| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Notebook läuft extrem langsam: verursacht von Schadsoftware?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.06.2015, 07:41
| #1 |
 |  Notebook läuft extrem langsam: verursacht von Schadsoftware? Mein Notebook läuft extrem langsam, zeitweise ist es völlig blockiert, reagiert kaum oder gar nicht. Würde gerne mal wissen, ob das Schadsoftware verursacht, empfahl mir Alois (vielen Dank) hier: http://www.trojaner-board.de/167677-...chbarkeit.html j.j. |
|
08.06.2015, 08:03
| #2 |
| /// the machine /// TB-Ausbilder    | Notebook läuft extrem langsam: verursacht von Schadsoftware? hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
08.06.2015, 09:27
| #3 |
| | Notebook läuft extrem langsam: verursacht von Schadsoftware? Hallo schrauber,
__________________vielen Dank. FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-06-2015
Ran by Endo (administrator) on Endo on 08-06-2015 10:12:59
Running from C:\Users\Endo\Desktop
Loaded Profiles: Endo (Available Profiles: Endo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser path: "I:\PortableApps\PortableApps\FirefoxPortable\FirefoxPortable.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) I:\Programme\SuperAntiSpyware\SASCore64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dekisoft) I:\Programme\MonitorOff\monoff.exe
(hxxp://www.SteveMiller.net) I:\Programme\PureText\PureText.exe
(Andrey Gruber) I:\LiberKey\Apps\PNotes\App\PNotes\PNotes.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(X10) C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(LiberKey.com) I:\LiberKey\LiberKeyTools\KeyFileAssoc\KeyFileAssoc.exe
(Bartels Media GmbH) I:\Programme\PhraseExpress\phraseexpress.exe
(LiberKey.com) I:\LiberKey\LiberKeyTools\LiberKeyPortabilizer\LiberKeyPortabilizer.exe
() I:\LiberKey\Apps\Ditto\App\Ditto\x64\Ditto.exe
(PortableApps.com) I:\PortableApps\PortableApps\PortableApps.com\PortableAppsPlatform.exe
(SoftPerfect Research) I:\LiberKey\Apps\NetWorx\App\NetWorx\x64\networx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(PortableApps.com) I:\PortableApps\PortableApps\FreeCommanderPortable\FreeCommanderPortable.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
() I:\LiberKey\Apps\Everything\App\Everything\x64\Everything.exe
(DonationCoder) I:\Programme\ScreenshotCaptor\ScreenshotCaptor.exe
() I:\Programme\QuickDic\QuickDic.exe
(LiberKey.com) I:\LiberKey\LiberKeyTools\LiberKeyMenu\LiberKeyMenu.exe
() I:\Programme\CPUMon\CPUMon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(PortableApps.com) I:\PortableApps\PortableApps\Notepad++Portable\Notepad++Portable.exe
(Don HO don.h@free.fr) I:\PortableApps\PortableApps\Notepad++Portable\App\Notepad++\notepad++.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
() C:\Program Files\EqualizerAPO\config\Peace.exe
(PortableApps.com) I:\PortableApps\PortableApps\OpenOfficePortable\OpenOfficePortable.exe
(Apache Software Foundation) I:\PortableApps\PortableApps\OpenOfficePortable\App\openoffice\program\soffice.exe
(Apache Software Foundation) I:\PortableApps\PortableApps\OpenOfficePortable\App\openoffice\program\soffice.bin
(AppWork GmbH) I:\Programme\jDs\jDownloader 2\JDownloader2.exe
(NirSoft) I:\Programme\FreeCommander-restart\nircmd.exe
(NirSoft) I:\Programme\FreeCommander-restart\nircmd.exe
(Marek Jasinski) I:\PortableApps\PortableApps\FreeCommanderPortable\App\FreeCommanderXE\FreeCommander.exe
(Robert Vasicek) I:\Programme\Cathy\Cathy.exe
(AIMP DevTeam) I:\LiberKey\Apps\AIMP\App\AIMP\AIMP3.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe
(Mozilla Corporation) I:\LiberKey\Apps\Thunderbird\App\thunderbird\thunderbird.exe
(PortableApps.com) I:\PortableApps\PortableApps\FirefoxPortable\FirefoxPortable.exe
(Mozilla Corporation) I:\PortableApps\PortableApps\FirefoxPortable\App\Firefox\firefox.exe
(Piotr Pawlowski) I:\Programme\foobar\foobar2000.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13776088 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2010-12-20] (Synaptics Incorporated)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [200704 2009-12-14] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2009-12-11] (Wistron Corp.)
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [436264 2010-06-21] (Wistron Corp.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-12-20] (Renesas Electronics Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2049120718-2092439495-3515593640-1000\...\Run: [Dekisoft Monitor Off Utility] => I:\Programme\MonitorOff\monoff.exe [430592 2009-08-31] (Dekisoft)
HKU\S-1-5-21-2049120718-2092439495-3515593640-1000\...\Run: [LiberKey] => I:\LiberKey\LiberKey.exe [46744 2014-10-21] (LiberKey.com)
HKU\S-1-5-21-2049120718-2092439495-3515593640-1000\...\Run: [PureText] => I:\Programme\PureText\PureText.exe [33792 2013-01-04] (hxxp://www.SteveMiller.net)
HKU\S-1-5-21-2049120718-2092439495-3515593640-1000\...\Run: [Ditto] => I:\LiberKey\Apps\Ditto\App\Ditto\Ditto.exe [1717872 2012-11-08] ()
HKU\S-1-5-21-2049120718-2092439495-3515593640-1000\...\Run: [GUDelayStartup] => I:\LiberKey\Apps\GlaryUtilities\App\GlaryUtilities\StartupManager.exe [37152 2013-11-19] (Glarysoft Ltd)
HKU\S-1-5-21-2049120718-2092439495-3515593640-1000\...\Run: [ultracopier] => I:\Programme\Ultracopier\ultracopier.exe [858624 2015-05-23] (ultracopier.first-world.info)
HKU\S-1-5-21-2049120718-2092439495-3515593640-1000\...\Policies\Explorer: [HideSCAVolume] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [176064 2015-05-12] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [154256 2015-05-12] (NVIDIA Corporation)
Startup: C:\Users\Endo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PNotes.lnk [2015-02-26]
ShortcutTarget: PNotes.lnk -> I:\LiberKey\Apps\PNotes\App\PNotes\PNotes.exe (Andrey Gruber)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-11-16] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-16] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Endo\AppData\Roaming\Mozilla\Firefox\Profiles\0psivnr1.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-11-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-16] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-12] (NVIDIA Corporation)
FF Extension: Roomy Bookmarks Toolbar - C:\Users\Endo\AppData\Roaming\Mozilla\Firefox\Profiles\0psivnr1.default\Extensions\ALone-live@ya.ru.xpi [2014-09-22]
FF Extension: No Name - I:\vorübergehend\FirefoxPortable\App\Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; I:\Programme\SuperAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-08] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S2 Netzmanager Service; C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe [2635776 2012-07-20] (Deutsche Telekom AG) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-08] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-08] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2009-10-22] (Wistron Corp.)
R2 x10nets; C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe [20480 2009-11-07] (X10) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 cpuz137; I:\LiberKey\Apps\Pcwizard\App\PCWizard\pcwiz_x64.sys [26856 2014-02-17] (CPUID)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R1 SASDIFSV; I:\Programme\SuperAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; I:\Programme\SuperAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 TelekomNM6; C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys [45664 2010-09-16] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [15896 2009-05-13] (X10 Wireless Technology, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-08 10:12 - 2015-06-08 10:15 - 00014148 _____ C:\Users\Endo\Desktop\FRST.txt
2015-06-08 10:12 - 2015-06-08 10:11 - 02108928 _____ (Farbar) C:\Users\Endo\Desktop\FRST64.exe
2015-06-05 22:29 - 2015-06-05 22:29 - 00000000 ____D C:\Users\Endo\AppData\Roaming\java
2015-06-05 19:42 - 2015-06-05 19:42 - 00000000 ____D C:\N++RECOV
2015-05-31 22:51 - 2015-05-31 22:51 - 00213390 _____ C:\Users\Endo\Documents\fonic Karte 15.xps
2015-05-29 23:02 - 2015-05-29 23:03 - 00000000 ____D C:\Users\Endo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-05-29 16:00 - 2015-06-01 14:44 - 00003624 _____ C:\Windows\PFRO.log
2015-05-29 12:37 - 2015-05-29 12:38 - 00000000 ____D C:\Users\Endo\AppData\Roaming\ATViewer
2015-05-29 10:16 - 2015-05-29 10:16 - 00000000 ____D C:\Users\Endo\AppData\Roaming\cryptlib
2015-05-29 00:02 - 2015-05-29 08:45 - 00000000 ____D C:\Users\Endo\ultracopier
2015-05-28 15:31 - 2015-05-28 15:31 - 00000000 ____D C:\Users\Endo\AppData\Roaming\PandoraRecovery
2015-05-28 15:20 - 2015-05-28 15:20 - 00000000 ____D C:\Users\Endo\Documents\R-TT
2015-05-28 15:20 - 2015-05-28 15:20 - 00000000 ____D C:\Users\Endo\AppData\Roaming\R-TT
2015-05-28 00:08 - 2015-05-28 00:08 - 00000000 ____D C:\Users\Endo\AppData\Roaming\SteelBytes
2015-05-27 08:54 - 2015-05-27 23:02 - 00000000 ____D C:\Users\Endo\AppData\Roaming\Songbird2
2015-05-21 23:41 - 2015-05-21 23:41 - 00000000 ____D C:\Users\Endo\AppData\Roaming\MusicBee
2015-05-21 19:11 - 2015-05-21 19:11 - 00000000 ____D C:\Windows\SysWOW64\NV
2015-05-21 19:11 - 2015-05-21 19:11 - 00000000 ____D C:\Windows\system32\NV
2015-05-21 19:11 - 2015-05-12 04:34 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-05-21 19:05 - 2015-05-12 08:27 - 30478992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-05-21 19:05 - 2015-05-12 08:27 - 22945424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-05-21 19:05 - 2015-05-12 08:27 - 17540416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-05-21 19:05 - 2015-05-12 08:27 - 16145176 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-05-21 19:05 - 2015-05-12 08:27 - 15858728 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-05-21 19:05 - 2015-05-12 08:27 - 15048816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-05-21 19:05 - 2015-05-12 08:27 - 14455296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-05-21 19:05 - 2015-05-12 08:27 - 13263568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-05-21 19:05 - 2015-05-12 08:27 - 11790144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-05-21 19:05 - 2015-05-12 08:27 - 10972304 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-05-21 19:05 - 2015-05-12 08:27 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-05-21 19:05 - 2015-05-12 08:27 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-05-21 19:05 - 2015-05-12 08:27 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435286.dll
2015-05-21 19:05 - 2015-05-12 08:27 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435286.dll
2015-05-21 19:05 - 2015-05-12 08:27 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-05-21 19:05 - 2015-05-12 08:27 - 01050256 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-05-21 19:05 - 2015-05-12 08:27 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-05-21 19:05 - 2015-05-12 08:27 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-05-21 19:05 - 2015-05-12 08:27 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-05-21 19:05 - 2015-05-12 08:27 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-05-21 19:05 - 2015-05-12 08:27 - 00031710 _____ C:\Windows\system32\nvinfo.pb
2015-05-21 19:05 - 2015-05-12 08:27 - 00031376 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2015-05-21 19:04 - 2015-05-12 08:27 - 42718864 _____ C:\Windows\system32\nvcompiler.dll
2015-05-21 19:04 - 2015-05-12 08:27 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-05-21 11:24 - 2015-05-21 11:24 - 00000000 ____D C:\Users\Endo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Equalizer APO 0.9.2
2015-05-21 11:24 - 2015-05-21 11:24 - 00000000 ____D C:\Program Files\EqualizerAPO
2015-05-20 21:40 - 2015-05-20 21:40 - 00000000 ____D C:\Users\Endo
2015-05-20 11:46 - 2015-05-20 14:10 - 00000000 ____D C:\Users\Endo\.jajuk
2015-05-20 11:46 - 2015-05-20 12:02 - 00000368 _____ C:\Users\Endo\.jajuk_bootstrap.xml
2015-05-20 10:01 - 2015-05-26 10:24 - 00000000 ___RD C:\Users\Endo\.hddb
2015-05-18 16:31 - 2015-06-08 07:54 - 00006106 _____ C:\Windows\setupact.log
2015-05-18 16:31 - 2015-05-18 16:31 - 00000000 _____ C:\Windows\setuperr.log
2015-05-15 22:00 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-15 22:00 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 14:58 - 2015-05-14 14:58 - 00000000 ____D C:\Users\Endo\.linkchecker
2015-05-14 14:58 - 2015-05-14 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LinkChecker
2015-05-14 14:57 - 2015-05-14 14:58 - 00000000 ____D C:\Program Files (x86)\LinkChecker
2015-05-14 00:22 - 2015-05-14 00:23 - 00000000 ____D C:\Users\Endo\.itsucks
2015-05-14 00:18 - 2015-05-14 00:18 - 00000000 ____D C:\LoalaSave
2015-05-13 14:38 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 14:38 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 14:38 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 14:38 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 14:38 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 14:38 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 14:38 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 14:38 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 14:38 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 14:38 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 14:38 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 14:38 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 14:38 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 14:38 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 14:38 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 14:38 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 14:38 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 14:38 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 14:38 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 14:38 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 14:38 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 14:38 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 14:38 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 14:38 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 14:38 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 14:38 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 14:38 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 14:38 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 14:38 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 14:38 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 14:38 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 14:38 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 14:38 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 14:38 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 14:38 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 14:38 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 14:38 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 14:38 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 14:37 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 14:37 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 14:37 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 14:37 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 14:37 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 14:37 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 14:37 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 14:37 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 14:37 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 14:37 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 14:37 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 14:37 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 14:37 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 14:37 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 14:37 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 14:37 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 14:37 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 14:37 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 14:37 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 14:37 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 14:37 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 14:37 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 14:37 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 14:37 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 14:37 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 14:37 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 14:37 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 14:37 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 14:37 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 14:37 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 14:37 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 14:37 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 14:37 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 14:37 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 14:37 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 14:37 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 14:37 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 14:37 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 14:37 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 14:37 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 14:37 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 14:37 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 14:37 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 14:37 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 14:37 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 14:37 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 14:37 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 14:37 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 14:37 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 14:37 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 14:36 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 14:36 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 14:36 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 14:36 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 14:36 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 14:36 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 14:36 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 14:36 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 14:36 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 14:36 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 14:36 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 14:36 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 14:36 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 14:36 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 14:36 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 14:36 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 14:36 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 14:36 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 14:36 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 14:36 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 14:36 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 14:36 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 14:36 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 14:36 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 14:36 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 14:36 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 14:36 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 14:36 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 14:36 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 14:36 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 14:36 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 14:36 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 14:36 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 14:36 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 14:36 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 14:36 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 14:36 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 14:36 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 14:36 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 14:36 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 14:36 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 14:36 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 14:36 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 14:36 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 14:36 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 14:36 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 14:36 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 14:36 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 14:36 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 14:36 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 14:36 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 14:35 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 14:35 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 14:35 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 14:35 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-12 10:05 - 2015-05-12 10:05 - 00000000 ____D C:\ProgramData\GlarySoft
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-08 10:13 - 2015-05-02 21:50 - 00000000 ____D C:\FRST
2015-06-08 08:29 - 2014-09-17 10:06 - 00000000 ____D C:\Users\Endo\AppData\Roaming\Thunderbird
2015-06-08 08:23 - 2014-05-14 11:34 - 00000000 ____D C:\Users\Endo\AppData\Roaming\Mozilla
2015-06-08 07:53 - 2014-05-07 14:50 - 01332965 _____ C:\Windows\WindowsUpdate.log
2015-06-08 03:04 - 2009-07-14 06:45 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-08 03:04 - 2009-07-14 06:45 - 00009888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-07 10:44 - 2015-01-23 11:23 - 00000356 _____ C:\Windows\Tasks\GlaryInitialize 4.job
2015-06-07 10:33 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-07 10:31 - 2009-07-14 07:08 - 00017010 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-06 12:26 - 2014-06-01 20:10 - 00000000 ____D C:\Users\Endo\AppData\Roaming\XnView
2015-06-04 09:32 - 2009-07-14 19:58 - 00699342 _____ C:\Windows\system32\perfh007.dat
2015-06-04 09:32 - 2009-07-14 19:58 - 00149450 _____ C:\Windows\system32\perfc007.dat
2015-06-04 09:32 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-02 00:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-01 14:44 - 2014-09-10 21:55 - 00000000 ____D C:\ProgramData\NVIDIA
2015-05-29 21:51 - 2009-07-14 20:18 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-05-29 00:02 - 2014-05-07 15:45 - 00000000 ____D C:\Users\Endo
2015-05-28 10:02 - 2014-09-16 14:55 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-28 10:00 - 2014-09-16 14:50 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-28 10:00 - 2014-09-16 14:50 - 00001106 _____ C:\ProgramData\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-28 10:00 - 2014-09-16 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-05-28 10:00 - 2014-09-16 14:50 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-05-22 12:39 - 2015-04-02 21:28 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-22 12:39 - 2015-04-02 21:28 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-21 19:12 - 2014-09-10 22:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-21 19:12 - 2014-09-10 21:53 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-05-21 19:08 - 2014-09-10 21:53 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-05-21 18:09 - 2014-09-17 22:21 - 00001381 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-05-21 18:09 - 2014-09-17 22:21 - 00001381 _____ C:\ProgramData\Desktop\GeForce Experience.lnk
2015-05-20 11:28 - 2009-07-14 04:34 - 00001303 _____ C:\Windows\win.ini
2015-05-18 13:45 - 2014-09-17 21:07 - 00000000 ____D C:\Users\Endo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-05-18 13:45 - 2014-09-17 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-05-16 21:15 - 2014-11-20 21:49 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-16 21:15 - 2014-11-20 21:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-16 21:15 - 2009-07-14 06:45 - 00267816 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-16 21:11 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-15 22:11 - 2014-09-10 13:02 - 00002155 _____ C:\Windows\epplauncher.mif
2015-05-15 22:10 - 2014-09-09 20:40 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-05-15 22:10 - 2014-09-09 20:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-05-15 22:09 - 2014-09-10 21:50 - 00000000 ____D C:\Windows\system32\MRT
2015-05-15 22:05 - 2014-09-10 21:50 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-15 21:59 - 2014-11-20 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-12 12:23 - 2015-01-23 11:23 - 00000000 ____D C:\Users\Endo\AppData\Roaming\GlarySoft
2015-05-12 08:27 - 2015-04-16 18:36 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-05-12 08:27 - 2015-04-16 18:35 - 02971776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-05-12 08:27 - 2014-09-17 22:06 - 12849056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-12 08:27 - 2014-09-17 22:06 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-05-12 08:27 - 2014-09-10 21:54 - 00112784 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-05-12 08:27 - 2014-09-10 21:54 - 00105288 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-05-12 08:27 - 2013-03-11 18:42 - 03363224 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-12 08:27 - 2013-03-11 18:42 - 00176064 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-05-12 08:27 - 2013-03-11 18:42 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-05-12 05:30 - 2014-09-10 21:54 - 06872392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-12 05:30 - 2014-09-10 21:54 - 03490448 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-12 05:30 - 2014-09-10 21:54 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-12 05:30 - 2014-09-10 21:54 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2015-05-12 05:30 - 2014-09-10 21:54 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-12 05:30 - 2014-09-10 21:54 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-12 05:30 - 2014-09-10 21:54 - 00075080 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2015-05-12 05:30 - 2014-09-10 21:54 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-11 19:01 - 2014-09-10 21:54 - 04391871 _____ C:\Windows\system32\nvcoproc.bin
==================== Files in the root of some directories =======
2014-09-17 15:18 - 2014-09-17 15:26 - 0000630 _____ () C:\Users\Endo\AppData\Roaming\NetScanner.ini
2014-10-12 22:52 - 2014-10-12 22:52 - 0000096 _____ () C:\Users\Endo\AppData\Roaming\version2.xml
2015-04-28 22:05 - 2015-04-28 22:05 - 0385602 _____ () C:\Users\Endo\AppData\Local\145842EF_stp.CIS
2015-04-28 22:05 - 2015-04-28 22:05 - 0000232 _____ () C:\Users\Endo\AppData\Local\145842EF_stp.CIS.part
2015-02-08 21:35 - 2015-02-08 21:35 - 0003584 _____ () C:\Users\Endo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-22 14:59 - 2015-04-22 14:59 - 0000058 _____ () C:\Users\Endo\AppData\Local\DonationCoder_clipboardhelpandspell_InstallInfo.dat
2015-05-04 13:06 - 2014-10-11 13:15 - 0000218 _____ () C:\Users\Endo\AppData\Local\recently-used.xbel
2014-05-10 23:17 - 2015-06-08 09:34 - 0007630 _____ () C:\Users\Endo\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-03 00:13
==================== End of log ============================
[CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:07-06-2015
Ran by Endo at 2015-06-08 10:18:28
Running from C:\Users\Endo\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2049120718-2092439495-3515593640-500 - Administrator - Disabled)
Endo (S-1-5-21-2049120718-2092439495-3515593640-1000 - Administrator - Enabled) => C:\Users\Endo
Gast (S-1-5-21-2049120718-2092439495-3515593640-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.27 - Atheros Communications Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Directory Lister Pro 64bit v1.68 (HKLM\...\Directory Lister Pro 64bit_is1) (Version: 1.68 - KRKSoft)
Ember Media Manager BETA (HKU\S-1-5-21-2049120718-2092439495-3515593640-1000\...\Ember Media Manager BETA) (Version: - Team Ember Media Manager)
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 0.9.2 - )
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kodi (HKU\S-1-5-21-2049120718-2092439495-3515593640-1000\...\Kodi) (Version: - XBMC-Foundation)
Launch Manager (HKLM-x32\...\{D0846526-66DD-4DC9-A02C-98F9A2806812}) (Version: 1.5.1.2 - Wistron Corp.)
