
14:21:42.0970 0x6748 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\WINDOWS\system32\bthserv.dll
14:21:43.0003 0x6748 bthserv - ok
14:21:43.0027 0x6748 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
14:21:43.0110 0x6748 cdfs - ok
14:21:43.0134 0x6748 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
14:21:43.0149 0x6748 cdrom - ok
14:21:43.0165 0x6748 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
14:21:43.0193 0x6748 CertPropSvc - ok
14:21:43.0207 0x6748 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
14:21:43.0222 0x6748 circlass - ok
14:21:43.0248 0x6748 [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
14:21:43.0259 0x6748 CLFS - ok
14:21:43.0341 0x6748 [ E62360EC0E695266CCA9FA52AD8FE616, 8586DE40286939F7DD1310F601D5502831CC4957913ABE92BD6EED23B8403FB9 ] CLHNServiceForPowerDVD12 c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
14:21:43.0361 0x6748 CLHNServiceForPowerDVD12 - ok
14:21:43.0499 0x6748 [ 7E526C5B4DD233EBCF1EA3EC211E2913, 9DC99F18454001AF5462C773C174E2D6E503316550C7E9D7824E9CBC503FCA3B ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
14:21:43.0540 0x6748 ClickToRunSvc - ok
14:21:43.0564 0x6748 [ 3A0028F785F7DD320FD4756E27CAB343, AE41D73536432FC4C6C82AE21A9504FD41A1AF862AC12EB90D21129039395BFC ] CLVirtualDrive C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
14:21:43.0569 0x6748 CLVirtualDrive - ok
14:21:43.0614 0x6748 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
14:21:43.0685 0x6748 CmBatt - ok
14:21:43.0760 0x6748 [ 4E1207CE16E615B0B7A70DC889F4500E, 1778D5AC0AF5F5DD1551192F4CDBCCB9878995155CF337EBB03460A6FD5C6B78 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
14:21:43.0801 0x6748 CNG - ok
14:21:43.0812 0x6748 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
14:21:43.0831 0x6748 CompositeBus - ok
14:21:43.0833 0x6748 COMSysApp - ok
14:21:43.0848 0x6748 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
14:21:43.0880 0x6748 condrv - ok
14:21:43.0921 0x6748 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
14:21:43.0994 0x6748 CryptSvc - ok
14:21:44.0019 0x6748 [ 11BCD96ADD4001D0273926E5459DCC7E, 6D902C023E8518B7885F3D12DF80D11EC1E6AFA6AE0E0DB584D2D01A400E18D4 ] CyberLink PowerDVD 12 Media Server Monitor Service c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
14:21:44.0026 0x6748 CyberLink PowerDVD 12 Media Server Monitor Service - ok
14:21:44.0046 0x6748 [ FBB77430EB2A8000AC552D6B6DE80FAB, 9D7AD96D7FCE8DE2E43AA2DAA6E2FEB3DD778A117D597C8FF8BA1E8801B2A35F ] CyberLink PowerDVD 12 Media Server Service c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
14:21:44.0055 0x6748 CyberLink PowerDVD 12 Media Server Service - ok
14:21:44.0066 0x6748 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
14:21:44.0073 0x6748 dam - ok
14:21:44.0142 0x6748 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:21:44.0174 0x6748 DcomLaunch - ok
14:21:44.0231 0x6748 [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
14:21:44.0276 0x6748 defragsvc - ok
14:21:44.0323 0x6748 [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
14:21:44.0357 0x6748 DeviceAssociationService - ok
14:21:44.0386 0x6748 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
14:21:44.0436 0x6748 DeviceInstall - ok
14:21:44.0460 0x6748 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
14:21:44.0512 0x6748 Dfsc - ok
14:21:44.0537 0x6748 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
14:21:44.0554 0x6748 dg_ssudbus - ok
14:21:44.0633 0x6748 [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
14:21:44.0746 0x6748 Dhcp - ok
14:21:44.0804 0x6748 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
14:21:44.0833 0x6748 disk - ok
14:21:44.0885 0x6748 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
14:21:44.0983 0x6748 dmvsc - ok
14:21:45.0009 0x6748 [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:21:45.0046 0x6748 Dnscache - ok
14:21:45.0095 0x6748 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\WINDOWS\System32\dot3svc.dll
14:21:45.0126 0x6748 dot3svc - ok
14:21:45.0144 0x6748 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\WINDOWS\system32\dps.dll
14:21:45.0237 0x6748 DPS - ok
14:21:45.0270 0x6748 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:21:45.0285 0x6748 drmkaud - ok
14:21:45.0338 0x6748 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
14:21:45.0372 0x6748 DsmSvc - ok
14:21:45.0477 0x6748 [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
14:21:45.0513 0x6748 DXGKrnl - ok
14:21:45.0572 0x6748 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\WINDOWS\System32\eapsvc.dll
14:21:45.0612 0x6748 Eaphost - ok
14:21:45.0724 0x6748 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
14:21:45.0800 0x6748 ebdrv - ok
14:21:45.0863 0x6748 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\WINDOWS\System32\lsass.exe
14:21:45.0878 0x6748 EFS - ok
14:21:45.0931 0x6748 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
14:21:46.0022 0x6748 EhStorClass - ok
14:21:46.0046 0x6748 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
14:21:46.0061 0x6748 EhStorTcgDrv - ok
14:21:46.0080 0x6748 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
14:21:46.0101 0x6748 ErrDev - ok
14:21:46.0208 0x6748 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\WINDOWS\system32\es.dll
14:21:46.0297 0x6748 EventSystem - ok
14:21:46.0334 0x6748 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
14:21:46.0381 0x6748 exfat - ok
14:21:46.0402 0x6748 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
14:21:46.0415 0x6748 fastfat - ok
14:21:46.0467 0x6748 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\WINDOWS\system32\fxssvc.exe
14:21:46.0579 0x6748 Fax - ok
14:21:46.0600 0x6748 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
14:21:46.0635 0x6748 fdc - ok
14:21:46.0693 0x6748 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\WINDOWS\system32\fdPHost.dll
14:21:46.0723 0x6748 fdPHost - ok
14:21:46.0733 0x6748 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\WINDOWS\system32\fdrespub.dll
14:21:46.0746 0x6748 FDResPub - ok
14:21:46.0759 0x6748 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\WINDOWS\system32\fhsvc.dll
14:21:46.0790 0x6748 fhsvc - ok
14:21:46.0841 0x6748 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
14:21:46.0850 0x6748 FileInfo - ok
14:21:46.0907 0x6748 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
14:21:46.0944 0x6748 Filetrace - ok
14:21:46.0951 0x6748 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
14:21:46.0965 0x6748 flpydisk - ok
14:21:46.0991 0x6748 [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
14:21:47.0003 0x6748 FltMgr - ok
14:21:47.0037 0x6748 [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\WINDOWS\system32\FntCache.dll
14:21:47.0083 0x6748 FontCache - ok
14:21:47.0194 0x6748 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:21:47.0211 0x6748 FontCache3.0.0.0 - ok
14:21:47.0230 0x6748 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
14:21:47.0246 0x6748 FsDepends - ok
14:21:47.0268 0x6748 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:21:47.0277 0x6748 Fs_Rec - ok
14:21:47.0293 0x6748 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
14:21:47.0318 0x6748 fvevol - ok
14:21:47.0335 0x6748 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
14:21:47.0352 0x6748 FxPPM - ok
14:21:47.0368 0x6748 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
14:21:47.0385 0x6748 gagp30kx - ok
14:21:47.0418 0x6748 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
14:21:47.0429 0x6748 GEARAspiWDM - ok
14:21:47.0483 0x6748 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
14:21:47.0508 0x6748 gencounter - ok
14:21:47.0661 0x6748 [ 0C52567F023D0F05F4EFC26F607D415B, 168D2AAB2F9CF8DE4A894DE3B2A5C67F1DAD758DBEC95FCFF4D752645BB37C38 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
14:21:47.0689 0x6748 GfExperienceService - ok
14:21:47.0739 0x6748 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
14:21:47.0746 0x6748 GPIOClx0101 - ok
14:21:47.0833 0x6748 [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
