Hallo zusammen

Ich habe ein Problem mit meinem Computer!
Ich habe das Programm Free Youtube to MP3 converter downgeladet! Dies werde ich nie mehr tun!

Jetzt ist Firefox und Google Chrom ganz langsam!
Wenn ich Youtube auf Firefox lade kommt bei mir unten links beim laden

i.ytimg.com und s.ytimg.com.

Nach einer weile haben z.B. auf der Startseite bei Youtube alle Videos das gleiche Bild, erst wenn ich mit der Maus drüber fahre kommt das Originalbild!

Und wenn ich auf Facebook gehe mit Firefox oder Google Chrom kommt unten links

fbstatic-a.akamahid.net

bei Facebook! Computer ist schon einmal abgestürtzt deswegen!

Ich hatte diese PopUP Virus schon einmal, konnte sie aber mit Emsisoft entfernen!
Jetzt geht es nicht mehr!
Folgende Programme habe ich schon genutzt! Haben aber nichts gebracht!

Norton Internet Security
Avira Free Antivirus
Spybot-S&D Start Center
Wise Registry Cleaner
Eset Online Scanner
Junkware Remove Tool
Malwarebytes Anti-Malware
Malwarebytes Anti-Rootkit Beta
CCleaner
Adw Cleaner
Emsisogt Anti Malware

Ich hoffe, ihr könnt mir helfen! Nicht, dass dieser Müll meinen PC kaputt macht!
Ich habe den PC Wiederhergestellt (Neu aufgesetzt) und meine Daten selbstverständlich auf einer Festplatte gespeichert! Der PC ist also jetzt komplett leer! Keine Programme, etc.

Kann mir jemand helfen oder muss ich den PC zum reparieren bringen?
MFG!

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:

• Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
• Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
• Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
• Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
• Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
• Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

• Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
• Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
• Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
• Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:


Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop

• Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
• Drücke Start Scan
  
• Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
  TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
  Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort

• die Logdatei von TDSS-Killer,
• die beiden neuen Logdateien von FRST.

OK!

Aber was ist den FRST?
Norton meldet, dass es eine Bedrohung ist!

Servus,


FRST ist ein Analysetool. Das ist eine Fehlermeldung von Norton.

Bitte FRST ausführen, ggf. Norton deaktivieren bzw. FRST das Ausführen erlauben...

FRST.txt


FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by Julio (administrator) on JULIO-HP on 09-06-2015 12:15:47
Running from C:\Users\Julio\Desktop
Loaded Profiles: Julio (Available Profiles: Julio)
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\FastUserSwitching.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\JAN2OSD.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\mswinext.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11046504 2010-07-13] (Realtek Semiconductor)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP KEYBOARDx] => C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE [710656 2010-02-11] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] => C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-08-25] (Hewlett-Packard)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-04-25] (EasyBits Software AS)
HKLM-x32\...\Run: [Buttons & OSDs control application gen3] => c:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\FastUserSwitching.exe [53248 2009-11-30] (Hewlett-Packard)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [895512 2010-10-23] (PDF Complete Inc)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-11] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [130864 2015-05-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [730416 2015-05-27] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-02-17]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk [2011-02-17]
ShortcutTarget: Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/12
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/12
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/12
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/12
HKU\S-1-5-21-721091351-975829366-2383312893-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/12
HKU\S-1-5-21-721091351-975829366-2383312893-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/12
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ch.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ch.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-721091351-975829366-2383312893-1000 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-721091351-975829366-2383312893-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKU\S-1-5-21-721091351-975829366-2383312893-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ch.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKU\S-1-5-21-721091351-975829366-2383312893-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-721091351-975829366-2383312893-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-721091351-975829366-2383312893-1000 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-28] (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO-x32: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [2010-08-14] (Microsoft Corporation)
Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [2010-08-14] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-721091351-975829366-2383312893-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-02-17] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-02-17] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-02-17] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-02-17] (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-02-17] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Julio\AppData\Roaming\Mozilla\Firefox\Profiles\hcvUKeDl.default
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> c:\Program Files (x86)\Virtual Earth 3D\2011-02-17 ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [2010-08-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> c:\Program Files (x86)\Virtual Earth 3D\ [2010-08-14] ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Extension: Avira Browser Safety - C:\Users\Julio\AppData\Roaming\Mozilla\Firefox\Profiles\hcvUKeDl.default\Extensions\abs@avira.com [2015-06-09]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox
FF Extension: Bing Bar - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011-02-17]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2011-02-17]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-02-17]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [827184 2015-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [450808 2015-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [450808 2015-05-27] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1188360 2015-05-27] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [208632 2015-05-21] (Avira Operations GmbH & Co. KG)
R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2010-08-06] (Hewlett-Packard) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [681528 2010-08-06] (Hewlett-Packard)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-07-21] (Hewlett-Packard Company) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1121304 2010-10-23] (PDF Complete Inc)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ACPIService; C:\Windows\System32\DRIVERS\OSDACPI.SYS [17992 2009-06-18] ()
R3 AVerAVF2; C:\Windows\System32\DRIVERS\AVerAVF2.sys [1212416 2010-11-11] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-05-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-05-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-05-27] (Avira Operations GmbH & Co. KG)
R3 FintekCIR; C:\Windows\System32\DRIVERS\FintekCIR.sys [30248 2009-11-13] (Fintek)
R3 NW1950; C:\Windows\System32\DRIVERS\NW1950.sys [25080 2009-09-17] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-09 21:35 - 2015-06-09 21:36 - 00000000 ____D C:\ProgramData\Recovery
2015-06-09 12:15 - 2015-06-09 12:16 - 00018016 _____ C:\Users\Julio\Desktop\FRST.txt
2015-06-09 12:15 - 2015-06-09 12:15 - 00000000 ____D C:\FRST
2015-06-09 12:12 - 2015-06-09 12:12 - 02108928 _____ (Farbar) C:\Users\Julio\Desktop\FRST64.exe
2015-06-09 12:06 - 2015-06-09 12:06 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Mozilla
2015-06-09 12:05 - 2015-06-09 12:05 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Avira
2015-06-09 12:04 - 2015-05-27 13:11 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-06-09 12:04 - 2015-05-27 13:11 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-06-09 12:04 - 2015-05-27 13:11 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-06-09 12:04 - 2015-05-27 13:11 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-06-09 12:02 - 2015-06-09 12:02 - 00001194 _____ C:\Users\Public\Desktop\Avira.lnk
2015-06-09 12:01 - 2015-06-09 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-09 12:01 - 2015-06-09 12:04 - 00000000 ____D C:\ProgramData\Avira
2015-06-09 12:01 - 2015-06-09 12:04 - 00000000 ____D C:\Program Files (x86)\Avira
2015-06-09 12:01 - 2015-06-09 12:01 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-09 11:59 - 2015-06-09 11:59 - 04683232 _____ (Avira Operations GmbH & Co. KG) C:\Users\Julio\Desktop\avira_de_av_5576b8be758c8__ws.exe
2015-06-09 11:57 - 2015-06-09 11:57 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Julio\Desktop\tdsskiller.exe
2015-06-09 11:49 - 2015-06-09 11:49 - 00000000 ____D C:\Users\Julio\AppData\Roaming\PictureMover
2015-06-09 11:49 - 2015-06-09 11:49 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Adobe
2015-06-09 11:48 - 2015-06-09 11:48 - 00003858 _____ C:\Windows\System32\Tasks\DST
2015-06-09 11:48 - 2015-06-09 11:48 - 00000000 ____D C:\Users\Julio\Documents\Bluetooth Exchange Folder
2015-06-09 11:48 - 2015-06-09 11:48 - 00000000 ____D C:\Users\Julio\AppData\Local\PDFC
2015-06-09 11:48 - 2015-06-09 11:48 - 00000000 ____D C:\Users\Julio\AppData\Local\Broadcom
2015-06-09 11:48 - 2015-06-09 11:48 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-09 11:47 - 2015-06-09 11:47 - 00003516 _____ C:\Windows\System32\Tasks\Registration
2015-06-09 11:47 - 2015-06-09 11:47 - 00003408 _____ C:\Windows\System32\Tasks\ServicePlan
2015-06-09 11:47 - 2015-06-09 11:47 - 00001441 _____ C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-09 11:47 - 2015-06-09 11:47 - 00001407 _____ C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-06-09 11:47 - 2015-06-09 11:47 - 00000000 ____D C:\Users\Julio\AppData\Local\RemEngine
2015-06-09 11:46 - 2015-06-09 11:46 - 00062648 _____ C:\Users\Julio\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-09 11:44 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-09 11:44 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-09 11:44 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-09 11:44 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-09 11:44 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-09 11:44 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-09 11:44 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-09 11:44 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-09 11:44 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-09 11:43 - 2015-06-09 11:43 - 00000000 ____D C:\Users\Public\Symantec
2015-06-09 11:43 - 2015-06-09 11:43 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Hewlett-Packard
2015-06-09 11:43 - 2015-06-09 11:43 - 00000000 ____D C:\Users\Julio\AppData\Local\TouchSmartData
2015-06-09 11:42 - 2015-06-09 12:10 - 00000000 ____D C:\Users\Julio\AppData\Local\VirtualStore
2015-06-09 11:42 - 2015-06-09 11:48 - 00000000 ____D C:\Users\Julio\AppData\Local\Hewlett-Packard_Company
2015-06-09 11:42 - 2015-06-09 11:47 - 00000000 ____D C:\Users\Julio\AppData\Local\Hewlett-Packard
2015-06-09 11:42 - 2015-06-09 11:47 - 00000000 ____D C:\Users\Julio
2015-06-09 11:42 - 2015-06-09 11:42 - 00001787 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garantie.lnk
2015-06-09 11:42 - 2015-06-09 11:42 - 00000020 ___SH C:\Users\Julio\ntuser.ini
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Vorlagen
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Startmenü
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Netzwerkumgebung
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Lokale Einstellungen
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Eigene Dateien
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Druckumgebung
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Documents\Eigene Musik
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Documents\Eigene Bilder
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\AppData\Local\Verlauf
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\AppData\Local\Anwendungsdaten
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Anwendungsdaten
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 __RSH C:\Windows\SysWOW64\Drivers\103C_HP_53316J G D_TouchSmart 600_Y53316J G D_0U_Q4CH107_E4CH1075XVC DPS_4A_I2A9A_SPEGATRON CORPORATION_V1.03_6.08_T100715_WU3-0_L407_M3960_J1500_7Intel_8655_92.27_#110723_N10EC8168;18143092_(XS906EA#UUZ)_X_CD3.MRK
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 __RSH C:\Windows\system32\Drivers\103C_HP_53316J G D_TouchSmart 600_Y53316J G D_0U_Q4CH107_E4CH1075XVC DPS_4A_I2A9A_SPEGATRON CORPORATION_V1.03_6.08_T100715_WU3-0_L407_M3960_J1500_7Intel_8655_92.27_#110723_N10EC8168;18143092_(XS906EA#UUZ)_X_CD3.MRK
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Benutzerhandbuch
2015-06-09 11:42 - 2011-02-17 20:03 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Macromedia
2015-06-09 11:42 - 2011-02-17 19:30 - 00001200 _____ C:\Users\Public\Desktop\HP TouchSmart.lnk
2015-06-09 11:42 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-09 11:42 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-09 11:41 - 2015-06-09 11:41 - 00003290 _____ C:\Windows\System32\Tasks\RMCreator
2015-06-09 11:40 - 2015-06-09 11:40 - 00000056 ____H C:\Windows\SysWOW64\ezsidmv.dat

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-09 21:37 - 2011-02-17 19:29 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-06-09 21:36 - 2009-07-14 07:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2015-06-09 21:36 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2015-06-09 12:13 - 2011-02-17 19:31 - 00729094 _____ C:\Windows\system32\perfh010.dat
2015-06-09 12:13 - 2011-02-17 19:31 - 00144976 _____ C:\Windows\system32\perfc010.dat
2015-06-09 12:13 - 2011-02-17 19:28 - 00696132 _____ C:\Windows\system32\perfh007.dat
2015-06-09 12:13 - 2011-02-17 19:28 - 00147428 _____ C:\Windows\system32\perfc007.dat
2015-06-09 12:13 - 2011-02-17 19:24 - 00734558 _____ C:\Windows\system32\perfh00C.dat
2015-06-09 12:13 - 2011-02-17 19:24 - 00147480 _____ C:\Windows\system32\perfc00C.dat
2015-06-09 12:13 - 2009-07-14 07:13 - 03367664 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-09 12:12 - 2011-02-17 19:14 - 00136870 _____ C:\Windows\WindowsUpdate.log
2015-06-09 12:11 - 2009-07-14 06:45 - 00015568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-09 12:11 - 2009-07-14 06:45 - 00015568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-09 12:09 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore
2015-06-09 12:08 - 2011-02-17 20:21 - 00000000 ____D C:\ProgramData\Norton
2015-06-09 12:08 - 2011-02-17 19:11 - 00589276 _____ C:\Windows\PFRO.log
2015-06-09 12:08 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-09 12:08 - 2009-07-14 06:51 - 00027950 _____ C:\Windows\setupact.log
2015-06-09 12:08 - 2009-07-14 06:45 - 00285592 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-09 11:47 - 2010-06-15 04:07 - 00000000 ____D C:\swsetup
2015-06-09 11:47 - 2009-08-04 23:46 - 00000000 ___HD C:\SYSTEM.SAV
2015-06-09 11:43 - 2011-02-17 19:54 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
2015-06-09 11:43 - 2011-02-17 19:54 - 00000000 ___RD C:\Program Files (x86)\Online Services
2015-06-09 11:42 - 2009-07-24 21:22 - 00000000 ____D C:\Windows\Panther
2015-06-09 11:42 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-06-09 11:42 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar

Some files in TEMP:
====================
C:\Users\Julio\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2009-07-24 20:23

==================== End of log ============================
         

--- --- ---


_________________________________________________

Addition.txt

[CODE]Additional
FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Julio at 2015-06-09 12:16:29
Running from C:\Users\Julio\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-721091351-975829366-2383312893-500 - Administrator - Disabled)
Gast (S-1-5-21-721091351-975829366-2383312893-501 - Limited - Disabled)
Julio (S-1-5-21-721091351-975829366-2383312893-1000 - Administrator - Enabled) => C:\Users\Julio