LinkChecker 9.3 (HKLM-x32\...\LinkChecker_is1) (Version: - )
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MiniTool Partition Wizard Free 9.0 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Netzmanager (HKLM-x32\...\Netzmanager) (Version: 1.081 - Deutsche Telekom AG)
Netzmanager (Version: 1.081 - Deutsche Telekom AG, Marmiko IT-Solutions GmbH) Hidden
NVIDIA 3D Vision Treiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.3.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.31 - NVIDIA Corporation)
NVIDIA Grafiktreiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30121 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0148 - REALTEK Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.26.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0 - Renesas Electronics Corporation) Hidden
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.3.31 - NVIDIA Corporation) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1146 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
X10 Hardware(TM) (HKLM-x32\...\X10Hardware) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
05-06-2015 16:00:50 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2AABF1FC-1107-4165-AF6F-2018957CD70C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {65960101-C007-4C9E-AA24-918BFF29EB80} - System32\Tasks\CleanMem Mini Monitor => I:\Programme\CleanMem\mini_monitor.exe [2014-08-20] (PcWinTech.com)
Task: {77CA29B7-FF48-4C7E-B0DA-943DEECE0DD7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {78ACC26F-8807-456C-A5B1-5C7364FFF98B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {926190BB-1539-4172-BB00-A6E9B872584D} - System32\Tasks\Clean System Memory => C:\Windows\syswow64\CleanMem.exe [2014-08-20] (PcWinTech.com)
Task: {A13CC6E3-C56F-4AA0-B4AB-D3A77C4D1C38} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {A4F9E4F3-4C63-4931-BFF4-642F389778E4} - System32\Tasks\{44A38427-6029-4684-8F91-4C6646289801} => I:\PortableApps\PortableApps\FirefoxPortable\FirefoxPortable.exe [2015-06-02] (PortableApps.com)
Task: {BAAB5472-7D08-4F20-A11F-88CE135D3FA4} - System32\Tasks\{161EE57A-A22A-4310-B40C-430135CD9099} => pcalua.exe -a I:\PortableApps\PortableApps\OpenOfficePortable\OpenOfficeWriterPortable.exe -d I:\Programme\PhraseExpress -c "I:\Eigene Dateien\allg. notiert\allg. notiert.odt"
Task: {C7833747-DAFB-4CCA-86AD-37EEA134BE02} - System32\Tasks\GlaryInitialize 4 => I:\LiberKey\Apps\GlaryUtilities\App\GlaryUtilities\Initialize.exe [2013-11-19] (Glarysoft Ltd)
Task: {D942D93C-42B3-4714-B91E-CDF449C0CA64} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {ED1ECD29-47AA-4230-B628-DF01936A9EFE} - System32\Tasks\{16D8F08E-D865-4DEE-8D70-45FC61D185F7} => I:\PortableApps\PortableApps\FirefoxPortable\FirefoxPortable.exe [2015-06-02] (PortableApps.com)
Task: C:\Windows\Tasks\GlaryInitialize 4.job => I:\LiberKey\Apps\GlaryUtilities\App\GlaryUtilities\Initialize.exe
==================== Loaded Modules (Whitelisted) ==============
2015-04-14 20:15 - 2015-04-14 20:15 - 00539648 _____ () C:\Program Files\EqualizerAPO\EqualizerAPO.dll
2014-09-17 22:06 - 2015-05-12 08:27 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-09-10 21:54 - 2015-05-12 05:30 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-01-10 22:12 - 2012-01-10 22:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-01-27 09:04 - 2015-01-10 15:45 - 01975808 _____ () I:\LiberKey\Apps\Ditto\App\Ditto\x64\Ditto.exe
2015-04-09 18:22 - 2015-03-03 16:50 - 00758784 _____ () I:\LiberKey\Apps\NetWorx\App\NetWorx\x64\sqlite.dll
2014-08-15 15:51 - 2014-08-06 10:34 - 01441792 _____ () I:\LiberKey\Apps\Everything\App\Everything\x64\Everything.exe
2015-02-14 14:00 - 2009-07-01 03:00 - 02428928 _____ () I:\Programme\QuickDic\QuickDic.exe
2010-07-08 21:55 - 2007-10-10 00:36 - 01105408 _____ () I:\Programme\CPUMon\CPUMon.exe
2015-05-29 19:19 - 2015-06-06 08:50 - 03019264 _____ () C:\Program Files\EqualizerAPO\config\Peace.exe
2015-06-07 00:22 - 2015-06-07 00:22 - 00566439 _____ () I:\Programme\jDs\jDownloader 2\tmp\7zip\SevenZipJBinding-FKPz9\libgcc_s_sjlj-1.dll
2015-06-07 00:22 - 2015-06-07 00:22 - 04078962 _____ () I:\Programme\jDs\jDownloader 2\tmp\7zip\SevenZipJBinding-FKPz9\lib7-Zip-JBinding.dll
2015-04-09 17:25 - 2015-05-08 02:36 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-09-17 22:06 - 2015-05-12 08:27 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-10-23 13:27 - 2014-10-23 13:27 - 00468776 _____ () I:\Programme\PhraseExpress\pexlang.dll
2015-06-01 14:51 - 2015-06-01 14:51 - 00011264 _____ () C:\Users\Endo\AppData\Local\Temp\nss758E.tmp\System.dll
2015-06-05 19:42 - 2015-06-05 19:42 - 00011264 _____ () C:\Users\Endo\AppData\Local\Temp\FreeCommanderPortableTemp\nsu9AFA.tmp\System.dll
2015-06-05 19:42 - 2015-06-05 19:42 - 00008704 _____ () C:\Users\Endo\AppData\Local\Temp\FreeCommanderPortableTemp\nsu9AFA.tmp\newadvsplash.dll
2015-06-05 19:42 - 2015-06-05 19:42 - 00029696 _____ () C:\Users\Endo\AppData\Local\Temp\FreeCommanderPortableTemp\nsu9AFA.tmp\registry.dll
2014-02-19 22:09 - 2014-02-19 22:09 - 00204800 _____ () I:\PortableApps\PortableApps\Notepad++Portable\App\Notepad++\plugins\ComparePlugin.dll
2015-04-16 00:11 - 2015-04-16 00:11 - 00014336 _____ () I:\PortableApps\PortableApps\Notepad++Portable\App\Notepad++\plugins\NppExport.dll
2015-05-15 16:24 - 2015-05-15 16:24 - 02873856 _____ () I:\PortableApps\PortableApps\Notepad++Portable\App\Notepad++\plugins\NppFTP.dll
2014-02-26 00:23 - 2014-02-26 00:23 - 00971264 _____ () I:\PortableApps\PortableApps\Notepad++Portable\App\Notepad++\plugins\nppRegEx.dll
2014-02-26 00:23 - 2014-02-26 00:23 - 00210432 _____ () I:\PortableApps\PortableApps\Notepad++Portable\App\Notepad++\plugins\regrexplace.dll
2015-06-06 23:19 - 2015-06-06 23:19 - 00011264 _____ () C:\Users\Endo\AppData\Local\Temp\nsx2905.tmp\System.dll
2015-06-06 23:19 - 2015-06-06 23:19 - 00121344 _____ () C:\Users\Endo\AppData\Local\Temp\nsx2905.tmp\xml.dll
2014-08-13 15:27 - 2014-08-13 15:27 - 00988160 _____ () I:\PortableApps\PortableApps\OpenOfficePortable\App\openoffice\program\libxml2.dll
2014-07-29 19:34 - 2014-07-29 19:34 - 00170496 _____ () I:\PortableApps\PortableApps\OpenOfficePortable\App\openoffice\program\libxslt.dll
2014-07-29 19:34 - 2014-07-29 19:34 - 00136192 _____ () I:\PortableApps\PortableApps\OpenOfficePortable\App\openoffice\program\libxmlsec-mscrypto.dll
2014-07-29 19:34 - 2014-07-29 19:34 - 00303616 _____ () I:\PortableApps\PortableApps\OpenOfficePortable\App\openoffice\program\libxmlsec.dll
2015-01-17 03:14 - 2015-04-29 22:02 - 00218112 _____ () I:\LiberKey\Apps\AIMP\App\AIMP\System\libsoxr.dll
2015-01-17 03:14 - 2015-04-29 22:02 - 00467968 _____ () I:\LiberKey\Apps\AIMP\App\AIMP\System\Encoders\libFLAC.dll
2015-01-17 03:14 - 2015-04-29 22:02 - 01733120 _____ () I:\LiberKey\Apps\AIMP\App\AIMP\System\Encoders\aimp_libvorbis.dll
2015-05-16 21:20 - 2015-04-29 22:02 - 00059976 _____ () I:\LiberKey\Apps\AIMP\App\AIMP\Plugins\aimp_AnalogMeter\aimp_AnalogMeter.dll
2015-01-17 03:14 - 2015-04-29 22:02 - 00160840 _____ () I:\LiberKey\Apps\AIMP\App\AIMP\Plugins\aimp_cdda\aimp_cdda.dll
2015-01-17 03:14 - 2015-04-29 22:02 - 00159232 _____ () I:\LiberKey\Apps\AIMP\App\AIMP\Plugins\aimp_sacd\libsacd.dll
2015-01-17 03:14 - 2015-04-29 22:02 - 00026624 _____ () I:\LiberKey\Apps\AIMP\App\AIMP\Plugins\Aorta\Aorta.dll
2015-01-17 03:14 - 2015-04-29 22:02 - 00237568 _____ () I:\LiberKey\Apps\AIMP\App\AIMP\Plugins\OptimFROG\OptimFROG.dll
2015-01-17 03:14 - 2015-04-29 22:02 - 00152648 _____ () I:\LiberKey\Apps\AIMP\App\AIMP\Plugins\PandemicAnalogMeter\PandemicAnalogMeter.dll
2015-05-20 15:24 - 2015-05-20 15:25 - 03350640 _____ () I:\LiberKey\Apps\Thunderbird\App\thunderbird\mozjs.dll
2015-05-20 15:24 - 2015-05-20 15:25 - 00158832 _____ () I:\LiberKey\Apps\Thunderbird\App\thunderbird\NSLDAP32V60.dll
2015-05-20 15:24 - 2015-05-20 15:25 - 00023152 _____ () I:\LiberKey\Apps\Thunderbird\App\thunderbird\NSLDAPPR32V60.dll
2015-06-08 08:55 - 2015-06-08 08:55 - 00029696 _____ () I:\PortableApps\PortableApps\FreeCommanderPortable\Data\Temp\nsiD206.tmp\registry.dll
2015-06-08 08:55 - 2015-06-08 08:55 - 00008704 _____ () I:\PortableApps\PortableApps\FreeCommanderPortable\Data\Temp\nsiD206.tmp\newadvsplash.dll
2015-06-08 08:55 - 2015-06-08 08:55 - 00011264 _____ () I:\PortableApps\PortableApps\FreeCommanderPortable\Data\Temp\nsiD206.tmp\System.dll
2013-05-04 13:57 - 2013-05-04 13:57 - 00095712 _____ () I:\Programme\foobar\zlib1.dll
2015-03-26 09:45 - 2015-03-26 09:45 - 00160528 _____ () I:\Programme\foobar\shared.dll
2012-12-12 12:00 - 2012-05-03 19:18 - 00190464 _____ () I:\Programme\foobar\user-components\foo_quicktag\foo_quicktag.dll
2012-12-12 12:00 - 2012-05-03 19:18 - 00231936 _____ () I:\Programme\foobar\user-components\foo_burninate\foo_burninate.dll
2012-12-12 12:00 - 2012-12-18 13:02 - 00140800 _____ () I:\Programme\foobar\user-components\foo_input_tfmx\foo_input_tfmx.dll
2013-01-18 01:33 - 2014-07-20 23:45 - 00563768 _____ () I:\Programme\foobar\user-components\foo_input_adplug\foo_input_adplug.dll
2012-12-12 12:00 - 2012-05-03 19:18 - 00221184 _____ () I:\Programme\foobar\user-components\foo_dsp_xgeq\foo_dsp_xgeq.dll
2012-12-12 12:00 - 2014-01-26 13:26 - 00164864 _____ () I:\Programme\foobar\user-components\foo_input_shorten\foo_input_shorten.dll
2012-12-12 12:00 - 2012-04-28 23:30 - 00156672 _____ () I:\Programme\foobar\user-components\foo_dsp_span\foo_dsp_span.dll
2012-12-12 12:00 - 2012-05-29 13:56 - 00423424 _____ () I:\Programme\foobar\user-components\foo_queuecontents\foo_queuecontents.dll
2015-01-06 03:04 - 2015-01-06 03:04 - 00201216 _____ () I:\Programme\foobar\user-components\foo_skip\foo_skip.dll
2012-12-12 12:00 - 2012-05-03 19:18 - 00154624 _____ () I:\Programme\foobar\user-components\foo_dsp_prvb\foo_dsp_prvb.dll
2015-03-26 09:42 - 2015-03-26 09:42 - 00310272 _____ () I:\Programme\foobar\components\foo_cdda.dll
2012-12-12 12:00 - 2012-05-03 19:18 - 00396800 _____ () I:\Programme\foobar\user-components\foo_httpcontrol\foo_httpcontrol.dll
2012-12-12 12:00 - 2014-09-07 10:47 - 00251392 _____ () I:\Programme\foobar\user-components\foo_whatsnew\foo_whatsnew.dll
2012-12-12 12:00 - 2012-05-03 19:18 - 00049152 _____ () I:\Programme\foobar\user-components\foo_keep_queue\foo_keep_queue.dll
2012-12-12 12:00 - 2012-05-03 19:18 - 00748032 _____ () I:\Programme\foobar\user-components\foo_lyricsgrabber2\foo_lyricsgrabber2.dll
2012-12-12 11:59 - 2012-09-11 12:32 - 00174080 _____ () I:\Programme\foobar\user-components\foo_ac3\foo_ac3.dll
2012-12-12 12:00 - 2012-05-03 19:18 - 00310272 _____ () I:\Programme\foobar\user-components\foo_dsp_eqsplit\foo_dsp_eqsplit.dll
2012-12-12 12:00 - 2012-06-14 20:13 - 00183296 _____ () I:\Programme\foobar\user-components\foo_out_asio\foo_out_asio.dll
2012-12-12 12:00 - 2012-12-27 13:03 - 00858112 _____ () I:\Programme\foobar\user-components\foo_scheduler\foo_scheduler.dll
2015-03-26 09:45 - 2015-03-26 09:45 - 01401120 _____ () I:\Programme\foobar\components\foo_input_std.dll
2015-03-07 12:19 - 2015-03-07 12:19 - 00307200 _____ () I:\Programme\foobar\components\foo_freedb2.dll
2012-12-12 12:00 - 2012-05-03 19:18 - 00188416 _____ () I:\Programme\foobar\user-components\foo_audioscrobbler\foo_audioscrobbler.dll
2012-12-12 12:00 - 2012-05-03 19:18 - 00090624 _____ () I:\Programme\foobar\user-components\foo_jesus\foo_jesus.dll
2015-03-07 12:19 - 2015-03-07 12:19 - 00294912 _____ () I:\Programme\foobar\components\foo_fileops.dll
2012-12-12 12:00 - 2012-05-03 19:18 - 00868352 _____ () I:\Programme\foobar\user-components\foo_simplaylist_manager\foo_simplaylist_manager.dll
2012-12-12 12:00 - 2013-05-04 11:26 - 00271872 _____ () I:\Programme\foobar\user-components\foo_input_monkey\foo_input_monkey.dll
2012-12-12 12:00 - 2012-05-03 19:18 - 01767936 _____ () I:\Programme\foobar\user-components\foo_facets\foo_facets.dll
2014-12-05 02:54 - 2014-12-05 02:54 - 00462392 _____ () I:\Programme\foobar\user-components\foo_psf\foo_psf.dll
2012-12-12 12:00 - 2012-05-03 19:18 - 00147968 _____ () I:\Programme\foobar\user-components\foo_ramdisk\foo_ramdisk.dll
2015-03-26 09:43 - 2015-03-26 09:43 - 00368640 _____ () I:\Programme\foobar\components\foo_rgscan.dll
2015-03-26 09:42 - 2015-03-26 09:42 - 00263168 _____ () I:\Programme\foobar\components\foo_unpack.dll
2012-12-12 12:00 - 2012-05-03 19:18 - 00169984 _____ () I:\Programme\foobar\user-components\foo_playlisthistory\foo_playlisthistory.dll
2012-12-12 12:00 - 2012-05-03 19:18 - 00125440 _____ () I:\Programme\foobar\user-components\foo_dsp_dolbyhp\foo_dsp_dolbyhp.dll
2012-12-12 12:00 - 2012-05-03 19:18 - 00406528 _____ () I:\Programme\foobar\user-components\foo_softplaylists\foo_softplaylists.dll
2012-12-12 12:00 - 2012-05-29 13:56 - 00107008 _____ () I:\Programme\foobar\user-components\foo_input_avs\foo_input_avs.dll
2012-12-12 12:00 - 2013-05-25 07:56 - 00333312 _____ () I:\Programme\foobar\user-components\foo_playlist_attributes\foo_playlist_attributes.dll
2015-04-21 15:07 - 2015-04-21 15:07 - 00264704 _____ () I:\Programme\foobar\user-components\foo_dsp_effect\foo_dsp_effect.dll
2015-03-21 01:05 - 2015-03-21 01:05 - 00706048 _____ () I:\Programme\foobar\user-components\foo_uie_lyrics3\foo_uie_lyrics3.dll
2015-03-07 12:19 - 2015-03-07 12:19 - 00204800 _____ () I:\Programme\foobar\components\foo_dsp_eq.dll
2015-02-11 13:47 - 2015-02-11 13:47 - 00285184 _____ () I:\Programme\foobar\user-components\foo_abx\foo_abx.dll
2012-12-12 11:59 - 2013-08-30 22:23 - 00342016 _____ () I:\Programme\foobar\user-components\foo_adpcm\foo_adpcm.dll
2013-01-03 00:07 - 2013-01-03 00:07 - 00301056 _____ () I:\Programme\foobar\user-components\foo_input_sacd\foo_input_sacd.dll
2012-12-12 12:00 - 2012-10-30 13:14 - 00334848 _____ () I:\Programme\foobar\user-components\foo_quicksearch\foo_quicksearch.dll
2012-12-12 12:00 - 2012-05-03 19:18 - 00161792 _____ () I:\Programme\foobar\user-components\foo_plorg\foo_plorg.dll
2012-12-12 12:00 - 2012-05-03 19:18 - 00133632 _____ () I:\Programme\foobar\user-components\foo_r128norm\foo_r128norm.dll
2012-12-12 12:00 - 2012-04-28 23:29 - 00239104 _____ () I:\Programme\foobar\user-components\foo_channel_mixer\foo_channel_mixer.dll
2012-12-12 12:00 - 2012-05-29 13:56 - 00281600 _____ () I:\Programme\foobar\user-components\foo_textdisplay\foo_textdisplay.dll
2012-12-12 12:00 - 2012-05-03 19:18 - 00190976 _____ () I:\Programme\foobar\user-components\foo_texttools\foo_texttools.dll
2012-12-12 12:00 - 2013-11-11 20:07 - 00183808 _____ () I:\Programme\foobar\user-components\foo_unpack_7z\foo_unpack_7z.dll
2015-03-26 09:42 - 2015-03-26 09:42 - 00536064 _____ () I:\Programme\foobar\components\foo_converter.dll
2015-03-26 09:45 - 2015-03-26 09:45 - 01087272 _____ () I:\Programme\foobar\components\foo_ui_std.dll
2015-03-26 09:42 - 2015-03-26 09:42 - 00356864 _____ () I:\Programme\foobar\components\foo_albumlist.dll
2015-04-21 15:07 - 2015-04-21 15:07 - 00209408 _____ () I:\Programme\foobar\user-components\foo_random_pools\foo_random_pools.dll
2012-12-12 12:00 - 2012-05-03 19:18 - 01334272 _____ () I:\Programme\foobar\user-components\foo_simplaylist\foo_simplaylist.dll
2012-12-12 12:00 - 2012-05-03 19:18 - 00093696 _____ () I:\Programme\foobar\user-components\foo_seek_box\foo_seek_box.dll
2015-03-26 09:42 - 2015-03-26 09:42 - 00205824 _____ () I:\Programme\foobar\components\foo_dsp_std.dll
2015-04-21 15:07 - 2015-04-21 15:07 - 00451072 _____ () I:\Programme\foobar\user-components\foo_discogs\foo_discogs.dll
2012-12-12 12:00 - 2012-05-03 19:18 - 00053248 _____ () I:\Programme\foobar\user-components\foo_lyricsgrabber2\pygrabber\system\_socket.pyd
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-2049120718-2092439495-3515593640-1000\Software\Classes\.exe: exefile => <===== ATTENTION!
HKU\S-1-5-21-2049120718-2092439495-3515593640-1000\Software\Classes\exefile: <===== ATTENTION!