14:21:47.0934 0x6748 gpsvc - ok
14:21:47.0979 0x6748 [ 0E57453205AD9648E4770F7D21D49454, C34FAA1195EAF4581EF124E9D2CCAC43FE7E99255940B172FF086D1F148BFD17 ] Hamachi C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
14:21:47.0998 0x6748 Hamachi - ok
14:21:48.0202 0x6748 [ 1AF89F124E46EECF2C13CBA0F45B3512, 86FF5B5B9F3F07972CB3ACAFCDD38DB465B184FD1B72CA0964736DBBC0402719 ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
14:21:48.0262 0x6748 Hamachi2Svc - ok
14:21:48.0317 0x6748 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
14:21:48.0408 0x6748 HDAudBus - ok
14:21:48.0430 0x6748 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
14:21:48.0447 0x6748 HidBatt - ok
14:21:48.0498 0x6748 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
14:21:48.0522 0x6748 HidBth - ok
14:21:48.0590 0x6748 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
14:21:48.0628 0x6748 hidi2c - ok
14:21:48.0649 0x6748 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
14:21:48.0676 0x6748 HidIr - ok
14:21:48.0746 0x6748 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\WINDOWS\system32\hidserv.dll
14:21:48.0770 0x6748 hidserv - ok
14:21:48.0792 0x6748 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
14:21:48.0853 0x6748 HidUsb - ok
14:21:48.0908 0x6748 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
14:21:48.0932 0x6748 hkmsvc - ok
14:21:48.0955 0x6748 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
14:21:49.0055 0x6748 HomeGroupListener - ok
14:21:49.0124 0x6748 [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
14:21:49.0206 0x6748 HomeGroupProvider - ok
14:21:49.0253 0x6748 [ C5CAC8A8375F3DE33898E04558979D7B, DA47BAF9B9942DE02854CDF9918C517AE481556F26761CB338EE4A854B211C0B ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
14:21:49.0272 0x6748 HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
14:21:51.0770 0x6748 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
14:21:54.0254 0x6748 [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
14:21:54.0308 0x6748 hpqwmiex - ok
14:21:54.0369 0x6748 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
14:21:54.0397 0x6748 HpSAMD - ok
14:21:54.0491 0x6748 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
14:21:54.0525 0x6748 HTTP - ok
14:21:54.0575 0x6748 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
14:21:54.0581 0x6748 hwpolicy - ok
14:21:54.0595 0x6748 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
14:21:54.0615 0x6748 hyperkbd - ok
14:21:54.0628 0x6748 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
14:21:54.0634 0x6748 HyperVideo - ok
14:21:54.0650 0x6748 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
14:21:54.0670 0x6748 i8042prt - ok
14:21:54.0685 0x6748 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
14:21:54.0690 0x6748 iaLPSSi_GPIO - ok
14:21:54.0700 0x6748 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
14:21:54.0706 0x6748 iaLPSSi_I2C - ok
14:21:54.0730 0x6748 [ 350EDDB367832C2AC96A8CE21821269D, 55453AF933E59C4748302FB8E516C891BFF7D131E810F0E27DF29DE11A8C8A64 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
14:21:54.0742 0x6748 iaStorA - ok
14:21:54.0767 0x6748 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
14:21:54.0780 0x6748 iaStorAV - ok
14:21:54.0802 0x6748 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
14:21:54.0814 0x6748 iaStorV - ok
14:21:54.0816 0x6748 IEEtwCollectorService - ok
14:21:54.0872 0x6748 [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT C:\WINDOWS\System32\ikeext.dll
14:21:54.0894 0x6748 IKEEXT - ok
14:21:54.0935 0x6748 [ C6128F2E3DC6156C6F8828F9F1B96010, 612C1191AFB8F69BA5634E8C52BDDE608F57D98FA4C76C5A337676A5F1E8191D ] Intel(R) Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
14:21:54.0959 0x6748 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
14:21:57.0384 0x6748 Detect skipped due to KSN trusted
14:21:57.0385 0x6748 Intel(R) Capability Licensing Service Interface - ok
14:21:57.0445 0x6748 [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel(R) Capability Licensing Service TCP IP Interface c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
14:21:57.0479 0x6748 Intel(R) Capability Licensing Service TCP IP Interface - ok
14:21:57.0561 0x6748 [ 8CAB422BDC0F8A1046F595E964CE2F14, F2FBECCBAF9BF2C92FD4EA1234A08CA98D52B2F0D18E65B43FC08D4A605FE4CD ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
14:21:57.0569 0x6748 Intel(R) ME Service - ok
14:21:57.0612 0x6748 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
14:21:57.0622 0x6748 intelide - ok
14:21:57.0683 0x6748 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
14:21:57.0770 0x6748 intelpep - ok
14:21:57.0789 0x6748 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
14:21:57.0912 0x6748 intelppm - ok
14:21:57.0975 0x6748 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:21:58.0001 0x6748 IpFilterDriver - ok
14:21:58.0065 0x6748 [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
14:21:58.0148 0x6748 iphlpsvc - ok
14:21:58.0169 0x6748 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
14:21:58.0280 0x6748 IPMIDRV - ok
14:21:58.0303 0x6748 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
14:21:58.0454 0x6748 IPNAT - ok
14:21:58.0491 0x6748 [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:21:58.0511 0x6748 iPod Service - ok
14:21:58.0565 0x6748 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
14:21:58.0585 0x6748 IRENUM - ok
14:21:58.0638 0x6748 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
14:21:58.0644 0x6748 isapnp - ok
14:21:58.0667 0x6748 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
14:21:58.0678 0x6748 iScsiPrt - ok
14:21:58.0702 0x6748 [ A326E83B46820EF62F7F0BA17A9DA542, 1CC6564B100517E62E7BACAC142F8B0C6B1800F16D9A25D95E9AA2C2CEC0E54B ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
14:21:58.0707 0x6748 jhi_service - ok
14:21:58.0720 0x6748 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
14:21:58.0727 0x6748 kbdclass - ok
14:21:58.0730 0x6748 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
14:21:58.0747 0x6748 kbdhid - ok
14:21:58.0750 0x6748 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
14:21:58.0832 0x6748 kdnic - ok
14:21:58.0849 0x6748 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\WINDOWS\system32\lsass.exe
14:21:58.0859 0x6748 KeyIso - ok
14:21:58.0886 0x6748 [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys
14:21:58.0903 0x6748 kl1 - ok
14:21:58.0915 0x6748 [ 2248A9F2B7704271C72E306001C7FBE0, FEC8E10F4FAB332E36C1C5801396174B4CE21186431A2A234CE49695C4674ACA ] klelam C:\WINDOWS\system32\DRIVERS\klelam.sys
14:21:58.0921 0x6748 klelam - ok
14:21:58.0949 0x6748 [ E8D6C80D4E11383CEE269F9C27E6464C, 5E9EAD64AE221AE8BF87730A7FDDF8023805184D12A058A147ECD887FA3D3012 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
14:21:58.0960 0x6748 KLIF - ok
14:21:58.0969 0x6748 [ B6822DEFE601629F19E0A2D7F0D623F2, FD71A2AA3FC4698B5436D185E2F2A3EB6A111AE8F35606E1658E2D18CE744F13 ] KLIM6 C:\WINDOWS\system32\DRIVERS\klim6.sys
14:21:58.0973 0x6748 KLIM6 - ok
14:21:58.0989 0x6748 [ B45DEC5BD71885E833DF3D837CE7C606, 8A81802122EE6BD791E36F9F27D921C9BC4D5B6604C0A79F9F1D806AD44B9869 ] klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
14:21:58.0993 0x6748 klkbdflt - ok
14:21:58.0999 0x6748 [ 8849D8F6259D3494E8C5C9482EE40A08, 62C60FD28916407AEF3C4F8B8FF7E5FCDFAE261E772E672E3E06F0D0CA6D6729 ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
14:21:59.0004 0x6748 klmouflt - ok
14:21:59.0049 0x6748 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\WINDOWS\system32\DRIVERS\klpd.sys
14:21:59.0053 0x6748 klpd - ok
14:21:59.0066 0x6748 [ EAAF7E0936CC5474F433B684A2C68CF2, 5E5E5D324000F2209C7E32DC965FBD822850B4E1351887A93B50FB79844BF781 ] klwfp C:\WINDOWS\system32\DRIVERS\klwfp.sys
14:21:59.0071 0x6748 klwfp - ok
14:21:59.0079 0x6748 [ 91BC1C5B00275A4D7FD669EFF0DDEB2A, B745518E1916441A49565478EA77C8DBC784E7B4D9DAD1EA1F648ED1727F413D ] kneps C:\WINDOWS\system32\DRIVERS\kneps.sys
14:21:59.0085 0x6748 kneps - ok
14:21:59.0140 0x6748 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