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{FFB768E4-E427-4553-BC36-A11F5E62A94D}) (Version: 10.1.53.64 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Ancient Hearts (x32 Version: 2.2.0.95 - WildTangent) Hidden
AVerMedia MiniCard Hybrid TV Tuner 1.1.64.56 (HKLM-x32\...\AVerMedia MiniCard Hybrid TV Tuner) (Version: 1.1.64.56 - AVerMedia TECHNOLOGIES, Inc.)
Avira (HKLM-x32\...\{0696cc37-db90-4000-be99-4a173ca7c8af}) (Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.574 - Avira Operations GmbH & Co. KG)
Azteca (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 6.0.2282.0 - Microsoft Corporation)
Bing Bar Platform (x32 Version: 6.0.2282.0 - Microsoft Corporation) Hidden
Bing Maps 3D (HKLM\...\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}) (Version: 4.0.903.16005 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth by hp (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6200 - Broadcom Corporation)
Bob the Builder Can-Do-Zoo (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-Lot - The Elizabethan Era (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot (x32 Version: 2.2.0.95 - WildTangent) Hidden
Buttons & OSDs control application gen3 (HKLM-x32\...\{79ECA886-C6EF-4BB3-9920-CB7906C01589}) (Version: 1.0.5.0 - Hewlett-Packard)
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Collapse Crunch (x32 Version: 2.2.0.95 - WildTangent) Hidden
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP TouchSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4412 - Hewlett-Packard)
DVD Menu Pack for HP TouchSmart Video (x32 Version: 4.1.4412 - Hewlett-Packard) Hidden
Facebook for HP TouchSmart (HKLM-x32\...\{8AE50893-3A87-4439-9A57-942ED43F7189}) (Version: 1.1.0004 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Ambient Light (HKLM\...\{20ED77CC-044F-4355-995E-681607EBE9B0}) (Version: 1.9.6.0 - Hewlett-Packard)
HP AppsCenter for TouchSmart (HKLM-x32\...\{8317485C-067B-4B5B-A2A3-9D36B7B0399E}) (Version: 4.0.0.1 - Hewlett-Packard)
HP Desktop Keyboard (HKLM-x32\...\HP Keyboard_is1) (Version: 1.0.0.13 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP LinkUp (HKLM-x32\...\{161C9F46-2D15-4CC1-BDF0-B51CBD250E8D}) (Version: 1.01.023 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.14.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{802C068E-0576-4F25-8137-D54B7DB0FC5E}) (Version: 8.4.4487.3576 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12845.3522 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8}) (Version: 5.1.8.12 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP TouchSmart (HKLM-x32\...\{1502291B-3C1B-4781-99F8-9D6D8C650588}) (Version: 4.0.41.0 - Hewlett-Packard)
HP TouchSmart Background - Beats (HKLM-x32\...\{6A6F8D36-04BA-41E9-9004-1789BD545874}) (Version: 1.0.1.0 - Hewlett-Packard)
HP TouchSmart Browser (HKLM-x32\...\{4ACC9E9C-12D6-4A9D-8FBC-3FD469B9FD34}) (Version: 4.1.0012 - Hewlett-Packard)
HP TouchSmart Calendar (HKLM-x32\...\{297FA7DE-08E5-44A6-8F66-9E26F61F4810}) (Version: 4.1.3869.29064 - Hewlett-Packard)
HP TouchSmart Canvas (HKLM-x32\...\{909CE9B4-76A7-4C3D-A9AC-CE231B3E4B40}) (Version: 2.0.3917.26233 - Hewlett-Packard)
HP TouchSmart Clock (HKLM-x32\...\{97AA232A-58CB-41A2-A258-0593F98AB1E0}) (Version: 3.1.3881.29051 - Hewlett-Packard)
HP TouchSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4625 - Hewlett-Packard)
HP TouchSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4517 - Hewlett-Packard)
HP TouchSmart Notes (HKLM-x32\...\{1F40643A-3489-4262-B7BA-F2EC6FA0A1C8}) (Version: 4.1.3916.21107 - Hewlett-Packard)
HP TouchSmart Photo (HKLM-x32\...\InstallShield_{C9DCE03F-8CB7-4146-A99C-0612D75177EA}) (Version: 4.1.4503 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP TouchSmart RSS (HKLM-x32\...\{608D7847-39B7-4D1D-AF6D-7DCC38C77615}) (Version: 4.1.0009 - Hewlett-Packard)
HP TouchSmart Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 3.2.0.2 - Hewlett-Packard)
HP TouchSmart Twitter (HKLM-x32\...\{0581D120-6992-46FA-AAA2-42FA7EFF99C1}) (Version: 3.0.3910.29600 - Hewlett-Packard)
HP TouchSmart Video (HKLM-x32\...\InstallShield_{F04BFADD-C8CA-4C86-8F20-B1D7F4F8C66C}) (Version: 4.1.4503 - Hewlett-Packard)
HP TouchSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3303 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3130 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3130 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{FD71E2F7-B9FC-4072-88DB-AC19E2464D82}) (Version: 1.18.17.1 - LightScribe)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version:  - EasyBits Software AS)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Movie Theme Pack for HP TouchSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4412 - Hewlett-Packard)
Movie Theme Pack for HP TouchSmart Video (x32 Version: 4.1.4412 - Hewlett-Packard) Hidden
MusicStation (HKLM-x32\...\MusicStationNetstaller) (Version: 1.0.1.25 - Hewlett-Packard)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.7 - NVIDIA Corporation)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.14 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.35 - Hewlett-Packard Company)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4329 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3129 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3129 - CyberLink Corp.) Hidden
R.U.S.E. for TouchSmart (HKLM-x32\...\{E6753FCB-B508-4C74-9686-17032281AF38}_is1) (Version: 1.0.0.0 - Ubisoft)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version:  - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6156 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.2 - Hewlett-Packard)
Skip-Bo - Castaway Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Tropical Fish Shop - Annabel's Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

09-06-2015 12:09:48 Initial Restore Point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A2B5ECD-7243-44B6-8B29-61ABAF5A22C4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\First Boot => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2010-09-18] (Hewlett-Packard Company)
Task: {7137EDBF-37E4-45AB-B57A-2D596D6D8C7E} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2010-08-20] (CyberLink)
Task: {92D7E1E6-B5AA-44E5-991A-8AACACE6F610} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {AA76D5E7-7889-486C-8753-4BBA183DF9A0} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-11-17] ()
Task: {B595D127-9D23-4853-B611-39B14D1123B2} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-11-17] ()
Task: {BC1F6C1C-A514-499A-A158-6139EBFA4F02} - System32\Tasks\DST => C:\Program Files (x86)\Hewlett-Packard\Setup Manager\toaster.exe [2010-09-25] (Microsoft)
Task: {DD62C155-6EE7-44EC-B076-795CD0802B1F} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-09-04] (CyberLink)

==================== Loaded Modules (Whitelisted) ==============

2011-02-17 19:54 - 2009-07-03 00:58 - 00406016 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
2015-06-09 11:49 - 2010-11-18 22:57 - 12284984 _____ () C:\Users\Julio\AppData\Roaming\PictureMover\Bin\Core.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2015-06-09 11:49 - 2010-11-18 23:07 - 01700920 _____ () C:\Users\Julio\AppData\Roaming\PictureMover\DE-CH\Presentation.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-721091351-975829366-2383312893-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A6632050-D72C-49A9-8547-B52B36829DAD}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{CC5D43EE-F5A9-499B-9972-8423699640CB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Photo\HPTouchSmartPhoto.exe
FirewallRules: [{4D0ABF67-0F23-4308-A22A-5AB53F026002}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Photo\PhotoAgent.exe
FirewallRules: [{82F5B4F0-0636-41DC-9AF8-0E6E4E440C60}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Video\HPTouchSmartMusic.exe
FirewallRules: [{C67B7828-FBDA-432A-9910-361647ECC379}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Video\HPTouchSmartPhoto.exe
FirewallRules: [{A64EF2EB-82E0-4DE6-882A-07F79446A5FA}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Video\HPTouchSmartVideo.exe
FirewallRules: [{3799F3E8-501E-4A9D-8EFD-CEE3E9C0438F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Video\TSMAgent.exe
FirewallRules: [{CDC0BDCE-BA30-4FB8-B568-5843FA780D3F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Video\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{C752F777-5B47-41C5-B48B-B4376409006D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe
FirewallRules: [{54B9AFC7-6E9E-48DA-89D2-CD8876D6B05E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{5728CA74-CEC4-4F1B-8D41-10DCDE0B97DB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{55207B35-131F-4179-A66E-696E0F3D7603}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{98D52894-FD9D-4D75-A921-F6D666C97605}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{A33700D8-12FB-424C-81A5-D560483E677B}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{982E54D7-ABD3-4A21-8052-A2ECE5AF8702}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{BE19821E-D1BC-41A1-9482-605F2AD85633}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\Programs\My First Browser\MyFirstBrowser.exe
FirewallRules: [{E21D7632-FB94-471D-99C7-D6CCE15A837E}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\Programs\My First Browser\MyFirstBrowser.exe
FirewallRules: [{BF4F4206-AC62-4C51-9CBA-EAFAEA2D750B}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{A97B0722-9ADE-48AA-BC8A-CF7CFE91F79B}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{5F8DC015-06B2-45F1-8890-7269468B7508}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{0FF622A7-E2F7-4A68-984D-DA7C4D545E25}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{8D7B523B-21C6-4C28-B04F-5F4526F14B7D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A4589FD6-84D4-4E6D-B3D8-8B57DE72D5FE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E4634759-CF5E-4FA8-B621-08FFD5E64974}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F6CC8EB7-0764-4D50-B273-139212D6912E}] => (Allow) LPort=2869
FirewallRules: [{02B7CD84-ADFE-497B-80DE-1F6AD3D7CBE1}] => (Allow) LPort=1900
FirewallRules: [{43D8FE0E-A586-4761-AA0C-7B27459C281B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)


System errors:
=============

Microsoft Office:
=========================
Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
Percentage of memory in use: 37%
Total physical RAM: 3959.11 MB
Available physical RAM: 2469.13 MB
Total Pagefile: 7916.37 MB
Available Pagefile: 6018.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1371.98 GB) (Free:1329.8 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:25.19 GB) (Free:3.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: E74450F4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1372 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.2 GB) - (Type=07 NTFS)