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2049120718-2092439495-3515593640-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{A21633A9-238C-4FAA-A3FA-922EA074E6B3}I:\programme\phraseexpress\phraseexpress.exe] => (Allow) I:\programme\phraseexpress\phraseexpress.exe
FirewallRules: [UDP Query User{A63AE787-A3BB-4FB3-A4C6-F48A56876457}I:\programme\phraseexpress\phraseexpress.exe] => (Allow) I:\programme\phraseexpress\phraseexpress.exe
FirewallRules: [TCP Query User{2391AEA9-DA53-4F50-B5DB-ACB9B03A9019}I:\programme\foobar\foobar2000.exe] => (Allow) I:\programme\foobar\foobar2000.exe
FirewallRules: [UDP Query User{F8CD670B-3646-48F8-B52E-37708A7F0094}I:\programme\foobar\foobar2000.exe] => (Allow) I:\programme\foobar\foobar2000.exe
FirewallRules: [TCP Query User{03133B59-B9FB-4B5F-9132-B51C8E650127}I:\programme\xbmc\xbmc.exe] => (Allow) I:\programme\xbmc\xbmc.exe
FirewallRules: [UDP Query User{311D9AC9-E8E2-42FC-BFE3-96EF76212A69}I:\programme\xbmc\xbmc.exe] => (Allow) I:\programme\xbmc\xbmc.exe
FirewallRules: [{A56D48BE-BF24-4304-9144-4FB45FA5DACD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7A910BB6-6676-425F-80CC-79B62930C5E2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0DBBCDE6-0C4C-40CF-AC26-D9FA46C37B52}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A12AC819-E956-4301-937D-8909BC64CF94}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F71C19E9-BC04-4178-8528-B033E1708C6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A016CDCA-1C45-4E5E-A709-0847FB3B126C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{002E17EF-7434-4AA7-AEEE-6C2C78FFA82E}I:\programme\xbmc\xbmc.exe] => (Block) I:\programme\xbmc\xbmc.exe
FirewallRules: [UDP Query User{22AEF92F-75BB-445E-89B1-E9F9163A2060}I:\programme\xbmc\xbmc.exe] => (Block) I:\programme\xbmc\xbmc.exe
FirewallRules: [TCP Query User{A3F7464A-C5D1-47F7-870B-67DC502B38B7}C:8\foobar\foobar2000.exe] => (Allow) C:8\foobar\foobar2000.exe
FirewallRules: [UDP Query User{0B4E1ADC-7CAF-4E11-B909-A4CA00C19C6D}C:8\foobar\foobar2000.exe] => (Allow) C:8\foobar\foobar2000.exe
FirewallRules: [TCP Query User{E61EF3A6-5B28-4AA4-B07D-1BE9526B6208}C:\Endos programme\foobar\foobar2000.exe] => (Allow) C:\Endos programme\foobar\foobar2000.exe
FirewallRules: [UDP Query User{059439C0-F329-42CD-959F-74AEB460B53C}C:\Endos programme\foobar\foobar2000.exe] => (Allow) C:\Endos programme\foobar\foobar2000.exe
FirewallRules: [TCP Query User{3CB652AF-7753-4E37-9531-EC2E756DFA1A}I:\programme\xbmc\kodi.exe] => (Allow) I:\programme\xbmc\kodi.exe
FirewallRules: [UDP Query User{BDDCF9CD-5752-4D71-8A3D-0838C0A94284}I:\programme\xbmc\kodi.exe] => (Allow) I:\programme\xbmc\kodi.exe
FirewallRules: [TCP Query User{DF539BC4-B3BC-4E07-8E19-5D3F3F3F9848}I:\programme\kodi\kodi.exe] => (Allow) I:\programme\kodi\kodi.exe
FirewallRules: [UDP Query User{74A0CF00-B584-461D-870E-B646B7BC9D07}I:\programme\kodi\kodi.exe] => (Allow) I:\programme\kodi\kodi.exe
FirewallRules: [TCP Query User{1C8276FE-21AB-480F-82DB-AAF8B463E2C0}I:\programme\kodi 2\kodi.exe] => (Allow) I:\programme\kodi 2\kodi.exe
FirewallRules: [UDP Query User{776891E3-1B63-4FAA-8038-0E99C244E5AF}I:\programme\kodi 2\kodi.exe] => (Allow) I:\programme\kodi 2\kodi.exe
FirewallRules: [TCP Query User{560C4156-FF56-4E4C-9921-C80DB8B9E4ED}I:\programme\lupo pensuite\apps\firefox portable\app\firefox\firefox.exe] => (Allow) I:\programme\lupo pensuite\apps\firefox portable\app\firefox\firefox.exe
FirewallRules: [UDP Query User{246BA09B-7AF0-4A98-94F6-6C4C0343DDDC}I:\programme\lupo pensuite\apps\firefox portable\app\firefox\firefox.exe] => (Allow) I:\programme\lupo pensuite\apps\firefox portable\app\firefox\firefox.exe
FirewallRules: [TCP Query User{048696DA-ECAC-4185-B506-3A41D05A459B}I:\programme\lupo pensuite\apps\firefox portable\app\firefox\firefox.exe] => (Block) I:\programme\lupo pensuite\apps\firefox portable\app\firefox\firefox.exe
FirewallRules: [UDP Query User{1DD8899E-4587-4B89-854E-E2F55DA00177}I:\programme\lupo pensuite\apps\firefox portable\app\firefox\firefox.exe] => (Block) I:\programme\lupo pensuite\apps\firefox portable\app\firefox\firefox.exe
FirewallRules: [TCP Query User{E4B8A157-B5A3-4537-851E-F3FE32ECEC44}I:\portableapps\portableapps\firefoxportable\app\firefox\firefox.exe] => (Allow) I:\portableapps\portableapps\firefoxportable\app\firefox\firefox.exe
FirewallRules: [UDP Query User{61F7DDCE-D0A8-46F0-AF3C-B9CA0039E1E0}I:\portableapps\portableapps\firefoxportable\app\firefox\firefox.exe] => (Allow) I:\portableapps\portableapps\firefoxportable\app\firefox\firefox.exe
FirewallRules: [TCP Query User{3933E913-3E10-4BEE-9BC4-28ECEE9E4A3D}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{558BCC8E-838B-4444-876C-52DDB1BE7158}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{8F2EE672-8943-4E39-89D6-7F02F2FA5321}I:\programme\kodi\kodi.exe] => (Allow) I:\programme\kodi\kodi.exe
FirewallRules: [UDP Query User{0EA58C8A-EACF-42BD-8A77-86FFF3D26FA2}I:\programme\kodi\kodi.exe] => (Allow) I:\programme\kodi\kodi.exe
FirewallRules: [TCP Query User{6D4E77E0-FD6E-42E4-B062-9B9AD9EE0C15}I:\portableapps\portableapps\firefoxportable\app\firefox\firefox.exe] => (Allow) I:\portableapps\portableapps\firefoxportable\app\firefox\firefox.exe
FirewallRules: [UDP Query User{4060A227-C5BA-4822-B6E6-2886DD5407BC}I:\portableapps\portableapps\firefoxportable\app\firefox\firefox.exe] => (Allow) I:\portableapps\portableapps\firefoxportable\app\firefox\firefox.exe
FirewallRules: [{9C5A8E31-C4F8-4BF0-91AA-6A98ABE23363}] => (Allow) C:\Program Files\Directory Lister Pro\DirListerPro.exe
FirewallRules: [{C1109523-0CB9-4F57-86BA-AEAC309A733B}] => (Allow) C:\Program Files\Directory Lister Pro\DirListerPro.exe
FirewallRules: [{47791EC0-5446-4962-B0C2-F9F025EF15FE}] => (Allow) C:\Program Files\Directory Lister Pro\DirListerPro.exe
FirewallRules: [{0C44B992-DAC9-4BFD-ADAF-2DC6A8DD88F3}] => (Allow) C:\Program Files\Directory Lister Pro\DirListerPro.exe
FirewallRules: [TCP Query User{25643E6B-7AD0-4393-B55C-54A3C9E4431F}I:\portableapps\portableapps\synkronportable\app\synkron\synkron.exe] => (Allow) I:\portableapps\portableapps\synkronportable\app\synkron\synkron.exe
FirewallRules: [UDP Query User{15168146-6085-420B-9E56-199B651E4D04}I:\portableapps\portableapps\synkronportable\app\synkron\synkron.exe] => (Allow) I:\portableapps\portableapps\synkronportable\app\synkron\synkron.exe
FirewallRules: [TCP Query User{EEF75A7C-1155-47C4-B6A0-3F52A54AD15D}I:\programme\kodi 2\kodi.exe] => (Allow) I:\programme\kodi 2\kodi.exe
FirewallRules: [UDP Query User{20565AC6-315B-4FFB-BF3F-B33D79453DAA}I:\programme\kodi 2\kodi.exe] => (Allow) I:\programme\kodi 2\kodi.exe
FirewallRules: [TCP Query User{208C9170-9411-420D-B2BC-CF39AC12F786}I:\portableapps\portableapps\skypeportable\app\skype\phone\skype.exe] => (Allow) I:\portableapps\portableapps\skypeportable\app\skype\phone\skype.exe
FirewallRules: [UDP Query User{6F395CBB-686D-41E3-B2D1-F405A1CAFC2E}I:\portableapps\portableapps\skypeportable\app\skype\phone\skype.exe] => (Allow) I:\portableapps\portableapps\skypeportable\app\skype\phone\skype.exe
FirewallRules: [TCP Query User{B57EEBE9-D576-47C1-A64B-192A8F793EF4}I:\portableapps\portableapps\skypeportable\app\skype\phone\skype.exe] => (Allow) I:\portableapps\portableapps\skypeportable\app\skype\phone\skype.exe
FirewallRules: [UDP Query User{560CBCDB-9728-4902-A01A-260A936E0352}I:\portableapps\portableapps\skypeportable\app\skype\phone\skype.exe] => (Allow) I:\portableapps\portableapps\skypeportable\app\skype\phone\skype.exe
FirewallRules: [{A357FBEC-F27D-4608-A64C-DBBAE402A4DC}] => (Allow) I:\Programme\PotPlayer\PotPlayer64.exe
FirewallRules: [TCP Query User{46BB8C99-52FF-435A-8BDC-02FA44A17ECA}I:\programme\jds\jdownloader 2 - neuer\jdownloader2.exe] => (Allow) I:\programme\jds\jdownloader 2 - neuer\jdownloader2.exe
FirewallRules: [UDP Query User{64B580EA-516B-4EFD-A731-608E7231792D}I:\programme\jds\jdownloader 2 - neuer\jdownloader2.exe] => (Allow) I:\programme\jds\jdownloader 2 - neuer\jdownloader2.exe
FirewallRules: [TCP Query User{BC7848AB-DB5C-44DF-9909-7FA66DB761AE}I:\programme\jds\jdownloader 2\jdownloader2.exe] => (Allow) I:\programme\jds\jdownloader 2\jdownloader2.exe
FirewallRules: [UDP Query User{52168528-065E-4C78-8C6B-042E2F7009F1}I:\programme\jds\jdownloader 2\jdownloader2.exe] => (Allow) I:\programme\jds\jdownloader 2\jdownloader2.exe
FirewallRules: [TCP Query User{6D1DB684-4D98-43FE-B305-978E36163267}I:\vorübergehend\foobar\foobar2000.exe] => (Allow) I:\vorübergehend\foobar\foobar2000.exe
FirewallRules: [UDP Query User{B8BBB043-40A5-4A68-824B-967DE3993C33}I:\vorübergehend\foobar\foobar2000.exe] => (Allow) I:\vorübergehend\foobar\foobar2000.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/08/2015 03:31:47 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
Error: (06/07/2015 08:16:17 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]
Error: (06/06/2015 08:13:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FreeCommander.exe, Version: 2015.1.0.685, Zeitstempel: 0x54ba49c6
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7b96f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003bc24
ID des fehlerhaften Prozesses: 0xe08
Startzeit der fehlerhaften Anwendung: 0xFreeCommander.exe0
Pfad der fehlerhaften Anwendung: FreeCommander.exe1
Pfad des fehlerhaften Moduls: FreeCommander.exe2
Berichtskennung: FreeCommander.exe3
Error: (06/06/2015 10:49:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Ditto.exe, Version: 3.18.46.0, Zeitstempel: 0x509c7562
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c92c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000010c7b
ID des fehlerhaften Prozesses: 0xb2c
Startzeit der fehlerhaften Anwendung: 0xDitto.exe0
Pfad der fehlerhaften Anwendung: Ditto.exe1
Pfad des fehlerhaften Moduls: Ditto.exe2
Berichtskennung: Ditto.exe3
Error: (06/06/2015 02:32:37 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
Error: (06/05/2015 11:33:07 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
Error: (06/05/2015 07:27:05 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]
Error: (06/05/2015 00:12:05 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="AMD64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"1". Fehler in Manifest- oder Richtliniendatei "Microsoft.VC90.CRT,processorArchitecture="AMD64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"2" in Zeile Microsoft.VC90.CRT,processorArchitecture="AMD64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: Microsoft.VC90.CRT,processorArchitecture="AMD64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161".
Definition: Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (06/04/2015 07:02:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Kodi.exe, Version 14.2.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 19d8
Startzeit: 01d09ee8124cfee3
Endzeit: 0
Anwendungspfad: I:\Programme\Kodi\Kodi.exe
Berichts-ID: 5d1a1502-0adb-11e5-96d2-485d604623ee
Error: (06/04/2015 06:14:19 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]
System errors:
=============
Error: (06/07/2015 10:37:21 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (06/07/2015 10:37:21 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Multimediaklassenplaner" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (06/07/2015 10:35:50 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (06/07/2015 10:34:06 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Server" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (06/07/2015 10:34:06 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Computerbrowser" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (06/07/2015 10:32:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Update" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.
Error: (06/07/2015 10:32:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/07/2015 10:32:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Designs" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/07/2015 10:32:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benachrichtigungsdienst für Systemereignisse" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 300000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/07/2015 10:32:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Aufgabenplanung" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office:
=========================
Error: (06/08/2015 03:31:47 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
Error: (06/07/2015 08:16:17 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]
Error: (06/06/2015 08:13:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FreeCommander.exe2015.1.0.68554ba49c6ole32.dll6.1.7601.175144ce7b96fc00000050003bc24e0801d09c69cc85787cI:\PortableApps\PortableApps\FreeCommanderPortable\App\FreeCommanderXE\FreeCommander.exeC:\Windows\syswow64\ole32.dllbd679442-0c77-11e5-96d2-00262dc4168c
Error: (06/06/2015 10:49:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Ditto.exe3.18.46.0509c7562ole32.dll6.1.7601.175144ce7c92cc00000050000000000010c7bb2c01d09c68cb3a52eaI:\LiberKey\Apps\Ditto\App\Ditto\Ditto.exeC:\Windows\system32\ole32.dlle422fe35-0c28-11e5-96d2-00262dc4168c
Error: (06/06/2015 02:32:37 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
Error: (06/05/2015 11:33:07 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
Error: (06/05/2015 07:27:05 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]
Error: (06/05/2015 00:12:05 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Microsoft.VC90.CRT,processorArchitecture="AMD64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"Microsoft.VC90.CRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"C:\Program Files (x86)\LinkChecker\linkchecker-gui.exeC:\Program Files (x86)\LinkChecker\Microsoft.VC90.CRT\Microsoft.VC90.CRT.MANIFEST4
Error: (06/04/2015 07:02:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Kodi.exe14.2.0.019d801d09ee8124cfee30I:\Programme\Kodi\Kodi.exe5d1a1502-0adb-11e5-96d2-485d604623ee
Error: (06/04/2015 06:14:19 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]
CodeIntegrity Errors:
===================================
Date: 2015-05-29 13:30:09.093
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-29 13:26:16.465
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-29 13:15:07.094
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-29 13:13:56.710
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-29 13:13:56.639
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-29 13:08:55.957
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-29 13:00:02.493
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-29 12:54:49.671
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-29 12:54:49.577
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-05-29 12:49:44.690
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 390 @ 2.67GHz
Percentage of memory in use: 91%
Total physical RAM: 3893.44 MB
Available physical RAM: 318.13 MB
Total Pagefile: 7785.09 MB
Available Pagefile: 1877.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:82.91 GB) (Free:47.08 GB) NTFS
Drive i: (Volume) (Fixed) (Total:848.5 GB) (Free:86.7 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9F2440A3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=82.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=848.5 GB) - (Type=07 NTFS)
==================== End of log ============================
|
|
08.06.2015, 16:20
| #4 |
| /// the machine /// TB-Ausbilder | Notebook läuft extrem langsam: verursacht von Schadsoftware? hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.06.2015, 19:36
| #5 | ||
| | Notebook läuft extrem langsam: verursacht von Schadsoftware? Hallo schrauber, klingt so, als wäre Schadsoftware bei mir vorhanden. Zitat:
Werde ich alles machen. Hmmm, nach einem Doppelklick auf diese gerade 'runtergeladene Datei - mbar-1.09.1.1004.exe - und dem Entpacken auf dem Desktop -  -, erscheint diese Meldung:  . Was soll ich da tun?Habe auf "Nein" geklickt bei der Abfrage. Vielen Dank. Erledigt der erste Teil nun (den zweiten mache ich jetzt), einmal durchgelaufen ohne Neustart, nichts gefunden leider und gottseidank:  Code:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.17801
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, I:\ DRIVE_FIXED
CPU speed: 2.660000 GHz
Memory total: 4082569216, free: 306118656
=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.17801
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, I:\ DRIVE_FIXED
CPU speed: 2.660000 GHz
Memory total: 4082569216, free: 260268032
Downloaded database version: v2015.06.08.03
Downloaded database version: v2015.06.02.01
Downloaded database version: v2015.05.13.01
Initializing...
======================
------------ Kernel report ------------
06/08/2015 19:26:22
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\??\I:\Programme\SuperAntiSpyware\SASKUTIL64.SYS
\??\I:\Programme\SuperAntiSpyware\SASDIFSV64.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\L1C62x64.sys
\SystemRoot\system32\DRIVERS\nusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\rtl8192se.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\Impcd.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\System32\Drivers\x10hid.sys
\SystemRoot\System32\Drivers\HIDCLASS.SYS
\SystemRoot\System32\Drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\nusb3hub.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\advapi32.dll
\Windows\System32\msvcrt.dll
----------- End -----------
Done!
Scan started
Database versions:
main: v2015.06.08.03
rootkit: v2015.06.02.01
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800461f060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800461fb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800461f060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80042d5520, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa80042d7060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 9F2440A3
Partition information:
Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition file system is NTFS
Partition is bootable
Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 173875200
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 174082048 Numsec = 1779437568
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
Done!