14:21:59.0154 0x6748 KSecDD - ok
14:21:59.0172 0x6748 [ 6D2EE96150E35B9EA49F2B481DE0369A, AC5915219FD81D89E444F6E86D71F7C495108FC35E7BD683321FC7006161AFE1 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
14:21:59.0190 0x6748 KSecPkg - ok
14:21:59.0204 0x6748 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
14:21:59.0212 0x6748 ksthunk - ok
14:21:59.0273 0x6748 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
14:21:59.0309 0x6748 KtmRm - ok
14:21:59.0330 0x6748 [ 305BB2AC00D46542E0A653AB63F4ABB1, E3BE57A0EBB1194656D20C11688863A7864B06223419F688D82881F9F49604B6 ] LADF_CaptureOnly C:\WINDOWS\system32\DRIVERS\ladfGSCamd64.sys
14:21:59.0341 0x6748 LADF_CaptureOnly - ok
14:21:59.0401 0x6748 [ 28CDDC7D478A6313F55077416DCBD0DE, EE4174FC9444856DF0693D1A5F16EB88352A3B012AA82D49C462980703981A7A ] LADF_RenderOnly C:\WINDOWS\system32\DRIVERS\ladfGSRamd64.sys
14:21:59.0413 0x6748 LADF_RenderOnly - ok
14:21:59.0557 0x6748 [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
14:21:59.0586 0xa020 Object required for P2P: [ 08BFE413B0B4AA8DFA4B5684CE06D3DC ] iaStorAV
14:21:59.0706 0x6748 LanmanServer - ok
14:21:59.0831 0x6748 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
14:21:59.0876 0x6748 LanmanWorkstation - ok
14:21:59.0903 0x6748 [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
14:21:59.0943 0x6748 lfsvc - ok
14:21:59.0967 0x6748 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\WINDOWS\system32\drivers\LGBusEnum.sys
14:21:59.0979 0x6748 LGBusEnum - ok
14:22:00.0005 0x6748 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\WINDOWS\system32\drivers\LGVirHid.sys
14:22:00.0013 0x6748 LGVirHid - ok
14:22:00.0066 0x6748 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
14:22:00.0129 0x6748 lltdio - ok
14:22:00.0255 0x6748 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
14:22:00.0298 0x6748 lltdsvc - ok
14:22:00.0351 0x6748 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
14:22:00.0442 0x6748 lmhosts - ok
14:22:00.0524 0x6748 [ DECDC94EE980974EDFE4663B28A127C1, 9546F6B6F049EAD3D503A18CA106A1716AFE46CA40769D3DB128A3C152E02D30 ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
14:22:00.0532 0x6748 LMIGuardianSvc - ok
14:22:00.0729 0x6748 [ 70C1B686CA9083970484DDDED4426A08, AA19295AC97EBE36E9CED4B162CBF1EEF4916B02FDA6255ACEF0492E79E94C64 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:22:00.0761 0x6748 LMS - ok
14:22:00.0801 0x6748 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
14:22:00.0813 0x6748 LSI_SAS - ok
14:22:00.0826 0x6748 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
14:22:00.0839 0x6748 LSI_SAS2 - ok
14:22:00.0846 0x6748 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
14:22:00.0855 0x6748 LSI_SAS3 - ok
14:22:00.0866 0x6748 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
14:22:00.0874 0x6748 LSI_SSS - ok
14:22:00.0941 0x6748 [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\WINDOWS\System32\lsm.dll
14:22:00.0984 0x6748 LSM - ok
14:22:01.0037 0x6748 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
14:22:01.0085 0x6748 luafv - ok
14:22:01.0102 0x6748 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
14:22:01.0129 0x6748 megasas - ok
14:22:01.0205 0x6748 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
14:22:01.0237 0x6748 megasr - ok
14:22:01.0281 0x6748 [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
14:22:01.0303 0x6748 MEIx64 - ok
14:22:01.0348 0x6748 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\WINDOWS\system32\mmcss.dll
14:22:01.0427 0x6748 MMCSS - ok
14:22:01.0512 0x6748 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
14:22:01.0570 0x6748 Modem - ok
14:22:01.0610 0x6748 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
14:22:01.0681 0x6748 monitor - ok
14:22:01.0723 0x6748 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
14:22:01.0738 0x6748 mouclass - ok
14:22:01.0744 0x6748 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
14:22:01.0755 0x6748 mouhid - ok
14:22:01.0769 0x6748 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
14:22:01.0779 0x6748 mountmgr - ok
14:22:01.0784 0x6748 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
14:22:01.0806 0x6748 mpsdrv - ok
14:22:02.0051 0xa020 Object send P2P result: true
14:22:02.0071 0x6748 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
14:22:02.0128 0x6748 MpsSvc - ok
14:22:02.0200 0x6748 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
14:22:02.0268 0x6748 MRxDAV - ok
14:22:02.0342 0x6748 [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:22:02.0388 0x6748 mrxsmb - ok
14:22:02.0414 0x6748 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
14:22:02.0451 0x6748 mrxsmb10 - ok
14:22:02.0466 0x6748 [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
14:22:02.0487 0x6748 mrxsmb20 - ok
14:22:02.0544 0x6748 [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
14:22:02.0742 0x6748 MsBridge - ok
14:22:02.0816 0x6748 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\WINDOWS\System32\msdtc.exe
14:22:02.0866 0x6748 MSDTC - ok
14:22:02.0912 0x6748 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:22:02.0937 0x6748 Msfs - ok
14:22:03.0001 0x6748 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
14:22:03.0027 0x6748 msgpiowin32 - ok
14:22:03.0062 0x6748 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
14:22:03.0131 0x6748 mshidkmdf - ok
14:22:03.0142 0x6748 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
14:22:03.0162 0x6748 mshidumdf - ok
14:22:03.0185 0x6748 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
14:22:03.0206 0x6748 msisadrv - ok
14:22:03.0284 0x6748 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
14:22:03.0304 0x6748 MSiSCSI - ok
14:22:03.0309 0x6748 msiserver - ok
14:22:03.0338 0x6748 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:22:03.0396 0x6748 MSKSSRV - ok
14:22:03.0410 0x6748 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
14:22:03.0434 0x6748 MsLldp - ok
14:22:03.0469 0x6748 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:22:03.0517 0x6748 MSPCLOCK - ok
14:22:03.0564 0x6748 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:22:03.0586 0x6748 MSPQM - ok
14:22:03.0606 0x6748 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
14:22:03.0631 0x6748 MsRPC - ok
14:22:03.0642 0x6748 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
14:22:03.0649 0x6748 mssmbios - ok
14:22:03.0664 0x6748 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
14:22:03.0671 0x6748 MSTEE - ok
14:22:03.0679 0x6748 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
14:22:03.0695 0x6748 MTConfig - ok
14:22:03.0707 0x6748 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
14:22:03.0714 0x6748 Mup - ok
14:22:03.0729 0x6748 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
14:22:03.0736 0x6748 mvumis - ok
14:22:03.0846 0x6748 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\WINDOWS\system32\qagentRT.dll
14:22:03.0988 0x6748 napagent - ok
14:22:04.0191 0x6748 [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
14:22:04.0290 0x6748 NativeWifiP - ok
14:22:04.0369 0x6748 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
14:22:04.0425 0x6748 NcaSvc - ok
14:22:04.0474 0x6748 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\WINDOWS\System32\ncbservice.dll
14:22:04.0569 0x6748 NcbService - ok
14:22:04.0604 0x6748 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
14:22:04.0651 0x6748 NcdAutoSetup - ok
14:22:04.0789 0x6748 [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
14:22:04.0853 0x6748 NDIS - ok
14:22:04.0923 0x6748 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
14:22:04.0956 0x6748 NdisCap - ok
14:22:04.0992 0x6748 [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
14:22:05.0103 0x6748 NdisImPlatform - ok
14:22:05.0157 0x6748 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:22:05.0223 0x6748 NdisTapi - ok
14:22:05.0240 0x6748 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:22:05.0255 0x6748 Ndisuio - ok
14:22:05.0264 0x6748 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
14:22:05.0290 0x6748 NdisVirtualBus - ok