==================== End of log ============================
         

--- --- ---

Code: Alles auswählenAufklappen

ATTFilter

12:36:15.0064 0x1658  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
12:36:31.0874 0x1658  ============================================================
12:36:31.0874 0x1658  Current date / time: 2015/06/09 12:36:31.0874
12:36:31.0874 0x1658  SystemInfo:
12:36:31.0874 0x1658  
12:36:31.0874 0x1658  OS Version: 6.1.7600 ServicePack: 0.0
12:36:31.0874 0x1658  Product type: Workstation
12:36:31.0874 0x1658  ComputerName: JULIO-HP
12:36:31.0874 0x1658  UserName: Julio
12:36:31.0874 0x1658  Windows directory: C:\Windows
12:36:31.0874 0x1658  System windows directory: C:\Windows
12:36:31.0874 0x1658  Running under WOW64
12:36:31.0874 0x1658  Processor architecture: Intel x64
12:36:31.0874 0x1658  Number of processors: 4
12:36:31.0874 0x1658  Page size: 0x1000
12:36:31.0874 0x1658  Boot type: Normal boot
12:36:31.0874 0x1658  ============================================================
12:36:32.0139 0x1658  KLMD registered as C:\Windows\system32\drivers\69355082.sys
12:36:32.0420 0x1658  System UUID: {60991729-5C0A-F9A3-EB6D-A7011128496C}
12:36:32.0904 0x1658  Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:36:32.0919 0x1658  ============================================================
12:36:32.0919 0x1658  \Device\Harddisk0\DR0:
12:36:32.0919 0x1658  MBR partitions:
12:36:32.0919 0x1658  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:36:32.0919 0x1658  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xAB7F4800
12:36:32.0919 0x1658  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xAB827000, BlocksNum 0x3260000
12:36:32.0919 0x1658  ============================================================
12:36:32.0950 0x1658  C: <-> \Device\Harddisk0\DR0\Partition2
12:36:33.0013 0x1658  D: <-> \Device\Harddisk0\DR0\Partition3
12:36:33.0013 0x1658  ============================================================
12:36:33.0013 0x1658  Initialize success
12:36:33.0013 0x1658  ============================================================
12:37:20.0484 0x14c8  ============================================================
12:37:20.0484 0x14c8  Scan started
12:37:20.0484 0x14c8  Mode: Manual; SigCheck; TDLFS; 
12:37:20.0484 0x14c8  ============================================================
12:37:20.0484 0x14c8  KSN ping started
12:37:33.0884 0x14c8  KSN ping finished: true
12:37:34.0960 0x14c8  ================ Scan system memory ========================
12:37:34.0960 0x14c8  System memory - ok
12:37:34.0960 0x14c8  ================ Scan services =============================
12:37:35.0413 0x14c8  [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
12:37:35.0506 0x14c8  1394ohci - ok
12:37:35.0538 0x14c8  [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
12:37:35.0569 0x14c8  ACPI - ok
12:37:35.0569 0x14c8  [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
12:37:35.0584 0x14c8  AcpiPmi - ok
12:37:35.0616 0x14c8  [ DE7E8D852A806BE6091983838BF9697F, DE49EAB730D19807C1C3F4D9C1D475227DF3E6A173798A39CD408C54D2DAFC0C ] ACPIService     C:\Windows\system32\DRIVERS\OSDACPI.SYS
12:37:35.0647 0x14c8  ACPIService - ok
12:37:35.0694 0x14c8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:37:35.0709 0x14c8  adp94xx - ok
12:37:35.0756 0x14c8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:37:35.0772 0x14c8  adpahci - ok
12:37:35.0787 0x14c8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:37:35.0803 0x14c8  adpu320 - ok
12:37:35.0834 0x14c8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:37:35.0896 0x14c8  AeLookupSvc - ok
12:37:35.0990 0x14c8  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
12:37:36.0006 0x14c8  AERTFilters - ok
12:37:36.0052 0x14c8  [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD             C:\Windows\system32\drivers\afd.sys
12:37:36.0115 0x14c8  AFD - ok
12:37:36.0130 0x14c8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
12:37:36.0130 0x14c8  agp440 - ok
12:37:36.0146 0x14c8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:37:36.0162 0x14c8  ALG - ok
12:37:36.0162 0x14c8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
12:37:36.0177 0x14c8  aliide - ok
12:37:36.0177 0x14c8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
12:37:36.0193 0x14c8  amdide - ok
12:37:36.0193 0x14c8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:37:36.0208 0x14c8  AmdK8 - ok
12:37:36.0208 0x14c8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:37:36.0224 0x14c8  AmdPPM - ok
12:37:36.0286 0x14c8  [ AB3166C09438A161FBDE13099A72E0AF, ED1F2AB0FC72514E104C23029D1DDCB579058A0D3968B75B1C800A6F2D49BC9F ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
12:37:36.0302 0x14c8  amdsata - ok
12:37:36.0333 0x14c8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:37:36.0349 0x14c8  amdsbs - ok
12:37:36.0349 0x14c8  [ 5118DCD2065D8C8D752AD5EC0B2D6AA6, 41BDDBB152769819A24EF08C334F13F75016D7572BB6FEBA8AE9A65BA0AAAD50 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
12:37:36.0364 0x14c8  amdxata - ok
12:37:36.0598 0x14c8  [ 3358CAD1887DDDDD2A36B7796B579292, 40BA1A836276C2AA78914F294661C3C918F2D6DFAA9D6EF3FEB6D1EE3B07F584 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
12:37:36.0645 0x14c8  AntiVirMailService - ok
12:37:36.0692 0x14c8  [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
12:37:36.0708 0x14c8  AntiVirSchedulerService - ok
12:37:36.0739 0x14c8  [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
12:37:36.0754 0x14c8  AntiVirService - ok
12:37:36.0801 0x14c8  [ 6FD5165364D88FDABE4FA59E1768376F, B82D11E6FCC297F822E29A49D46C9985955C9F5676D107A397B00D0468F93504 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
12:37:36.0848 0x14c8  AntiVirWebService - ok
12:37:36.0848 0x14c8  [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID           C:\Windows\system32\drivers\appid.sys
12:37:36.0864 0x14c8  AppID - ok
12:37:36.0895 0x14c8  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:37:36.0926 0x14c8  AppIDSvc - ok
12:37:36.0942 0x14c8  [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo         C:\Windows\System32\appinfo.dll
12:37:36.0973 0x14c8  Appinfo - ok
12:37:36.0988 0x14c8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:37:36.0988 0x14c8  arc - ok
12:37:37.0004 0x14c8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:37:37.0020 0x14c8  arcsas - ok
12:37:37.0238 0x14c8  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:37:37.0254 0x14c8  aspnet_state - ok
12:37:37.0254 0x14c8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:37:37.0316 0x14c8  AsyncMac - ok
12:37:37.0316 0x14c8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
12:37:37.0332 0x14c8  atapi - ok
12:37:37.0378 0x14c8  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:37:37.0441 0x14c8  AudioEndpointBuilder - ok
12:37:37.0472 0x14c8  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:37:37.0534 0x14c8  AudioSrv - ok
12:37:37.0612 0x14c8  [ 086CBBB45324D56AA7239046CD86149A, 602A5F993ED0D80B521BBE8343C8ABF1D6002268E20F2C62BE7EDE54A181B207 ] AVerAVF2        C:\Windows\system32\DRIVERS\AVerAVF2.sys
12:37:37.0659 0x14c8  AVerAVF2 - ok
12:37:37.0722 0x14c8  [ CC1ABBD9E61B7AA5CCBB45EA87CB033F, 4E5DE485833721E19B36455C017B9D908BAA7D12637A878934A0FAF2326E000B ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
12:37:37.0737 0x14c8  avgntflt - ok
12:37:37.0753 0x14c8  [ 07C8454D3A94BA478752FAFA2B94E0FE, EB19396D4A6D51D6C33ED55C8EF0259045801D39CCE2945931F9163D6006C133 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
12:37:37.0753 0x14c8  avipbb - ok
12:37:37.0815 0x14c8  [ 8884C9DDA76D76BADFD390B33D1DE70D, 0C7EE611C6E8255A280F1C13F7BFE493679E78D05986FB47BF5EF799637F6584 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
12:37:37.0846 0x14c8  Avira.ServiceHost - ok
12:37:37.0846 0x14c8  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
12:37:37.0862 0x14c8  avkmgr - ok
12:37:37.0862 0x14c8  [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
12:37:37.0878 0x14c8  avnetflt - ok
12:37:37.0893 0x14c8  [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:37:37.0909 0x14c8  AxInstSV - ok
12:37:37.0940 0x14c8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:37:37.0971 0x14c8  b06bdrv - ok
12:37:37.0987 0x14c8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:37:38.0002 0x14c8  b57nd60a - ok
12:37:38.0018 0x14c8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:37:38.0034 0x14c8  BDESVC - ok
12:37:38.0049 0x14c8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:37:38.0096 0x14c8  Beep - ok
12:37:38.0112 0x14c8  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE             C:\Windows\System32\bfe.dll
12:37:38.0190 0x14c8  BFE - ok
12:37:38.0236 0x14c8  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS            C:\Windows\System32\qmgr.dll
12:37:38.0314 0x14c8  BITS - ok
12:37:38.0330 0x14c8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:37:38.0346 0x14c8  blbdrive - ok
12:37:38.0346 0x14c8  [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:37:38.0392 0x14c8  bowser - ok
12:37:38.0392 0x14c8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:37:38.0408 0x14c8  BrFiltLo - ok
12:37:38.0424 0x14c8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:37:38.0439 0x14c8  BrFiltUp - ok
12:37:38.0455 0x14c8  [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser         C:\Windows\System32\browser.dll
12:37:38.0502 0x14c8  Browser - ok
12:37:38.0517 0x14c8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:37:38.0533 0x14c8  Brserid - ok
12:37:38.0533 0x14c8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:37:38.0548 0x14c8  BrSerWdm - ok
12:37:38.0564 0x14c8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:37:38.0580 0x14c8  BrUsbMdm - ok
12:37:38.0580 0x14c8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:37:38.0595 0x14c8  BrUsbSer - ok
12:37:38.0611 0x14c8  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
12:37:38.0626 0x14c8  BthEnum - ok
12:37:38.0626 0x14c8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:37:38.0642 0x14c8  BTHMODEM - ok
12:37:38.0658 0x14c8  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
12:37:38.0673 0x14c8  BthPan - ok
12:37:38.0704 0x14c8  [ A51FA9D0E85D5ADABEF72E67F386309C, 4F6F44D5E3A43239B50BCA75CBAA48FE40097E2AFF9360E1956F41ED52BD8183 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
12:37:38.0736 0x14c8  BTHPORT - ok
12:37:38.0736 0x14c8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:37:38.0782 0x14c8  bthserv - ok
12:37:38.0798 0x14c8  [ F740B9A16B2C06700F2130E19986BF3B, 92158FD1B3706DE068F077ACA9A25F5479EF282E8B81F5A2FF8A66CBB5F80FCF ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
12:37:38.0814 0x14c8  BTHUSB - ok
12:37:38.0860 0x14c8  [ 7A2CE8C1BF4DAA1F2766E21E9CA11078, 2AF02D206F60F95185894D829D7CC322C4986847153269DE186E11EE2353FBBC ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
12:37:38.0876 0x14c8  btwampfl - ok
12:37:38.0876 0x14c8  [ A75BF6802A967F5AACECC3C67FEBDF55, 7FD561C3817ABE48121926361ED12943A1EF5C0006689DCE3813697868D763B4 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
12:37:38.0892 0x14c8  btwaudio - ok
12:37:38.0892 0x14c8  [ D895DC213EDBDA5FCC53AAD1F1E0E63B, FF3B483752E45911C267367B102EA0901BE13840FDBA083D0B7FF3379C37B898 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
12:37:38.0907 0x14c8  btwavdt - ok
12:37:39.0016 0x14c8  [ 6A667ADAD3C2151131E6A478850762BE, 3A98BFB7E201EBDB55CB7C7332CF7C3D876BE03910FDA24F1146F8AAE4C39DD8 ] btwdins         c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
12:37:39.0048 0x14c8  btwdins - ok
12:37:39.0063 0x14c8  [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
12:37:39.0079 0x14c8  btwl2cap - ok
12:37:39.0079 0x14c8  [ 6D7AA2BDE0135599C5F230D69DB3B420, 5179F57976B3903B5D45C5B383C691BCB26411B5C98296F99C1F79EF863E1E0A ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
12:37:39.0094 0x14c8  btwrchid - ok
12:37:39.0188 0x14c8  [ C2600EA81C3E0A9B55FD91A55FDB2307, 1DB65E10E95D2A3C81BD87A743C363CC1262D68834AF2E950DDC8E05B33A522C ] CalendarSynchService C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
12:37:39.0204 0x14c8  CalendarSynchService - detected UnsignedFile.Multi.Generic ( 1 )
12:37:44.0430 0x14c8  Detect skipped due to KSN trusted
12:37:44.0430 0x14c8  CalendarSynchService - ok
12:37:44.0445 0x14c8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:37:44.0508 0x14c8  cdfs - ok
12:37:44.0539 0x14c8  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:37:44.0554 0x14c8  cdrom - ok
12:37:44.0586 0x14c8  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:37:44.0648 0x14c8  CertPropSvc - ok
12:37:44.0664 0x14c8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:37:44.0679 0x14c8  circlass - ok
12:37:44.0710 0x14c8  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
12:37:44.0726 0x14c8  CLFS - ok
12:37:44.0835 0x14c8  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:37:44.0851 0x14c8  clr_optimization_v2.0.50727_32 - ok
12:37:44.0944 0x14c8  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:37:44.0960 0x14c8  clr_optimization_v2.0.50727_64 - ok
12:37:45.0147 0x14c8  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:37:45.0163 0x14c8  clr_optimization_v4.0.30319_32 - ok
12:37:45.0194 0x14c8  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:37:45.0210 0x14c8  clr_optimization_v4.0.30319_64 - ok
12:37:45.0241 0x14c8  [ D68D9F4D53010B7E84D4E80A2E485554, B39D7F5737BE7C8EF6BC33595FE4538A90374E148B39BDC618163CBC30719883 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
12:37:45.0256 0x14c8  clwvd - ok
12:37:45.0256 0x14c8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:37:45.0272 0x14c8  CmBatt - ok
12:37:45.0288 0x14c8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
12:37:45.0288 0x14c8  cmdide - ok
12:37:45.0303 0x14c8  [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG             C:\Windows\system32\Drivers\cng.sys
12:37:45.0334 0x14c8  CNG - ok
12:37:45.0334 0x14c8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:37:45.0350 0x14c8  Compbatt - ok
12:37:45.0350 0x14c8  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
12:37:45.0366 0x14c8  CompositeBus - ok
12:37:45.0381 0x14c8  COMSysApp - ok
12:37:45.0381 0x14c8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:37:45.0397 0x14c8  crcdisk - ok
12:37:45.0428 0x14c8  [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:37:45.0459 0x14c8  CryptSvc - ok
12:37:45.0522 0x14c8  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:37:45.0584 0x14c8  DcomLaunch - ok
12:37:45.0615 0x14c8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:37:45.0678 0x14c8  defragsvc - ok
12:37:45.0678 0x14c8  [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:37:45.0724 0x14c8  DfsC - ok
12:37:45.0756 0x14c8  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:37:45.0787 0x14c8  Dhcp - ok
12:37:45.0787 0x14c8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:37:45.0834 0x14c8  discache - ok
12:37:45.0865 0x14c8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:37:45.0865 0x14c8  Disk - ok
12:37:45.0912 0x14c8  [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:37:45.0958 0x14c8  Dnscache - ok
12:37:45.0974 0x14c8  [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:37:46.0021 0x14c8  dot3svc - ok
12:37:46.0021 0x14c8  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS             C:\Windows\system32\dps.dll
12:37:46.0068 0x14c8  DPS - ok
12:37:46.0083 0x14c8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:37:46.0099 0x14c8  drmkaud - ok
12:37:46.0146 0x14c8  [ EBCE0B0924835F635F620D19F0529DCE, 15BF803765373264390879FCA86C6D89C92DAFD0B1A36DEFA78EF01EBA2F9C26 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:37:46.0177 0x14c8  DXGKrnl - ok
12:37:46.0224 0x14c8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:37:46.0286 0x14c8  EapHost - ok
12:37:46.0426 0x14c8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:37:46.0536 0x14c8  ebdrv - ok
12:37:46.0582 0x14c8  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS             C:\Windows\System32\lsass.exe
12:37:46.0598 0x14c8  EFS - ok
12:37:46.0707 0x14c8  [ 3D69FAE60EDE442E004611A4EE4DB44C, 480D3F7604C9A70570BBFFF3CA0FABA216805BB38D4F8A73BB50996B547D8017 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:37:46.0754 0x14c8  ehRecvr - ok
12:37:46.0770 0x14c8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:37:46.0785 0x14c8  ehSched - ok
12:37:46.0801 0x14c8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:37:46.0832 0x14c8  elxstor - ok
12:37:46.0832 0x14c8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
12:37:46.0848 0x14c8  ErrDev - ok
12:37:46.0894 0x14c8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:37:46.0941 0x14c8  EventSystem - ok
12:37:46.0957 0x14c8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:37:47.0004 0x14c8  exfat - ok
12:37:47.0004 0x14c8  ezSharedSvc - ok
12:37:47.0019 0x14c8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:37:47.0066 0x14c8  fastfat - ok
12:37:47.0097 0x14c8  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax             C:\Windows\system32\fxssvc.exe
12:37:47.0128 0x14c8  Fax - ok
12:37:47.0144 0x14c8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:37:47.0144 0x14c8  fdc - ok
12:37:47.0175 0x14c8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:37:47.0222 0x14c8  fdPHost - ok
12:37:47.0222 0x14c8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:37:47.0269 0x14c8  FDResPub - ok
12:37:47.0269 0x14c8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:37:47.0284 0x14c8  FileInfo - ok
12:37:47.0284 0x14c8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:37:47.0331 0x14c8  Filetrace - ok
12:37:47.0362 0x14c8  [ 35DAAD359197828D3CF3965764F5D82C, 03EFC98BCDBB568FDDE9FD0BAD604AEF2FFFA91484EBAEEA25CEA8BE0B72913C ] FintekCIR       C:\Windows\system32\DRIVERS\FintekCIR.sys
12:37:47.0362 0x14c8  FintekCIR - ok
12:37:47.0378 0x14c8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:37:47.0394 0x14c8  flpydisk - ok
12:37:47.0409 0x14c8  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:37:47.0425 0x14c8  FltMgr - ok
12:37:47.0472 0x14c8  [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A, 6587B22ED91F98D3E3614967F62D7A58F42C12F45F8E1D47835D195CD350BC54 ] FontCache       C:\Windows\system32\FntCache.dll
12:37:47.0550 0x14c8  FontCache - ok
12:37:47.0596 0x14c8  [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:37:47.0596 0x14c8  FontCache3.0.0.0 - ok
12:37:47.0612 0x14c8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:37:47.0628 0x14c8  FsDepends - ok
12:37:47.0628 0x14c8  [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:37:47.0643 0x14c8  Fs_Rec - ok
12:37:47.0643 0x14c8  [ B8B2A6E1558F8F5DE5CE431C5B2C7B09, 24A9F04A0622681A4E4B6BCC47C45016787C6036EAD828920812D9FAD49A71E3 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:37:47.0659 0x14c8  fvevol - ok
12:37:47.0690 0x14c8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:37:47.0690 0x14c8  gagp30kx - ok
12:37:47.0908 0x14c8  [ D154305DE6090E6E84E525F84BB08A06, 7B235178C3F26043AB7DB9EAD9A2185CEAF3C07BC48D63CA0EB6D56BCFEDF41A ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
12:37:47.0924 0x14c8  GameConsoleService - ok
12:37:48.0002 0x14c8  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:37:48.0033 0x14c8  gpsvc - ok
12:37:48.0049 0x14c8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:37:48.0064 0x14c8  hcw85cir - ok
12:37:48.0080 0x14c8  [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:37:48.0111 0x14c8  HdAudAddService - ok
12:37:48.0127 0x14c8  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
12:37:48.0142 0x14c8  HDAudBus - ok
12:37:48.0189 0x14c8  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
12:37:48.0205 0x14c8  HECIx64 - ok
12:37:48.0205 0x14c8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:37:48.0220 0x14c8  HidBatt - ok