File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-001525CB066D42EF4017ED3E0754D404884C64A1.bin.VF" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-001525CB066D42EF4017ED3E0754D404884C64A1.bin.VE1" is compressed (flags = 1)
Scan finished
Zitat:
 Code:
ATTFilter 20:39:00.0684 0x2b18 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
20:39:09.0161 0x2b18 ============================================================
20:39:09.0161 0x2b18 Current date / time: 2015/06/08 20:39:09.0161
20:39:09.0161 0x2b18 SystemInfo:
20:39:09.0161 0x2b18
20:39:09.0161 0x2b18 OS Version: 6.1.7601 ServicePack: 1.0
20:39:09.0161 0x2b18 Product type: Workstation
20:39:09.0161 0x2b18 ComputerName: Endo
20:39:09.0162 0x2b18 UserName: Endo
20:39:09.0162 0x2b18 Windows directory: C:\Windows
20:39:09.0162 0x2b18 System windows directory: C:\Windows
20:39:09.0162 0x2b18 Running under WOW64
20:39:09.0162 0x2b18 Processor architecture: Intel x64
20:39:09.0162 0x2b18 Number of processors: 4
20:39:09.0162 0x2b18 Page size: 0x1000
20:39:09.0162 0x2b18 Boot type: Normal boot
20:39:09.0162 0x2b18 ============================================================
20:39:11.0364 0x2b18 KLMD registered as C:\Windows\system32\drivers\98895722.sys
20:39:11.0864 0x2b18 System UUID: {5EBA7A58-6928-EF15-609E-0D4133B1B8C2}
20:39:12.0700 0x2b18 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:39:12.0704 0x2b18 ============================================================
20:39:12.0704 0x2b18 \Device\Harddisk0\DR0:
20:39:12.0704 0x2b18 MBR partitions:
20:39:12.0704 0x2b18 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:39:12.0704 0x2b18 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xA5D2000
20:39:12.0704 0x2b18 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xA604800, BlocksNum 0x6A101000
20:39:12.0704 0x2b18 ============================================================
20:39:12.0731 0x2b18 C: <-> \Device\Harddisk0\DR0\Partition2
20:39:12.0776 0x2b18 I: <-> \Device\Harddisk0\DR0\Partition3
20:39:12.0776 0x2b18 ============================================================
20:39:12.0777 0x2b18 Initialize success
20:39:12.0777 0x2b18 ============================================================
20:41:01.0893 0x2694 ============================================================
20:41:01.0893 0x2694 Scan started
20:41:01.0893 0x2694 Mode: Manual;
20:41:01.0893 0x2694 ============================================================
20:41:01.0893 0x2694 KSN ping started
20:41:04.0898 0x2694 KSN ping finished: true
20:41:08.0707 0x2694 ================ Scan system memory ========================
20:41:08.0707 0x2694 System memory - ok
20:41:08.0708 0x2694 ================ Scan services =============================
20:41:08.0844 0x2694 [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE I:\Programme\SuperAntiSpyware\SASCORE64.EXE
20:41:08.0849 0x2694 !SASCORE - ok
20:41:09.0069 0x2694 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:41:09.0076 0x2694 1394ohci - ok
20:41:09.0120 0x2694 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:41:09.0130 0x2694 ACPI - ok
20:41:09.0157 0x2694 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:41:09.0158 0x2694 AcpiPmi - ok
20:41:09.0216 0x2694 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:41:09.0229 0x2694 adp94xx - ok
20:41:09.0255 0x2694 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:41:09.0265 0x2694 adpahci - ok
20:41:09.0287 0x2694 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:41:09.0293 0x2694 adpu320 - ok
20:41:09.0324 0x2694 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:41:09.0326 0x2694 AeLookupSvc - ok
20:41:09.0373 0x2694 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
20:41:09.0386 0x2694 AFD - ok
20:41:09.0430 0x2694 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
20:41:09.0433 0x2694 agp440 - ok
20:41:09.0452 0x2694 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
20:41:09.0455 0x2694 ALG - ok
20:41:09.0489 0x2694 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
20:41:09.0491 0x2694 aliide - ok
20:41:09.0510 0x2694 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
20:41:09.0511 0x2694 amdide - ok
20:41:09.0543 0x2694 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:41:09.0546 0x2694 AmdK8 - ok
20:41:09.0551 0x2694 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:41:09.0554 0x2694 AmdPPM - ok
20:41:09.0583 0x2694 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:41:09.0587 0x2694 amdsata - ok
20:41:09.0609 0x2694 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:41:09.0615 0x2694 amdsbs - ok
20:41:09.0631 0x2694 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:41:09.0633 0x2694 amdxata - ok
20:41:09.0671 0x2694 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
20:41:09.0673 0x2694 AppID - ok
20:41:09.0683 0x2694 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:41:09.0685 0x2694 AppIDSvc - ok
20:41:09.0717 0x2694 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
20:41:09.0721 0x2694 Appinfo - ok
20:41:09.0736 0x2694 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:41:09.0739 0x2694 arc - ok
20:41:09.0757 0x2694 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:41:09.0761 0x2694 arcsas - ok
20:41:09.0892 0x2694 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:41:09.0922 0x2694 aspnet_state - ok
20:41:09.0954 0x2694 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:41:09.0956 0x2694 AsyncMac - ok
20:41:09.0985 0x2694 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
20:41:09.0986 0x2694 atapi - ok
20:41:10.0060 0x2694 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:41:10.0078 0x2694 AudioEndpointBuilder - ok
20:41:10.0101 0x2694 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:41:10.0114 0x2694 AudioSrv - ok
20:41:10.0154 0x2694 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:41:10.0158 0x2694 AxInstSV - ok
20:41:10.0235 0x2694 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:41:10.0248 0x2694 b06bdrv - ok
20:41:10.0300 0x2694 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:41:10.0308 0x2694 b57nd60a - ok
20:41:10.0349 0x2694 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
20:41:10.0353 0x2694 BDESVC - ok
20:41:10.0364 0x2694 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
20:41:10.0366 0x2694 Beep - ok
20:41:10.0427 0x2694 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
20:41:10.0445 0x2694 BFE - ok
20:41:10.0499 0x2694 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
20:41:10.0521 0x2694 BITS - ok
20:41:10.0543 0x2694 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:41:10.0546 0x2694 blbdrive - ok
20:41:10.0575 0x2694 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:41:10.0578 0x2694 bowser - ok
20:41:10.0619 0x2694 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:41:10.0621 0x2694 BrFiltLo - ok
20:41:10.0626 0x2694 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:41:10.0627 0x2694 BrFiltUp - ok
20:41:10.0672 0x2694 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
20:41:10.0676 0x2694 Browser - ok
20:41:10.0697 0x2694 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:41:10.0707 0x2694 Brserid - ok
20:41:10.0715 0x2694 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:41:10.0717 0x2694 BrSerWdm - ok
20:41:10.0730 0x2694 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:41:10.0732 0x2694 BrUsbMdm - ok
20:41:10.0737 0x2694 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:41:10.0739 0x2694 BrUsbSer - ok
20:41:10.0746 0x2694 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:41:10.0748 0x2694 BTHMODEM - ok
20:41:10.0793 0x2694 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
20:41:10.0796 0x2694 bthserv - ok
20:41:10.0820 0x2694 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:41:10.0823 0x2694 cdfs - ok
20:41:10.0876 0x2694 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
20:41:10.0881 0x2694 cdrom - ok
20:41:10.0925 0x2694 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
20:41:10.0928 0x2694 CertPropSvc - ok
20:41:10.0943 0x2694 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:41:10.0945 0x2694 circlass - ok
20:41:10.0987 0x2694 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
20:41:10.0997 0x2694 CLFS - ok
20:41:11.0064 0x2694 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:41:11.0069 0x2694 clr_optimization_v2.0.50727_32 - ok
20:41:11.0119 0x2694 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:41:11.0123 0x2694 clr_optimization_v2.0.50727_64 - ok
20:41:11.0173 0x2694 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:41:11.0177 0x2694 clr_optimization_v4.0.30319_32 - ok
20:41:11.0200 0x2694 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:41:11.0277 0x2694 clr_optimization_v4.0.30319_64 - ok
20:41:11.0301 0x2694 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:41:11.0303 0x2694 CmBatt - ok
20:41:11.0335 0x2694 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:41:11.0337 0x2694 cmdide - ok
20:41:11.0383 0x2694 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
20:41:11.0394 0x2694 CNG - ok
20:41:11.0425 0x2694 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:41:11.0427 0x2694 Compbatt - ok
20:41:11.0438 0x2694 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:41:11.0440 0x2694 CompositeBus - ok
20:41:11.0450 0x2694 COMSysApp - ok
20:41:11.0560 0x2694 [ 5212E0957468D3F94D90FA7A0F06B58F, 955DAC77A0148E9F9ED744F5D341CB9C9118261E52FE622AC6213965F2BC4CAD ] cpuz137 I:\LiberKey\Apps\Pcwizard\App\PCWizard\pcwiz_x64.sys
20:41:11.0596 0x2694 cpuz137 - ok
20:41:11.0609 0x2694 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:41:11.0611 0x2694 crcdisk - ok
20:41:11.0655 0x2694 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:41:11.0661 0x2694 CryptSvc - ok
20:41:11.0710 0x2694 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:41:11.0724 0x2694 DcomLaunch - ok
20:41:11.0756 0x2694 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
20:41:11.0764 0x2694 defragsvc - ok
20:41:11.0803 0x2694 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:41:11.0806 0x2694 DfsC - ok
20:41:11.0841 0x2694 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:41:11.0849 0x2694 Dhcp - ok
20:41:11.0951 0x2694 [ EA8A3E8C674B03CB4AFA1D344DBD7BC1, 564D9370AE4D12973647997684B9637B2A5A7480F66B87018F789CE4E43C8191 ] DiagTrack C:\Windows\system32\diagtrack.dll
20:41:11.0985 0x2694 DiagTrack - ok
20:41:12.0096 0x2694 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
20:41:12.0097 0x2694 discache - ok
20:41:12.0112 0x2694 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:41:12.0115 0x2694 Disk - ok
20:41:12.0172 0x2694 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:41:12.0177 0x2694 Dnscache - ok
20:41:12.0220 0x2694 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
20:41:12.0229 0x2694 dot3svc - ok
20:41:12.0259 0x2694 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
20:41:12.0264 0x2694 DPS - ok
20:41:12.0321 0x2694 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:41:12.0322 0x2694 drmkaud - ok
20:41:12.0386 0x2694 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:41:12.0413 0x2694 DXGKrnl - ok
20:41:12.0463 0x2694 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
20:41:12.0467 0x2694 EapHost - ok
20:41:12.0583 0x2694 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:41:12.0662 0x2694 ebdrv - ok
20:41:12.0695 0x2694 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] EFS C:\Windows\System32\lsass.exe
20:41:12.0696 0x2694 EFS - ok
20:41:12.0756 0x2694 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:41:12.0774 0x2694 ehRecvr - ok
20:41:12.0811 0x2694 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
20:41:12.0816 0x2694 ehSched - ok
20:41:12.0860 0x2694 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:41:12.0873 0x2694 elxstor - ok
20:41:12.0896 0x2694 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:41:12.0897 0x2694 ErrDev - ok
20:41:12.0949 0x2694 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
20:41:12.0961 0x2694 EventSystem - ok
20:41:13.0017 0x2694 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
20:41:13.0031 0x2694 exfat - ok
20:41:13.0085 0x2694 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:41:13.0102 0x2694 fastfat - ok
20:41:13.0305 0x2694 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
20:41:13.0326 0x2694 Fax - ok
20:41:13.0372 0x2694 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:41:13.0381 0x2694 fdc - ok
20:41:13.0451 0x2694 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
20:41:13.0465 0x2694 fdPHost - ok
20:41:13.0501 0x2694 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
20:41:13.0517 0x2694 FDResPub - ok
20:41:13.0563 0x2694 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:41:13.0572 0x2694 FileInfo - ok
20:41:13.0594 0x2694 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:41:13.0600 0x2694 Filetrace - ok
20:41:13.0620 0x2694 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:41:13.0630 0x2694 flpydisk - ok
20:41:13.0707 0x2694 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:41:13.0723 0x2694 FltMgr - ok
20:41:13.0891 0x2694 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
20:41:13.0922 0x2694 FontCache - ok
20:41:13.0993 0x2694 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:41:13.0995 0x2694 FontCache3.0.0.0 - ok
20:41:14.0026 0x2694 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:41:14.0029 0x2694 FsDepends - ok
20:41:14.0116 0x2694 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:41:14.0126 0x2694 Fs_Rec - ok
20:41:14.0212 0x2694 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:41:14.0218 0x2694 fvevol - ok
20:41:14.0234 0x2694 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:41:14.0236 0x2694 gagp30kx - ok
20:41:14.0398 0x2694 [ C0B698B7D0E03B2A01D0F781BEE052BB, C20A43B02FF2536FF009C82CFE286598A87AC0BC5072F8E278802DD0B227AC3E ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
20:41:14.0421 0x2694 GfExperienceService - ok
20:41:14.0469 0x2694 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
20:41:14.0488 0x2694 gpsvc - ok
20:41:14.0515 0x2694 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:41:14.0516 0x2694 hcw85cir - ok
20:41:14.0556 0x2694 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:41:14.0567 0x2694 HdAudAddService - ok
20:41:14.0580 0x2694 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:41:14.0584 0x2694 HDAudBus - ok
20:41:14.0629 0x2694 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:41:14.0631 0x2694 HECIx64 - ok
20:41:14.0652 0x2694 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:41:14.0653 0x2694 HidBatt - ok
20:41:14.0663 0x2694 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:41:14.0666 0x2694 HidBth - ok
20:41:14.0689 0x2694 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:41:14.0692 0x2694 HidIr - ok
20:41:14.0708 0x2694 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
20:41:14.0709 0x2694 hidserv - ok
20:41:14.0751 0x2694 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:41:14.0753 0x2694 HidUsb - ok
20:41:14.0792 0x2694 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:41:14.0796 0x2694 hkmsvc - ok
20:41:14.0826 0x2694 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:41:14.0833 0x2694 HomeGroupListener - ok
20:41:14.0855 0x2694 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:41:14.0861 0x2694 HomeGroupProvider - ok
20:41:14.0908 0x2694 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:41:14.0911 0x2694 HpSAMD - ok
20:41:14.0974 0x2694 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:41:14.0993 0x2694 HTTP - ok
20:41:15.0019 0x2694 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:41:15.0020 0x2694 hwpolicy - ok
20:41:15.0053 0x2694 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:41:15.0056 0x2694 i8042prt - ok
20:41:15.0112 0x2694 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:41:15.0123 0x2694 iaStorV - ok
20:41:15.0180 0x2694 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:41:15.0202 0x2694 idsvc - ok
20:41:15.0227 0x2694 IEEtwCollectorService - ok
20:41:15.0605 0x2694 [ F4F91789C7C7A159CE8215C1F69F2A85, E60155402FB647B55EAD6B090204A1AA497294D473A7CCF850BB21C0DCCCB49C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:41:15.0959 0x2694 igfx - ok
20:41:16.0006 0x2694 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:41:16.0009 0x2694 iirsp - ok
20:41:16.0059 0x2694 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
20:41:16.0081 0x2694 IKEEXT - ok
20:41:16.0142 0x2694 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
20:41:16.0147 0x2694 Impcd - ok
20:41:16.0332 0x2694 [ CC279B89A16615B8DD13422544F6B478, DFC6AF05670CA79D8CC2C89FB5FBD8EECC4FB159CD8EFE422F06BE2A272608B6 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:41:16.0482 0x2694 IntcAzAudAddService - ok
20:41:16.0630 0x2694 [ 03C74719D48056A1078F3A51CEB76BAA, 34BCC73EE4D65E1F282208C243C54BBD8458DB50FA893DE3306E1A1E73D05B1A ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:41:16.0654 0x2694 IntcDAud - ok
20:41:16.0669 0x2694 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
20:41:16.0671 0x2694 intelide - ok
20:41:16.0762 0x2694 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:41:16.0772 0x2694 intelppm - ok
20:41:16.0806 0x2694 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:41:16.0820 0x2694 IPBusEnum - ok
20:41:16.0850 0x2694 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:41:16.0862 0x2694 IpFilterDriver - ok
20:41:16.0943 0x2694 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:41:16.0961 0x2694 iphlpsvc - ok
20:41:16.0993 0x2694 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:41:16.0996 0x2694 IPMIDRV - ok
20:41:17.0012 0x2694 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:41:17.0015 0x2694 IPNAT - ok
20:41:17.0041 0x2694 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:41:17.0042 0x2694 IRENUM - ok
20:41:17.0054 0x2694 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:41:17.0056 0x2694 isapnp - ok
20:41:17.0083 0x2694 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:41:17.0091 0x2694 iScsiPrt - ok
20:41:17.0113 0x2694 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:41:17.0116 0x2694 kbdclass - ok
20:41:17.0134 0x2694 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:41:17.0136 0x2694 kbdhid - ok
20:41:17.0166 0x2694 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] KeyIso C:\Windows\system32\lsass.exe
20:41:17.0168 0x2694 KeyIso - ok
20:41:17.0213 0x2694 [ F7DFAE6040AC910B7C64EE208A34157D, AEF1100F12391692D9DB78519D843A90C97E199A80DDC4D43E3AF1919A9E8E56 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:41:17.0217 0x2694 KSecDD - ok
20:41:17.0242 0x2694 [ 8FE94F2EF9BF444E93E35D87E210D02F, 78E8F6FD7C1EA3556194947707BE6893538A9E25A550C22045866C5B30251D14 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:41:17.0246 0x2694 KSecPkg - ok
20:41:17.0267 0x2694 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:41:17.0268 0x2694 ksthunk - ok
20:41:17.0317 0x2694 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
20:41:17.0328 0x2694 KtmRm - ok
20:41:17.0358 0x2694 [ 48686C29856F46443952A831424F8D6F, 05BEA2243E219575B2FBED23824DB2BE61F422C2972AC2E835C94DFC8A285BF6 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
20:41:17.0387 0x2694 L1C - ok
20:41:17.0446 0x2694 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:41:17.0453 0x2694 LanmanServer - ok
20:41:17.0490 0x2694 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:41:17.0495 0x2694 LanmanWorkstation - ok
20:41:17.0545 0x2694 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:41:17.0547 0x2694 lltdio - ok
20:41:17.0590 0x2694 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:41:17.0599 0x2694 lltdsvc - ok
20:41:17.0620 0x2694 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:41:17.0623 0x2694 lmhosts - ok
20:41:17.0740 0x2694 [ 1E2F802846EB944E0333EFEE7C9532A8, 86EB59BF238E3DB8AF9E379B0BAE5AEC734C15598E665062B2E19C0A58BEF783 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:41:17.0745 0x2694 LMS - ok
20:41:17.0760 0x2694 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:41:17.0763 0x2694 LSI_FC - ok
20:41:17.0792 0x2694 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:41:17.0795 0x2694 LSI_SAS - ok
20:41:17.0805 0x2694 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:41:17.0808 0x2694 LSI_SAS2 - ok
20:41:17.0826 0x2694 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:41:17.0830 0x2694 LSI_SCSI - ok
20:41:17.0846 0x2694 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
20:41:17.0850 0x2694 luafv - ok
20:41:17.0876 0x2694 [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:41:17.0878 0x2694 MBAMProtector - ok
20:41:17.0969 0x2694 [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
20:41:17.0997 0x2694 MBAMService - ok
20:41:18.0015 0x2694 [ F49FB3C88E263AE9A246593B0BB29294, FB53D6FA4A98B98334DCFF81E40712265256D31A9E9FF36022887BABD50F39EB ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
20:41:18.0017 0x2694 MBAMWebAccessControl - ok
20:41:18.0056 0x2694 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:41:18.0062 0x2694 Mcx2Svc - ok
20:41:18.0089 0x2694 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:41:18.0090 0x2694 megasas - ok
20:41:18.0133 0x2694 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:41:18.0149 0x2694 MegaSR - ok
20:41:18.0195 0x2694 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
20:41:18.0198 0x2694 MMCSS - ok
20:41:18.0214 0x2694 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
20:41:18.0216 0x2694 Modem - ok
20:41:18.0236 0x2694 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:41:18.0237 0x2694 monitor - ok
20:41:18.0246 0x2694 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:41:18.0248 0x2694 mouclass - ok
20:41:18.0270 0x2694 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:41:18.0272 0x2694 mouhid - ok
20:41:18.0308 0x2694 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:41:18.0311 0x2694 mountmgr - ok
20:41:18.0368 0x2694 [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
20:41:18.0376 0x2694 MpFilter - ok
20:41:18.0404 0x2694 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
20:41:18.0409 0x2694 mpio - ok
20:41:18.0428 0x2694 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:41:18.0431 0x2694 mpsdrv - ok
20:41:18.0478 0x2694 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:41:18.0498 0x2694 MpsSvc - ok
20:41:18.0521 0x2694 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:41:18.0526 0x2694 MRxDAV - ok
20:41:18.0552 0x2694 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:41:18.0557 0x2694 mrxsmb - ok
20:41:18.0580 0x2694 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:41:18.0588 0x2694 mrxsmb10 - ok
20:41:18.0603 0x2694 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:41:18.0607 0x2694 mrxsmb20 - ok
20:41:18.0635 0x2694 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
20:41:18.0637 0x2694 msahci - ok
20:41:18.0657 0x2694 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:41:18.0662 0x2694 msdsm - ok
20:41:18.0674 0x2694 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
20:41:18.0679 0x2694 MSDTC - ok
20:41:18.0716 0x2694 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:41:18.0717 0x2694 Msfs - ok
20:41:18.0738 0x2694 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:41:18.0739 0x2694 mshidkmdf - ok
20:41:18.0757 0x2694 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:41:18.0758 0x2694 msisadrv - ok
20:41:18.0790 0x2694 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:41:18.0795 0x2694 MSiSCSI - ok
20:41:18.0799 0x2694 msiserver - ok
20:41:18.0826 0x2694 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:41:18.0827 0x2694 MSKSSRV - ok
20:41:18.0923 0x2694 [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
20:41:18.0924 0x2694 MsMpSvc - ok
20:41:18.0929 0x2694 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:41:18.0931 0x2694 MSPCLOCK - ok
20:41:18.0937 0x2694 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:41:18.0938 0x2694 MSPQM - ok
20:41:18.0982 0x2694 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:41:18.0992 0x2694 MsRPC - ok