14:22:05.0306 0x6748 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:22:05.0340 0x6748 NdisWan - ok
14:22:05.0353 0x6748 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:22:05.0370 0x6748 NdisWanLegacy - ok
14:22:05.0418 0x6748 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:22:05.0487 0x6748 NDProxy - ok
14:22:05.0508 0x6748 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
14:22:05.0533 0x6748 Ndu - ok
14:22:05.0582 0x6748 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:22:05.0640 0x6748 NetBIOS - ok
14:22:05.0679 0x6748 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:22:05.0769 0x6748 NetBT - ok
14:22:05.0825 0x6748 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:22:05.0830 0x6748 Netlogon - ok
14:22:05.0909 0x6748 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\WINDOWS\System32\netman.dll
14:22:06.0040 0x6748 Netman - ok
14:22:06.0181 0x6748 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
14:22:06.0223 0x6748 netprofm - ok
14:22:06.0396 0x6748 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:22:06.0428 0x6748 NetTcpPortSharing - ok
14:22:06.0476 0x6748 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
14:22:06.0499 0x6748 netvsc - ok
14:22:06.0601 0x6748 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
14:22:06.0751 0x6748 NlaSvc - ok
14:22:06.0836 0x6748 [ C31FA031335EFF434B2D94278E74BCCE, F5DFD40C16E4013CBAD0E4FB8EF2B4419702B9C215218F69C4A2DD7C4C4C1E2B ] NPF C:\WINDOWS\system32\DRIVERS\npf.sys
14:22:06.0855 0x6748 NPF - ok
14:22:06.0889 0x6748 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:22:06.0916 0x6748 Npfs - ok
14:22:06.0921 0x6748 npggsvc - ok
14:22:06.0987 0x6748 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
14:22:07.0176 0x6748 npsvctrig - ok
14:22:07.0194 0x6748 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\WINDOWS\system32\nsisvc.dll
14:22:07.0220 0x6748 nsi - ok
14:22:07.0235 0x6748 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
14:22:07.0260 0x6748 nsiproxy - ok
14:22:07.0779 0x6748 [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:22:07.0900 0x6748 Ntfs - ok
14:22:08.0060 0x6748 [ 09CF155997B911029F38D9796AC224C1, D2D19D9CAA1B93D8F433C858341CBC7293F53B8DB9EADD7875AFDA66385B39E3 ] ntk_PowerDVD12 c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys
14:22:08.0079 0x6748 ntk_PowerDVD12 - ok
14:22:08.0133 0x6748 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
14:22:08.0192 0x6748 Null - ok
14:22:08.0281 0x6748 [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
14:22:08.0297 0x6748 NVHDA - ok
14:22:09.0361 0x6748 [ ED4D88A04D22E6B00DB6BC8FACDBAFED, 38DDB9B353D3A24DD8390C6FB58FD513B46F9F715BC7E68D0958E78EACC3D3FA ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
14:22:09.0599 0x6748 nvlddmkm - ok
14:22:09.0910 0x6748 [ DDF6920EBE96B0304279834F2EE2193E, F631974EE3659EC01863C2502FD26A45A237A59B9B005E5B1F9F78357CCBB974 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
14:22:09.0935 0x6748 NvNetworkService - ok
14:22:10.0019 0x6748 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
14:22:10.0046 0x6748 nvraid - ok
14:22:10.0084 0x6748 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
14:22:10.0108 0x6748 nvstor - ok
14:22:10.0185 0x6748 [ 0C4A0D577A6EF1B9D353851668779944, 70E866AD50809CC80F167796C516190918A542F7767A8841948E656F36877AFE ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
14:22:10.0196 0x6748 NvStreamKms - ok
14:22:11.0117 0x6748 [ BC00A5B3A9F759F7B1DD0A5868C4492F, 23058E56016B836339AACDB0D42E074FB4EF560C27831F6228A455D70585D1EE ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
14:22:11.0442 0x6748 NvStreamSvc - ok
14:22:11.0671 0x6748 [ B7CD89EFA562A991F2864EFD3147473A, D38BAE7883BC073562C3C77DF59663B820CFE8305A3319C6E5CF8E48752E18C1 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
14:22:11.0706 0x6748 nvsvc - ok
14:22:11.0771 0x6748 [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
14:22:11.0783 0x6748 nvvad_WaveExtensible - ok
14:22:11.0831 0x6748 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
14:22:11.0852 0x6748 nv_agp - ok
14:22:12.0250 0x6748 [ EF8DA126239D08B7B4734256417AE702, 4BBA0577C20E851F5B30D0D0F19382AB32AF57EFF7AA5B394E0FF6358A7AB287 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
14:22:12.0277 0x6748 Origin Client Service - ok
14:22:12.0448 0x6748 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:22:12.0472 0x6748 ose - ok
14:22:12.0521 0x6748 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
14:22:12.0640 0x6748 p2pimsvc - ok
14:22:12.0748 0x6748 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
14:22:12.0862 0x6748 p2psvc - ok
14:22:12.0965 0x6748 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
14:22:12.0995 0x6748 Parport - ok
14:22:13.0029 0x6748 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
14:22:13.0058 0x6748 partmgr - ok
14:22:13.0255 0x6748 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
14:22:13.0361 0x6748 PcaSvc - ok
14:22:13.0453 0x6748 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
14:22:13.0470 0x6748 pci - ok
14:22:13.0501 0x6748 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
14:22:13.0507 0x6748 pciide - ok
14:22:13.0552 0x6748 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
14:22:13.0572 0x6748 pcmcia - ok
14:22:13.0601 0x6748 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
14:22:13.0611 0x6748 pcw - ok
14:22:13.0665 0x6748 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
14:22:13.0693 0x6748 pdc - ok
14:22:13.0987 0x6748 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
14:22:14.0053 0x6748 PEAUTH - ok
14:22:14.0456 0x6748 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
14:22:14.0963 0x6748 PerfHost - ok
14:22:15.0119 0x6748 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\WINDOWS\system32\pla.dll
14:22:15.0186 0x6748 pla - ok
14:22:15.0209 0x6748 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
14:22:15.0217 0x6748 PlugPlay - ok
14:22:15.0219 0x6748 PnkBstrA - ok
14:22:15.0227 0x6748 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
14:22:15.0300 0x6748 PNRPAutoReg - ok
14:22:15.0330 0x6748 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
14:22:15.0361 0x6748 PNRPsvc - ok
14:22:15.0429 0x6748 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
14:22:15.0507 0x6748 PolicyAgent - ok
14:22:15.0592 0x6748 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\WINDOWS\system32\umpo.dll
14:22:15.0669 0x6748 Power - ok
14:22:15.0985 0x6748 [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
14:22:16.0170 0x6748 PrintNotify - ok
14:22:16.0254 0x6748 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
14:22:16.0294 0x6748 Processor - ok
14:22:16.0421 0x6748 [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
14:22:16.0556 0x6748 ProfSvc - ok
14:22:16.0643 0x6748 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
14:22:16.0670 0x6748 Psched - ok
14:22:16.0712 0x6748 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\WINDOWS\system32\qwave.dll
14:22:16.0726 0x6748 QWAVE - ok
14:22:16.0739 0x6748 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
14:22:16.0747 0x6748 QWAVEdrv - ok
14:22:16.0760 0x6748 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:22:16.0768 0x6748 RasAcd - ok
14:22:16.0818 0x6748 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:22:16.0832 0x6748 RasAuto - ok
14:22:16.0895 0x6748 [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:22:16.0941 0x6748 RasMan - ok
14:22:16.0956 0x6748 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:22:16.0970 0x6748 RasPppoe - ok
14:22:17.0171 0x6748 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:22:17.0320 0x6748 rdbss - ok
14:22:17.0332 0x6748 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
14:22:17.0399 0x6748 rdpbus - ok
14:22:17.0422 0x6748 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
14:22:17.0458 0x6748 RDPDR - ok
14:22:17.0519 0x6748 [ 9F08A6608F98B5407E7DDBCF306573EF, 92812F97CFDB2EC128BC48143DE215B7D012B15D3FB4D2199222AD8C31DA5016 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