12:37:48.0220 0x14c8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:37:48.0236 0x14c8  HidBth - ok
12:37:48.0252 0x14c8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:37:48.0267 0x14c8  HidIr - ok
12:37:48.0298 0x14c8  [ AC0E56C858B86732420A44827B7CE2C9, 97E7A97C014456D9C3F330CDBDC28EA9E52BEF5533E632B41D37A81BADA09D66 ] hidkmdf         C:\Windows\system32\DRIVERS\hidkmdf.sys
12:37:48.0298 0x14c8  hidkmdf - ok
12:37:48.0314 0x14c8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
12:37:48.0361 0x14c8  hidserv - ok
12:37:48.0361 0x14c8  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:37:48.0376 0x14c8  HidUsb - ok
12:37:48.0408 0x14c8  [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:37:48.0454 0x14c8  hkmsvc - ok
12:37:48.0486 0x14c8  [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:37:48.0501 0x14c8  HomeGroupListener - ok
12:37:48.0517 0x14c8  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:37:48.0532 0x14c8  HomeGroupProvider - ok
12:37:48.0579 0x14c8  [ 37965381364B2E106E1DD7D74CDCAA43, 94C30FA88140E802A549549856145824122F138C2697301CDCAAEEEEA3858E12 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
12:37:48.0595 0x14c8  HP Health Check Service - ok
12:37:48.0657 0x14c8  [ DA075126F867727810EE9B98B3041C4C, 3298D7FDB79C64DE73B8C4309E3997311DD50BBF3FF5BE4C6800EF22AB491EEE ] HPAuto          C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
12:37:48.0688 0x14c8  HPAuto - ok
12:37:48.0720 0x14c8  [ 3DC11A802353401332D49C3CBFBBE5FC, E812E8A4ED64FEC346BE6B175CE651CFC553A23F31B0ABC5D50E6995A7F130DF ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
12:37:48.0735 0x14c8  HPClientSvc - ok
12:37:48.0766 0x14c8  [ A48A151D3FA7CB032A51453F087221C7, A74EFC7DC4F75BF29C9B459DCDF4D04F13F868D3D10F8D73606A5F03811170CA ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
12:37:48.0782 0x14c8  HPDrvMntSvc.exe - ok
12:37:48.0813 0x14c8  [ 71BD8A611E0677175D3938C9CEA7339A, 40A67671D231DAD8E9AEB5E38BCB8389192B373FD02ACCF960E9F287E1D8C9AD ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
12:37:48.0844 0x14c8  hpqwmiex - ok
12:37:48.0844 0x14c8  [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
12:37:48.0860 0x14c8  HpSAMD - ok
12:37:48.0876 0x14c8  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:37:48.0954 0x14c8  HTTP - ok
12:37:48.0954 0x14c8  [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:37:48.0954 0x14c8  hwpolicy - ok
12:37:48.0969 0x14c8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
12:37:48.0985 0x14c8  i8042prt - ok
12:37:49.0016 0x14c8  [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
12:37:49.0032 0x14c8  iaStor - ok
12:37:49.0047 0x14c8  [ 513DC087CFED7D2BB82F005385D3531F, 8ABEABCA28C1701A70261122D00CF550F845A43414A71885E301124F9F215351 ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
12:37:49.0063 0x14c8  iaStorV - ok
12:37:49.0110 0x14c8  [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:37:49.0141 0x14c8  idsvc - ok
12:37:49.0156 0x14c8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:37:49.0156 0x14c8  iirsp - ok
12:37:49.0203 0x14c8  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT          C:\Windows\System32\ikeext.dll
12:37:49.0266 0x14c8  IKEEXT - ok
12:37:49.0406 0x14c8  [ CB5FD9B681AD43B560490B5283DDC1C1, 359F4ACE7BE0FD6BF710AD1EEA48ED3F9E4A97A2B8318EC5616E34449D0C774F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:37:49.0468 0x14c8  IntcAzAudAddService - ok
12:37:49.0484 0x14c8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
12:37:49.0484 0x14c8  intelide - ok
12:37:49.0500 0x14c8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:37:49.0515 0x14c8  intelppm - ok
12:37:49.0546 0x14c8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:37:49.0593 0x14c8  IPBusEnum - ok
12:37:49.0593 0x14c8  [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:37:49.0640 0x14c8  IpFilterDriver - ok
12:37:49.0656 0x14c8  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:37:49.0718 0x14c8  iphlpsvc - ok
12:37:49.0718 0x14c8  [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
12:37:49.0734 0x14c8  IPMIDRV - ok
12:37:49.0749 0x14c8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:37:49.0796 0x14c8  IPNAT - ok
12:37:49.0796 0x14c8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:37:49.0812 0x14c8  IRENUM - ok
12:37:49.0812 0x14c8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
12:37:49.0827 0x14c8  isapnp - ok
12:37:49.0843 0x14c8  [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
12:37:49.0858 0x14c8  iScsiPrt - ok
12:37:49.0874 0x14c8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:37:49.0890 0x14c8  kbdclass - ok
12:37:49.0890 0x14c8  [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:37:49.0905 0x14c8  kbdhid - ok
12:37:49.0921 0x14c8  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso          C:\Windows\system32\lsass.exe
12:37:49.0936 0x14c8  KeyIso - ok
12:37:49.0952 0x14c8  [ E8B6FCC9C83535C67F835D407620BD27, 74B63F3BFB756FF0B0AD6A6C1535C0A1A0630295ECCBC078B00F2449718B0870 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:37:49.0952 0x14c8  KSecDD - ok
12:37:49.0983 0x14c8  [ A8C63880EF6F4D3FEC7B616B9C060215, 036AE3ABBF991F5748C5C46E1DF62FBBC832BCDBF8C1B6E3C22A22A3703BBBCA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:37:49.0983 0x14c8  KSecPkg - ok
12:37:49.0999 0x14c8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:37:50.0030 0x14c8  ksthunk - ok
12:37:50.0092 0x14c8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:37:50.0186 0x14c8  KtmRm - ok
12:37:50.0202 0x14c8  [ C926920B8978DE6ACFE9E15C709E9B57, 33B8002ABC30372B1CA8B6EC046757794CD7C9DA3CA4715B515B6894DC7E45CA ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:37:50.0248 0x14c8  LanmanServer - ok
12:37:50.0264 0x14c8  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:37:50.0311 0x14c8  LanmanWorkstation - ok
12:37:50.0389 0x14c8  [ B1E1C8BB1392537E4D415FCDCB93B1D3, 8F47F88743C1FA0CD9EABF712BD42FDAE04BEFD8568A5BD74CA3146AA975D08E ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
12:37:50.0404 0x14c8  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
12:37:52.0807 0x14c8  Detect skipped due to KSN trusted
12:37:52.0807 0x14c8  LightScribeService - ok
12:37:52.0822 0x14c8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:37:52.0869 0x14c8  lltdio - ok
12:37:52.0900 0x14c8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:37:52.0963 0x14c8  lltdsvc - ok
12:37:52.0963 0x14c8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:37:53.0010 0x14c8  lmhosts - ok
12:37:53.0072 0x14c8  [ E38775922D4A4C05B5D96733AB4CE169, 92888BF351C4249C81189CA7F25419077017DD2F1F88FD91D1F4A51CEBF98A62 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:37:53.0088 0x14c8  LMS - ok
12:37:53.0103 0x14c8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:37:53.0119 0x14c8  LSI_FC - ok
12:37:53.0134 0x14c8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:37:53.0150 0x14c8  LSI_SAS - ok
12:37:53.0150 0x14c8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:37:53.0166 0x14c8  LSI_SAS2 - ok
12:37:53.0166 0x14c8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:37:53.0181 0x14c8  LSI_SCSI - ok
12:37:53.0181 0x14c8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:37:53.0228 0x14c8  luafv - ok
12:37:53.0244 0x14c8  [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:37:53.0259 0x14c8  Mcx2Svc - ok
12:37:53.0259 0x14c8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:37:53.0275 0x14c8  megasas - ok
12:37:53.0275 0x14c8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:37:53.0290 0x14c8  MegaSR - ok
12:37:53.0337 0x14c8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:37:53.0384 0x14c8  MMCSS - ok
12:37:53.0384 0x14c8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:37:53.0431 0x14c8  Modem - ok
12:37:53.0431 0x14c8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:37:53.0446 0x14c8  monitor - ok
12:37:53.0462 0x14c8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:37:53.0462 0x14c8  mouclass - ok
12:37:53.0478 0x14c8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:37:53.0493 0x14c8  mouhid - ok
12:37:53.0493 0x14c8  [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:37:53.0509 0x14c8  mountmgr - ok
12:37:53.0524 0x14c8  [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
12:37:53.0524 0x14c8  mpio - ok
12:37:53.0540 0x14c8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:37:53.0587 0x14c8  mpsdrv - ok
12:37:53.0634 0x14c8  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:37:53.0696 0x14c8  MpsSvc - ok
12:37:53.0712 0x14c8  [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:37:53.0727 0x14c8  MRxDAV - ok
12:37:53.0743 0x14c8  [ 767A4C3BCF9410C286CED15A2DB17108, D9EA9EF7D4048081B132B804E0AE5A60A58FA6B25B7F5B87D5D7E354B2D94C79 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:37:53.0758 0x14c8  mrxsmb - ok
12:37:53.0774 0x14c8  [ 920EE0FF995FCFDEB08C41605A959E1C, 977195011912166F7C7E209D90B973E3F507B5297504AF9B6797FA8D1051534C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:37:53.0790 0x14c8  mrxsmb10 - ok
12:37:53.0790 0x14c8  [ 740D7EA9D72C981510A5292CF6ADC941, C55C2F73410C008F829D194EF072721A8D7945BCC48458982D2409761908E7AE ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:37:53.0805 0x14c8  mrxsmb20 - ok
12:37:53.0821 0x14c8  [ 2BA4FF3D5EB68587DD662A896F649C7D, E7262683BC370A279C33D0B83F7CE445E51584F0CF3DDA5FBB1C808265CDDB30 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
12:37:53.0821 0x14c8  msahci - ok
12:37:53.0836 0x14c8  [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
12:37:53.0852 0x14c8  msdsm - ok
12:37:53.0868 0x14c8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:37:53.0883 0x14c8  MSDTC - ok
12:37:53.0899 0x14c8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:37:53.0930 0x14c8  Msfs - ok
12:37:53.0946 0x14c8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:37:53.0977 0x14c8  mshidkmdf - ok
12:37:53.0992 0x14c8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
12:37:53.0992 0x14c8  msisadrv - ok
12:37:54.0008 0x14c8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:37:54.0055 0x14c8  MSiSCSI - ok
12:37:54.0070 0x14c8  msiserver - ok
12:37:54.0070 0x14c8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:37:54.0102 0x14c8  MSKSSRV - ok
12:37:54.0117 0x14c8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:37:54.0148 0x14c8  MSPCLOCK - ok
12:37:54.0148 0x14c8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:37:54.0195 0x14c8  MSPQM - ok
12:37:54.0211 0x14c8  [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:37:54.0226 0x14c8  MsRPC - ok
12:37:54.0226 0x14c8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
12:37:54.0242 0x14c8  mssmbios - ok
12:37:54.0242 0x14c8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:37:54.0289 0x14c8  MSTEE - ok
12:37:54.0289 0x14c8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:37:54.0304 0x14c8  MTConfig - ok
12:37:54.0304 0x14c8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:37:54.0320 0x14c8  Mup - ok
12:37:54.0336 0x14c8  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent        C:\Windows\system32\qagentRT.dll
12:37:54.0398 0x14c8  napagent - ok
12:37:54.0414 0x14c8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:37:54.0445 0x14c8  NativeWifiP - ok
12:37:54.0476 0x14c8  [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:37:54.0507 0x14c8  NDIS - ok
12:37:54.0523 0x14c8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:37:54.0554 0x14c8  NdisCap - ok
12:37:54.0570 0x14c8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:37:54.0601 0x14c8  NdisTapi - ok
12:37:54.0616 0x14c8  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:37:54.0663 0x14c8  Ndisuio - ok
12:37:54.0663 0x14c8  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:37:54.0710 0x14c8  NdisWan - ok
12:37:54.0710 0x14c8  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:37:54.0757 0x14c8  NDProxy - ok
12:37:54.0757 0x14c8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:37:54.0804 0x14c8  NetBIOS - ok
12:37:54.0819 0x14c8  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:37:54.0866 0x14c8  NetBT - ok
12:37:54.0866 0x14c8  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon        C:\Windows\system32\lsass.exe
12:37:54.0882 0x14c8  Netlogon - ok
12:37:54.0913 0x14c8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:37:54.0960 0x14c8  Netman - ok
12:37:55.0006 0x14c8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:37:55.0006 0x14c8  NetMsmqActivator - ok
12:37:55.0022 0x14c8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:37:55.0038 0x14c8  NetPipeActivator - ok
12:37:55.0053 0x14c8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:37:55.0100 0x14c8  netprofm - ok
12:37:55.0194 0x14c8  [ 1982B291DF9833FB3ADC397EBD310A18, 09E97EE548218558625A49AC88BF761153E15F6F429DDCEE6B184590BAE6BC0A ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
12:37:55.0256 0x14c8  netr28x - ok
12:37:55.0272 0x14c8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:37:55.0272 0x14c8  NetTcpActivator - ok
12:37:55.0287 0x14c8  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:37:55.0287 0x14c8  NetTcpPortSharing - ok
12:37:55.0303 0x14c8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:37:55.0318 0x14c8  nfrd960 - ok
12:37:55.0350 0x14c8  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:37:55.0396 0x14c8  NlaSvc - ok
12:37:55.0552 0x14c8  [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
12:37:55.0646 0x14c8  NOBU - ok
12:37:55.0646 0x14c8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:37:55.0693 0x14c8  Npfs - ok
12:37:55.0708 0x14c8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:37:55.0755 0x14c8  nsi - ok
12:37:55.0755 0x14c8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:37:55.0802 0x14c8  nsiproxy - ok
12:37:55.0849 0x14c8  [ 1AD8FEF2D6AC7116B68B887A9782FD33, C3C584AA1B927AF775CCE4C5D95837535479EF2CA019393C7226FA5D2E854E26 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:37:55.0911 0x14c8  Ntfs - ok
12:37:55.0911 0x14c8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:37:55.0958 0x14c8  Null - ok
12:37:56.0364 0x14c8  [ 2218C0F9D4C694460340F2F8ADCCC9C0, 21F27ACD79A00C5E135B9107E3543047A002DBE3B01ADF24F83360BE3C962213 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:37:56.0676 0x14c8  nvlddmkm - ok
12:37:56.0707 0x14c8  [ DEAB10231CBDB0881FC25428EBE11506, 3FF30FD757B70B79F4D49298DD5A594787229E577B9AEED0EBF561470FDFB998 ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
12:37:56.0722 0x14c8  nvraid - ok
12:37:56.0738 0x14c8  [ 0AF7B8136794E23E87BE138992880E64, F7C5E192563DB7716E5594931CB1E0497A8819A86F29633654A659793F5294A8 ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
12:37:56.0738 0x14c8  nvstor - ok
12:37:56.0769 0x14c8  [ 5218967E54DBC9CB4AAEA53247A0F275, ED6B79623CD024C795DA14EBCDE0E8CC9EA2ACA5F0927D734E02612788A3CEE8 ] nvsvc           C:\Windows\system32\nvvsvc.exe
12:37:56.0785 0x14c8  nvsvc - ok
12:37:56.0800 0x14c8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
12:37:56.0816 0x14c8  nv_agp - ok
12:37:56.0832 0x14c8  [ 1490B742E560E337AC6D2F80CE9FE14B, DD12429EA600F882D6A92B8830049A37BA0273F6DB9A924F82489B84173E5523 ] NW1950          C:\Windows\system32\DRIVERS\NW1950.sys
12:37:56.0832 0x14c8  NW1950 - ok
12:37:56.0847 0x14c8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
12:37:56.0863 0x14c8  ohci1394 - ok
12:37:56.0894 0x14c8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:37:56.0910 0x14c8  p2pimsvc - ok
12:37:56.0925 0x14c8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:37:56.0956 0x14c8  p2psvc - ok
12:37:56.0972 0x14c8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:37:56.0988 0x14c8  Parport - ok
12:37:56.0988 0x14c8  [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:37:57.0003 0x14c8  partmgr - ok
12:37:57.0003 0x14c8  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:37:57.0034 0x14c8  PcaSvc - ok
12:37:57.0034 0x14c8  [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci             C:\Windows\system32\DRIVERS\pci.sys
12:37:57.0050 0x14c8  pci - ok
12:37:57.0050 0x14c8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
12:37:57.0066 0x14c8  pciide - ok
12:37:57.0081 0x14c8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:37:57.0097 0x14c8  pcmcia - ok
12:37:57.0097 0x14c8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:37:57.0112 0x14c8  pcw - ok
12:37:57.0128 0x14c8  pdfcDispatcher - ok
12:37:57.0175 0x14c8  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:37:57.0237 0x14c8  PEAUTH - ok
12:37:57.0518 0x14c8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:37:57.0549 0x14c8  PerfHost - ok
12:37:57.0627 0x14c8  [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla             C:\Windows\system32\pla.dll
12:37:57.0705 0x14c8  pla - ok
12:37:57.0736 0x14c8  [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:37:57.0799 0x14c8  PlugPlay - ok
12:37:57.0814 0x14c8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:37:57.0830 0x14c8  PNRPAutoReg - ok
12:37:57.0830 0x14c8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:37:57.0861 0x14c8  PNRPsvc - ok
12:37:57.0924 0x14c8  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:37:57.0970 0x14c8  PolicyAgent - ok
12:37:57.0986 0x14c8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:37:58.0033 0x14c8  Power - ok
12:37:58.0048 0x14c8  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:37:58.0095 0x14c8  PptpMiniport - ok
12:37:58.0111 0x14c8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:37:58.0126 0x14c8  Processor - ok
12:37:58.0142 0x14c8  [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc         C:\Windows\system32\profsvc.dll
12:37:58.0189 0x14c8  ProfSvc - ok
12:37:58.0204 0x14c8  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:37:58.0220 0x14c8  ProtectedStorage - ok
12:37:58.0236 0x14c8  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:37:58.0267 0x14c8  Psched - ok
12:37:58.0360 0x14c8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:37:58.0407 0x14c8  ql2300 - ok
12:37:58.0407 0x14c8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:37:58.0423 0x14c8  ql40xx - ok
12:37:58.0454 0x14c8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:37:58.0470 0x14c8  QWAVE - ok
12:37:58.0485 0x14c8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:37:58.0501 0x14c8  QWAVEdrv - ok
12:37:58.0501 0x14c8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:37:58.0548 0x14c8  RasAcd - ok
12:37:58.0579 0x14c8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:37:58.0626 0x14c8  RasAgileVpn - ok
12:37:58.0626 0x14c8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:37:58.0672 0x14c8  RasAuto - ok
12:37:58.0688 0x14c8  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:37:58.0735 0x14c8  Rasl2tp - ok
12:37:58.0766 0x14c8  [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan          C:\Windows\System32\rasmans.dll
12:37:58.0828 0x14c8  RasMan - ok
12:37:58.0828 0x14c8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:37:58.0875 0x14c8  RasPppoe - ok
12:37:58.0875 0x14c8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:37:58.0922 0x14c8  RasSstp - ok
12:37:58.0938 0x14c8  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:37:58.0984 0x14c8  rdbss - ok
12:37:58.0984 0x14c8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:37:59.0000 0x14c8  rdpbus - ok
12:37:59.0000 0x14c8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:37:59.0047 0x14c8  RDPCDD - ok
12:37:59.0047 0x14c8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:37:59.0094 0x14c8  RDPENCDD - ok
12:37:59.0094 0x14c8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:37:59.0140 0x14c8  RDPREFMP - ok
12:37:59.0140 0x14c8  [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7, 02179089E0816AD544F370A8A3557498D09981F60CC94E497DC4A5A2BBBE1E48 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:37:59.0218 0x14c8  RDPWD - ok