20:41:19.0001 0x2694 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:41:19.0003 0x2694 mssmbios - ok
20:41:19.0021 0x2694 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:41:19.0022 0x2694 MSTEE - ok
20:41:19.0027 0x2694 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:41:19.0029 0x2694 MTConfig - ok
20:41:19.0043 0x2694 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
20:41:19.0045 0x2694 Mup - ok
20:41:19.0087 0x2694 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
20:41:19.0101 0x2694 napagent - ok
20:41:19.0148 0x2694 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:41:19.0156 0x2694 NativeWifiP - ok
20:41:19.0228 0x2694 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
20:41:19.0252 0x2694 NDIS - ok
20:41:19.0274 0x2694 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:41:19.0276 0x2694 NdisCap - ok
20:41:19.0296 0x2694 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:41:19.0298 0x2694 NdisTapi - ok
20:41:19.0340 0x2694 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:41:19.0343 0x2694 Ndisuio - ok
20:41:19.0375 0x2694 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:41:19.0380 0x2694 NdisWan - ok
20:41:19.0411 0x2694 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:41:19.0414 0x2694 NDProxy - ok
20:41:19.0437 0x2694 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:41:19.0439 0x2694 NetBIOS - ok
20:41:19.0472 0x2694 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:41:19.0479 0x2694 NetBT - ok
20:41:19.0506 0x2694 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] Netlogon C:\Windows\system32\lsass.exe
20:41:19.0508 0x2694 Netlogon - ok
20:41:19.0560 0x2694 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
20:41:19.0570 0x2694 Netman - ok
20:41:19.0604 0x2694 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:41:19.0619 0x2694 NetMsmqActivator - ok
20:41:19.0627 0x2694 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:41:19.0631 0x2694 NetPipeActivator - ok
20:41:19.0656 0x2694 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
20:41:19.0669 0x2694 netprofm - ok
20:41:19.0676 0x2694 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:41:19.0679 0x2694 NetTcpActivator - ok
20:41:19.0687 0x2694 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:41:19.0690 0x2694 NetTcpPortSharing - ok
20:41:19.0838 0x2694 [ 82FFC84EC3AFC2F2D38DB880F50157C0, 4D37A44A5BBD3ECA2B29FE8565FC5840093E5BB41D197BEDA406BCE4A7C3479A ] Netzmanager Service C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
20:41:20.0050 0x2694 Netzmanager Service - ok
20:41:20.0125 0x2694 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:41:20.0127 0x2694 nfrd960 - ok
20:41:20.0178 0x2694 [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:41:20.0182 0x2694 NisDrv - ok
20:41:20.0226 0x2694 [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
20:41:20.0234 0x2694 NisSrv - ok
20:41:20.0275 0x2694 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:41:20.0285 0x2694 NlaSvc - ok
20:41:20.0322 0x2694 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:41:20.0324 0x2694 Npfs - ok
20:41:20.0344 0x2694 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
20:41:20.0346 0x2694 nsi - ok
20:41:20.0373 0x2694 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:41:20.0375 0x2694 nsiproxy - ok
20:41:20.0458 0x2694 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:41:20.0500 0x2694 Ntfs - ok
20:41:20.0530 0x2694 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
20:41:20.0532 0x2694 Null - ok
20:41:20.0561 0x2694 [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
20:41:20.0564 0x2694 nusb3hub - ok
20:41:20.0587 0x2694 [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:41:20.0592 0x2694 nusb3xhc - ok
20:41:20.0944 0x2694 [ 3E188568A3D51195399A790B51F0A7B8, 76BBE2F6CD8B67D184FACE85D638E0861842784F5A087A412F0F05AF27079DC4 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:41:21.0458 0x2694 nvlddmkm - ok
20:41:21.0586 0x2694 [ 32ECE52E4C4A5FC2115279D7B13E6270, AE520E4708B3750D61BE17AA6020D0D0518CC72D4D29F4D618090F74EA2850BF ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
20:41:21.0623 0x2694 NvNetworkService - ok
20:41:21.0648 0x2694 [ A3673BC0BDCC99BEBEA6B3C9F78868A4, 86F4701A90A0FFCBD3396BFD1A5863949122832CED63E26571A55857D5ABC6AE ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
20:41:21.0690 0x2694 nvpciflt - ok
20:41:21.0727 0x2694 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:41:21.0732 0x2694 nvraid - ok
20:41:21.0748 0x2694 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:41:21.0754 0x2694 nvstor - ok
20:41:21.0804 0x2694 [ DA48A4EB3DD38C7BF90CB12DD1672618, 2EFEEE7E9294A17251B45259C06B40E11088D38970068D6D88EE2105B35F5530 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
20:41:21.0830 0x2694 NvStreamKms - ok
20:41:21.0857 0x2694 NvStreamSvc - ok
20:41:21.0922 0x2694 [ D768CA15B379A9611B22719A1364D3C0, 2F2D6143E2B06A3EE7011E559475BFC3DEFC8AB67F1F93404E6B83CDB69185C0 ] nvsvc C:\Windows\system32\nvvsvc.exe
20:41:21.0940 0x2694 nvsvc - ok
20:41:21.0993 0x2694 [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
20:41:22.0021 0x2694 nvvad_WaveExtensible - ok
20:41:22.0088 0x2694 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:41:22.0094 0x2694 nv_agp - ok
20:41:22.0143 0x2694 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:41:22.0146 0x2694 ohci1394 - ok
20:41:22.0210 0x2694 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:41:22.0231 0x2694 p2pimsvc - ok
20:41:22.0267 0x2694 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
20:41:22.0280 0x2694 p2psvc - ok
20:41:22.0312 0x2694 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:41:22.0315 0x2694 Parport - ok
20:41:22.0338 0x2694 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:41:22.0341 0x2694 partmgr - ok
20:41:22.0366 0x2694 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:41:22.0372 0x2694 PcaSvc - ok
20:41:22.0396 0x2694 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
20:41:22.0401 0x2694 pci - ok
20:41:22.0427 0x2694 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
20:41:22.0428 0x2694 pciide - ok
20:41:22.0444 0x2694 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:41:22.0450 0x2694 pcmcia - ok
20:41:22.0465 0x2694 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
20:41:22.0467 0x2694 pcw - ok
20:41:22.0518 0x2694 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:41:22.0535 0x2694 PEAUTH - ok
20:41:22.0601 0x2694 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:41:22.0603 0x2694 PerfHost - ok
20:41:22.0673 0x2694 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
20:41:22.0708 0x2694 pla - ok
20:41:22.0756 0x2694 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:41:22.0767 0x2694 PlugPlay - ok
20:41:22.0802 0x2694 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:41:22.0805 0x2694 PNRPAutoReg - ok
20:41:22.0830 0x2694 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:41:22.0838 0x2694 PNRPsvc - ok
20:41:22.0892 0x2694 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:41:22.0906 0x2694 PolicyAgent - ok
20:41:22.0939 0x2694 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
20:41:22.0945 0x2694 Power - ok
20:41:22.0979 0x2694 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:41:22.0983 0x2694 PptpMiniport - ok
20:41:23.0004 0x2694 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:41:23.0007 0x2694 Processor - ok
20:41:23.0043 0x2694 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
20:41:23.0050 0x2694 ProfSvc - ok
20:41:23.0067 0x2694 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:41:23.0069 0x2694 ProtectedStorage - ok
20:41:23.0111 0x2694 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:41:23.0116 0x2694 Psched - ok
20:41:23.0137 0x2694 [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio C:\Windows\system32\pwdrvio.sys
20:41:23.0200 0x2694 pwdrvio - ok
20:41:23.0222 0x2694 [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio C:\Windows\system32\pwdspio.sys
20:41:23.0244 0x2694 pwdspio - ok
20:41:23.0312 0x2694 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:41:23.0348 0x2694 ql2300 - ok
20:41:23.0373 0x2694 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:41:23.0377 0x2694 ql40xx - ok
20:41:23.0408 0x2694 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
20:41:23.0417 0x2694 QWAVE - ok
20:41:23.0433 0x2694 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:41:23.0436 0x2694 QWAVEdrv - ok
20:41:23.0455 0x2694 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:41:23.0456 0x2694 RasAcd - ok
20:41:23.0488 0x2694 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:41:23.0491 0x2694 RasAgileVpn - ok
20:41:23.0509 0x2694 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
20:41:23.0513 0x2694 RasAuto - ok
20:41:23.0550 0x2694 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:41:23.0555 0x2694 Rasl2tp - ok
20:41:23.0609 0x2694 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
20:41:23.0619 0x2694 RasMan - ok
20:41:23.0633 0x2694 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:41:23.0636 0x2694 RasPppoe - ok
20:41:23.0644 0x2694 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:41:23.0648 0x2694 RasSstp - ok
20:41:23.0683 0x2694 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:41:23.0691 0x2694 rdbss - ok
20:41:23.0711 0x2694 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:41:23.0713 0x2694 rdpbus - ok
20:41:23.0744 0x2694 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:41:23.0745 0x2694 RDPCDD - ok
20:41:23.0766 0x2694 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:41:23.0767 0x2694 RDPENCDD - ok
20:41:23.0792 0x2694 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:41:23.0794 0x2694 RDPREFMP - ok
20:41:23.0863 0x2694 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:41:23.0866 0x2694 RdpVideoMiniport - ok
20:41:23.0893 0x2694 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:41:23.0899 0x2694 RDPWD - ok
20:41:23.0923 0x2694 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:41:23.0929 0x2694 rdyboost - ok
20:41:23.0969 0x2694 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:41:23.0973 0x2694 RemoteAccess - ok
20:41:24.0021 0x2694 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:41:24.0027 0x2694 RemoteRegistry - ok
20:41:24.0057 0x2694 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:41:24.0061 0x2694 RpcEptMapper - ok
20:41:24.0097 0x2694 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
20:41:24.0099 0x2694 RpcLocator - ok
20:41:24.0146 0x2694 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
20:41:24.0157 0x2694 RpcSs - ok
20:41:24.0190 0x2694 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:41:24.0193 0x2694 rspndr - ok
20:41:24.0262 0x2694 [ 44ED82612403021E36998E1ECB1198F1, 3AD488ED116C61E26B6D857494CFA80E3F99565C2D7C88C1C95DD2C6B6355BF0 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
20:41:24.0303 0x2694 RSUSBSTOR - ok
20:41:24.0393 0x2694 [ 8E843C0340C30994161C10FBA87EEA18, 4ED57D9F23C54FCB0EA99387D3EBAA5E34EB5465D84FF70E6652F9FA46F55CB2 ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys
20:41:24.0465 0x2694 rtl8192se - ok
20:41:24.0487 0x2694 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] SamSs C:\Windows\system32\lsass.exe
20:41:24.0488 0x2694 SamSs - ok
20:41:24.0533 0x2694 [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV I:\Programme\SuperAntiSpyware\SASDIFSV64.SYS
20:41:24.0550 0x2694 SASDIFSV - ok
20:41:24.0563 0x2694 [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL I:\Programme\SuperAntiSpyware\SASKUTIL64.SYS
20:41:24.0577 0x2694 SASKUTIL - ok
20:41:24.0616 0x2694 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:41:24.0619 0x2694 sbp2port - ok
20:41:24.0673 0x2694 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:41:24.0680 0x2694 SCardSvr - ok
20:41:24.0707 0x2694 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:41:24.0709 0x2694 scfilter - ok
20:41:24.0770 0x2694 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
20:41:24.0798 0x2694 Schedule - ok
20:41:24.0836 0x2694 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:41:24.0838 0x2694 SCPolicySvc - ok
20:41:24.0873 0x2694 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:41:24.0879 0x2694 SDRSVC - ok
20:41:24.0921 0x2694 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:41:24.0922 0x2694 secdrv - ok
20:41:24.0949 0x2694 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
20:41:24.0951 0x2694 seclogon - ok
20:41:24.0988 0x2694 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
20:41:24.0991 0x2694 SENS - ok
20:41:25.0004 0x2694 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:41:25.0007 0x2694 SensrSvc - ok
20:41:25.0023 0x2694 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:41:25.0025 0x2694 Serenum - ok
20:41:25.0041 0x2694 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:41:25.0045 0x2694 Serial - ok
20:41:25.0074 0x2694 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:41:25.0076 0x2694 sermouse - ok
20:41:25.0105 0x2694 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
20:41:25.0110 0x2694 SessionEnv - ok
20:41:25.0138 0x2694 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:41:25.0143 0x2694 sffdisk - ok
20:41:25.0166 0x2694 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:41:25.0168 0x2694 sffp_mmc - ok
20:41:25.0173 0x2694 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:41:25.0175 0x2694 sffp_sd - ok
20:41:25.0180 0x2694 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:41:25.0181 0x2694 sfloppy - ok
20:41:25.0219 0x2694 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:41:25.0231 0x2694 SharedAccess - ok
20:41:25.0270 0x2694 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:41:25.0282 0x2694 ShellHWDetection - ok
20:41:25.0302 0x2694 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:41:25.0304 0x2694 SiSRaid2 - ok
20:41:25.0321 0x2694 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:41:25.0324 0x2694 SiSRaid4 - ok
20:41:25.0343 0x2694 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:41:25.0346 0x2694 Smb - ok
20:41:25.0392 0x2694 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:41:25.0394 0x2694 SNMPTRAP - ok
20:41:25.0413 0x2694 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
20:41:25.0414 0x2694 spldr - ok
20:41:25.0469 0x2694 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
20:41:25.0489 0x2694 Spooler - ok
20:41:25.0628 0x2694 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
20:41:25.0747 0x2694 sppsvc - ok
20:41:25.0783 0x2694 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:41:25.0787 0x2694 sppuinotify - ok
20:41:25.0821 0x2694 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:41:25.0833 0x2694 srv - ok
20:41:25.0856 0x2694 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:41:25.0866 0x2694 srv2 - ok
20:41:25.0887 0x2694 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:41:25.0892 0x2694 srvnet - ok
20:41:25.0917 0x2694 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:41:25.0924 0x2694 SSDPSRV - ok
20:41:25.0960 0x2694 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:41:25.0964 0x2694 SstpSvc - ok
20:41:26.0047 0x2694 [ C64C157B167FE562E8670984E72C25FA, 9302C82A75CA65515297B72F3A6230307AAE0B14FD8C9C7FA343F7B62E5ED376 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:41:26.0056 0x2694 Stereo Service - ok
20:41:26.0103 0x2694 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:41:26.0105 0x2694 stexstor - ok
20:41:26.0151 0x2694 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
20:41:26.0167 0x2694 stisvc - ok
20:41:26.0214 0x2694 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
20:41:26.0216 0x2694 swenum - ok
20:41:26.0256 0x2694 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
20:41:26.0273 0x2694 swprv - ok
20:41:26.0317 0x2694 [ 064A2530A4A7C7CEC1BE6A1945645BE4, 06E4B59B6BFCEE1E2F1EDED77621C9DFED09F460E94065E528A2F746B568193D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:41:26.0386 0x2694 SynTP - ok
20:41:26.0462 0x2694 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
20:41:26.0506 0x2694 SysMain - ok
20:41:26.0544 0x2694 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:41:26.0549 0x2694 TabletInputService - ok
20:41:26.0575 0x2694 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
20:41:26.0586 0x2694 TapiSrv - ok
20:41:26.0621 0x2694 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
20:41:26.0625 0x2694 TBS - ok
20:41:26.0725 0x2694 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:41:26.0774 0x2694 Tcpip - ok
20:41:26.0833 0x2694 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:41:26.0871 0x2694 TCPIP6 - ok
20:41:26.0903 0x2694 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:41:26.0905 0x2694 tcpipreg - ok
20:41:26.0927 0x2694 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:41:26.0929 0x2694 TDPIPE - ok
20:41:26.0955 0x2694 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:41:26.0957 0x2694 TDTCP - ok
20:41:26.0992 0x2694 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:41:26.0996 0x2694 tdx - ok
20:41:27.0050 0x2694 [ 4283D7125BA4BD0CB50BB0F78B54257A, A9DBFC45CDF7444BA7AD92734E66E3E4F844BF036AC19FD43F915151191F12C5 ] TelekomNM6 C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys
20:41:27.0078 0x2694 TelekomNM6 - ok
20:41:27.0103 0x2694 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
20:41:27.0107 0x2694 TermDD - ok
20:41:27.0152 0x2694 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
20:41:27.0170 0x2694 TermService - ok
20:41:27.0250 0x2694 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
20:41:27.0253 0x2694 Themes - ok
20:41:27.0279 0x2694 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
20:41:27.0281 0x2694 THREADORDER - ok
20:41:27.0295 0x2694 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
20:41:27.0299 0x2694 TrkWks - ok
20:41:27.0356 0x2694 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:41:27.0362 0x2694 TrustedInstaller - ok
20:41:27.0384 0x2694 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:41:27.0386 0x2694 tssecsrv - ok
20:41:27.0408 0x2694 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:41:27.0411 0x2694 TsUsbFlt - ok
20:41:27.0456 0x2694 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:41:27.0460 0x2694 tunnel - ok
20:41:27.0490 0x2694 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:41:27.0493 0x2694 uagp35 - ok
20:41:27.0535 0x2694 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:41:27.0544 0x2694 udfs - ok
20:41:27.0569 0x2694 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:41:27.0572 0x2694 UI0Detect - ok
20:41:27.0607 0x2694 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:41:27.0611 0x2694 uliagpkx - ok
20:41:27.0668 0x2694 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
20:41:27.0671 0x2694 umbus - ok
20:41:27.0696 0x2694 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:41:27.0698 0x2694 UmPass - ok
20:41:27.0888 0x2694 [ AF905F4966CFC8B973623AB150CD4B2B, E1BF0481A584C10AE4A927A01A1E6B76036C18FAF7AB38D9B78641F5808D9888 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:41:27.0933 0x2694 UNS - ok
20:41:27.0976 0x2694 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
20:41:27.0986 0x2694 upnphost - ok
20:41:28.0018 0x2694 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:41:28.0022 0x2694 usbaudio - ok
20:41:28.0048 0x2694 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:41:28.0051 0x2694 usbccgp - ok
20:41:28.0094 0x2694 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:41:28.0097 0x2694 usbcir - ok
20:41:28.0121 0x2694 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:41:28.0123 0x2694 usbehci - ok
20:41:28.0153 0x2694 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:41:28.0162 0x2694 usbhub - ok
20:41:28.0184 0x2694 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:41:28.0186 0x2694 usbohci - ok
20:41:28.0203 0x2694 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:41:28.0205 0x2694 usbprint - ok
20:41:28.0230 0x2694 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:41:28.0233 0x2694 USBSTOR - ok
20:41:28.0251 0x2694 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:41:28.0252 0x2694 usbuhci - ok
20:41:28.0300 0x2694 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:41:28.0307 0x2694 usbvideo - ok
20:41:28.0343 0x2694 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
20:41:28.0346 0x2694 UxSms - ok
20:41:28.0358 0x2694 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] VaultSvc C:\Windows\system32\lsass.exe
20:41:28.0360 0x2694 VaultSvc - ok
20:41:28.0372 0x2694 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:41:28.0373 0x2694 vdrvroot - ok
20:41:28.0417 0x2694 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
20:41:28.0432 0x2694 vds - ok
20:41:28.0471 0x2694 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:41:28.0473 0x2694 vga - ok
20:41:28.0491 0x2694 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:41:28.0492 0x2694 VgaSave - ok
20:41:28.0517 0x2694 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:41:28.0524 0x2694 vhdmp - ok
20:41:28.0553 0x2694 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
20:41:28.0555 0x2694 viaide - ok
20:41:28.0574 0x2694 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:41:28.0577 0x2694 volmgr - ok
20:41:28.0605 0x2694 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:41:28.0616 0x2694 volmgrx - ok
20:41:28.0636 0x2694 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:41:28.0645 0x2694 volsnap - ok
20:41:28.0677 0x2694 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:41:28.0682 0x2694 vsmraid - ok
20:41:28.0760 0x2694 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
20:41:28.0802 0x2694 VSS - ok
20:41:28.0820 0x2694 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:41:28.0821 0x2694 vwifibus - ok
20:41:28.0840 0x2694 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:41:28.0842 0x2694 vwififlt - ok
20:41:28.0889 0x2694 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
20:41:28.0900 0x2694 W32Time - ok
20:41:28.0930 0x2694 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:41:28.0933 0x2694 WacomPen - ok
20:41:28.0976 0x2694 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:41:28.0979 0x2694 WANARP - ok
20:41:28.0992 0x2694 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:41:28.0994 0x2694 Wanarpv6 - ok
20:41:29.0067 0x2694 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
20:41:29.0105 0x2694 wbengine - ok
20:41:29.0140 0x2694 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:41:29.0147 0x2694 WbioSrvc - ok
20:41:29.0186 0x2694 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:41:29.0197 0x2694 wcncsvc - ok
20:41:29.0214 0x2694 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:41:29.0218 0x2694 WcsPlugInService - ok
20:41:29.0242 0x2694 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:41:29.0244 0x2694 Wd - ok
20:41:29.0286 0x2694 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
20:41:29.0287 0x2694 WDC_SAM - ok
20:41:29.0347 0x2694 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:41:29.0368 0x2694 Wdf01000 - ok
20:41:29.0415 0x2694 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:41:29.0419 0x2694 WdiServiceHost - ok
20:41:29.0424 0x2694 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:41:29.0428 0x2694 WdiSystemHost - ok
20:41:29.0458 0x2694 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
20:41:29.0467 0x2694 WebClient - ok
20:41:29.0497 0x2694 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:41:29.0505 0x2694 Wecsvc - ok
20:41:29.0527 0x2694 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:41:29.0531 0x2694 wercplsupport - ok
20:41:29.0565 0x2694 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
20:41:29.0569 0x2694 WerSvc - ok
20:41:29.0583 0x2694 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:41:29.0584 0x2694 WfpLwf - ok
20:41:29.0605 0x2694 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:41:29.0607 0x2694 WIMMount - ok
20:41:29.0632 0x2694 WinDefend - ok
20:41:29.0649 0x2694 WinHttpAutoProxySvc - ok