14:22:17.0545 0x6748 RdpVideoMiniport - ok
14:22:17.0651 0x6748 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
14:22:17.0712 0x6748 rdyboost - ok
14:22:17.0866 0x6748 [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
14:22:17.0902 0x6748 ReFS - ok
14:22:17.0998 0x6748 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:22:18.0029 0x6748 RemoteAccess - ok
14:22:18.0093 0x6748 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
14:22:18.0135 0x6748 RemoteRegistry - ok
14:22:18.0195 0x6748 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
14:22:18.0220 0x6748 RpcEptMapper - ok
14:22:18.0267 0x6748 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\WINDOWS\system32\locator.exe
14:22:18.0277 0x6748 RpcLocator - ok
14:22:18.0463 0x6748 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\WINDOWS\system32\rpcss.dll
14:22:18.0490 0x6748 RpcSs - ok
14:22:18.0546 0x6748 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
14:22:18.0604 0x6748 rspndr - ok
14:22:18.0631 0x6748 [ C0D62EC15D093D0D12C47BC451A24047, A31C2EA9E97DA0D0D03992E024DD8B1699D5EA0AE483482EB10740C728778C31 ] RSUSBSTOR C:\WINDOWS\System32\Drivers\RtsUStor.sys
14:22:18.0646 0x6748 RSUSBSTOR - ok
14:22:18.0693 0x6748 [ CFE738C524F35B6E523A4D0F54840C30, 73E051DEA744EEC5202693C11EDABB36DE2D086160648D4E41F1F299CBAD8409 ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
14:22:18.0711 0x6748 RTL8168 - ok
14:22:18.0738 0x6748 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
14:22:18.0753 0x6748 s3cap - ok
14:22:18.0811 0x6748 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\WINDOWS\system32\lsass.exe
14:22:18.0830 0x6748 SamSs - ok
14:22:18.0894 0x6748 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
14:22:18.0911 0x6748 sbp2port - ok
14:22:18.0929 0x6748 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
14:22:18.0943 0x6748 SCardSvr - ok
14:22:18.0955 0x6748 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
14:22:18.0980 0x6748 ScDeviceEnum - ok
14:22:18.0990 0x6748 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
14:22:18.0998 0x6748 scfilter - ok
14:22:19.0116 0x6748 [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:22:19.0260 0x6748 Schedule - ok
14:22:19.0289 0x6748 [ DBEE135B67ACBA572B5792775075C440, 775755BB77C61061F43B4B981953B817B1BF645AD4AEA38118B3362DFFAB89B4 ] SCMNdisP C:\WINDOWS\system32\DRIVERS\scmndisp.sys
14:22:19.0303 0x6748 SCMNdisP - ok
14:22:19.0377 0x6748 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
14:22:19.0405 0x6748 SCPolicySvc - ok
14:22:19.0493 0x6748 [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
14:22:19.0516 0x6748 sdbus - ok
14:22:19.0551 0x6748 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
14:22:19.0557 0x6748 sdstor - ok
14:22:19.0572 0x6748 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
14:22:19.0578 0x6748 secdrv - ok
14:22:19.0629 0x6748 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\WINDOWS\system32\seclogon.dll
14:22:19.0660 0x6748 seclogon - ok
14:22:19.0672 0x6748 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\WINDOWS\System32\sens.dll
14:22:19.0695 0x6748 SENS - ok
14:22:19.0715 0x6748 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
14:22:19.0797 0x6748 SensrSvc - ok
14:22:19.0850 0x6748 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
14:22:19.0857 0x6748 SerCx - ok
14:22:19.0906 0x6748 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
14:22:19.0928 0x6748 SerCx2 - ok
14:22:19.0945 0x6748 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
14:22:19.0953 0x6748 Serenum - ok
14:22:19.0974 0x6748 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
14:22:19.0997 0x6748 Serial - ok
14:22:20.0012 0x6748 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
14:22:20.0021 0x6748 sermouse - ok
14:22:20.0051 0x6748 [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
14:22:20.0113 0x6748 SessionEnv - ok
14:22:20.0162 0x6748 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
14:22:20.0170 0x6748 sfloppy - ok
14:22:20.0251 0x6748 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:22:20.0366 0x6748 SharedAccess - ok
14:22:20.0470 0x6748 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:22:20.0501 0x6748 ShellHWDetection - ok
14:22:20.0511 0x6748 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
14:22:20.0517 0x6748 SiSRaid2 - ok
14:22:20.0527 0x6748 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
14:22:20.0535 0x6748 SiSRaid4 - ok
14:22:20.0667 0x6748 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:22:20.0693 0x6748 SkypeUpdate - ok
14:22:20.0750 0x6748 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\WINDOWS\System32\smphost.dll
14:22:20.0837 0x6748 smphost - ok
14:22:20.0898 0x6748 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
14:22:20.0943 0x6748 SNMPTRAP - ok
14:22:21.0017 0x6748 [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
14:22:21.0041 0x6748 spaceport - ok
14:22:21.0045 0x6748 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
14:22:21.0052 0x6748 SpbCx - ok
14:22:21.0164 0x6748 [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler C:\WINDOWS\System32\spoolsv.exe
14:22:21.0400 0x6748 Spooler - ok
14:22:21.0535 0x6748 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
14:22:21.0639 0x6748 sppsvc - ok
14:22:21.0663 0x6748 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:22:21.0719 0x6748 srv - ok
14:22:21.0760 0x6748 [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
14:22:21.0786 0x6748 srv2 - ok
14:22:21.0859 0x6748 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
14:22:21.0870 0x6748 srvnet - ok
14:22:21.0924 0x6748 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:22:21.0976 0x6748 SSDPSRV - ok
14:22:22.0058 0x6748 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
14:22:22.0083 0x6748 SstpSvc - ok
14:22:22.0138 0x6748 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
14:22:22.0160 0x6748 ssudmdm - ok
14:22:22.0336 0x6748 [ 857693A4DA826BCD422C48114AA72B10, E6614B190004B17FDF9ED9FEFC8965B819D4D65CC6480BB5557317A6DDBC4B09 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
14:22:22.0359 0x6748 STacSV - detected UnsignedFile.Multi.Generic ( 1 )
14:22:24.0782 0x6748 Detect skipped due to KSN trusted
14:22:24.0782 0x6748 STacSV - ok
14:22:24.0849 0x6748 [ AC8B882D658AF3070167F59AE92E5CA3, 7781475B6A49DCE239FEE2B32767A7E58188EF04BC4BB29E04B40DAFD8214E85 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:22:24.0875 0x6748 Steam Client Service - ok
14:22:25.0046 0x6748 [ E7AF8F82C69A5E9B2CC46633BCBBAAEE, D7FC81DB72A1A96219335AFF861ADD82BEC115CBCB70C6765058E1D76702403C ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:22:25.0062 0x6748 Stereo Service - ok
14:22:25.0080 0x6748 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
14:22:25.0086 0x6748 stexstor - ok
14:22:25.0114 0x6748 [ A73F13903345464F04D463B84890A271, F22A088D94418420CA3943D34CB233B82B36A6A66BB36000A44726244D794AFF ] STHDA C:\WINDOWS\system32\DRIVERS\stwrt64.sys
14:22:25.0171 0x6748 STHDA - ok
14:22:25.0235 0x6748 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\WINDOWS\System32\wiaservc.dll
14:22:25.0370 0x6748 stisvc - ok
14:22:25.0427 0x6748 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
14:22:25.0440 0x6748 storahci - ok
14:22:25.0454 0x6748 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
14:22:25.0465 0x6748 storflt - ok
14:22:25.0514 0x6748 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
14:22:25.0541 0x6748 stornvme - ok
14:22:25.0596 0x6748 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\WINDOWS\system32\storsvc.dll
14:22:25.0665 0x6748 StorSvc - ok
14:22:25.0681 0x6748 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
14:22:25.0693 0x6748 storvsc - ok
14:22:25.0743 0x6748 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\WINDOWS\system32\svsvc.dll
14:22:25.0770 0x6748 svsvc - ok
14:22:25.0781 0x6748 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
14:22:25.0786 0x6748 swenum - ok
14:22:25.0836 0x6748 [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\WINDOWS\System32\swprv.dll
14:22:25.0901 0x6748 swprv - ok