12:37:59.0218 0x14c8  [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:37:59.0234 0x14c8  rdyboost - ok
12:37:59.0265 0x14c8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:37:59.0312 0x14c8  RemoteAccess - ok
12:37:59.0328 0x14c8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:37:59.0374 0x14c8  RemoteRegistry - ok
12:37:59.0390 0x14c8  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
12:37:59.0406 0x14c8  RFCOMM - ok
12:37:59.0437 0x14c8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:37:59.0484 0x14c8  RpcEptMapper - ok
12:37:59.0515 0x14c8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:37:59.0530 0x14c8  RpcLocator - ok
12:37:59.0577 0x14c8  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs           C:\Windows\system32\rpcss.dll
12:37:59.0640 0x14c8  RpcSs - ok
12:37:59.0640 0x14c8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:37:59.0686 0x14c8  rspndr - ok
12:37:59.0733 0x14c8  [ 3B01789EE4EAEE97F5EB46B711387D5E, 154D6D409E02AAEA8CC34FA70F71630D67A31F033F65EE854448112C45F164B4 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
12:37:59.0749 0x14c8  RTL8167 - ok
12:37:59.0749 0x14c8  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs           C:\Windows\system32\lsass.exe
12:37:59.0764 0x14c8  SamSs - ok
12:37:59.0780 0x14c8  [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
12:37:59.0796 0x14c8  sbp2port - ok
12:37:59.0827 0x14c8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:37:59.0874 0x14c8  SCardSvr - ok
12:37:59.0874 0x14c8  [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:37:59.0920 0x14c8  scfilter - ok
12:37:59.0967 0x14c8  [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] Schedule        C:\Windows\system32\schedsvc.dll
12:38:00.0045 0x14c8  Schedule - ok
12:38:00.0076 0x14c8  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:38:00.0108 0x14c8  SCPolicySvc - ok
12:38:00.0123 0x14c8  [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:38:00.0139 0x14c8  SDRSVC - ok
12:38:00.0217 0x14c8  [ 331E7BDE228914574FC9AE6CD520DAFA, 15C6364E73328E86E431DA0960DEE794F96A6E83FF82C9CA181E70127E395311 ] SeaPort         C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
12:38:00.0232 0x14c8  SeaPort - ok
12:38:00.0232 0x14c8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:38:00.0279 0x14c8  secdrv - ok
12:38:00.0295 0x14c8  [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon        C:\Windows\system32\seclogon.dll
12:38:00.0326 0x14c8  seclogon - ok
12:38:00.0342 0x14c8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:38:00.0388 0x14c8  SENS - ok
12:38:00.0404 0x14c8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:38:00.0420 0x14c8  SensrSvc - ok
12:38:00.0420 0x14c8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:38:00.0435 0x14c8  Serenum - ok
12:38:00.0435 0x14c8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:38:00.0451 0x14c8  Serial - ok
12:38:00.0466 0x14c8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:38:00.0482 0x14c8  sermouse - ok
12:38:00.0482 0x14c8  [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv      C:\Windows\system32\sessenv.dll
12:38:00.0529 0x14c8  SessionEnv - ok
12:38:00.0529 0x14c8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
12:38:00.0544 0x14c8  sffdisk - ok
12:38:00.0544 0x14c8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
12:38:00.0560 0x14c8  sffp_mmc - ok
12:38:00.0560 0x14c8  [ 178298F767FE638C9FEDCBDEF58BB5E4, 053D12CFEE5C54EA7D06F9C9CAE93544FE258A4825CDE2A14090BC81A96E1CF7 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
12:38:00.0576 0x14c8  sffp_sd - ok
12:38:00.0576 0x14c8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:38:00.0591 0x14c8  sfloppy - ok
12:38:00.0622 0x14c8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:38:00.0669 0x14c8  SharedAccess - ok
12:38:00.0700 0x14c8  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:38:00.0732 0x14c8  ShellHWDetection - ok
12:38:00.0732 0x14c8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:38:00.0747 0x14c8  SiSRaid2 - ok
12:38:00.0747 0x14c8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:38:00.0763 0x14c8  SiSRaid4 - ok
12:38:00.0763 0x14c8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:38:00.0810 0x14c8  Smb - ok
12:38:00.0825 0x14c8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:38:00.0841 0x14c8  SNMPTRAP - ok
12:38:00.0841 0x14c8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:38:00.0856 0x14c8  spldr - ok
12:38:00.0888 0x14c8  [ F8E1FA03CB70D54A9892AC88B91D1E7B, 55EECAAD4C7EC0868BE937F4ADDA026AFDFCC614E94DE4B3248BFF2BE7FF13E8 ] Spooler         C:\Windows\System32\spoolsv.exe
12:38:00.0919 0x14c8  Spooler - ok
12:38:01.0075 0x14c8  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc          C:\Windows\system32\sppsvc.exe
12:38:01.0200 0x14c8  sppsvc - ok
12:38:01.0215 0x14c8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:38:01.0262 0x14c8  sppuinotify - ok
12:38:01.0278 0x14c8  [ 43067A65522EAEC33D31A12D6FA8E3F4, 244CE66A10B34DC756962D0A164B34B98D89AB41B64C7AAF1F31E8642D8B013B ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:38:01.0293 0x14c8  srv - ok
12:38:01.0309 0x14c8  [ 03715CF9C30B563DA35FC5F2B8F7B8E0, 694EE380955AAD3E21DD72D2656141017E113EC726E5CBE856EF4D7E4FE10387 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:38:01.0340 0x14c8  srv2 - ok
12:38:01.0340 0x14c8  [ FBD09635227A8026C0F7790F604343C6, 582D40DD57D33BF79642E6DF069E82187EF79978B7192D669FD21678B0D8A9C4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:38:01.0356 0x14c8  srvnet - ok
12:38:01.0371 0x14c8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:38:01.0418 0x14c8  SSDPSRV - ok
12:38:01.0434 0x14c8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:38:01.0480 0x14c8  SstpSvc - ok
12:38:01.0480 0x14c8  Steam Client Service - ok
12:38:01.0496 0x14c8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:38:01.0496 0x14c8  stexstor - ok
12:38:01.0527 0x14c8  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc          C:\Windows\System32\wiaservc.dll
12:38:01.0574 0x14c8  stisvc - ok
12:38:01.0574 0x14c8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
12:38:01.0574 0x14c8  swenum - ok
12:38:01.0621 0x14c8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:38:01.0668 0x14c8  swprv - ok
12:38:01.0746 0x14c8  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain         C:\Windows\system32\sysmain.dll
12:38:01.0824 0x14c8  SysMain - ok
12:38:01.0839 0x14c8  [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:38:01.0855 0x14c8  TabletInputService - ok
12:38:01.0870 0x14c8  [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:38:01.0917 0x14c8  TapiSrv - ok
12:38:01.0933 0x14c8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:38:01.0980 0x14c8  TBS - ok
12:38:02.0058 0x14c8  [ 90A2D722CF64D911879D6C4A4F802A4D, 2D825BC1FD73315BF51F36CAEF6A8EFE9042A4C260151C6351064260CF699194 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:38:02.0120 0x14c8  Tcpip - ok
12:38:02.0198 0x14c8  [ 90A2D722CF64D911879D6C4A4F802A4D, 2D825BC1FD73315BF51F36CAEF6A8EFE9042A4C260151C6351064260CF699194 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:38:02.0260 0x14c8  TCPIP6 - ok
12:38:02.0276 0x14c8  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:38:02.0323 0x14c8  tcpipreg - ok
12:38:02.0323 0x14c8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:38:02.0370 0x14c8  TDPIPE - ok
12:38:02.0370 0x14c8  [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:38:02.0416 0x14c8  TDTCP - ok
12:38:02.0416 0x14c8  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:38:02.0463 0x14c8  tdx - ok
12:38:02.0479 0x14c8  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
12:38:02.0479 0x14c8  TermDD - ok
12:38:02.0526 0x14c8  [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService     C:\Windows\System32\termsrv.dll
12:38:02.0588 0x14c8  TermService - ok
12:38:02.0604 0x14c8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:38:02.0619 0x14c8  Themes - ok
12:38:02.0635 0x14c8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:38:02.0682 0x14c8  THREADORDER - ok
12:38:02.0697 0x14c8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:38:02.0744 0x14c8  TrkWks - ok
12:38:02.0822 0x14c8  [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:38:02.0853 0x14c8  TrustedInstaller - ok
12:38:02.0853 0x14c8  [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:38:02.0900 0x14c8  tssecsrv - ok
12:38:02.0916 0x14c8  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:38:02.0962 0x14c8  tunnel - ok
12:38:02.0962 0x14c8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:38:02.0978 0x14c8  uagp35 - ok
12:38:02.0994 0x14c8  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:38:03.0040 0x14c8  udfs - ok
12:38:03.0056 0x14c8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:38:03.0072 0x14c8  UI0Detect - ok
12:38:03.0072 0x14c8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
12:38:03.0087 0x14c8  uliagpkx - ok
12:38:03.0087 0x14c8  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:38:03.0103 0x14c8  umbus - ok
12:38:03.0118 0x14c8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:38:03.0118 0x14c8  UmPass - ok
12:38:03.0290 0x14c8  [ 02C298382359653BEC4C737C2AB7F9C5, 44F285478591DAD476B7FDF5F15A78C76FE3FB207408D1C665ACD54B758EAC1B ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:38:03.0352 0x14c8  UNS - ok
12:38:03.0384 0x14c8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:38:03.0446 0x14c8  upnphost - ok
12:38:03.0446 0x14c8  [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:38:03.0462 0x14c8  usbccgp - ok
12:38:03.0462 0x14c8  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
12:38:03.0493 0x14c8  usbcir - ok
12:38:03.0508 0x14c8  [ DF9F9AFC9AAABD8ED47975D44E38169A, 3EB9E900F35B13208D4B3F9FF3B42972EF3FAFEE1225CC144AC2340410B991C8 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
12:38:03.0524 0x14c8  usbehci - ok
12:38:03.0540 0x14c8  [ 372A91BC3C6603080A793880B0873785, DC24793760922B92278335AF3B752EBE4373132A1D5CD02EF86466DCC90EB560 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:38:03.0555 0x14c8  usbhub - ok
12:38:03.0555 0x14c8  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
12:38:03.0571 0x14c8  usbohci - ok
12:38:03.0586 0x14c8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:38:03.0602 0x14c8  usbprint - ok
12:38:03.0602 0x14c8  [ A60E7E0FA88FF067D049D525547CD5E9, A6929516C9FDB1C3537F3D65590A4026536E6131AFC9B9F70241EE76ACE191D3 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:38:03.0618 0x14c8  USBSTOR - ok
12:38:03.0618 0x14c8  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
12:38:03.0633 0x14c8  usbuhci - ok
12:38:03.0680 0x14c8  [ D501E12614B00A3252073101D6A1A74B, DFA3A83978125B3CE45C71DD9069E8A7938366D0F4B4B2401CDD07251253FA8C ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
12:38:03.0696 0x14c8  usbvideo - ok
12:38:03.0711 0x14c8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:38:03.0758 0x14c8  UxSms - ok
12:38:03.0774 0x14c8  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc        C:\Windows\system32\lsass.exe
12:38:03.0789 0x14c8  VaultSvc - ok
12:38:03.0789 0x14c8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
12:38:03.0805 0x14c8  vdrvroot - ok
12:38:03.0836 0x14c8  [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds             C:\Windows\System32\vds.exe
12:38:03.0867 0x14c8  vds - ok
12:38:03.0867 0x14c8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:38:03.0883 0x14c8  vga - ok
12:38:03.0883 0x14c8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:38:03.0930 0x14c8  VgaSave - ok
12:38:03.0945 0x14c8  [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
12:38:03.0961 0x14c8  vhdmp - ok
12:38:03.0961 0x14c8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
12:38:03.0976 0x14c8  viaide - ok
12:38:03.0976 0x14c8  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
12:38:03.0992 0x14c8  volmgr - ok
12:38:03.0992 0x14c8  [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:38:04.0023 0x14c8  volmgrx - ok
12:38:04.0023 0x14c8  [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
12:38:04.0039 0x14c8  volsnap - ok
12:38:04.0054 0x14c8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:38:04.0070 0x14c8  vsmraid - ok
12:38:04.0148 0x14c8  [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS             C:\Windows\system32\vssvc.exe
12:38:04.0210 0x14c8  VSS - ok
12:38:04.0226 0x14c8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
12:38:04.0242 0x14c8  vwifibus - ok
12:38:04.0242 0x14c8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
12:38:04.0273 0x14c8  vwififlt - ok
12:38:04.0288 0x14c8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:38:04.0335 0x14c8  W32Time - ok
12:38:04.0351 0x14c8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:38:04.0366 0x14c8  WacomPen - ok
12:38:04.0366 0x14c8  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:38:04.0413 0x14c8  WANARP - ok
12:38:04.0413 0x14c8  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:38:04.0460 0x14c8  Wanarpv6 - ok
12:38:04.0538 0x14c8  [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine        C:\Windows\system32\wbengine.exe
12:38:04.0600 0x14c8  wbengine - ok
12:38:04.0616 0x14c8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:38:04.0632 0x14c8  WbioSrvc - ok
12:38:04.0647 0x14c8  [ 8321C2CA3B62B61B293CDA3451984468, 856A079C2CCC75D633EA23E410D7F3ECDF368EAAAFF634CB82DDA545FD3A2F9C ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:38:04.0678 0x14c8  wcncsvc - ok
12:38:04.0678 0x14c8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:38:04.0694 0x14c8  WcsPlugInService - ok
12:38:04.0710 0x14c8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:38:04.0710 0x14c8  Wd - ok
12:38:04.0725 0x14c8  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:38:04.0756 0x14c8  Wdf01000 - ok
12:38:04.0788 0x14c8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:38:04.0803 0x14c8  WdiServiceHost - ok
12:38:04.0819 0x14c8  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:38:04.0834 0x14c8  WdiSystemHost - ok
12:38:04.0850 0x14c8  [ 8A438CBB8C032A0C798B0C642FFBE572, 3200B9B6A7B87C1C47295FA416C99DE1FBB2DBBA3DA78D5CC88C26DCC4189D45 ] WebClient       C:\Windows\System32\webclnt.dll
12:38:04.0866 0x14c8  WebClient - ok
12:38:04.0897 0x14c8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:38:04.0944 0x14c8  Wecsvc - ok
12:38:04.0944 0x14c8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:38:04.0990 0x14c8  wercplsupport - ok
12:38:05.0022 0x14c8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:38:05.0053 0x14c8  WerSvc - ok
12:38:05.0068 0x14c8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:38:05.0100 0x14c8  WfpLwf - ok
12:38:05.0115 0x14c8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:38:05.0115 0x14c8  WIMMount - ok
12:38:05.0146 0x14c8  WinDefend - ok
12:38:05.0146 0x14c8  WinHttpAutoProxySvc - ok
12:38:05.0271 0x14c8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:38:05.0334 0x14c8  Winmgmt - ok
12:38:05.0427 0x14c8  [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM           C:\Windows\system32\WsmSvc.dll
12:38:05.0536 0x14c8  WinRM - ok
12:38:05.0583 0x14c8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:38:05.0630 0x14c8  Wlansvc - ok
12:38:05.0786 0x14c8  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:38:05.0848 0x14c8  wlidsvc - ok
12:38:05.0864 0x14c8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
12:38:05.0880 0x14c8  WmiAcpi - ok
12:38:05.0911 0x14c8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:38:05.0926 0x14c8  wmiApSrv - ok
12:38:05.0942 0x14c8  WMPNetworkSvc - ok
12:38:05.0958 0x14c8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:38:05.0973 0x14c8  WPCSvc - ok
12:38:05.0989 0x14c8  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:38:06.0004 0x14c8  WPDBusEnum - ok
12:38:06.0004 0x14c8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:38:06.0051 0x14c8  ws2ifsl - ok
12:38:06.0067 0x14c8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
12:38:06.0098 0x14c8  wscsvc - ok
12:38:06.0098 0x14c8  WSearch - ok
12:38:06.0207 0x14c8  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:38:06.0285 0x14c8  wuauserv - ok
12:38:06.0301 0x14c8  [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:38:06.0332 0x14c8  WudfPf - ok
12:38:06.0363 0x14c8  [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
12:38:06.0410 0x14c8  WUDFRd - ok
12:38:06.0426 0x14c8  [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:38:06.0472 0x14c8  wudfsvc - ok
12:38:06.0535 0x14c8  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:38:06.0550 0x14c8  WwanSvc - ok
12:38:06.0566 0x14c8  ================ Scan global ===============================
12:38:06.0597 0x14c8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:38:06.0613 0x14c8  [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
12:38:06.0628 0x14c8  [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
12:38:06.0644 0x14c8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:38:06.0660 0x14c8  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:38:06.0675 0x14c8  [ Global ] - ok
12:38:06.0675 0x14c8  ================ Scan MBR ==================================
12:38:06.0691 0x14c8  [ EA992228D7CB77EFD3BC631124E09ADC ] \Device\Harddisk0\DR0
12:38:07.0034 0x14c8  \Device\Harddisk0\DR0 - ok
12:38:07.0034 0x14c8  ================ Scan VBR ==================================
12:38:07.0050 0x14c8  [ E42B7E9DFCE1AE26BEDCBD1CBE663784 ] \Device\Harddisk0\DR0\Partition1
12:38:07.0128 0x14c8  \Device\Harddisk0\DR0\Partition1 - ok
12:38:07.0128 0x14c8  [ 4D203AA96EEDDD447B2AF6662D05B290 ] \Device\Harddisk0\DR0\Partition2
12:38:07.0175 0x14c8  \Device\Harddisk0\DR0\Partition2 - ok
12:38:07.0175 0x14c8  [ 58911217C6936EB21CE7A8556BE0C048 ] \Device\Harddisk0\DR0\Partition3
12:38:07.0175 0x14c8  \Device\Harddisk0\DR0\Partition3 - ok
12:38:07.0175 0x14c8  ================ Scan generic autorun ======================
12:38:07.0627 0x14c8  [ 63C3AED5744F0BB8884413D19BFDB99A, 84DDF092DDAF6109D6185E86165CE60CD43A03F4B3C2ECAA7B109F17BED43BDB ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:38:07.0986 0x14c8  RtHDVCpl - ok
12:38:08.0001 0x14c8  NvCplDaemon - ok
12:38:08.0048 0x14c8  [ 554A50B5310E702029D3A675459108FF, 4757D5FFFAC7E73D4A3D931DB1399DDFDBD5811639BDA4517F886C21CC7F2574 ] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
12:38:08.0064 0x14c8  hpsysdrv - ok
12:38:08.0095 0x14c8  [ 5516C26A6AF8EB4E2CAB48EC98A74398, 2BF161DE944090B3B3792AE8F5985FCB09744B3EE626E8253A3861D86284652D ] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
12:38:08.0111 0x14c8  HP Software Update - ok
12:38:08.0220 0x14c8  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:38:08.0313 0x14c8  Sidebar - ok
12:38:08.0329 0x14c8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:38:08.0360 0x14c8  mctadmin - ok
12:38:08.0407 0x14c8  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:38:08.0454 0x14c8  Sidebar - ok
12:38:08.0469 0x14c8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:38:08.0485 0x14c8  mctadmin - ok
12:38:08.0485 0x14c8  Waiting for KSN requests completion. In queue: 352
12:38:09.0499 0x14c8  Waiting for KSN requests completion. In queue: 41
12:38:10.0513 0x14c8  Waiting for KSN requests completion. In queue: 41
12:38:11.0652 0x14c8  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.11.550 ), 0x41000 ( enabled : updated )
12:38:11.0667 0x14c8  Win FW state via NFP2: enabled
12:38:14.0101 0x14c8  ============================================================
12:38:14.0101 0x14c8  Scan finished
12:38:14.0101 0x14c8  ============================================================
12:38:14.0117 0x15f0  Detected object count: 0
12:38:14.0117 0x15f0  Actual detected object count: 0
         