20:41:29.0710 0x2694 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:41:29.0717 0x2694 Winmgmt - ok
20:41:29.0816 0x2694 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
20:41:29.0868 0x2694 WinRM - ok
20:41:29.0994 0x2694 [ 4C69A8E2E159C1C59BC4B688E9DD7F8C, 235C7A41425846EFE4966490EB7F72AA768B3FE1665843BF58520DDBD6822A74 ] WisLMSvc C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
20:41:29.0998 0x2694 WisLMSvc - ok
20:41:30.0070 0x2694 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:41:30.0094 0x2694 Wlansvc - ok
20:41:30.0133 0x2694 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:41:30.0134 0x2694 WmiAcpi - ok
20:41:30.0170 0x2694 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:41:30.0176 0x2694 wmiApSrv - ok
20:41:30.0200 0x2694 WMPNetworkSvc - ok
20:41:30.0207 0x2694 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:41:30.0210 0x2694 WPCSvc - ok
20:41:30.0237 0x2694 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:41:30.0243 0x2694 WPDBusEnum - ok
20:41:30.0275 0x2694 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:41:30.0277 0x2694 ws2ifsl - ok
20:41:30.0302 0x2694 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
20:41:30.0307 0x2694 wscsvc - ok
20:41:30.0315 0x2694 WSearch - ok
20:41:30.0412 0x2694 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
20:41:30.0474 0x2694 wuauserv - ok
20:41:30.0515 0x2694 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:41:30.0518 0x2694 WudfPf - ok
20:41:30.0553 0x2694 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:41:30.0559 0x2694 WUDFRd - ok
20:41:30.0589 0x2694 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:41:30.0593 0x2694 wudfsvc - ok
20:41:30.0636 0x2694 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
20:41:30.0643 0x2694 WwanSvc - ok
20:41:30.0674 0x2694 [ BAA813A76F5DB6CC3C2CEAB7D82B6972, 783B7AF92E98623FDB9B395F3BC1D30736902A68E3AE78249243CE97548387FA ] X10Hid C:\Windows\system32\Drivers\x10hid.sys
20:41:30.0688 0x2694 X10Hid - ok
20:41:30.0754 0x2694 [ 5A0C788C5BC5F2C993CB60940ADCF95E, FEEC158466040A6528E7FC8D33706B50D2F03479E0B62DF8F06B69A1A850A9FB ] x10nets C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe
20:41:30.0755 0x2694 x10nets - ok
20:41:30.0792 0x2694 ================ Scan global ===============================
20:41:30.0837 0x2694 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:41:30.0877 0x2694 [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
20:41:30.0893 0x2694 [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
20:41:30.0922 0x2694 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:41:30.0948 0x2694 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
20:41:30.0957 0x2694 [ Global ] - ok
20:41:30.0958 0x2694 ================ Scan MBR ==================================
20:41:30.0966 0x2694 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:41:31.0141 0x2694 \Device\Harddisk0\DR0 - ok
20:41:31.0142 0x2694 ================ Scan VBR ==================================
20:41:31.0145 0x2694 [ 9748591C04FDE342753D5C70022E6C58 ] \Device\Harddisk0\DR0\Partition1
20:41:31.0199 0x2694 \Device\Harddisk0\DR0\Partition1 - ok
20:41:31.0203 0x2694 [ 3E2F08FFDBC9985B923B8BD065EE7C06 ] \Device\Harddisk0\DR0\Partition2
20:41:31.0256 0x2694 \Device\Harddisk0\DR0\Partition2 - ok
20:41:31.0287 0x2694 [ 480AEA851CF1BE8641C10256C106C49F ] \Device\Harddisk0\DR0\Partition3
20:41:31.0352 0x2694 \Device\Harddisk0\DR0\Partition3 - ok
20:41:31.0353 0x2694 ================ Scan generic autorun ======================
20:41:31.0813 0x2694 [ C6EBBCA79931B19F7C2D4A1B494D4B98, 2E146B8761000E12E29D0BC819BFC9DC7F3589080613773BBB1BA37984EB5C67 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:41:32.0060 0x2694 RtHDVCpl - ok
20:41:32.0161 0x2694 [ 1E7EBBF7D89DE7979308494FE98EB393, 84619B1A27F72FB5B412528AC247FA1CC174056BB08BF9B2B4749625BFE2688A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:41:32.0186 0x2694 RtHDVBg - ok
20:41:32.0189 0x2694 SynTPEnh - ok
20:41:32.0288 0x2694 [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] C:\Program Files\Microsoft Security Client\msseces.exe
20:41:32.0313 0x2694 MSC - ok
20:41:32.0509 0x2694 [ D5FFA9F81738C81253C0D3C7E03E3AB0, C908F7DAE626997128DEE511822245224BBA94C6C139DD284253EDBCE710D947 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
20:41:32.0560 0x2694 NvBackend - ok
20:41:32.0589 0x2694 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
20:41:32.0592 0x2694 ShadowPlay - ok
20:41:32.0623 0x2694 [ 810A5F70CEB063CEC85360394BEC2C56, FCC289B23B2347AD7C34B48E6EFB1914B5ED8D9DD397B0816D94747B168DFD64 ] C:\Windows\system32\igfxtray.exe
20:41:32.0627 0x2694 IgfxTray - ok
20:41:32.0646 0x2694 [ 2FE8F6A30802B69A3F501607F346DEEA, CD603DB6055861E9EAD397234120FBE0D3CACEFADB0D6001099CF0DA9DF1CC34 ] C:\Windows\system32\hkcmd.exe
20:41:32.0656 0x2694 HotKeysCmds - ok
20:41:32.0691 0x2694 [ CA1941B93BA45B7EA4D7D9F451B25C84, B0648762862931CB12004C92CD7A7EF8E3B1C14DD33C980A490D8AA56F7AA723 ] C:\Windows\system32\igfxpers.exe
20:41:32.0699 0x2694 Persistence - ok
20:41:32.0788 0x2694 [ 1E7EBBF7D89DE7979308494FE98EB393, 84619B1A27F72FB5B412528AC247FA1CC174056BB08BF9B2B4749625BFE2688A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:41:32.0816 0x2694 RtHDVBg_Dolby - ok
20:41:32.0836 0x2694 [ 8D2851FC8807D456319C721AE3809824, 3AB40A5538C04CC536523E1AB890BBD4BA648134BB594B852EB8434DCE80632C ] C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
20:41:33.0336 0x2694 HotkeyApp - ok
20:41:33.0368 0x2694 [ DFA1067EA4157BCCCFD48F052066A076, 5E5B60C20CFF1F3F9D45588B0E0AEB59C3F4C11089CCB52AA92890773BAA081F ] C:\Program Files (x86)\Launch Manager\OSD.exe
20:41:33.0377 0x2694 LMgrVolOSD - ok
20:41:33.0405 0x2694 [ 94D2739E7F421BC0EE0B32387B78B619, D7835E81FD08EBBFBDF44712D48CBF4311A89FF505ADD4DF4ECC46A2ECCD6F1B ] C:\Program Files (x86)\Launch Manager\Wbutton.exe
20:41:33.0417 0x2694 Wbutton - ok
20:41:33.0456 0x2694 [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
20:41:33.0459 0x2694 NUSB3MON - ok
20:41:33.0542 0x2694 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:41:33.0597 0x2694 Sidebar - ok
20:41:33.0660 0x2694 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:41:33.0663 0x2694 mctadmin - ok
20:41:33.0718 0x2694 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:41:33.0740 0x2694 Sidebar - ok
20:41:33.0748 0x2694 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:41:33.0750 0x2694 mctadmin - ok
20:41:33.0813 0x2694 [ 8380DA2C21B6F05F0F794030C5A7329E, 51A31BB49D1102E1006861C59133BC1D020C436BF04242FE29127C2D5BDD44F0 ] I:\Programme\MonitorOff\monoff.exe
20:41:33.0822 0x2694 Dekisoft Monitor Off Utility - ok
20:41:33.0840 0x2694 [ EBDD6BE68D642DD2A19FCC6426B19486, 24E749B22D00FA8AD9E766D42AA78CE4C4DEF7EDA93A65D36FC96010F49F5D81 ] I:\LiberKey\LiberKey.exe
20:41:34.0326 0x2694 LiberKey - ok
20:41:34.0386 0x2694 [ 5ED08542C733A0606ACFA9D37B5CDF3A, 2257D8DCB4369707A2A66EB89B09881DA5A8326F6741D42CF9E9C7970EAAEC5B ] I:\Programme\PureText\PureText.exe
20:41:34.0388 0x2694 PureText - ok
20:41:34.0521 0x2694 [ 7F96DA4B04BBB22341BAA3A4019549DC, A44C6DFC3A77B03D59AC1263099BB27CA3CFFED84BF4FF6AF27C894AFCFFACD1 ] I:\LiberKey\Apps\Ditto\App\Ditto\Ditto.exe
20:41:34.0640 0x2694 Ditto - ok
20:41:34.0733 0x2694 [ F0F3DF07A7C024C66CC4E2DD1F2BFBE1, AFACB340FEF016C7DA1FB464129C48190ABB6C33435E2309328B6FA48727910E ] I:\LiberKey\Apps\GlaryUtilities\App\GlaryUtilities\StartupManager.exe
20:41:34.0782 0x2694 GUDelayStartup - ok
20:41:34.0884 0x2694 [ 94333049AD2CCEA5902F1765EFF0F7BF, 5A63E4AEAF22306764C84A07E4C2FACE061EDBB0B13380E8EC41692775515F0B ] I:\Programme\Ultracopier\ultracopier.exe
20:41:34.0959 0x2694 ultracopier - ok
20:41:34.0961 0x2694 Waiting for KSN requests completion. In queue: 39
20:41:35.0961 0x2694 Waiting for KSN requests completion. In queue: 39
20:41:36.0961 0x2694 Waiting for KSN requests completion. In queue: 39
20:41:38.0235 0x2694 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
20:41:38.0312 0x2694 Win FW state via NFP2: enabled
20:41:41.0082 0x2694 ============================================================
20:41:41.0082 0x2694 Scan finished
20:41:41.0082 0x2694 ============================================================
20:41:41.0119 0x1924 Detected object count: 0
20:41:41.0119 0x1924 Actual detected object count: 0
Geändert von Dirki (08.06.2015 um 19:47 Uhr) |
|
08.06.2015, 19:58
| #6 |
| | Notebook läuft extrem langsam: verursacht von Schadsoftware? Ah, ich hatte vergessen die Checkboxen bei "Additional options" anzuhaken, hier nochmal, Verzeihung:  Code:
ATTFilter 20:53:32.0942 0x27bc TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
20:53:35.0436 0x27bc ============================================================
20:53:35.0436 0x27bc Current date / time: 2015/06/08 20:53:35.0436
20:53:35.0436 0x27bc SystemInfo:
20:53:35.0436 0x27bc
20:53:35.0436 0x27bc OS Version: 6.1.7601 ServicePack: 1.0
20:53:35.0436 0x27bc Product type: Workstation
20:53:35.0436 0x27bc ComputerName: BIFFILIUS
20:53:35.0437 0x27bc UserName: Biffilius
20:53:35.0437 0x27bc Windows directory: C:\Windows
20:53:35.0437 0x27bc System windows directory: C:\Windows
20:53:35.0437 0x27bc Running under WOW64
20:53:35.0437 0x27bc Processor architecture: Intel x64
20:53:35.0437 0x27bc Number of processors: 4
20:53:35.0437 0x27bc Page size: 0x1000
20:53:35.0437 0x27bc Boot type: Normal boot
20:53:35.0437 0x27bc ============================================================
20:53:37.0751 0x27bc KLMD registered as C:\Windows\system32\drivers\08450918.sys
20:53:38.0191 0x27bc System UUID: {5EBA7A58-6928-EF15-609E-0D4133B1B8C2}
20:53:39.0165 0x27bc Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:53:39.0168 0x27bc ============================================================
20:53:39.0168 0x27bc \Device\Harddisk0\DR0:
20:53:39.0168 0x27bc MBR partitions:
20:53:39.0168 0x27bc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:53:39.0169 0x27bc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xA5D2000
20:53:39.0169 0x27bc \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xA604800, BlocksNum 0x6A101000
20:53:39.0169 0x27bc ============================================================
20:53:39.0195 0x27bc C: <-> \Device\Harddisk0\DR0\Partition2
20:53:39.0240 0x27bc I: <-> \Device\Harddisk0\DR0\Partition3
20:53:39.0240 0x27bc ============================================================
20:53:39.0241 0x27bc Initialize success
20:53:39.0241 0x27bc ============================================================
20:54:34.0565 0x255c ============================================================
20:54:34.0565 0x255c Scan started
20:54:34.0565 0x255c Mode: Manual; SigCheck; TDLFS;
20:54:34.0565 0x255c ============================================================
20:54:34.0565 0x255c KSN ping started
20:54:37.0352 0x255c KSN ping finished: true
20:54:39.0717 0x255c ================ Scan system memory ========================
20:54:39.0717 0x255c System memory - ok
20:54:39.0718 0x255c ================ Scan services =============================
20:54:39.0986 0x255c [ 970C70F6B2953ED43822D3797855D84C, CB22723678B514277BC6E6DDDD206F3B2377CD889C9D473A47A7056BE597BC6B ] !SASCORE I:\Programme\SuperAntiSpyware\SASCORE64.EXE
20:54:40.0587 0x255c !SASCORE - ok
20:54:40.0755 0x255c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:54:41.0070 0x255c 1394ohci - ok
20:54:41.0228 0x255c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:54:41.0276 0x255c ACPI - ok
20:54:41.0309 0x255c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:54:41.0440 0x255c AcpiPmi - ok
20:54:41.0494 0x255c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:54:41.0524 0x255c adp94xx - ok
20:54:41.0549 0x255c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:54:41.0571 0x255c adpahci - ok
20:54:41.0594 0x255c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:54:41.0612 0x255c adpu320 - ok
20:54:41.0643 0x255c [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:54:41.0701 0x255c AeLookupSvc - ok
20:54:41.0748 0x255c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
20:54:41.0860 0x255c AFD - ok
20:54:41.0905 0x255c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
20:54:41.0923 0x255c agp440 - ok
20:54:41.0982 0x255c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
20:54:42.0350 0x255c ALG - ok
20:54:42.0429 0x255c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
20:54:42.0447 0x255c aliide - ok
20:54:42.0471 0x255c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
20:54:42.0494 0x255c amdide - ok
20:54:42.0572 0x255c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:54:42.0717 0x255c AmdK8 - ok
20:54:42.0776 0x255c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:54:42.0927 0x255c AmdPPM - ok
20:54:43.0044 0x255c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:54:43.0085 0x255c amdsata - ok
20:54:43.0195 0x255c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:54:43.0413 0x255c amdsbs - ok
20:54:43.0447 0x255c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:54:43.0460 0x255c amdxata - ok
20:54:43.0620 0x255c [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
20:54:43.0889 0x255c AppID - ok
20:54:43.0965 0x255c [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:54:44.0056 0x255c AppIDSvc - ok
20:54:44.0210 0x255c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
20:54:44.0304 0x255c Appinfo - ok
20:54:44.0373 0x255c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:54:44.0391 0x255c arc - ok
20:54:44.0450 0x255c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:54:44.0479 0x255c arcsas - ok
20:54:44.0640 0x255c [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:54:44.0654 0x255c aspnet_state - ok
20:54:44.0758 0x255c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:54:45.0290 0x255c AsyncMac - ok
20:54:45.0321 0x255c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
20:54:45.0331 0x255c atapi - ok
20:54:45.0588 0x255c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:54:45.0634 0x255c AudioEndpointBuilder - ok
20:54:45.0658 0x255c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:54:45.0690 0x255c AudioSrv - ok
20:54:45.0823 0x255c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:54:46.0180 0x255c AxInstSV - ok
20:54:46.0393 0x255c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:54:46.0641 0x255c b06bdrv - ok
20:54:46.0823 0x255c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:54:46.0941 0x255c b57nd60a - ok
20:54:47.0049 0x255c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
20:54:47.0112 0x255c BDESVC - ok
20:54:47.0231 0x255c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
20:54:47.0321 0x255c Beep - ok
20:54:47.0564 0x255c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
20:54:47.0760 0x255c BFE - ok
20:54:47.0992 0x255c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
20:54:50.0045 0x255c BITS - ok
20:54:50.0105 0x255c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:54:50.0135 0x255c blbdrive - ok
20:54:50.0237 0x255c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:54:50.0318 0x255c bowser - ok
20:54:50.0381 0x255c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:54:50.0578 0x255c BrFiltLo - ok
20:54:50.0584 0x255c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:54:50.0623 0x255c BrFiltUp - ok
20:54:50.0791 0x255c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
20:54:50.0857 0x255c Browser - ok
20:54:50.0880 0x255c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:54:50.0965 0x255c Brserid - ok
20:54:50.0976 0x255c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:54:51.0104 0x255c BrSerWdm - ok
20:54:51.0112 0x255c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:54:51.0170 0x255c BrUsbMdm - ok
20:54:51.0232 0x255c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:54:51.0295 0x255c BrUsbSer - ok
20:54:51.0335 0x255c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:54:51.0401 0x255c BTHMODEM - ok
20:54:51.0486 0x255c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
20:54:51.0584 0x255c bthserv - ok
20:54:51.0635 0x255c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:54:51.0735 0x255c cdfs - ok
20:54:51.0829 0x255c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
20:54:51.0859 0x255c cdrom - ok
20:54:52.0029 0x255c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
20:54:52.0140 0x255c CertPropSvc - ok
20:54:52.0179 0x255c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:54:52.0233 0x255c circlass - ok
20:54:52.0381 0x255c [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
20:54:52.0406 0x255c CLFS - ok
20:54:52.0462 0x255c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:54:52.0478 0x255c clr_optimization_v2.0.50727_32 - ok
20:54:52.0545 0x255c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:54:52.0586 0x255c clr_optimization_v2.0.50727_64 - ok
20:54:52.0654 0x255c [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:54:52.0671 0x255c clr_optimization_v4.0.30319_32 - ok
20:54:52.0697 0x255c [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:54:52.0722 0x255c clr_optimization_v4.0.30319_64 - ok
20:54:52.0760 0x255c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:54:52.0788 0x255c CmBatt - ok
20:54:52.0816 0x255c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:54:52.0853 0x255c cmdide - ok
20:54:52.0902 0x255c [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
20:54:52.0962 0x255c CNG - ok
20:54:53.0106 0x255c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:54:53.0116 0x255c Compbatt - ok
20:54:53.0141 0x255c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:54:53.0178 0x255c CompositeBus - ok
20:54:53.0189 0x255c COMSysApp - ok
20:54:53.0473 0x255c [ 5212E0957468D3F94D90FA7A0F06B58F, 955DAC77A0148E9F9ED744F5D341CB9C9118261E52FE622AC6213965F2BC4CAD ] cpuz137 I:\LiberKey\Apps\Pcwizard\App\PCWizard\pcwiz_x64.sys
20:54:53.0622 0x255c cpuz137 - ok
20:54:53.0700 0x255c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:54:53.0733 0x255c crcdisk - ok
20:54:53.0879 0x255c [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:54:53.0961 0x255c CryptSvc - ok
20:54:54.0189 0x255c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:54:54.0277 0x255c DcomLaunch - ok
20:54:54.0447 0x255c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
20:54:54.0538 0x255c defragsvc - ok
20:54:54.0582 0x255c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:54:54.0637 0x255c DfsC - ok
20:54:54.0708 0x255c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:54:54.0813 0x255c Dhcp - ok
20:54:54.0952 0x255c [ EA8A3E8C674B03CB4AFA1D344DBD7BC1, 564D9370AE4D12973647997684B9637B2A5A7480F66B87018F789CE4E43C8191 ] DiagTrack C:\Windows\system32\diagtrack.dll
20:54:55.0157 0x255c DiagTrack - ok
20:54:55.0240 0x255c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
20:54:55.0290 0x255c discache - ok
20:54:55.0313 0x255c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:54:55.0328 0x255c Disk - ok
20:54:55.0503 0x255c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:54:55.0591 0x255c Dnscache - ok
20:54:55.0720 0x255c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
20:54:55.0810 0x255c dot3svc - ok
20:54:55.0943 0x255c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
20:54:56.0039 0x255c DPS - ok
20:54:56.0109 0x255c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:54:56.0207 0x255c drmkaud - ok
20:54:56.0285 0x255c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:54:56.0366 0x255c DXGKrnl - ok
20:54:56.0462 0x255c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
20:54:56.0566 0x255c EapHost - ok
20:54:56.0855 0x255c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:54:57.0126 0x255c ebdrv - ok
20:54:57.0170 0x255c [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] EFS C:\Windows\System32\lsass.exe
20:54:57.0246 0x255c EFS - ok
20:54:57.0476 0x255c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:54:57.0551 0x255c ehRecvr - ok
20:54:57.0698 0x255c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
20:54:57.0906 0x255c ehSched - ok
20:54:58.0095 0x255c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:54:58.0183 0x255c elxstor - ok
20:54:58.0215 0x255c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:54:58.0244 0x255c ErrDev - ok
20:54:58.0378 0x255c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
20:54:58.0481 0x255c EventSystem - ok
20:54:58.0525 0x255c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
20:54:58.0604 0x255c exfat - ok
20:54:58.0649 0x255c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:54:58.0796 0x255c fastfat - ok
20:54:58.0869 0x255c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
20:54:58.0996 0x255c Fax - ok
20:54:59.0046 0x255c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:54:59.0099 0x255c fdc - ok
20:54:59.0226 0x255c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
20:54:59.0338 0x255c fdPHost - ok
20:54:59.0375 0x255c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
20:54:59.0476 0x255c FDResPub - ok
20:54:59.0514 0x255c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:54:59.0527 0x255c FileInfo - ok
20:54:59.0579 0x255c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:54:59.0661 0x255c Filetrace - ok
20:54:59.0694 0x255c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:54:59.0745 0x255c flpydisk - ok
20:54:59.0901 0x255c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:54:59.0932 0x255c FltMgr - ok
20:55:00.0336 0x255c [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
20:55:00.0617 0x255c FontCache - ok
20:55:00.0744 0x255c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:55:00.0776 0x255c FontCache3.0.0.0 - ok
20:55:00.0811 0x255c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:55:00.0828 0x255c FsDepends - ok
20:55:00.0890 0x255c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:55:00.0900 0x255c Fs_Rec - ok
20:55:00.0985 0x255c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:55:01.0005 0x255c fvevol - ok
20:55:01.0052 0x255c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:55:01.0064 0x255c gagp30kx - ok
20:55:01.0342 0x255c [ C0B698B7D0E03B2A01D0F781BEE052BB, C20A43B02FF2536FF009C82CFE286598A87AC0BC5072F8E278802DD0B227AC3E ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
20:55:01.0420 0x255c GfExperienceService - ok
20:55:01.0477 0x255c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
20:55:01.0559 0x255c gpsvc - ok
20:55:01.0598 0x255c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:55:01.0642 0x255c hcw85cir - ok
20:55:01.0808 0x255c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:55:01.0906 0x255c HdAudAddService - ok
20:55:01.0997 0x255c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:55:02.0072 0x255c HDAudBus - ok
20:55:02.0178 0x255c [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:55:02.0214 0x255c HECIx64 - ok
20:55:02.0279 0x255c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:55:02.0311 0x255c HidBatt - ok
20:55:02.0328 0x255c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:55:02.0363 0x255c HidBth - ok
20:55:02.0394 0x255c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:55:02.0453 0x255c HidIr - ok
20:55:02.0535 0x255c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
20:55:02.0692 0x255c hidserv - ok
20:55:02.0833 0x255c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:55:02.0904 0x255c HidUsb - ok
20:55:03.0029 0x255c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:55:03.0166 0x255c hkmsvc - ok
20:55:03.0252 0x255c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:55:03.0380 0x255c HomeGroupListener - ok
20:55:03.0459 0x255c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:55:03.0495 0x255c HomeGroupProvider - ok
20:55:03.0590 0x255c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:55:03.0622 0x255c HpSAMD - ok
20:55:03.0703 0x255c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:55:03.0763 0x255c HTTP - ok
20:55:03.0800 0x255c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:55:03.0810 0x255c hwpolicy - ok
20:55:03.0844 0x255c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:55:03.0869 0x255c i8042prt - ok
20:55:03.0998 0x255c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:55:04.0026 0x255c iaStorV - ok