14:22:26.0022 0x6748 [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\WINDOWS\system32\sysmain.dll
14:22:26.0075 0x6748 SysMain - ok
14:22:26.0139 0x6748 [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
14:22:26.0197 0x6748 SystemEventsBroker - ok
14:22:26.0248 0x6748 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
14:22:26.0265 0x6748 TabletInputService - ok
14:22:26.0282 0x6748 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:22:26.0311 0x6748 TapiSrv - ok
14:22:26.0395 0x6748 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
14:22:26.0438 0x6748 Tcpip - ok
14:22:26.0486 0x6748 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:22:26.0528 0x6748 TCPIP6 - ok
14:22:26.0557 0x6748 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
14:22:26.0632 0x6748 tcpipreg - ok
14:22:26.0691 0x6748 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
14:22:26.0730 0x6748 tdx - ok
14:22:26.0784 0x6748 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
14:22:26.0810 0x6748 terminpt - ok
14:22:26.0893 0x6748 [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService C:\WINDOWS\System32\termsrv.dll
14:22:26.0945 0x6748 TermService - ok
14:22:26.0995 0x6748 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\WINDOWS\system32\themeservice.dll
14:22:27.0042 0x6748 Themes - ok
14:22:27.0104 0x6748 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
14:22:27.0131 0x6748 THREADORDER - ok
14:22:27.0151 0x6748 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
14:22:27.0182 0x6748 TimeBroker - ok
14:22:27.0202 0x6748 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
14:22:27.0209 0x6748 TPM - ok
14:22:27.0220 0x6748 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\WINDOWS\System32\trkwks.dll
14:22:27.0243 0x6748 TrkWks - ok
14:22:27.0353 0x6748 [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
14:22:27.0443 0x6748 TrustedInstaller - ok
14:22:27.0466 0x6748 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
14:22:27.0544 0x6748 TsUsbFlt - ok
14:22:27.0561 0x6748 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
14:22:27.0586 0x6748 TsUsbGD - ok
14:22:27.0650 0x6748 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
14:22:27.0681 0x6748 tunnel - ok
14:22:27.0700 0x6748 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
14:22:27.0717 0x6748 uagp35 - ok
14:22:27.0734 0x6748 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
14:22:27.0751 0x6748 UASPStor - ok
14:22:27.0770 0x6748 [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
14:22:27.0784 0x6748 UCX01000 - ok
14:22:27.0801 0x6748 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
14:22:27.0821 0x6748 udfs - ok
14:22:27.0830 0x6748 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
14:22:27.0840 0x6748 UEFI - ok
14:22:27.0890 0x6748 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
14:22:27.0936 0x6748 UI0Detect - ok
14:22:27.0956 0x6748 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
14:22:27.0969 0x6748 uliagpkx - ok
14:22:27.0975 0x6748 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
14:22:27.0988 0x6748 umbus - ok
14:22:28.0002 0x6748 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
14:22:28.0024 0x6748 UmPass - ok
14:22:28.0083 0x6748 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
14:22:28.0135 0x6748 UmRdpService - ok
14:22:28.0167 0x6748 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\WINDOWS\System32\upnphost.dll
14:22:28.0211 0x6748 upnphost - ok
14:22:28.0226 0x6748 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
14:22:28.0230 0x6748 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
14:22:30.0654 0x6748 Detect skipped due to KSN trusted
14:22:30.0654 0x6748 USBAAPL64 - ok
14:22:30.0706 0x6748 [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
14:22:30.0797 0x6748 usbaudio - ok
14:22:30.0850 0x6748 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
14:22:30.0868 0x6748 usbccgp - ok
14:22:30.0926 0x6748 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
14:22:30.0956 0x6748 usbcir - ok
14:22:31.0008 0x6748 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
14:22:31.0026 0x6748 usbehci - ok
14:22:31.0139 0x6748 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
14:22:31.0168 0x6748 usbhub - ok
14:22:31.0191 0x6748 [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
14:22:31.0208 0x6748 USBHUB3 - ok
14:22:31.0243 0x6748 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
14:22:31.0512 0x6748 usbohci - ok
14:22:31.0527 0x6748 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
14:22:31.0604 0x6748 usbprint - ok
14:22:31.0653 0x6748 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
14:22:31.0669 0x6748 USBSTOR - ok
14:22:31.0717 0x6748 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
14:22:31.0748 0x6748 usbuhci - ok
14:22:31.0813 0x6748 [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
14:22:31.0831 0x6748 USBXHCI - ok
14:22:31.0838 0x6748 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\WINDOWS\system32\lsass.exe
14:22:31.0845 0x6748 VaultSvc - ok
14:22:31.0855 0x6748 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
14:22:31.0861 0x6748 vdrvroot - ok
14:22:31.0938 0x6748 [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\WINDOWS\System32\vds.exe
14:22:31.0980 0x6748 vds - ok
14:22:31.0993 0x6748 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
14:22:32.0002 0x6748 VerifierExt - ok
14:22:32.0021 0x6748 [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
14:22:32.0038 0x6748 vhdmp - ok
14:22:32.0048 0x6748 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
14:22:32.0054 0x6748 viaide - ok
14:22:32.0064 0x6748 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
14:22:32.0070 0x6748 vmbus - ok
14:22:32.0082 0x6748 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
14:22:32.0088 0x6748 VMBusHID - ok
14:22:32.0140 0x6748 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
14:22:32.0151 0x6748 vmicguestinterface - ok
14:22:32.0160 0x6748 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
14:22:32.0171 0x6748 vmicheartbeat - ok
14:22:32.0179 0x6748 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
14:22:32.0190 0x6748 vmickvpexchange - ok
14:22:32.0198 0x6748 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
14:22:32.0210 0x6748 vmicrdv - ok
14:22:32.0218 0x6748 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
14:22:32.0229 0x6748 vmicshutdown - ok
14:22:32.0237 0x6748 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
14:22:32.0248 0x6748 vmictimesync - ok
14:22:32.0256 0x6748 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
14:22:32.0267 0x6748 vmicvss - ok
14:22:32.0271 0x6748 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
14:22:32.0277 0x6748 volmgr - ok
14:22:32.0295 0x6748 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
14:22:32.0305 0x6748 volmgrx - ok
14:22:32.0376 0x6748 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
14:22:32.0395 0x6748 volsnap - ok
14:22:32.0411 0x6748 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
14:22:32.0418 0x6748 vpci - ok
14:22:32.0428 0x6748 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
14:22:32.0437 0x6748 vsmraid - ok
14:22:32.0484 0x6748 [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\WINDOWS\system32\vssvc.exe
14:22:32.0522 0x6748 VSS - ok
14:22:32.0540 0x6748 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
14:22:32.0550 0x6748 VSTXRAID - ok
14:22:32.0606 0x6748 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
14:22:32.0734 0x6748 vwifibus - ok
14:22:32.0786 0x6748 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
14:22:32.0831 0x6748 vwififlt - ok
14:22:32.0878 0x6748 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
14:22:32.0892 0x6748 vwifimp - ok
14:22:32.0976 0x6748 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\WINDOWS\system32\w32time.dll
14:22:33.0008 0x6748 W32Time - ok
14:22:33.0108 0x6748 [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll
14:22:33.0140 0x6748 w3logsvc - ok
14:22:33.0160 0x6748 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