Ich hoffe, ich habe alles richtig gemacht!
Musste mich sehr konzentrieren dabei!

Servus

Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Darf ich auf Youtube Dokus schauen bis Du mir schreibst? Wenn ich das System nicht verwende sehe ich auch nicht wenn Du mir schreibst

Servus,



also mal eines gleich vorneweg:

Scripte mit derartigen Adressen

Zitat:

i.ytimg.com und s.ytimg.com.
fbstatic-a.akamahid.net

habe ich auch, wenn ich Youtube besuche. Alles harmlos. Wird für den Seitenaufbau benötigt.


Deine Logdateien sehen auch sauber aus.


Hast du von diesen Programmen noch die Logdateien? Wenn ja, bitte posten.

Zitat:

Norton Internet Security
Avira Free Antivirus
Eset Online Scanner
Junkware Remove Tool
Malwarebytes Anti-Malware
Malwarebytes Anti-Rootkit Beta
Adw Cleaner
Emsisogt Anti Malware

Wurde hier was gefunden? Wenn ja, was?

Servus

Junkware Remove Tool
Habe ich im ersten Post im Anhang!

Adw Cleaner
Hat was gefunden vor einer Woche etwa, habe aber das TXT gelöscht, weil ich dachte, ich hätte mein PC sauber!


Nein es sind Pop up Viren, ich hatte die vorher nicht! Das weiss ich ganz genau!
Kann man ja auch googeln!
Frag mal ein Arbeitskollege zur Sichereit!

Und der PC wird immer langsamer wenn ich lange Zeit auf Youtube oder Facebook war. Das war vorher nicht so! Und bei Youtube und Facebook verändert sich nach einer Weile die Seitendarstellung und dann ist er mir schon mal abgestürtzt!

Auch beim Starten war er nach einer Systemwiederherstellung schneller!
Da ist 100% etwas! Im Internet steht, dass es sogar die Daten im Computer ändert!
Könnte es auf dem Browser von Firefox oder Google Chrom sein?
Soll ich Firefox und Chrom mal herunterladen und installieren?

Windows Task Manager Prozesse im Anhang
Oder muss ich bei Dienste schauen?

Was ist fbstatic-a.akamaihd.net

Hast Du im Firefox Add-ons das Phishing Protector Plugin oder Erweiterung?
Bitte deaktiviere es mal und versuche es erneut
Oder NoScript? Da sollte man es mal temporär erlauben, um zu sehen, ob es dann funktioniert

__________________________________________________________________

Meine Erweiterungen und Plugins Printscreen im Anhang

Ist vielleicht da der Fehler?

Wenn ich lange mit Mozilla surfe kommt irgendwann immer dieser schwarze Hintergrund!

Bild im Anhang!

hxxp://praxistipps.chip.de/rvzr-a-akamaihd-net-entfernen_24078

hxxp://www.browserdoktor.de/akamaihd-entfernen/

Es ist ein anderer Name für das gleiche Problem!

Siehst Du eine Installation die Dir merkwürdig erscheint?

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by Julio (administrator) on JULIO-HP on 10-06-2015 01:11:19
Running from C:\Users\Julio\Desktop
Loaded Profiles: Julio (Available Profiles: Julio)
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\FastUserSwitching.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\JAN2OSD.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\mswinext.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_ActiveX.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11046504 2010-07-13] (Realtek Semiconductor)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [HP KEYBOARDx] => C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE [710656 2010-02-11] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] => C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-08-25] (Hewlett-Packard)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2010-04-25] (EasyBits Software AS)
HKLM-x32\...\Run: [Buttons & OSDs control application gen3] => c:\Program Files (x86)\Hewlett-Packard\Buttons & OSDs control application gen3\FastUserSwitching.exe [53248 2009-11-30] (Hewlett-Packard)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [895512 2010-10-23] (PDF Complete Inc)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-11] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [130864 2015-05-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [730416 2015-05-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-02-17]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snapfish PictureMover.lnk [2011-02-17]
ShortcutTarget: Snapfish PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/12
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/12
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/12
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/12
HKU\S-1-5-21-721091351-975829366-2383312893-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON/12
HKU\S-1-5-21-721091351-975829366-2383312893-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/12
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ch.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ch.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-721091351-975829366-2383312893-1000 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-721091351-975829366-2383312893-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKU\S-1-5-21-721091351-975829366-2383312893-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ch.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKU\S-1-5-21-721091351-975829366-2383312893-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-721091351-975829366-2383312893-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-111091-7834-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-721091351-975829366-2383312893-1000 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-07-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-10] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-22] (Microsoft Corp.)
BHO-x32: Bing Bar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [2010-08-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-10] (Oracle Corporation)
Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [2010-08-14] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-721091351-975829366-2383312893-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-02-17] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-02-17] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2011-02-17] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2011-02-17] (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-02-17] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Julio\AppData\Roaming\Mozilla\Firefox\Profiles\hcvUKeDl.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_160.dll [2015-06-09] ()
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 -> c:\Program Files (x86)\Virtual Earth 3D\ [2015-06-09] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_160.dll [2015-06-09] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-10] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [2010-08-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 -> c:\Program Files (x86)\Virtual Earth 3D\ [2010-08-14] ()
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-09] (Google Inc.)
FF Extension: Avira Browser Safety - C:\Users\Julio\AppData\Roaming\Mozilla\Firefox\Profiles\hcvUKeDl.default\Extensions\abs@avira.com [2015-06-09]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox
FF Extension: Bing Bar - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011-02-17]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2011-02-17]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-02-17]

Chrome: 
=======
CHR Profile: C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-09]
CHR Extension: (Google Docs) - C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-09]
CHR Extension: (Google Drive) - C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-09]
CHR Extension: (YouTube) - C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-09]
CHR Extension: (Google Search) - C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-09]
CHR Extension: (Google Sheets) - C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-09]
CHR Extension: (Avira Browser Safety) - C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-06-09]
CHR Extension: (Bookmark Manager) - C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-09]
CHR Extension: (Google Wallet) - C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-09]
CHR Extension: (Gmail) - C:\Users\Julio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-09]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [827184 2015-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [450808 2015-05-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [450808 2015-05-27] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1188360 2015-05-27] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [208632 2015-05-21] (Avira Operations GmbH & Co. KG)
R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2010-08-06] (Hewlett-Packard) [File not signed]
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [681528 2010-08-06] (Hewlett-Packard)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-07-21] (Hewlett-Packard Company) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1121304 2010-10-23] (PDF Complete Inc)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ACPIService; C:\Windows\System32\DRIVERS\OSDACPI.SYS [17992 2009-06-18] ()
R3 AVerAVF2; C:\Windows\System32\DRIVERS\AVerAVF2.sys [1212416 2010-11-11] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-05-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-05-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-05-27] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-05-27] (Avira Operations GmbH & Co. KG)
R3 FintekCIR; C:\Windows\System32\DRIVERS\FintekCIR.sys [30248 2009-11-13] (Fintek)
R3 NW1950; C:\Windows\System32\DRIVERS\NW1950.sys [25080 2009-09-17] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-10 01:11 - 2015-06-10 01:11 - 00021043 _____ C:\Users\Julio\Desktop\FRST.txt
2015-06-10 01:09 - 2015-06-10 01:10 - 00000000 ____D C:\Users\Julio\Desktop\1 Log-Dateien
2015-06-10 00:28 - 2015-06-10 00:28 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-06-10 00:28 - 2015-06-10 00:28 - 00000000 ____D C:\ProgramData\Sun
2015-06-10 00:28 - 2015-06-10 00:28 - 00000000 ____D C:\ProgramData\Oracle
2015-06-10 00:28 - 2015-06-10 00:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-10 00:28 - 2015-06-10 00:28 - 00000000 ____D C:\Program Files (x86)\Java
2015-06-10 00:26 - 2015-06-10 00:26 - 00561248 _____ (Oracle Corporation) C:\Users\Julio\Desktop\jxpiinstall.exe
2015-06-09 23:27 - 2015-06-09 23:27 - 00000000 ____D C:\Users\Julio\AppData\Local\Macromedia
2015-06-09 22:58 - 2015-06-10 01:12 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-09 22:58 - 2015-06-09 23:12 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-09 22:58 - 2015-06-09 23:12 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-09 22:58 - 2015-06-09 23:12 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-09 22:58 - 2015-06-09 22:58 - 00000000 ____D C:\Windows\system32\Macromed
2015-06-09 22:57 - 2015-06-09 22:58 - 00000000 ____D C:\Users\Julio\AppData\Local\Adobe
2015-06-09 22:22 - 2015-06-09 22:22 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-06-09 21:59 - 2015-06-09 21:59 - 00001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-09 21:59 - 2015-06-09 21:59 - 00001149 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-06-09 21:59 - 2015-06-09 21:59 - 00000000 ____D C:\Users\Julio\AppData\Local\Mozilla
2015-06-09 21:59 - 2015-06-09 21:59 - 00000000 ____D C:\ProgramData\Mozilla
2015-06-09 21:59 - 2015-06-09 21:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-09 21:59 - 2015-06-09 21:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-09 21:58 - 2015-06-09 21:58 - 00002249 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-09 21:58 - 2015-06-09 21:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-06-09 21:57 - 2015-06-10 01:08 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-09 21:57 - 2015-06-09 22:08 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-09 21:57 - 2015-06-09 22:03 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-09 21:57 - 2015-06-09 22:03 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-09 21:57 - 2015-06-09 21:58 - 00000000 ____D C:\Users\Julio\AppData\Local\Google
2015-06-09 21:57 - 2015-06-09 21:58 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-09 21:57 - 2015-06-09 21:57 - 00000000 ____D C:\Users\Julio\AppData\Local\Deployment
2015-06-09 21:57 - 2015-06-09 21:57 - 00000000 ____D C:\Users\Julio\AppData\Local\Apps\2.0
2015-06-09 21:56 - 2015-06-09 21:56 - 00243592 _____ C:\Users\Julio\Desktop\Firefox Setup Stub 38.0.5.exe
2015-06-09 21:35 - 2015-06-09 21:36 - 00000000 ____D C:\ProgramData\Recovery
2015-06-09 12:15 - 2015-06-10 01:11 - 00000000 ____D C:\FRST
2015-06-09 12:12 - 2015-06-09 12:12 - 02108928 _____ (Farbar) C:\Users\Julio\Desktop\FRST64.exe
2015-06-09 12:06 - 2015-06-09 21:59 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Mozilla
2015-06-09 12:05 - 2015-06-09 12:05 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Avira
2015-06-09 12:04 - 2015-05-27 13:11 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-06-09 12:04 - 2015-05-27 13:11 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-06-09 12:04 - 2015-05-27 13:11 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-06-09 12:04 - 2015-05-27 13:11 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-06-09 12:02 - 2015-06-09 12:02 - 00001194 _____ C:\Users\Public\Desktop\Avira.lnk
2015-06-09 12:01 - 2015-06-09 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-09 12:01 - 2015-06-09 12:04 - 00000000 ____D C:\ProgramData\Avira
2015-06-09 12:01 - 2015-06-09 12:04 - 00000000 ____D C:\Program Files (x86)\Avira
2015-06-09 12:01 - 2015-06-09 12:01 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-09 11:59 - 2015-06-09 11:59 - 04683232 _____ (Avira Operations GmbH & Co. KG) C:\Users\Julio\Desktop\avira_de_av_5576b8be758c8__ws.exe
2015-06-09 11:57 - 2015-06-09 11:57 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Julio\Desktop\tdsskiller.exe
2015-06-09 11:49 - 2015-06-09 11:49 - 00000000 ____D C:\Users\Julio\AppData\Roaming\PictureMover
2015-06-09 11:49 - 2015-06-09 11:49 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Adobe
2015-06-09 11:48 - 2015-06-09 11:48 - 00003858 _____ C:\Windows\System32\Tasks\DST
2015-06-09 11:48 - 2015-06-09 11:48 - 00000000 ____D C:\Users\Julio\Documents\Bluetooth Exchange Folder
2015-06-09 11:48 - 2015-06-09 11:48 - 00000000 ____D C:\Users\Julio\AppData\Local\PDFC
2015-06-09 11:48 - 2015-06-09 11:48 - 00000000 ____D C:\Users\Julio\AppData\Local\Broadcom
2015-06-09 11:48 - 2015-06-09 11:48 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-09 11:47 - 2015-06-09 11:47 - 00003516 _____ C:\Windows\System32\Tasks\Registration
2015-06-09 11:47 - 2015-06-09 11:47 - 00003408 _____ C:\Windows\System32\Tasks\ServicePlan
2015-06-09 11:47 - 2015-06-09 11:47 - 00001441 _____ C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-09 11:47 - 2015-06-09 11:47 - 00001407 _____ C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-06-09 11:47 - 2015-06-09 11:47 - 00000000 ____D C:\Users\Julio\AppData\Local\RemEngine
2015-06-09 11:46 - 2015-06-09 11:46 - 00062648 _____ C:\Users\Julio\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-09 11:44 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-09 11:44 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-09 11:44 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-09 11:44 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-09 11:44 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-09 11:44 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-09 11:44 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-09 11:44 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-09 11:44 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-09 11:43 - 2015-06-09 11:43 - 00000000 ____D C:\Users\Public\Symantec
2015-06-09 11:43 - 2015-06-09 11:43 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Hewlett-Packard
2015-06-09 11:43 - 2015-06-09 11:43 - 00000000 ____D C:\Users\Julio\AppData\Local\TouchSmartData
2015-06-09 11:42 - 2015-06-09 12:10 - 00000000 ____D C:\Users\Julio\AppData\Local\VirtualStore
2015-06-09 11:42 - 2015-06-09 11:48 - 00000000 ____D C:\Users\Julio\AppData\Local\Hewlett-Packard_Company
2015-06-09 11:42 - 2015-06-09 11:47 - 00000000 ____D C:\Users\Julio\AppData\Local\Hewlett-Packard
2015-06-09 11:42 - 2015-06-09 11:47 - 00000000 ____D C:\Users\Julio
2015-06-09 11:42 - 2015-06-09 11:42 - 00001787 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garantie.lnk
2015-06-09 11:42 - 2015-06-09 11:42 - 00000020 ___SH C:\Users\Julio\ntuser.ini
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Vorlagen
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Startmenü
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Netzwerkumgebung
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Lokale Einstellungen
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Eigene Dateien
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Druckumgebung
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Documents\Eigene Musik
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Documents\Eigene Bilder
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\AppData\Local\Verlauf
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\AppData\Local\Anwendungsdaten
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 _SHDL C:\Users\Julio\Anwendungsdaten
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 __RSH C:\Windows\SysWOW64\Drivers\103C_HP_53316J G D_TouchSmart 600_Y53316J G D_0U_Q4CH107_E4CH1075XVC DPS_4A_I2A9A_SPEGATRON CORPORATION_V1.03_6.08_T100715_WU3-0_L407_M3960_J1500_7Intel_8655_92.27_#110723_N10EC8168;18143092_(XS906EA#UUZ)_X_CD3.MRK
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 __RSH C:\Windows\system32\Drivers\103C_HP_53316J G D_TouchSmart 600_Y53316J G D_0U_Q4CH107_E4CH1075XVC DPS_4A_I2A9A_SPEGATRON CORPORATION_V1.03_6.08_T100715_WU3-0_L407_M3960_J1500_7Intel_8655_92.27_#110723_N10EC8168;18143092_(XS906EA#UUZ)_X_CD3.MRK
2015-06-09 11:42 - 2015-06-09 11:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Benutzerhandbuch
2015-06-09 11:42 - 2011-02-17 20:03 - 00000000 ____D C:\Users\Julio\AppData\Roaming\Macromedia
2015-06-09 11:42 - 2011-02-17 19:30 - 00001200 _____ C:\Users\Public\Desktop\HP TouchSmart.lnk
2015-06-09 11:42 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-09 11:42 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-09 11:41 - 2015-06-09 11:41 - 00003290 _____ C:\Windows\System32\Tasks\RMCreator
2015-06-09 11:40 - 2015-06-09 11:40 - 00000056 ____H C:\Windows\SysWOW64\ezsidmv.dat