20:55:04.0405 0x255c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:55:04.0450 0x255c idsvc - ok
20:55:04.0518 0x255c IEEtwCollectorService - ok
20:55:05.0622 0x255c [ F4F91789C7C7A159CE8215C1F69F2A85, E60155402FB647B55EAD6B090204A1AA497294D473A7CCF850BB21C0DCCCB49C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:55:06.0306 0x255c igfx - ok
20:55:06.0350 0x255c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:55:06.0362 0x255c iirsp - ok
20:55:06.0693 0x255c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
20:55:06.0774 0x255c IKEEXT - ok
20:55:06.0918 0x255c [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
20:55:06.0998 0x255c Impcd - ok
20:55:07.0452 0x255c [ CC279B89A16615B8DD13422544F6B478, DFC6AF05670CA79D8CC2C89FB5FBD8EECC4FB159CD8EFE422F06BE2A272608B6 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:55:07.0637 0x255c IntcAzAudAddService - ok
20:55:07.0731 0x255c [ 03C74719D48056A1078F3A51CEB76BAA, 34BCC73EE4D65E1F282208C243C54BBD8458DB50FA893DE3306E1A1E73D05B1A ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:55:07.0773 0x255c IntcDAud - ok
20:55:07.0791 0x255c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
20:55:07.0801 0x255c intelide - ok
20:55:07.0838 0x255c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:55:07.0903 0x255c intelppm - ok
20:55:07.0936 0x255c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:55:08.0029 0x255c IPBusEnum - ok
20:55:08.0069 0x255c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:55:08.0112 0x255c IpFilterDriver - ok
20:55:08.0170 0x255c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:55:08.0263 0x255c iphlpsvc - ok
20:55:08.0346 0x255c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:55:08.0386 0x255c IPMIDRV - ok
20:55:08.0421 0x255c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:55:08.0488 0x255c IPNAT - ok
20:55:08.0549 0x255c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:55:08.0666 0x255c IRENUM - ok
20:55:08.0763 0x255c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:55:08.0805 0x255c isapnp - ok
20:55:08.0847 0x255c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:55:08.0876 0x255c iScsiPrt - ok
20:55:08.0898 0x255c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:55:08.0926 0x255c kbdclass - ok
20:55:08.0953 0x255c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:55:08.0982 0x255c kbdhid - ok
20:55:09.0007 0x255c [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] KeyIso C:\Windows\system32\lsass.exe
20:55:09.0037 0x255c KeyIso - ok
20:55:09.0066 0x255c [ F7DFAE6040AC910B7C64EE208A34157D, AEF1100F12391692D9DB78519D843A90C97E199A80DDC4D43E3AF1919A9E8E56 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:55:09.0081 0x255c KSecDD - ok
20:55:09.0105 0x255c [ 8FE94F2EF9BF444E93E35D87E210D02F, 78E8F6FD7C1EA3556194947707BE6893538A9E25A550C22045866C5B30251D14 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:55:09.0121 0x255c KSecPkg - ok
20:55:09.0142 0x255c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:55:09.0208 0x255c ksthunk - ok
20:55:09.0261 0x255c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
20:55:09.0321 0x255c KtmRm - ok
20:55:09.0366 0x255c [ 48686C29856F46443952A831424F8D6F, 05BEA2243E219575B2FBED23824DB2BE61F422C2972AC2E835C94DFC8A285BF6 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
20:55:09.0459 0x255c L1C - ok
20:55:09.0522 0x255c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:55:09.0608 0x255c LanmanServer - ok
20:55:09.0687 0x255c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:55:09.0810 0x255c LanmanWorkstation - ok
20:55:09.0852 0x255c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:55:09.0891 0x255c lltdio - ok
20:55:09.0957 0x255c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:55:10.0083 0x255c lltdsvc - ok
20:55:10.0116 0x255c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:55:10.0162 0x255c lmhosts - ok
20:55:10.0326 0x255c [ 1E2F802846EB944E0333EFEE7C9532A8, 86EB59BF238E3DB8AF9E379B0BAE5AEC734C15598E665062B2E19C0A58BEF783 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:55:10.0346 0x255c LMS - ok
20:55:10.0389 0x255c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:55:10.0402 0x255c LSI_FC - ok
20:55:10.0443 0x255c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:55:10.0457 0x255c LSI_SAS - ok
20:55:10.0489 0x255c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:55:10.0505 0x255c LSI_SAS2 - ok
20:55:10.0544 0x255c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:55:10.0567 0x255c LSI_SCSI - ok
20:55:10.0630 0x255c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
20:55:10.0878 0x255c luafv - ok
20:55:11.0348 0x255c [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:55:11.0372 0x255c MBAMProtector - ok
20:55:11.0742 0x255c [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
20:55:11.0789 0x255c MBAMService - ok
20:55:11.0853 0x255c [ F49FB3C88E263AE9A246593B0BB29294, FB53D6FA4A98B98334DCFF81E40712265256D31A9E9FF36022887BABD50F39EB ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
20:55:11.0869 0x255c MBAMWebAccessControl - ok
20:55:11.0917 0x255c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:55:11.0934 0x255c Mcx2Svc - ok
20:55:11.0960 0x255c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:55:11.0973 0x255c megasas - ok
20:55:11.0999 0x255c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:55:12.0022 0x255c MegaSR - ok
20:55:12.0054 0x255c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
20:55:12.0113 0x255c MMCSS - ok
20:55:12.0152 0x255c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
20:55:12.0229 0x255c Modem - ok
20:55:12.0276 0x255c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:55:12.0314 0x255c monitor - ok
20:55:12.0350 0x255c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:55:12.0362 0x255c mouclass - ok
20:55:12.0385 0x255c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:55:12.0413 0x255c mouhid - ok
20:55:12.0457 0x255c [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:55:12.0470 0x255c mountmgr - ok
20:55:12.0528 0x255c [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
20:55:12.0553 0x255c MpFilter - ok
20:55:12.0587 0x255c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
20:55:12.0604 0x255c mpio - ok
20:55:12.0629 0x255c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:55:12.0676 0x255c mpsdrv - ok
20:55:12.0730 0x255c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:55:12.0814 0x255c MpsSvc - ok
20:55:12.0852 0x255c [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:55:12.0897 0x255c MRxDAV - ok
20:55:12.0934 0x255c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:55:12.0978 0x255c mrxsmb - ok
20:55:13.0006 0x255c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:55:13.0038 0x255c mrxsmb10 - ok
20:55:13.0052 0x255c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:55:13.0083 0x255c mrxsmb20 - ok
20:55:13.0105 0x255c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
20:55:13.0120 0x255c msahci - ok
20:55:13.0138 0x255c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:55:13.0155 0x255c msdsm - ok
20:55:13.0177 0x255c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
20:55:13.0203 0x255c MSDTC - ok
20:55:13.0242 0x255c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:55:13.0305 0x255c Msfs - ok
20:55:13.0319 0x255c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:55:13.0367 0x255c mshidkmdf - ok
20:55:13.0383 0x255c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:55:13.0395 0x255c msisadrv - ok
20:55:13.0424 0x255c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:55:13.0481 0x255c MSiSCSI - ok
20:55:13.0495 0x255c msiserver - ok
20:55:13.0529 0x255c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:55:13.0585 0x255c MSKSSRV - ok
20:55:13.0671 0x255c [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
20:55:13.0684 0x255c MsMpSvc - ok
20:55:13.0690 0x255c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:55:13.0745 0x255c MSPCLOCK - ok
20:55:13.0751 0x255c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:55:13.0803 0x255c MSPQM - ok
20:55:13.0843 0x255c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:55:13.0865 0x255c MsRPC - ok
20:55:13.0893 0x255c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:55:13.0909 0x255c mssmbios - ok
20:55:13.0948 0x255c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:55:14.0021 0x255c MSTEE - ok
20:55:14.0027 0x255c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:55:14.0086 0x255c MTConfig - ok
20:55:14.0101 0x255c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
20:55:14.0114 0x255c Mup - ok
20:55:14.0158 0x255c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
20:55:14.0224 0x255c napagent - ok
20:55:14.0270 0x255c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:55:14.0311 0x255c NativeWifiP - ok
20:55:14.0386 0x255c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
20:55:14.0430 0x255c NDIS - ok
20:55:14.0465 0x255c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:55:14.0537 0x255c NdisCap - ok
20:55:14.0565 0x255c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:55:14.0623 0x255c NdisTapi - ok
20:55:14.0664 0x255c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:55:14.0719 0x255c Ndisuio - ok
20:55:14.0744 0x255c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:55:14.0803 0x255c NdisWan - ok
20:55:14.0836 0x255c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:55:14.0892 0x255c NDProxy - ok
20:55:14.0916 0x255c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:55:14.0969 0x255c NetBIOS - ok
20:55:15.0007 0x255c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:55:15.0064 0x255c NetBT - ok
20:55:15.0075 0x255c [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] Netlogon C:\Windows\system32\lsass.exe
20:55:15.0089 0x255c Netlogon - ok
20:55:15.0119 0x255c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
20:55:15.0185 0x255c Netman - ok
20:55:15.0216 0x255c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:55:15.0236 0x255c NetMsmqActivator - ok
20:55:15.0243 0x255c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:55:15.0259 0x255c NetPipeActivator - ok
20:55:15.0305 0x255c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
20:55:15.0365 0x255c netprofm - ok
20:55:15.0373 0x255c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:55:15.0390 0x255c NetTcpActivator - ok
20:55:15.0398 0x255c [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:55:15.0413 0x255c NetTcpPortSharing - ok
20:55:15.0576 0x255c [ 82FFC84EC3AFC2F2D38DB880F50157C0, 4D37A44A5BBD3ECA2B29FE8565FC5840093E5BB41D197BEDA406BCE4A7C3479A ] Netzmanager Service C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
20:55:15.0838 0x255c Netzmanager Service - detected UnsignedFile.Multi.Generic ( 1 )
20:55:19.0001 0x255c Detect skipped due to KSN trusted
20:55:19.0002 0x255c Netzmanager Service - ok
20:55:19.0034 0x255c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:55:19.0050 0x255c nfrd960 - ok
20:55:19.0106 0x255c [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
20:55:19.0128 0x255c NisDrv - ok
20:55:19.0150 0x255c [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
20:55:19.0176 0x255c NisSrv - ok
20:55:19.0218 0x255c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:55:19.0266 0x255c NlaSvc - ok
20:55:19.0286 0x255c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:55:19.0357 0x255c Npfs - ok
20:55:19.0387 0x255c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
20:55:19.0440 0x255c nsi - ok
20:55:19.0470 0x255c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:55:19.0512 0x255c nsiproxy - ok
20:55:19.0598 0x255c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:55:19.0665 0x255c Ntfs - ok
20:55:19.0682 0x255c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
20:55:19.0732 0x255c Null - ok
20:55:19.0770 0x255c [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
20:55:19.0810 0x255c nusb3hub - ok
20:55:19.0829 0x255c [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
20:55:19.0860 0x255c nusb3xhc - ok
20:55:20.0350 0x255c [ 3E188568A3D51195399A790B51F0A7B8, 76BBE2F6CD8B67D184FACE85D638E0861842784F5A087A412F0F05AF27079DC4 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:55:20.0972 0x255c nvlddmkm - ok
20:55:21.0107 0x255c [ 32ECE52E4C4A5FC2115279D7B13E6270, AE520E4708B3750D61BE17AA6020D0D0518CC72D4D29F4D618090F74EA2850BF ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
20:55:21.0171 0x255c NvNetworkService - ok
20:55:21.0200 0x255c [ A3673BC0BDCC99BEBEA6B3C9F78868A4, 86F4701A90A0FFCBD3396BFD1A5863949122832CED63E26571A55857D5ABC6AE ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
20:55:21.0323 0x255c nvpciflt - ok
20:55:21.0379 0x255c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:55:21.0395 0x255c nvraid - ok
20:55:21.0411 0x255c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:55:21.0427 0x255c nvstor - ok
20:55:21.0478 0x255c [ DA48A4EB3DD38C7BF90CB12DD1672618, 2EFEEE7E9294A17251B45259C06B40E11088D38970068D6D88EE2105B35F5530 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
20:55:21.0504 0x255c NvStreamKms - ok
20:55:21.0531 0x255c NvStreamSvc - ok
20:55:21.0596 0x255c [ D768CA15B379A9611B22719A1364D3C0, 2F2D6143E2B06A3EE7011E559475BFC3DEFC8AB67F1F93404E6B83CDB69185C0 ] nvsvc C:\Windows\system32\nvvsvc.exe
20:55:21.0644 0x255c nvsvc - ok
20:55:21.0667 0x255c [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
20:55:21.0762 0x255c nvvad_WaveExtensible - ok
20:55:21.0795 0x255c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:55:21.0809 0x255c nv_agp - ok
20:55:21.0828 0x255c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:55:21.0854 0x255c ohci1394 - ok
20:55:21.0894 0x255c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:55:22.0013 0x255c p2pimsvc - ok
20:55:22.0395 0x255c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
20:55:22.0469 0x255c p2psvc - ok
20:55:22.0596 0x255c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:55:22.0649 0x255c Parport - ok
20:55:22.0700 0x255c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:55:22.0714 0x255c partmgr - ok
20:55:22.0760 0x255c [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:55:22.0818 0x255c PcaSvc - ok
20:55:22.0868 0x255c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
20:55:22.0899 0x255c pci - ok
20:55:22.0955 0x255c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
20:55:22.0967 0x255c pciide - ok
20:55:23.0016 0x255c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:55:23.0032 0x255c pcmcia - ok
20:55:23.0071 0x255c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
20:55:23.0082 0x255c pcw - ok
20:55:23.0159 0x255c [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:55:23.0221 0x255c PEAUTH - ok
20:55:23.0295 0x255c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:55:23.0324 0x255c PerfHost - ok
20:55:23.0418 0x255c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
20:55:23.0515 0x255c pla - ok
20:55:23.0569 0x255c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:55:23.0651 0x255c PlugPlay - ok
20:55:23.0729 0x255c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:55:23.0785 0x255c PNRPAutoReg - ok
20:55:24.0124 0x255c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:55:24.0146 0x255c PNRPsvc - ok
20:55:24.0786 0x255c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:55:25.0111 0x255c PolicyAgent - ok
20:55:25.0486 0x255c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
20:55:25.0606 0x255c Power - ok
20:55:25.0648 0x255c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:55:25.0709 0x255c PptpMiniport - ok
20:55:25.0740 0x255c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:55:25.0776 0x255c Processor - ok
20:55:25.0801 0x255c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
20:55:25.0856 0x255c ProfSvc - ok
20:55:25.0869 0x255c [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:55:25.0883 0x255c ProtectedStorage - ok
20:55:25.0936 0x255c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:55:26.0033 0x255c Psched - ok
20:55:26.0063 0x255c [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio C:\Windows\system32\pwdrvio.sys
20:55:26.0124 0x255c pwdrvio - ok
20:55:26.0146 0x255c [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio C:\Windows\system32\pwdspio.sys
20:55:26.0181 0x255c pwdspio - ok
20:55:26.0239 0x255c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:55:26.0299 0x255c ql2300 - ok
20:55:26.0330 0x255c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:55:26.0348 0x255c ql40xx - ok
20:55:26.0378 0x255c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
20:55:26.0410 0x255c QWAVE - ok
20:55:26.0435 0x255c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:55:26.0480 0x255c QWAVEdrv - ok
20:55:26.0500 0x255c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:55:26.0551 0x255c RasAcd - ok
20:55:26.0589 0x255c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:55:26.0652 0x255c RasAgileVpn - ok
20:55:26.0677 0x255c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
20:55:26.0738 0x255c RasAuto - ok
20:55:26.0762 0x255c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:55:26.0812 0x255c Rasl2tp - ok
20:55:26.0845 0x255c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
20:55:26.0923 0x255c RasMan - ok
20:55:26.0956 0x255c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:55:26.0996 0x255c RasPppoe - ok
20:55:27.0035 0x255c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:55:27.0088 0x255c RasSstp - ok
20:55:27.0129 0x255c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:55:27.0186 0x255c rdbss - ok
20:55:27.0201 0x255c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:55:27.0232 0x255c rdpbus - ok
20:55:27.0245 0x255c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:55:27.0295 0x255c RDPCDD - ok
20:55:27.0310 0x255c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:55:27.0362 0x255c RDPENCDD - ok
20:55:27.0382 0x255c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:55:27.0438 0x255c RDPREFMP - ok
20:55:27.0508 0x255c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:55:27.0566 0x255c RdpVideoMiniport - ok
20:55:27.0593 0x255c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:55:27.0637 0x255c RDPWD - ok
20:55:27.0668 0x255c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:55:27.0686 0x255c rdyboost - ok
20:55:27.0713 0x255c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:55:27.0776 0x255c RemoteAccess - ok
20:55:27.0798 0x255c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:55:27.0856 0x255c RemoteRegistry - ok
20:55:27.0869 0x255c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:55:27.0932 0x255c RpcEptMapper - ok
20:55:27.0986 0x255c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
20:55:28.0064 0x255c RpcLocator - ok
20:55:28.0145 0x255c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
20:55:28.0216 0x255c RpcSs - ok
20:55:28.0256 0x255c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:55:28.0314 0x255c rspndr - ok
20:55:28.0352 0x255c [ 44ED82612403021E36998E1ECB1198F1, 3AD488ED116C61E26B6D857494CFA80E3F99565C2D7C88C1C95DD2C6B6355BF0 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
20:55:28.0403 0x255c RSUSBSTOR - ok
20:55:28.0470 0x255c [ 8E843C0340C30994161C10FBA87EEA18, 4ED57D9F23C54FCB0EA99387D3EBAA5E34EB5465D84FF70E6652F9FA46F55CB2 ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys
20:55:28.0599 0x255c rtl8192se - ok
20:55:28.0620 0x255c [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] SamSs C:\Windows\system32\lsass.exe
20:55:28.0633 0x255c SamSs - ok
20:55:28.0677 0x255c [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV I:\Programme\SuperAntiSpyware\SASDIFSV64.SYS
20:55:28.0706 0x255c SASDIFSV - ok
20:55:28.0718 0x255c [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL I:\Programme\SuperAntiSpyware\SASKUTIL64.SYS
20:55:28.0742 0x255c SASKUTIL - ok
20:55:28.0783 0x255c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:55:28.0797 0x255c sbp2port - ok
20:55:28.0829 0x255c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:55:28.0900 0x255c SCardSvr - ok
20:55:28.0929 0x255c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:55:28.0995 0x255c scfilter - ok
20:55:29.0052 0x255c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
20:55:29.0133 0x255c Schedule - ok
20:55:29.0169 0x255c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:55:29.0211 0x255c SCPolicySvc - ok
20:55:29.0239 0x255c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:55:29.0272 0x255c SDRSVC - ok
20:55:29.0298 0x255c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:55:29.0349 0x255c secdrv - ok
20:55:29.0370 0x255c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
20:55:29.0416 0x255c seclogon - ok
20:55:29.0442 0x255c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
20:55:29.0508 0x255c SENS - ok
20:55:29.0525 0x255c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:55:29.0575 0x255c SensrSvc - ok
20:55:29.0589 0x255c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:55:29.0615 0x255c Serenum - ok
20:55:29.0629 0x255c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:55:29.0655 0x255c Serial - ok
20:55:29.0673 0x255c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:55:29.0694 0x255c sermouse - ok
20:55:29.0737 0x255c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
20:55:29.0783 0x255c SessionEnv - ok
20:55:29.0815 0x255c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:55:29.0830 0x255c sffdisk - ok
20:55:29.0843 0x255c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:55:29.0860 0x255c sffp_mmc - ok
20:55:29.0875 0x255c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:55:29.0908 0x255c sffp_sd - ok
20:55:29.0937 0x255c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:55:29.0950 0x255c sfloppy - ok
20:55:30.0040 0x255c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:55:30.0095 0x255c SharedAccess - ok
20:55:30.0136 0x255c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:55:30.0191 0x255c ShellHWDetection - ok
20:55:30.0212 0x255c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:55:30.0227 0x255c SiSRaid2 - ok
20:55:30.0242 0x255c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:55:30.0256 0x255c SiSRaid4 - ok
20:55:30.0281 0x255c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:55:30.0330 0x255c Smb - ok
20:55:30.0357 0x255c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:55:30.0376 0x255c SNMPTRAP - ok
20:55:30.0389 0x255c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
20:55:30.0402 0x255c spldr - ok
20:55:30.0451 0x255c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
20:55:30.0538 0x255c Spooler - ok
20:55:30.0684 0x255c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
20:55:30.0876 0x255c sppsvc - ok
20:55:30.0903 0x255c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:55:30.0964 0x255c sppuinotify - ok
20:55:30.0999 0x255c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:55:31.0054 0x255c srv - ok
20:55:31.0076 0x255c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:55:31.0105 0x255c srv2 - ok
20:55:31.0130 0x255c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:55:31.0155 0x255c srvnet - ok
20:55:31.0189 0x255c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:55:31.0251 0x255c SSDPSRV - ok
20:55:31.0269 0x255c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:55:31.0343 0x255c SstpSvc - ok
20:55:31.0424 0x255c [ C64C157B167FE562E8670984E72C25FA, 9302C82A75CA65515297B72F3A6230307AAE0B14FD8C9C7FA343F7B62E5ED376 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:55:31.0446 0x255c Stereo Service - ok
20:55:31.0478 0x255c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:55:31.0491 0x255c stexstor - ok
20:55:31.0549 0x255c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
20:55:31.0598 0x255c stisvc - ok
20:55:31.0634 0x255c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
20:55:31.0644 0x255c swenum - ok
20:55:31.0687 0x255c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
20:55:31.0756 0x255c swprv - ok
20:55:31.0792 0x255c [ 064A2530A4A7C7CEC1BE6A1945645BE4, 06E4B59B6BFCEE1E2F1EDED77621C9DFED09F460E94065E528A2F746B568193D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