14:22:33.0175 0x6748 WacomPen - ok
14:22:33.0247 0x6748 [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
14:22:33.0276 0x6748 WAS - ok
14:22:33.0390 0x6748 [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\WINDOWS\system32\wbengine.exe
14:22:33.0494 0x6748 wbengine - ok
14:22:33.0580 0x6748 [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
14:22:33.0624 0x6748 WbioSrvc - ok
14:22:33.0687 0x6748 [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
14:22:33.0755 0x6748 Wcmsvc - ok
14:22:33.0825 0x6748 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
14:22:33.0941 0x6748 wcncsvc - ok
14:22:33.0958 0x6748 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
14:22:34.0034 0x6748 WcsPlugInService - ok
14:22:34.0100 0x6748 [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
14:22:34.0125 0x6748 WdBoot - ok
14:22:34.0183 0x6748 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
14:22:34.0211 0x6748 Wdf01000 - ok
14:22:34.0225 0x6748 [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
14:22:34.0234 0x6748 WdFilter - ok
14:22:34.0251 0x6748 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
14:22:34.0262 0x6748 WdiServiceHost - ok
14:22:34.0264 0x6748 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
14:22:34.0273 0x6748 WdiSystemHost - ok
14:22:34.0291 0x6748 [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
14:22:34.0297 0x6748 WdNisDrv - ok
14:22:34.0344 0x6748 WdNisSvc - ok
14:22:34.0376 0x6748 [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient C:\WINDOWS\System32\webclnt.dll
14:22:34.0417 0x6748 WebClient - ok
14:22:34.0442 0x6748 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
14:22:34.0473 0x6748 Wecsvc - ok
14:22:34.0480 0x6748 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
14:22:34.0499 0x6748 WEPHOSTSVC - ok
14:22:34.0553 0x6748 [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
14:22:34.0616 0x6748 wercplsupport - ok
14:22:34.0668 0x6748 [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
14:22:34.0706 0x6748 WerSvc - ok
14:22:34.0726 0x6748 [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
14:22:34.0740 0x6748 WFPLWFS - ok
14:22:34.0756 0x6748 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
14:22:34.0765 0x6748 WiaRpc - ok
14:22:34.0809 0x6748 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
14:22:34.0816 0x6748 WIMMount - ok
14:22:34.0818 0x6748 WinDefend - ok
14:22:34.0879 0x6748 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
14:22:34.0902 0x6748 WinHttpAutoProxySvc - ok
14:22:34.0974 0x6748 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:22:35.0003 0x6748 Winmgmt - ok
14:22:35.0170 0x6748 [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
14:22:35.0263 0x6748 WinRM - ok
14:22:35.0321 0x6748 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
14:22:35.0348 0x6748 WinUsb - ok
14:22:35.0417 0x6748 [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
14:22:35.0447 0x6748 WlanSvc - ok
14:22:35.0553 0x6748 [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
14:22:35.0618 0x6748 wlidsvc - ok
14:22:35.0669 0x6748 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
14:22:35.0698 0x6748 WmiAcpi - ok
14:22:35.0727 0x6748 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
14:22:35.0818 0x6748 wmiApSrv - ok
14:22:35.0872 0x6748 WMPNetworkSvc - ok
14:22:35.0911 0x6748 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
14:22:35.0945 0x6748 Wof - ok
14:22:36.0017 0x6748 [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
14:22:36.0107 0x6748 workfolderssvc - ok
14:22:36.0138 0x6748 [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
14:22:36.0156 0x6748 wpcfltr - ok
14:22:36.0201 0x6748 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
14:22:36.0268 0x6748 WPCSvc - ok
14:22:36.0340 0x6748 [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
14:22:36.0403 0x6748 WPDBusEnum - ok
14:22:36.0456 0x6748 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
14:22:36.0461 0x6748 WpdUpFltr - ok
14:22:36.0508 0x6748 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
14:22:36.0536 0x6748 ws2ifsl - ok
14:22:36.0560 0x6748 [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\WINDOWS\System32\wscsvc.dll
14:22:36.0605 0x6748 wscsvc - ok
14:22:36.0607 0x6748 WSearch - ok
14:22:36.0736 0x6748 [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\WINDOWS\System32\WSService.dll
14:22:36.0819 0x6748 WSService - ok
14:22:36.0898 0x6748 [ A40B7561851F827E792C13937F3693B4, 569BD5E417F6B4CBA5F5E7D8860320CD6D69BC4552F6BB762DC5BDCC05903ED7 ] WSWNDA3100v2 C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
14:22:36.0928 0x6748 WSWNDA3100v2 - detected UnsignedFile.Multi.Generic ( 1 )
14:22:38.0496 0x8a14 Object required for P2P: [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC ] WAS
14:22:39.0334 0x6748 Detect skipped due to KSN trusted
14:22:39.0334 0x6748 WSWNDA3100v2 - ok
14:22:39.0487 0x6748 [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
14:22:39.0647 0x6748 wuauserv - ok
14:22:39.0704 0x6748 [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
14:22:39.0746 0x6748 WudfPf - ok
14:22:39.0772 0x6748 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
14:22:39.0792 0x6748 WUDFRd - ok
14:22:39.0800 0x6748 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
14:22:39.0810 0x6748 WUDFSensorLP - ok
14:22:39.0829 0x6748 [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
14:22:39.0848 0x6748 wudfsvc - ok
14:22:39.0854 0x6748 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
14:22:39.0862 0x6748 WUDFWpdFs - ok
14:22:39.0866 0x6748 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
14:22:39.0873 0x6748 WUDFWpdMtp - ok
14:22:39.0923 0x6748 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
14:22:39.0939 0x6748 WwanSvc - ok
14:22:39.0986 0x6748 [ A0F661902AFCAAD77CC2ED3894927A10, 0DCD860F7F4029EBFE1F409BA23CC8BAA55BC22084C81940FF170B665E4804BD ] xusb22 C:\WINDOWS\System32\drivers\xusb22.sys
14:22:40.0052 0x6748 xusb22 - ok
14:22:40.0073 0x6748 ================ Scan global ===============================
14:22:40.0134 0x6748 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
14:22:40.0206 0x6748 [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
14:22:40.0266 0x6748 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
14:22:40.0311 0x6748 [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
14:22:40.0325 0x6748 [ Global ] - ok
14:22:40.0325 0x6748 ================ Scan MBR ==================================
14:22:40.0335 0x6748 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
14:22:40.0472 0x6748 \Device\Harddisk0\DR0 - ok
14:22:40.0473 0x6748 ================ Scan VBR ==================================
14:22:40.0497 0x6748 [ 5E10D619E6EFEDC1320D379750507D6A ] \Device\Harddisk0\DR0\Partition1
14:22:40.0562 0x6748 \Device\Harddisk0\DR0\Partition1 - ok
14:22:40.0574 0x6748 [ 69B4886D36A694AF3598959C019F70AC ] \Device\Harddisk0\DR0\Partition2
14:22:40.0627 0x6748 \Device\Harddisk0\DR0\Partition2 - ok
14:22:40.0646 0x6748 [ A08011794A4809106B3BDBFB4B6CA466 ] \Device\Harddisk0\DR0\Partition3
14:22:40.0647 0x6748 \Device\Harddisk0\DR0\Partition3 - ok
14:22:40.0659 0x6748 [ F8DF6C73603157743A60C17C6E027E45 ] \Device\Harddisk0\DR0\Partition4
14:22:40.0724 0x6748 \Device\Harddisk0\DR0\Partition4 - ok
14:22:40.0753 0x6748 [ B16E5F6DF139DF30BCD88AAA70902AE0 ] \Device\Harddisk0\DR0\Partition5
14:22:40.0763 0x6748 \Device\Harddisk0\DR0\Partition5 - ok
14:22:40.0773 0x6748 [ D81F9976DDD9A0FDDAA90829705B441C ] \Device\Harddisk0\DR0\Partition6
14:22:40.0784 0x6748 \Device\Harddisk0\DR0\Partition6 - ok
14:22:40.0784 0x6748 ================ Scan generic autorun ======================
14:22:40.0816 0x6748 [ 96A1D93D16F959C6F5A63E749A9F2EF7, 9EDD4EEC5C625ECF4A1C82318ED6B74404E63A3D43312B53E4F627D76D47658C ] C:\Program Files\IDT\WDM\beats64.exe
14:22:40.0834 0x6748 BeatsOSDApp - detected UnsignedFile.Multi.Generic ( 1 )
14:22:40.0908 0x8a14 Object send P2P result: true
14:22:40.0918 0x8a14 Object required for P2P: [ AC263C2F66405589528995AA41040599 ] WinUsb