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-09 22:22 - 2009-07-14 06:51 - 00028657 _____ C:\Windows\setupact.log
2015-06-09 21:37 - 2011-02-17 19:29 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-06-09 21:36 - 2009-07-14 07:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2015-06-09 21:36 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2015-06-09 18:10 - 2009-07-14 06:45 - 00015568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-09 18:10 - 2009-07-14 06:45 - 00015568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-09 18:06 - 2011-02-17 19:14 - 00141240 _____ C:\Windows\WindowsUpdate.log
2015-06-09 18:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-09 13:09 - 2011-02-17 20:04 - 00000000 ____D C:\ProgramData\PDFC
2015-06-09 12:13 - 2011-02-17 19:31 - 00729094 _____ C:\Windows\system32\perfh010.dat
2015-06-09 12:13 - 2011-02-17 19:31 - 00144976 _____ C:\Windows\system32\perfc010.dat
2015-06-09 12:13 - 2011-02-17 19:28 - 00696132 _____ C:\Windows\system32\perfh007.dat
2015-06-09 12:13 - 2011-02-17 19:28 - 00147428 _____ C:\Windows\system32\perfc007.dat
2015-06-09 12:13 - 2011-02-17 19:24 - 00734558 _____ C:\Windows\system32\perfh00C.dat
2015-06-09 12:13 - 2011-02-17 19:24 - 00147480 _____ C:\Windows\system32\perfc00C.dat
2015-06-09 12:13 - 2009-07-14 07:13 - 03367664 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-09 12:09 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore
2015-06-09 12:08 - 2011-02-17 20:21 - 00000000 ____D C:\ProgramData\Norton
2015-06-09 12:08 - 2011-02-17 19:11 - 00589276 _____ C:\Windows\PFRO.log
2015-06-09 12:08 - 2009-07-14 06:45 - 00285592 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-09 11:47 - 2010-06-15 04:07 - 00000000 ____D C:\swsetup
2015-06-09 11:47 - 2009-08-04 23:46 - 00000000 ___HD C:\SYSTEM.SAV
2015-06-09 11:43 - 2011-02-17 19:54 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
2015-06-09 11:43 - 2011-02-17 19:54 - 00000000 ___RD C:\Program Files (x86)\Online Services
2015-06-09 11:42 - 2009-07-24 21:22 - 00000000 ____D C:\Windows\Panther
2015-06-09 11:42 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-06-09 11:42 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar

Some files in TEMP:
====================
C:\Users\Julio\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2009-07-24 20:23

==================== End of log ============================
         

--- --- ---

FRST Additions Logfile:
[CODE]Additional
FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Julio at 2015-06-10 01:12:04
Running from C:\Users\Julio\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-721091351-975829366-2383312893-500 - Administrator - Disabled)
Gast (S-1-5-21-721091351-975829366-2383312893-501 - Limited - Disabled)
Julio (S-1-5-21-721091351-975829366-2383312893-1000 - Administrator - Enabled) => C:\Users\Julio

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.160 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Ancient Hearts (x32 Version: 2.2.0.95 - WildTangent) Hidden
AVerMedia MiniCard Hybrid TV Tuner 1.1.64.56 (HKLM-x32\...\AVerMedia MiniCard Hybrid TV Tuner) (Version: 1.1.64.56 - AVerMedia TECHNOLOGIES, Inc.)
Avira (HKLM-x32\...\{0696cc37-db90-4000-be99-4a173ca7c8af}) (Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.574 - Avira Operations GmbH & Co. KG)
Azteca (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 6.0.2282.0 - Microsoft Corporation)
Bing Bar Platform (x32 Version: 6.0.2282.0 - Microsoft Corporation) Hidden
Bing Maps 3D (HKLM\...\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}) (Version: 4.0.903.16005 - Microsoft Corporation)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth by hp (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6200 - Broadcom Corporation)
Bob the Builder Can-Do-Zoo (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-Lot - The Elizabethan Era (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot (x32 Version: 2.2.0.95 - WildTangent) Hidden
Buttons & OSDs control application gen3 (HKLM-x32\...\{79ECA886-C6EF-4BB3-9920-CB7906C01589}) (Version: 1.0.5.0 - Hewlett-Packard)
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Collapse Crunch (x32 Version: 2.2.0.95 - WildTangent) Hidden
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP TouchSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4412 - Hewlett-Packard)
DVD Menu Pack for HP TouchSmart Video (x32 Version: 4.1.4412 - Hewlett-Packard) Hidden
Facebook for HP TouchSmart (HKLM-x32\...\{8AE50893-3A87-4439-9A57-942ED43F7189}) (Version: 1.1.0004 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Ambient Light (HKLM\...\{20ED77CC-044F-4355-995E-681607EBE9B0}) (Version: 1.9.6.0 - Hewlett-Packard)
HP AppsCenter for TouchSmart (HKLM-x32\...\{8317485C-067B-4B5B-A2A3-9D36B7B0399E}) (Version: 4.0.0.1 - Hewlett-Packard)
HP Desktop Keyboard (HKLM-x32\...\HP Keyboard_is1) (Version: 1.0.0.13 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP LinkUp (HKLM-x32\...\{161C9F46-2D15-4CC1-BDF0-B51CBD250E8D}) (Version: 1.01.023 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.14.0 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{802C068E-0576-4F25-8137-D54B7DB0FC5E}) (Version: 8.4.4487.3576 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.0.12845.3522 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8}) (Version: 5.1.8.12 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP TouchSmart (HKLM-x32\...\{1502291B-3C1B-4781-99F8-9D6D8C650588}) (Version: 4.0.41.0 - Hewlett-Packard)
HP TouchSmart Background - Beats (HKLM-x32\...\{6A6F8D36-04BA-41E9-9004-1789BD545874}) (Version: 1.0.1.0 - Hewlett-Packard)
HP TouchSmart Browser (HKLM-x32\...\{4ACC9E9C-12D6-4A9D-8FBC-3FD469B9FD34}) (Version: 4.1.0012 - Hewlett-Packard)
HP TouchSmart Calendar (HKLM-x32\...\{297FA7DE-08E5-44A6-8F66-9E26F61F4810}) (Version: 4.1.3869.29064 - Hewlett-Packard)
HP TouchSmart Canvas (HKLM-x32\...\{909CE9B4-76A7-4C3D-A9AC-CE231B3E4B40}) (Version: 2.0.3917.26233 - Hewlett-Packard)
HP TouchSmart Clock (HKLM-x32\...\{97AA232A-58CB-41A2-A258-0593F98AB1E0}) (Version: 3.1.3881.29051 - Hewlett-Packard)
HP TouchSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4625 - Hewlett-Packard)
HP TouchSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4517 - Hewlett-Packard)
HP TouchSmart Notes (HKLM-x32\...\{1F40643A-3489-4262-B7BA-F2EC6FA0A1C8}) (Version: 4.1.3916.21107 - Hewlett-Packard)
HP TouchSmart Photo (HKLM-x32\...\InstallShield_{C9DCE03F-8CB7-4146-A99C-0612D75177EA}) (Version: 4.1.4503 - Hewlett-Packard)
HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard)
HP TouchSmart RSS (HKLM-x32\...\{608D7847-39B7-4D1D-AF6D-7DCC38C77615}) (Version: 4.1.0009 - Hewlett-Packard)
HP TouchSmart Tutorials (HKLM-x32\...\{858FCB65-7C6D-4BA4-AD80-A3CB3744CE09}_is1) (Version: 3.2.0.2 - Hewlett-Packard)
HP TouchSmart Twitter (HKLM-x32\...\{0581D120-6992-46FA-AAA2-42FA7EFF99C1}) (Version: 3.0.3910.29600 - Hewlett-Packard)
HP TouchSmart Video (HKLM-x32\...\InstallShield_{F04BFADD-C8CA-4C86-8F20-B1D7F4F8C66C}) (Version: 4.1.4503 - Hewlett-Packard)
HP TouchSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3303 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3130 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3130 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{FD71E2F7-B9FC-4072-88DB-AC19E2464D82}) (Version: 1.18.17.1 - LightScribe)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version:  - EasyBits Software AS)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Movie Theme Pack for HP TouchSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4412 - Hewlett-Packard)
Movie Theme Pack for HP TouchSmart Video (x32 Version: 4.1.4412 - Hewlett-Packard) Hidden
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
MusicStation (HKLM-x32\...\MusicStationNetstaller) (Version: 1.0.1.25 - Hewlett-Packard)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.7 - NVIDIA Corporation)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.14 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.35 - Hewlett-Packard Company)
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4329 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3129 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3129 - CyberLink Corp.) Hidden
R.U.S.E. for TouchSmart (HKLM-x32\...\{E6753FCB-B508-4C74-9686-17032281AF38}_is1) (Version: 1.0.0.0 - Ubisoft)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version:  - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6156 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3219 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.2 - Hewlett-Packard)
Skip-Bo - Castaway Caper (x32 Version: 2.2.0.95 - WildTangent) Hidden
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Tropical Fish Shop - Annabel's Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

09-06-2015 12:09:48 Initial Restore Point

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A2B5ECD-7243-44B6-8B29-61ABAF5A22C4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\First Boot => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2010-09-18] (Hewlett-Packard Company)
Task: {7137EDBF-37E4-45AB-B57A-2D596D6D8C7E} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2010-08-20] (CyberLink)
Task: {92D7E1E6-B5AA-44E5-991A-8AACACE6F610} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {A3E5578B-853B-4B92-A947-635EEB084457} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-09] (Adobe Systems Incorporated)
Task: {AA76D5E7-7889-486C-8753-4BBA183DF9A0} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-11-17] ()
Task: {B595D127-9D23-4853-B611-39B14D1123B2} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-11-17] ()
Task: {BC1F6C1C-A514-499A-A158-6139EBFA4F02} - System32\Tasks\DST => C:\Program Files (x86)\Hewlett-Packard\Setup Manager\toaster.exe [2010-09-25] (Microsoft)
Task: {DD62C155-6EE7-44EC-B076-795CD0802B1F} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-09-04] (CyberLink)
Task: {E6B380D9-3E4B-4C8D-AF08-162398F311B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-09] (Google Inc.)
Task: {E99D19FD-4647-479A-8E21-2D6D9E69492A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-09] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2011-02-17 19:54 - 2009-07-03 00:58 - 00406016 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
2015-06-09 11:49 - 2010-11-18 22:57 - 12284984 _____ () C:\Users\Julio\AppData\Roaming\PictureMover\Bin\Core.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2015-06-09 11:49 - 2010-11-18 23:07 - 01700920 _____ () C:\Users\Julio\AppData\Roaming\PictureMover\DE-CH\Presentation.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-721091351-975829366-2383312893-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Julio\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A6632050-D72C-49A9-8547-B52B36829DAD}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{CC5D43EE-F5A9-499B-9972-8423699640CB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Photo\HPTouchSmartPhoto.exe
FirewallRules: [{4D0ABF67-0F23-4308-A22A-5AB53F026002}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Photo\PhotoAgent.exe
FirewallRules: [{82F5B4F0-0636-41DC-9AF8-0E6E4E440C60}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Video\HPTouchSmartMusic.exe
FirewallRules: [{C67B7828-FBDA-432A-9910-361647ECC379}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Video\HPTouchSmartPhoto.exe
FirewallRules: [{A64EF2EB-82E0-4DE6-882A-07F79446A5FA}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Video\HPTouchSmartVideo.exe
FirewallRules: [{3799F3E8-501E-4A9D-8EFD-CEE3E9C0438F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Video\TSMAgent.exe
FirewallRules: [{CDC0BDCE-BA30-4FB8-B568-5843FA780D3F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Video\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{C752F777-5B47-41C5-B48B-B4376409006D}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe
FirewallRules: [{54B9AFC7-6E9E-48DA-89D2-CD8876D6B05E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{5728CA74-CEC4-4F1B-8D41-10DCDE0B97DB}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{55207B35-131F-4179-A66E-696E0F3D7603}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{98D52894-FD9D-4D75-A921-F6D666C97605}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{A33700D8-12FB-424C-81A5-D560483E677B}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{982E54D7-ABD3-4A21-8052-A2ECE5AF8702}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{BE19821E-D1BC-41A1-9482-605F2AD85633}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\Programs\My First Browser\MyFirstBrowser.exe
FirewallRules: [{E21D7632-FB94-471D-99C7-D6CCE15A837E}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\Programs\My First Browser\MyFirstBrowser.exe
FirewallRules: [{BF4F4206-AC62-4C51-9CBA-EAFAEA2D750B}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{A97B0722-9ADE-48AA-BC8A-CF7CFE91F79B}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{5F8DC015-06B2-45F1-8890-7269468B7508}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{0FF622A7-E2F7-4A68-984D-DA7C4D545E25}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{8D7B523B-21C6-4C28-B04F-5F4526F14B7D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A4589FD6-84D4-4E6D-B3D8-8B57DE72D5FE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E4634759-CF5E-4FA8-B621-08FFD5E64974}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F6CC8EB7-0764-4D50-B273-139212D6912E}] => (Allow) LPort=2869
FirewallRules: [{02B7CD84-ADFE-497B-80DE-1F6AD3D7CBE1}] => (Allow) LPort=1900
FirewallRules: [{43D8FE0E-A586-4761-AA0C-7B27459C281B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{5CDDC593-5E5B-40A2-BAA5-E65A4A1317B4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{6244E30E-2E1E-4918-B6C3-4FF2DE2E1E16}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D1C58728-011B-49CF-AA53-4D6EBAA777E3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)


System errors:
=============

Microsoft Office:
=========================
Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:22 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)

Error: (06/09/2015 11:43:21 AM) (Source: HPTouchSmartCalendar) (EventID: 0) (User: )
Description: Application Name: HP TouchSmart Calendar
 Exception Type: System.Security.Principal.IdentityNotMappedException
   at System.Security.Principal.NTAccount.Translate(IdentityReferenceCollection sourceAccounts, Type targetType, Boolean forceSuccess)
   at System.Security.Principal.NTAccount.Translate(Type targetType)
   at System.Security.AccessControl.CommonObjectSecurity.ModifyAccess(AccessControlModification modification, AccessRule rule, Boolean& modified)
   at System.Security.AccessControl.CommonObjectSecurity.AddAccessRule(AccessRule rule)
   at LifeCenter.CommonControls.RestoreData.AddDirectorySecurity(String FileName)


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
Percentage of memory in use: 32%
Total physical RAM: 3959.11 MB
Available physical RAM: 2658.53 MB
Total Pagefile: 7916.37 MB
Available Pagefile: 5589.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1371.98 GB) (Free:1328.17 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:25.19 GB) (Free:3.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: E74450F4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1372 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.2 GB) - (Type=07 NTFS)