20:55:31.0899 0x255c SynTP - ok
20:55:31.0990 0x255c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
20:55:32.0083 0x255c SysMain - ok
20:55:32.0119 0x255c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:55:32.0149 0x255c TabletInputService - ok
20:55:32.0173 0x255c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
20:55:32.0248 0x255c TapiSrv - ok
20:55:32.0274 0x255c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
20:55:32.0342 0x255c TBS - ok
20:55:32.0446 0x255c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:55:32.0528 0x255c Tcpip - ok
20:55:32.0603 0x255c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:55:32.0671 0x255c TCPIP6 - ok
20:55:32.0699 0x255c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:55:32.0711 0x255c tcpipreg - ok
20:55:32.0735 0x255c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:55:32.0776 0x255c TDPIPE - ok
20:55:32.0807 0x255c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:55:32.0828 0x255c TDTCP - ok
20:55:32.0855 0x255c [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:55:32.0935 0x255c tdx - ok
20:55:33.0002 0x255c [ 4283D7125BA4BD0CB50BB0F78B54257A, A9DBFC45CDF7444BA7AD92734E66E3E4F844BF036AC19FD43F915151191F12C5 ] TelekomNM6 C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys
20:55:33.0028 0x255c TelekomNM6 - ok
20:55:33.0044 0x255c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
20:55:33.0057 0x255c TermDD - ok
20:55:33.0103 0x255c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
20:55:33.0162 0x255c TermService - ok
20:55:33.0190 0x255c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
20:55:33.0214 0x255c Themes - ok
20:55:33.0242 0x255c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
20:55:33.0286 0x255c THREADORDER - ok
20:55:33.0302 0x255c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
20:55:33.0360 0x255c TrkWks - ok
20:55:33.0408 0x255c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:55:33.0467 0x255c TrustedInstaller - ok
20:55:33.0493 0x255c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:55:33.0506 0x255c tssecsrv - ok
20:55:33.0540 0x255c [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:55:33.0578 0x255c TsUsbFlt - ok
20:55:33.0620 0x255c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:55:33.0680 0x255c tunnel - ok
20:55:33.0710 0x255c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:55:33.0727 0x255c uagp35 - ok
20:55:33.0765 0x255c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:55:33.0834 0x255c udfs - ok
20:55:33.0866 0x255c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:55:33.0895 0x255c UI0Detect - ok
20:55:33.0960 0x255c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:55:34.0065 0x255c uliagpkx - ok
20:55:34.0121 0x255c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
20:55:34.0142 0x255c umbus - ok
20:55:34.0159 0x255c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:55:34.0188 0x255c UmPass - ok
20:55:34.0362 0x255c [ AF905F4966CFC8B973623AB150CD4B2B, E1BF0481A584C10AE4A927A01A1E6B76036C18FAF7AB38D9B78641F5808D9888 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:55:34.0452 0x255c UNS - ok
20:55:34.0486 0x255c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
20:55:34.0561 0x255c upnphost - ok
20:55:34.0593 0x255c [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:55:34.0610 0x255c usbaudio - ok
20:55:34.0645 0x255c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:55:34.0671 0x255c usbccgp - ok
20:55:34.0701 0x255c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:55:34.0742 0x255c usbcir - ok
20:55:34.0773 0x255c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:55:34.0797 0x255c usbehci - ok
20:55:34.0829 0x255c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:55:34.0866 0x255c usbhub - ok
20:55:34.0892 0x255c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:55:34.0933 0x255c usbohci - ok
20:55:34.0955 0x255c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:55:34.0989 0x255c usbprint - ok
20:55:35.0004 0x255c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:55:35.0043 0x255c USBSTOR - ok
20:55:35.0058 0x255c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:55:35.0072 0x255c usbuhci - ok
20:55:35.0111 0x255c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:55:35.0140 0x255c usbvideo - ok
20:55:35.0173 0x255c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
20:55:35.0240 0x255c UxSms - ok
20:55:35.0254 0x255c [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] VaultSvc C:\Windows\system32\lsass.exe
20:55:35.0267 0x255c VaultSvc - ok
20:55:35.0290 0x255c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:55:35.0305 0x255c vdrvroot - ok
20:55:35.0350 0x255c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
20:55:35.0415 0x255c vds - ok
20:55:35.0445 0x255c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:55:35.0464 0x255c vga - ok
20:55:35.0475 0x255c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:55:35.0529 0x255c VgaSave - ok
20:55:35.0569 0x255c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:55:35.0606 0x255c vhdmp - ok
20:55:35.0638 0x255c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
20:55:35.0649 0x255c viaide - ok
20:55:35.0670 0x255c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:55:35.0684 0x255c volmgr - ok
20:55:35.0714 0x255c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:55:35.0738 0x255c volmgrx - ok
20:55:35.0769 0x255c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:55:35.0791 0x255c volsnap - ok
20:55:35.0817 0x255c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:55:35.0835 0x255c vsmraid - ok
20:55:35.0919 0x255c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
20:55:36.0053 0x255c VSS - ok
20:55:36.0105 0x255c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:55:36.0214 0x255c vwifibus - ok
20:55:36.0324 0x255c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:55:36.0486 0x255c vwififlt - ok
20:55:36.0990 0x255c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
20:55:37.0103 0x255c W32Time - ok
20:55:37.0301 0x255c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:55:37.0439 0x255c WacomPen - ok
20:55:38.0090 0x255c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:55:38.0352 0x255c WANARP - ok
20:55:38.0694 0x255c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:55:38.0733 0x255c Wanarpv6 - ok
20:55:38.0863 0x255c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
20:55:38.0959 0x255c wbengine - ok
20:55:39.0042 0x255c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:55:39.0073 0x255c WbioSrvc - ok
20:55:39.0121 0x255c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:55:39.0159 0x255c wcncsvc - ok
20:55:39.0172 0x255c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:55:39.0195 0x255c WcsPlugInService - ok
20:55:39.0221 0x255c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:55:39.0233 0x255c Wd - ok
20:55:39.0264 0x255c [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
20:55:39.0295 0x255c WDC_SAM - ok
20:55:39.0365 0x255c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:55:39.0406 0x255c Wdf01000 - ok
20:55:39.0451 0x255c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:55:39.0488 0x255c WdiServiceHost - ok
20:55:39.0497 0x255c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:55:39.0514 0x255c WdiSystemHost - ok
20:55:39.0549 0x255c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
20:55:39.0577 0x255c WebClient - ok
20:55:39.0622 0x255c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:55:39.0699 0x255c Wecsvc - ok
20:55:39.0729 0x255c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:55:39.0796 0x255c wercplsupport - ok
20:55:39.0811 0x255c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
20:55:39.0863 0x255c WerSvc - ok
20:55:39.0895 0x255c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:55:39.0948 0x255c WfpLwf - ok
20:55:39.0995 0x255c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:55:40.0008 0x255c WIMMount - ok
20:55:40.0078 0x255c WinDefend - ok
20:55:40.0094 0x255c WinHttpAutoProxySvc - ok
20:55:40.0167 0x255c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:55:40.0235 0x255c Winmgmt - ok
20:55:40.0332 0x255c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
20:55:40.0447 0x255c WinRM - ok
20:55:40.0516 0x255c [ 4C69A8E2E159C1C59BC4B688E9DD7F8C, 235C7A41425846EFE4966490EB7F72AA768B3FE1665843BF58520DDBD6822A74 ] WisLMSvc C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
20:55:40.0529 0x255c WisLMSvc - ok
20:55:40.0577 0x255c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:55:40.0651 0x255c Wlansvc - ok
20:55:40.0679 0x255c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:55:40.0713 0x255c WmiAcpi - ok
20:55:40.0748 0x255c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:55:40.0769 0x255c wmiApSrv - ok
20:55:40.0812 0x255c WMPNetworkSvc - ok
20:55:40.0819 0x255c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:55:40.0883 0x255c WPCSvc - ok
20:55:40.0917 0x255c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:55:40.0952 0x255c WPDBusEnum - ok
20:55:40.0987 0x255c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:55:41.0032 0x255c ws2ifsl - ok
20:55:41.0112 0x255c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
20:55:41.0264 0x255c wscsvc - ok
20:55:41.0316 0x255c WSearch - ok
20:55:41.0437 0x255c [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
20:55:41.0581 0x255c wuauserv - ok
20:55:41.0616 0x255c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:55:41.0714 0x255c WudfPf - ok
20:55:41.0766 0x255c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:55:41.0791 0x255c WUDFRd - ok
20:55:41.0825 0x255c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:55:41.0846 0x255c wudfsvc - ok
20:55:41.0893 0x255c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
20:55:41.0945 0x255c WwanSvc - ok
20:55:42.0018 0x255c [ BAA813A76F5DB6CC3C2CEAB7D82B6972, 783B7AF92E98623FDB9B395F3BC1D30736902A68E3AE78249243CE97548387FA ] X10Hid C:\Windows\system32\Drivers\x10hid.sys
20:55:42.0149 0x255c X10Hid - ok
20:55:42.0198 0x255c [ 5A0C788C5BC5F2C993CB60940ADCF95E, FEEC158466040A6528E7FC8D33706B50D2F03479E0B62DF8F06B69A1A850A9FB ] x10nets C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe
20:55:42.0211 0x255c x10nets - detected UnsignedFile.Multi.Generic ( 1 )
20:55:44.0988 0x255c Detect skipped due to KSN trusted
20:55:44.0988 0x255c x10nets - ok
20:55:45.0033 0x255c ================ Scan global ===============================
20:55:45.0089 0x255c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:55:45.0128 0x255c [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
20:55:45.0146 0x255c [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
20:55:45.0184 0x255c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:55:45.0222 0x255c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
20:55:45.0233 0x255c [ Global ] - ok
20:55:45.0234 0x255c ================ Scan MBR ==================================
20:55:45.0249 0x255c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:55:45.0472 0x255c \Device\Harddisk0\DR0 - ok
20:55:45.0473 0x255c ================ Scan VBR ==================================
20:55:45.0476 0x255c [ 9748591C04FDE342753D5C70022E6C58 ] \Device\Harddisk0\DR0\Partition1
20:55:45.0505 0x255c \Device\Harddisk0\DR0\Partition1 - ok
20:55:45.0511 0x255c [ 3E2F08FFDBC9985B923B8BD065EE7C06 ] \Device\Harddisk0\DR0\Partition2
20:55:45.0562 0x255c \Device\Harddisk0\DR0\Partition2 - ok
20:55:45.0568 0x255c [ 480AEA851CF1BE8641C10256C106C49F ] \Device\Harddisk0\DR0\Partition3
20:55:45.0613 0x255c \Device\Harddisk0\DR0\Partition3 - ok
20:55:45.0614 0x255c ================ Scan generic autorun ======================
20:55:46.0242 0x255c [ C6EBBCA79931B19F7C2D4A1B494D4B98, 2E146B8761000E12E29D0BC819BFC9DC7F3589080613773BBB1BA37984EB5C67 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:55:46.0846 0x255c RtHDVCpl - ok
20:55:46.0940 0x255c [ 1E7EBBF7D89DE7979308494FE98EB393, 84619B1A27F72FB5B412528AC247FA1CC174056BB08BF9B2B4749625BFE2688A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:55:47.0001 0x255c RtHDVBg - ok
20:55:47.0003 0x255c SynTPEnh - ok
20:55:47.0105 0x255c [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] C:\Program Files\Microsoft Security Client\msseces.exe
20:55:47.0167 0x255c MSC - ok
20:55:47.0298 0x255c [ D5FFA9F81738C81253C0D3C7E03E3AB0, C908F7DAE626997128DEE511822245224BBA94C6C139DD284253EDBCE710D947 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
20:55:47.0399 0x255c NvBackend - ok
20:55:47.0439 0x255c [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
20:55:47.0457 0x255c ShadowPlay - ok
20:55:47.0494 0x255c [ 810A5F70CEB063CEC85360394BEC2C56, FCC289B23B2347AD7C34B48E6EFB1914B5ED8D9DD397B0816D94747B168DFD64 ] C:\Windows\system32\igfxtray.exe
20:55:47.0511 0x255c IgfxTray - ok
20:55:47.0554 0x255c [ 2FE8F6A30802B69A3F501607F346DEEA, CD603DB6055861E9EAD397234120FBE0D3CACEFADB0D6001099CF0DA9DF1CC34 ] C:\Windows\system32\hkcmd.exe
20:55:47.0579 0x255c HotKeysCmds - ok
20:55:47.0621 0x255c [ CA1941B93BA45B7EA4D7D9F451B25C84, B0648762862931CB12004C92CD7A7EF8E3B1C14DD33C980A490D8AA56F7AA723 ] C:\Windows\system32\igfxpers.exe
20:55:47.0644 0x255c Persistence - ok
20:55:47.0707 0x255c [ 1E7EBBF7D89DE7979308494FE98EB393, 84619B1A27F72FB5B412528AC247FA1CC174056BB08BF9B2B4749625BFE2688A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
20:55:47.0764 0x255c RtHDVBg_Dolby - ok
20:55:47.0788 0x255c [ 8D2851FC8807D456319C721AE3809824, 3AB40A5538C04CC536523E1AB890BBD4BA648134BB594B852EB8434DCE80632C ] C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
20:55:48.0450 0x255c HotkeyApp - detected UnsignedFile.Multi.Generic ( 1 )
20:55:51.0193 0x255c Detect skipped due to KSN trusted
20:55:51.0193 0x255c HotkeyApp - ok
20:55:51.0237 0x255c [ DFA1067EA4157BCCCFD48F052066A076, 5E5B60C20CFF1F3F9D45588B0E0AEB59C3F4C11089CCB52AA92890773BAA081F ] C:\Program Files (x86)\Launch Manager\OSD.exe
20:55:51.0256 0x255c LMgrVolOSD - ok
20:55:51.0294 0x255c [ 94D2739E7F421BC0EE0B32387B78B619, D7835E81FD08EBBFBDF44712D48CBF4311A89FF505ADD4DF4ECC46A2ECCD6F1B ] C:\Program Files (x86)\Launch Manager\Wbutton.exe
20:55:51.0320 0x255c Wbutton - ok
20:55:51.0356 0x255c [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
20:55:51.0369 0x255c NUSB3MON - ok
20:55:51.0456 0x255c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:55:51.0523 0x255c Sidebar - ok
20:55:51.0550 0x255c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:55:51.0575 0x255c mctadmin - ok
20:55:51.0621 0x255c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:55:51.0666 0x255c Sidebar - ok
20:55:51.0674 0x255c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:55:51.0695 0x255c mctadmin - ok
20:55:51.0757 0x255c [ 8380DA2C21B6F05F0F794030C5A7329E, 51A31BB49D1102E1006861C59133BC1D020C436BF04242FE29127C2D5BDD44F0 ] I:\Programme\MonitorOff\monoff.exe
20:55:51.0800 0x255c Dekisoft Monitor Off Utility - detected UnsignedFile.Multi.Generic ( 1 )
20:55:54.0548 0x255c Detect skipped due to KSN trusted
20:55:54.0548 0x255c Dekisoft Monitor Off Utility - ok
20:55:54.0591 0x255c [ EBDD6BE68D642DD2A19FCC6426B19486, 24E749B22D00FA8AD9E766D42AA78CE4C4DEF7EDA93A65D36FC96010F49F5D81 ] I:\LiberKey\LiberKey.exe
20:55:55.0028 0x255c LiberKey - ok
20:55:55.0070 0x255c [ 5ED08542C733A0606ACFA9D37B5CDF3A, 2257D8DCB4369707A2A66EB89B09881DA5A8326F6741D42CF9E9C7970EAAEC5B ] I:\Programme\PureText\PureText.exe
20:55:55.0074 0x255c PureText - detected UnsignedFile.Multi.Generic ( 1 )
20:55:57.0830 0x255c Detect skipped due to KSN trusted
20:55:57.0830 0x255c PureText - ok
20:55:57.0992 0x255c [ 7F96DA4B04BBB22341BAA3A4019549DC, A44C6DFC3A77B03D59AC1263099BB27CA3CFFED84BF4FF6AF27C894AFCFFACD1 ] I:\LiberKey\Apps\Ditto\App\Ditto\Ditto.exe
20:55:58.0221 0x255c Ditto - detected UnsignedFile.Multi.Generic ( 1 )
20:56:01.0017 0x255c Detect skipped due to KSN trusted
20:56:01.0017 0x255c Ditto - ok
20:56:01.0107 0x255c [ F0F3DF07A7C024C66CC4E2DD1F2BFBE1, AFACB340FEF016C7DA1FB464129C48190ABB6C33435E2309328B6FA48727910E ] I:\LiberKey\Apps\GlaryUtilities\App\GlaryUtilities\StartupManager.exe
20:56:01.0173 0x255c GUDelayStartup - ok
20:56:01.0305 0x255c [ 94333049AD2CCEA5902F1765EFF0F7BF, 5A63E4AEAF22306764C84A07E4C2FACE061EDBB0B13380E8EC41692775515F0B ] I:\Programme\Ultracopier\ultracopier.exe
20:56:01.0388 0x255c ultracopier - detected UnsignedFile.Multi.Generic ( 1 )
20:56:04.0207 0x255c Detect skipped due to KSN trusted
20:56:04.0207 0x255c ultracopier - ok
20:56:04.0208 0x255c Waiting for KSN requests completion. In queue: 1
20:56:05.0208 0x255c Waiting for KSN requests completion. In queue: 1
20:56:06.0208 0x255c Waiting for KSN requests completion. In queue: 1
20:56:07.0334 0x255c AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
20:56:07.0377 0x255c Win FW state via NFP2: enabled
20:56:10.0118 0x255c ============================================================
20:56:10.0118 0x255c Scan finished
20:56:10.0118 0x255c ============================================================
20:56:10.0132 0x2830 Detected object count: 0
20:56:10.0132 0x2830 Actual detected object count: 0
|
|
09.06.2015, 19:58
| #7 |
| /// the machine /// TB-Ausbilder | Notebook läuft extrem langsam: verursacht von Schadsoftware? Soweit seh ich nix. http://support2.microsoft.com/kb/929135/de Bitte einen Clean Boot machen. Wenn das Problem dann weg ist, einzeln wieder Dienste aktivieren, dazwischen immer einen Reboot machen. Solange bis Du weißt welcher Dienst die Probleme macht. Diesen dann hier benennen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.06.2015, 20:26
| #8 |
| | Notebook läuft extrem langsam: verursacht von Schadsoftware? Vielen Dank schrauber, hmmm, glaube, es gibt ganz schön viele Dienste. Ein Neustart, bis alle Programme wieder gestartet / nutzbar sind dauert bei mir wohl ca. 15 bis 25 Minuten. Vielen Dank nochmals. |
|
10.06.2015, 16:39
| #9 |
| /// the machine /// TB-Ausbilder | Notebook läuft extrem langsam: verursacht von Schadsoftware? Ich kann dir nicht folgen  Clean Boot heisst einmal alle Dienste (ausser MS Dienste) aus und rebooten. Und dann direkt probieren ob der Rechner schneller bootet oder nicht.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.06.2015, 06:53
| #10 |
| | Notebook läuft extrem langsam: verursacht von Schadsoftware? Ach, um die Geschwindigkeit des Neustarts geht es, ich dachte um die allgemeine Arbeits-Geschwindigkeit. Das heißt, das Notebook müßte im günstigen Falle also schon (viel) schneller starten und die Programme wohl auch. Verstehe ich richtig, neu starten und dann gleich nochmal neu starten? Habe soeben nochmal neu gestartet, bin mir aber nicht ganz sicher, ob es schneller geht. Hatte das hier - hxxp://support2.microsoft.com/kb/929135/de - befolgt, sieht aber so aus, als ob die (vermeintlich) abgestellten Dienste oder einige doch noch laufen...oder doch nicht:        Ist unvermindert tätig diese svchost.exe, nutzt bis zu 1,3 GB RAM:  Der Rechner ist dann sozusagen nicht mehr nutzbar. Wenn ich svchost.exe beende, dauert es ca. 3 bis 7 Minuten, bis der Rechner wieder nutzbar ist, "friert ein" zwischendurch. Auch ansonsten ist der Rechner extrem langsam, träge wie zuvor. Ein einfaches Fenster im Win Explorer zu öffnen, blockiert auch für ca. 10, 20 Sekunden den Rechner. Oder etwas in die Zwischenablage kopieren. Bis ein Programm wie FreeCommander gestartet ist, kann wohl 5, 6, 7 Minuten dauern. Auch wird für diese sogeannnte Datenträgerwarteschlange sozusagen immer ein hoher Wert angezeigt:  Die Datenträgeraktivität wird meistens oder fast immer bei 100 % angezeigt: Geändert von Dirki (10.06.2015 um 20:01 Uhr) |
|
12.06.2015, 05:33
| #11 |
| /// the machine /// TB-Ausbilder | Notebook läuft extrem langsam: verursacht von Schadsoftware? Du musst den Haken setzen bei "alle Micorosoft Dienste ausblenden", dann enhtält die Liste nur noch nicht MS Dienste. Diese alle deaktivieren, Haken raus, dann rebooten. Aber das tönt alles nach ner Neuinstallation.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.06.2015, 06:43
| #12 | |
| | Notebook läuft extrem langsam: verursacht von Schadsoftware? So sieht es bei mir gerade aus:  Zitat:
Klingt ja nicht so gut, Neuinstallation, hoffe, das Problem taucht nicht wieder auf danach. Wenn man wenigstens wüßte, wodurch das verursacht wird. Geändert von Dirki (12.06.2015 um 06:49 Uhr) |
|
13.06.2015, 07:46
| #13 |
| | Notebook läuft extrem langsam: verursacht von Schadsoftware? Wie oft ich auch starte, es bleibt unverändert. Kann man diese svchost.exe nicht wenigstens komplett abstellen? Offenbar brauche ich die ja gar nicht, da der Computer auch läuft, wenn ich den Prozeß beende. Offenbar erscheint die immer morgens und abends irgendwann. Geändert von Dirki (13.06.2015 um 08:18 Uhr) |
|
13.06.2015, 14:04
| #14 |
| /// the machine /// TB-Ausbilder | Notebook läuft extrem langsam: verursacht von Schadsoftware? nein, das ist einer der Hauptbestandteile von Windows. Das Ding macht auch selbst gar nix, das ist nur dafür da dass andere Dateien starten können. Was haste denn bei Clean Boot für ne Auslastung von svchost? ProcessExplorer als Ersatz für den Windows Taskmanager installieren Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden. Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt. Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen). Kopiere folgenden Text in Deinen Editor und speicher ihn auf dem Desktop als "list.bat". Wähle dazu unter Speichern als "Alle Dateitypen". Code:
ATTFilter @echo off
tasklist /SVC /FI "IMAGENAME eq svchost.exe" > c:\list.txt
notepad c:\list.txt
exit
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.06.2015, 10:03
| #15 | ||||
| | Notebook läuft extrem langsam: verursacht von Schadsoftware? Vielen Dank schrauber. Zitat:
http://www.trojaner-board.de/167695-...ml#post1476676 Zitat:
Zitat:
Was ich zu wissen meine, ist eben daß diese sogenannte Datenträgerwarteschlange meist oder immer dann mit einem höheren Wert, vielleicht etwa 5 bis 22, angezeigt wird, wenn der Rechner so langsam ist. Auch die Arbeitsspeicherauslastung, die nach meiner laienhaften Interpretation, der Task Manager nicht richtig anzeigen kann, zeigt er wenn der Rechner extrem langsam läuft, auch noch in einem Bereich an, der - glaube ich - nicht inakzeptabel ist, vielleicht zwischen 2,5 und 3 GB RAM an. Bzw. auch wenn noch weniger Arbeitsspeichernutzung angezeigt wird, kann der Rechner extrem langsam laufen. Zitat:
Code:
ATTFilter Abbildname PID Dienste
========================= ======== ============================================
svchost.exe 676 DcomLaunch, PlugPlay, Power
svchost.exe 788 RpcEptMapper, RpcSs
svchost.exe 976 AudioSrv, Dhcp, eventlog,
HomeGroupProvider, lmhosts, wscsvc
svchost.exe 1008 AudioEndpointBuilder, hidserv,
HomeGroupListener, Netman, PcaSvc, SysMain,
TrkWks, UxSms, Wlansvc, wudfsvc
svchost.exe 120 EventSystem, fdPHost, FontCache, netprofm,
nsi, SstpSvc, WdiServiceHost,
WinHttpAutoProxySvc
svchost.exe 344 AeLookupSvc, BITS, Browser, EapHost,
iphlpsvc, LanmanServer, MMCSS, ProfSvc,
RasMan, Schedule, SENS, ShellHWDetection,
Themes, Winmgmt, wuauserv
svchost.exe 124 gpsvc
svchost.exe 1196 CryptSvc, Dnscache, LanmanWorkstation,
NlaSvc, TapiSrv
svchost.exe 1568 BFE, DPS, MpsSvc
svchost.exe 1704 DiagTrack
svchost.exe 1768 stisvc
svchost.exe 2952 FDResPub, SSDPSRV, upnphost, wcncsvc
svchost.exe 936 p2pimsvc, p2psvc, PNRPsvc
svchost.exe 3828 WerSvc
  Herzlichen Dank. Ständig erscheint die Meldung "Keine Rückmeldung" von jeglichen Programmen, Fenster werden milchig dargestellt, sind erst nach einer Wartezeit wieder zugreifbar, nutzbar Auch einfach nur etwas in die Zwischenablage zu kopieren oder einen Ordner, eine Datei umzubenennen, kann den Rechner für Sekunden oder länger komplett blockieren. Geändert von Dirki (13.06.2015 um 20:21 Uhr) |
|
| Themen zu Notebook läuft extrem langsam: verursacht von Schadsoftware? |
| .html, blockiert, ebook, extrem, extrem langsam, langsam, notebook, reagiert, schadsoftware, verursacht, wissen, würde, zeitweise |
Linear-Darstellung