14:22:43.0254 0x6748 Detect skipped due to KSN trusted
14:22:43.0254 0x6748 BeatsOSDApp - ok
14:22:43.0334 0x6748 [ 1F918DDAE59E246B8F48CE5AA400B3AA, 8896809E855AE08B43E41B25A6BDCA8ED1905BBFC59E7B779070EAA0BBC1B319 ] C:\Program Files\IDT\WDM\sttray64.exe
14:22:43.0346 0x8a14 Object send P2P result: true
14:22:43.0372 0x6748 SysTrayApp - detected UnsignedFile.Multi.Generic ( 1 )
14:22:45.0796 0x6748 Detect skipped due to KSN trusted
14:22:45.0796 0x6748 SysTrayApp - ok
14:22:45.0886 0x6748 [ 7304E21B92E538E2CC793EDF478AC034, 39992D4541E100E5D8199B2FB5B7C7DD7213F8BC84AEA1924C6EC46E8711BF28 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
14:22:45.0935 0x6748 NvBackend - ok
14:22:45.0984 0x6748 [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\WINDOWS\system32\rundll32.exe
14:22:46.0011 0x6748 ShadowPlay - ok
14:22:46.0044 0x6748 [ ED13374E76D833772A687EA3594C1120, 3A2A0C41DED8555ACEB9CAAE7F9C0053B11CEE1877B06D993BDCA0E491DB6CE6 ] C:\Program Files (x86)\Drakonia Configurator\hid.exe
14:22:46.0051 0x6748 GamingMouse - detected UnsignedFile.Multi.Generic ( 1 )
14:22:48.0490 0x6748 GamingMouse ( UnsignedFile.Multi.Generic ) - warning
14:22:48.0490 0x6748 Force sending object to P2P due to detect: C:\Program Files (x86)\Drakonia Configurator\hid.exe
14:22:50.0914 0x6748 Object send P2P result: true
14:22:53.0422 0x6748 [ 96C63502BC3C1F8394C5535ACB526FCD, 862C2668260C27E606EE6D59BDD4B729597EC2BF6CB642F4F85CB96C3383C3E7 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
14:22:53.0473 0x6748 LogMeIn Hamachi Ui - ok
14:22:53.0535 0x6748 [ 0EF0822810009D58118CCDFD098FA9F4, 9FAA263057898BCDBCB0A064C463F48D149474AA339A3C4C47626CC118750D2D ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
14:22:53.0539 0x6748 iTunesHelper - ok
14:22:53.0606 0x6748 EA Core - ok
14:22:53.0628 0x6748 RGSC - ok
14:22:53.0665 0x6748 Skype - ok
14:22:54.0015 0x6748 [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\Pascal\AppData\Local\Akamai\netsession_win.exe
14:22:54.0074 0x6748 Akamai NetSession Interface - ok
14:22:54.0299 0x6748 [ 08DFA176E4FC0E63ACD8EC854449D2B0, B8CA204C3F318CD9D12F61CDDA5C66184A48D6206F019AD11DB2605FDBEB288D ] C:\Users\Pascal\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
14:22:54.0329 0x6748 Spotify Web Helper - ok
14:22:54.0533 0x6748 [ 0431B48CF752D88C33C4BA39BA64CCB2, 4D65608DB7B460E4797285D8FE305E407C6FA57663AF54500E1A730BBBC433FF ] C:\Users\Pascal\AppData\Roaming\Spotify\spotify.exe
14:22:54.0620 0x6748 Spotify - ok
14:22:54.0624 0x6748 Waiting for KSN requests completion. In queue: 5
14:22:55.0625 0x6748 Waiting for KSN requests completion. In queue: 5
14:22:56.0626 0x6748 Waiting for KSN requests completion. In queue: 5
14:22:57.0050 0x626c Object required for P2P: [ 96C63502BC3C1F8394C5535ACB526FCD ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
14:22:57.0627 0x6748 Waiting for KSN requests completion. In queue: 5
14:22:58.0627 0x6748 Waiting for KSN requests completion. In queue: 5
14:22:59.0531 0x626c Object send P2P result: true
14:22:59.0697 0x6748 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmiav.exe ( 14.0.0.4651 ), 0x41000 ( enabled : updated )
14:22:59.0706 0x6748 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
14:22:59.0709 0x6748 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\wmifw.exe ( 14.0.0.4651 ), 0x41010 ( enabled )
14:23:02.0065 0x6748 ============================================================
14:23:02.0065 0x6748 Scan finished
14:23:02.0065 0x6748 ============================================================
14:23:02.0088 0x34ac Detected object count: 2
14:23:02.0088 0x34ac Actual detected object count: 2
14:23:22.0840 0x34ac HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:23:22.0840 0x34ac HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:23:22.0840 0x34ac GamingMouse ( UnsignedFile.Multi.Generic ) - skipped by user
14:23:22.0840 0x34ac GamingMouse ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:23:27.0301 0x1db4 Deinitialize success
|
|
08.02.2015, 18:14
| #11 |
| /// the machine /// TB-Ausbilder | Telekom Abuse Team: "Virus/Trojaner infiziert" Sieht mal wieder wie ein Fehlalarm der Telekom aus. Haben die auch gesagt was für ein Trojaner?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.02.2015, 18:28
| #12 |
| | Telekom Abuse Team: "Virus/Trojaner infiziert" Vielen Dank erstmal für deine Hilfe Ich hatte der Telekom gestern dann noch Mal eine Mail geschrieben ob sie noch mehr Details für mich haben. " Informationen zum detektierten Schädling ---------------------------------------- Leider liegen uns keine spezifischen Informationen dazu vor, welche Schadsoftware für den Zugriff verantwortlich ist. Aus den bisherigen Rückmeldungen anderer Kunden können wir (abgesehen von den üblichen 'verseuchten' Windows-Rechnern) darauf schließen, dass auch folgende Geräteklassen in Frage kommen: - Geräte mit einer Android-Version < 4.4 (Elf Sicherheitslücken in Systemkomponente WebView, die nicht gefixt werden, siehe hxxp://ct.de/-2528130) - Spezielle Geräte mit meist unixoiden OS, die einen Webserver beinhalten. Die darauf installierte Software wird oft nicht gepflegt, sodass veraltete Installationen (CMS, PHP, SQL, Apache, Bash, ntpd) vorliegen, die Sicherheitslücken beinhalten. Sind diese Geräte von außen erreichbar, kann man davon ausgehen, dass diese auch früher oder später gefunden und missbraucht werden. In erster Linie betrifft dies NAS (Netzwerkspeichersystem), aber auch IP-Kameras oder anderes wären denkbar. - Von außen erreichbare Server oder Gateways mit unixoiden OS (betrifft insbesondere Linux und Mac OS)" Zu dem Zeitpunkt den Telekom angegeben hat können es eigentlich nur die 3 PC's gewesen sein. Meine Mutter hat noch einen Laptop aber sie war zu der Zeit gar nicht daheim und sie verwendet den Laptop auch kaum, also kann es der ja nicht gewesen sein, oder? Die Android Handys sind auch alle auf dem neusten Stand und dort hab ich auch Lookout nochmal scannen lassen. Dann gibt's es noch 2 Apple Geräte die hab ich sicherheitshalber auch noch mal gescannt aber wurde auch nichts gefunden. Sonst hängt eigentlich nur noch die PS3 und ein TV am Wlan. Entweder war es dann ein Fehlalarm oder ein Dritter hängt noch im Netz mit drin. |
|
08.02.2015, 18:46
| #13 |
| /// the machine /// TB-Ausbilder | Telekom Abuse Team: "Virus/Trojaner infiziert" Den Router auf Werkseinstellungen zurück setzen, Verbindungsdaten neu eingeben, starkes PW verwenden. Dann hat sich das mit dem Dritten erledigt. Aber die MEldung ist ja eundeutig auf Android oder OS bezogen, nicht Windows.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.02.2015, 18:55
| #14 |
| | Telekom Abuse Team: "Virus/Trojaner infiziert" In der ersten Mail stand aber nichts mit Android & iOs, da stand lediglich "Bitte stellen Sie sicher, dass Ihr Computer frei von Viren und Trojanern ist. Verwenden Sie hierzu bitte eine Schutzsoftware Ihrer Wahl." Die anderen Informationen hab ich erst durch nachfragen heute erhalten, weil in der ersten Mail von Telekom nichts hilfreiches stand, aber da steht ja auch dass es entweder Windows-Rechner oder Android bzw iOs-Geräte sind. Kann ich die Android bzw. iOs Geräte sonst noch irgendwie überprüfen? Habe alle nur mit Lookout überprüfen lassen, aber da wurde nichts gefunden. Sonst würde ich jetzt einfach meinen Router zurücksetzen um einen Dritten auszuschließen und abwarten ob Telekom sich nochmal meldet. |
|
08.02.2015, 19:04
| #15 |
| /// the machine /// TB-Ausbilder | Telekom Abuse Team: "Virus/Trojaner infiziert" Melde dich mal im Android/Mac OS Forum hier, Dante12 kann sich dass dann mal ansehen. Windows Rechner sehe ich nix. Router würd eich auf jedenfall machen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Telekom Abuse Team: "Virus/Trojaner infiziert" |
| abuse, andere, empfehlen, erhalte, erhalten, geräte, handys, hinweise, infiziert, interne, internetzugang, kaspersky, laptop, laufen, mail, malwarebytes, programme, rechner, rechnern, scan, telekom, telekom abuse team, trojaner, verbindet, virus, wlan, überprüfe, zugang |
Linear-Darstellung