==================== End of log ============================
         

--- --- ---

--- --- ---

Logdatei von TDSS-Killer

Code: Alles auswählenAufklappen

ATTFilter

01:21:39.0763 0x1fd0  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
01:21:47.0298 0x1fd0  ============================================================
01:21:47.0298 0x1fd0  Current date / time: 2015/06/10 01:21:47.0298
01:21:47.0298 0x1fd0  SystemInfo:
01:21:47.0298 0x1fd0  
01:21:47.0298 0x1fd0  OS Version: 6.1.7600 ServicePack: 0.0
01:21:47.0298 0x1fd0  Product type: Workstation
01:21:47.0298 0x1fd0  ComputerName: JULIO-HP
01:21:47.0298 0x1fd0  UserName: Julio
01:21:47.0298 0x1fd0  Windows directory: C:\Windows
01:21:47.0298 0x1fd0  System windows directory: C:\Windows
01:21:47.0298 0x1fd0  Running under WOW64
01:21:47.0298 0x1fd0  Processor architecture: Intel x64
01:21:47.0298 0x1fd0  Number of processors: 4
01:21:47.0298 0x1fd0  Page size: 0x1000
01:21:47.0298 0x1fd0  Boot type: Normal boot
01:21:47.0298 0x1fd0  ============================================================
01:21:48.0062 0x1fd0  KLMD registered as C:\Windows\system32\drivers\33749726.sys
01:21:48.0358 0x1fd0  System UUID: {60991729-5C0A-F9A3-EB6D-A7011128496C}
01:21:48.0889 0x1fd0  Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:21:48.0904 0x1fd0  ============================================================
01:21:48.0904 0x1fd0  \Device\Harddisk0\DR0:
01:21:48.0904 0x1fd0  MBR partitions:
01:21:48.0904 0x1fd0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
01:21:48.0904 0x1fd0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xAB7F4800
01:21:48.0904 0x1fd0  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xAB827000, BlocksNum 0x3260000
01:21:48.0904 0x1fd0  ============================================================
01:21:48.0951 0x1fd0  C: <-> \Device\Harddisk0\DR0\Partition2
01:21:49.0014 0x1fd0  D: <-> \Device\Harddisk0\DR0\Partition3
01:21:49.0014 0x1fd0  ============================================================
01:21:49.0014 0x1fd0  Initialize success
01:21:49.0014 0x1fd0  ============================================================
01:22:17.0524 0x104c  ============================================================
01:22:17.0524 0x104c  Scan started
01:22:17.0524 0x104c  Mode: Manual; SigCheck; TDLFS; 
01:22:17.0524 0x104c  ============================================================
01:22:17.0524 0x104c  KSN ping started
01:22:30.0971 0x104c  KSN ping finished: true
01:22:31.0813 0x104c  ================ Scan system memory ========================
01:22:31.0813 0x104c  System memory - ok
01:22:31.0813 0x104c  ================ Scan services =============================
01:22:32.0250 0x104c  [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
01:22:32.0344 0x104c  1394ohci - ok
01:22:32.0375 0x104c  [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
01:22:32.0406 0x104c  ACPI - ok
01:22:32.0406 0x104c  [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
01:22:32.0437 0x104c  AcpiPmi - ok
01:22:32.0469 0x104c  [ DE7E8D852A806BE6091983838BF9697F, DE49EAB730D19807C1C3F4D9C1D475227DF3E6A173798A39CD408C54D2DAFC0C ] ACPIService     C:\Windows\system32\DRIVERS\OSDACPI.SYS
01:22:32.0500 0x104c  ACPIService - ok
01:22:32.0749 0x104c  [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:22:32.0781 0x104c  AdobeFlashPlayerUpdateSvc - ok
01:22:32.0812 0x104c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
01:22:32.0827 0x104c  adp94xx - ok
01:22:32.0874 0x104c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
01:22:32.0890 0x104c  adpahci - ok
01:22:32.0890 0x104c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
01:22:32.0905 0x104c  adpu320 - ok
01:22:32.0952 0x104c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
01:22:33.0030 0x104c  AeLookupSvc - ok
01:22:33.0124 0x104c  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
01:22:33.0139 0x104c  AERTFilters - ok
01:22:33.0171 0x104c  [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD             C:\Windows\system32\drivers\afd.sys
01:22:33.0233 0x104c  AFD - ok
01:22:33.0233 0x104c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
01:22:33.0249 0x104c  agp440 - ok
01:22:33.0249 0x104c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
01:22:33.0264 0x104c  ALG - ok
01:22:33.0264 0x104c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
01:22:33.0280 0x104c  aliide - ok
01:22:33.0280 0x104c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
01:22:33.0295 0x104c  amdide - ok
01:22:33.0295 0x104c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
01:22:33.0311 0x104c  AmdK8 - ok
01:22:33.0327 0x104c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
01:22:33.0342 0x104c  AmdPPM - ok
01:22:33.0358 0x104c  [ AB3166C09438A161FBDE13099A72E0AF, ED1F2AB0FC72514E104C23029D1DDCB579058A0D3968B75B1C800A6F2D49BC9F ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
01:22:33.0373 0x104c  amdsata - ok
01:22:33.0389 0x104c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
01:22:33.0405 0x104c  amdsbs - ok
01:22:33.0420 0x104c  [ 5118DCD2065D8C8D752AD5EC0B2D6AA6, 41BDDBB152769819A24EF08C334F13F75016D7572BB6FEBA8AE9A65BA0AAAD50 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
01:22:33.0420 0x104c  amdxata - ok
01:22:33.0685 0x104c  [ 3358CAD1887DDDDD2A36B7796B579292, 40BA1A836276C2AA78914F294661C3C918F2D6DFAA9D6EF3FEB6D1EE3B07F584 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
01:22:33.0748 0x104c  AntiVirMailService - ok
01:22:33.0795 0x104c  [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
01:22:33.0810 0x104c  AntiVirSchedulerService - ok
01:22:33.0841 0x104c  [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
01:22:33.0857 0x104c  AntiVirService - ok
01:22:33.0951 0x104c  [ 6FD5165364D88FDABE4FA59E1768376F, B82D11E6FCC297F822E29A49D46C9985955C9F5676D107A397B00D0468F93504 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
01:22:33.0997 0x104c  AntiVirWebService - ok
01:22:33.0997 0x104c  [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID           C:\Windows\system32\drivers\appid.sys
01:22:34.0060 0x104c  AppID - ok
01:22:34.0075 0x104c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
01:22:34.0122 0x104c  AppIDSvc - ok
01:22:34.0122 0x104c  [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo         C:\Windows\System32\appinfo.dll
01:22:34.0169 0x104c  Appinfo - ok
01:22:34.0185 0x104c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
01:22:34.0185 0x104c  arc - ok
01:22:34.0200 0x104c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
01:22:34.0200 0x104c  arcsas - ok
01:22:34.0403 0x104c  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
01:22:34.0434 0x104c  aspnet_state - ok
01:22:34.0434 0x104c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
01:22:34.0481 0x104c  AsyncMac - ok
01:22:34.0512 0x104c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
01:22:34.0512 0x104c  atapi - ok
01:22:34.0575 0x104c  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:22:34.0637 0x104c  AudioEndpointBuilder - ok
01:22:34.0684 0x104c  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
01:22:34.0746 0x104c  AudioSrv - ok
01:22:34.0809 0x104c  [ 086CBBB45324D56AA7239046CD86149A, 602A5F993ED0D80B521BBE8343C8ABF1D6002268E20F2C62BE7EDE54A181B207 ] AVerAVF2        C:\Windows\system32\DRIVERS\AVerAVF2.sys
01:22:34.0855 0x104c  AVerAVF2 - ok
01:22:34.0902 0x104c  [ CC1ABBD9E61B7AA5CCBB45EA87CB033F, 4E5DE485833721E19B36455C017B9D908BAA7D12637A878934A0FAF2326E000B ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
01:22:34.0933 0x104c  avgntflt - ok
01:22:34.0933 0x104c  [ 07C8454D3A94BA478752FAFA2B94E0FE, EB19396D4A6D51D6C33ED55C8EF0259045801D39CCE2945931F9163D6006C133 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
01:22:34.0949 0x104c  avipbb - ok
01:22:34.0996 0x104c  [ 8884C9DDA76D76BADFD390B33D1DE70D, 0C7EE611C6E8255A280F1C13F7BFE493679E78D05986FB47BF5EF799637F6584 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
01:22:35.0027 0x104c  Avira.ServiceHost - ok
01:22:35.0027 0x104c  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
01:22:35.0043 0x104c  avkmgr - ok
01:22:35.0058 0x104c  [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
01:22:35.0074 0x104c  avnetflt - ok
01:22:35.0105 0x104c  [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
01:22:35.0121 0x104c  AxInstSV - ok
01:22:35.0152 0x104c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
01:22:35.0183 0x104c  b06bdrv - ok
01:22:35.0199 0x104c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
01:22:35.0214 0x104c  b57nd60a - ok
01:22:35.0230 0x104c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
01:22:35.0245 0x104c  BDESVC - ok
01:22:35.0261 0x104c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
01:22:35.0308 0x104c  Beep - ok
01:22:35.0339 0x104c  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE             C:\Windows\System32\bfe.dll
01:22:35.0401 0x104c  BFE - ok
01:22:35.0479 0x104c  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS            C:\Windows\System32\qmgr.dll
01:22:35.0542 0x104c  BITS - ok
01:22:35.0557 0x104c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
01:22:35.0573 0x104c  blbdrive - ok
01:22:35.0573 0x104c  [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
01:22:35.0620 0x104c  bowser - ok
01:22:35.0620 0x104c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
01:22:35.0635 0x104c  BrFiltLo - ok
01:22:35.0651 0x104c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
01:22:35.0667 0x104c  BrFiltUp - ok
01:22:35.0698 0x104c  [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser         C:\Windows\System32\browser.dll
01:22:35.0745 0x104c  Browser - ok
01:22:35.0745 0x104c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
01:22:35.0776 0x104c  Brserid - ok
01:22:35.0776 0x104c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
01:22:35.0791 0x104c  BrSerWdm - ok
01:22:35.0791 0x104c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
01:22:35.0807 0x104c  BrUsbMdm - ok
01:22:35.0823 0x104c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
01:22:35.0823 0x104c  BrUsbSer - ok
01:22:35.0838 0x104c  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
01:22:35.0854 0x104c  BthEnum - ok
01:22:35.0869 0x104c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
01:22:35.0885 0x104c  BTHMODEM - ok
01:22:35.0885 0x104c  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
01:22:35.0901 0x104c  BthPan - ok
01:22:35.0932 0x104c  [ A51FA9D0E85D5ADABEF72E67F386309C, 4F6F44D5E3A43239B50BCA75CBAA48FE40097E2AFF9360E1956F41ED52BD8183 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
01:22:35.0963 0x104c  BTHPORT - ok
01:22:35.0979 0x104c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
01:22:36.0010 0x104c  bthserv - ok
01:22:36.0025 0x104c  [ F740B9A16B2C06700F2130E19986BF3B, 92158FD1B3706DE068F077ACA9A25F5479EF282E8B81F5A2FF8A66CBB5F80FCF ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
01:22:36.0041 0x104c  BTHUSB - ok
01:22:36.0088 0x104c  [ 7A2CE8C1BF4DAA1F2766E21E9CA11078, 2AF02D206F60F95185894D829D7CC322C4986847153269DE186E11EE2353FBBC ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
01:22:36.0103 0x104c  btwampfl - ok
01:22:36.0119 0x104c  [ A75BF6802A967F5AACECC3C67FEBDF55, 7FD561C3817ABE48121926361ED12943A1EF5C0006689DCE3813697868D763B4 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
01:22:36.0119 0x104c  btwaudio - ok
01:22:36.0135 0x104c  [ D895DC213EDBDA5FCC53AAD1F1E0E63B, FF3B483752E45911C267367B102EA0901BE13840FDBA083D0B7FF3379C37B898 ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
01:22:36.0135 0x104c  btwavdt - ok
01:22:36.0244 0x104c  [ 6A667ADAD3C2151131E6A478850762BE, 3A98BFB7E201EBDB55CB7C7332CF7C3D876BE03910FDA24F1146F8AAE4C39DD8 ] btwdins         c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
01:22:36.0275 0x104c  btwdins - ok
01:22:36.0291 0x104c  [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
01:22:36.0291 0x104c  btwl2cap - ok
01:22:36.0306 0x104c  [ 6D7AA2BDE0135599C5F230D69DB3B420, 5179F57976B3903B5D45C5B383C691BCB26411B5C98296F99C1F79EF863E1E0A ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
01:22:36.0306 0x104c  btwrchid - ok
01:22:36.0400 0x104c  [ C2600EA81C3E0A9B55FD91A55FDB2307, 1DB65E10E95D2A3C81BD87A743C363CC1262D68834AF2E950DDC8E05B33A522C ] CalendarSynchService C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
01:22:36.0415 0x104c  CalendarSynchService - detected UnsignedFile.Multi.Generic ( 1 )
01:22:38.0896 0x104c  Detect skipped due to KSN trusted
01:22:38.0896 0x104c  CalendarSynchService - ok
01:22:38.0911 0x104c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
01:22:38.0958 0x104c  cdfs - ok
01:22:38.0974 0x104c  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
01:22:38.0989 0x104c  cdrom - ok
01:22:39.0021 0x104c  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc     C:\Windows\System32\certprop.dll
01:22:39.0067 0x104c  CertPropSvc - ok
01:22:39.0067 0x104c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
01:22:39.0099 0x104c  circlass - ok
01:22:39.0114 0x104c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
01:22:39.0145 0x104c  CLFS - ok
01:22:39.0239 0x104c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:22:39.0270 0x104c  clr_optimization_v2.0.50727_32 - ok
01:22:39.0348 0x104c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:22:39.0379 0x104c  clr_optimization_v2.0.50727_64 - ok
01:22:39.0551 0x104c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:22:39.0613 0x104c  clr_optimization_v4.0.30319_32 - ok
01:22:39.0645 0x104c  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:22:39.0676 0x104c  clr_optimization_v4.0.30319_64 - ok
01:22:39.0707 0x104c  [ D68D9F4D53010B7E84D4E80A2E485554, B39D7F5737BE7C8EF6BC33595FE4538A90374E148B39BDC618163CBC30719883 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
01:22:39.0707 0x104c  clwvd - ok
01:22:39.0723 0x104c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
01:22:39.0738 0x104c  CmBatt - ok
01:22:39.0738 0x104c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
01:22:39.0754 0x104c  cmdide - ok
01:22:39.0769 0x104c  [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG             C:\Windows\system32\Drivers\cng.sys
01:22:39.0816 0x104c  CNG - ok
01:22:39.0816 0x104c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
01:22:39.0832 0x104c  Compbatt - ok
01:22:39.0832 0x104c  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
01:22:39.0847 0x104c  CompositeBus - ok
01:22:39.0863 0x104c  COMSysApp - ok
01:22:39.0863 0x104c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
01:22:39.0879 0x104c  crcdisk - ok
01:22:39.0910 0x104c  [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
01:22:39.0957 0x104c  CryptSvc - ok
01:22:40.0019 0x104c  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch      C:\Windows\system32\rpcss.dll
01:22:40.0081 0x104c  DcomLaunch - ok
01:22:40.0113 0x104c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
01:22:40.0175 0x104c  defragsvc - ok
01:22:40.0175 0x104c  [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
01:22:40.0237 0x104c  DfsC - ok
01:22:40.0269 0x104c  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
01:22:40.0300 0x104c  Dhcp - ok
01:22:40.0315 0x104c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
01:22:40.0362 0x104c  discache - ok
01:22:40.0378 0x104c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
01:22:40.0393 0x104c  Disk - ok
01:22:40.0425 0x104c  [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache        C:\Windows\System32\dnsrslvr.dll
01:22:40.0471 0x104c  Dnscache - ok
01:22:40.0487 0x104c  [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc         C:\Windows\System32\dot3svc.dll
01:22:40.0534 0x104c  dot3svc - ok
01:22:40.0549 0x104c  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS             C:\Windows\system32\dps.dll
01:22:40.0596 0x104c  DPS - ok
01:22:40.0612 0x104c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
01:22:40.0627 0x104c  drmkaud - ok
01:22:40.0674 0x104c  [ EBCE0B0924835F635F620D19F0529DCE, 15BF803765373264390879FCA86C6D89C92DAFD0B1A36DEFA78EF01EBA2F9C26 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
01:22:40.0705 0x104c  DXGKrnl - ok
01:22:40.0752 0x104c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
01:22:40.0799 0x104c  EapHost - ok
01:22:40.0924 0x104c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
01:22:41.0049 0x104c  ebdrv - ok
01:22:41.0095 0x104c  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS             C:\Windows\System32\lsass.exe
01:22:41.0095 0x104c  EFS - ok
01:22:41.0205 0x104c  [ 3D69FAE60EDE442E004611A4EE4DB44C, 480D3F7604C9A70570BBFFF3CA0FABA216805BB38D4F8A73BB50996B547D8017 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
01:22:41.0267 0x104c  ehRecvr - ok
01:22:41.0283 0x104c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
01:22:41.0314 0x104c  ehSched - ok
01:22:41.0329 0x104c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
01:22:41.0361 0x104c  elxstor - ok
01:22:41.0361 0x104c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
01:22:41.0376 0x104c  ErrDev - ok
01:22:41.0407 0x104c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
01:22:41.0470 0x104c  EventSystem - ok
01:22:41.0470 0x104c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
01:22:41.0532 0x104c  exfat - ok
01:22:41.0532 0x104c  ezSharedSvc - ok
01:22:41.0548 0x104c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
01:22:41.0595 0x104c  fastfat - ok
01:22:41.0626 0x104c  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax             C:\Windows\system32\fxssvc.exe
01:22:41.0673 0x104c  Fax - ok
01:22:41.0673 0x104c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
01:22:41.0688 0x104c  fdc - ok
01:22:41.0688 0x104c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
01:22:41.0735 0x104c  fdPHost - ok
01:22:41.0735 0x104c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
01:22:41.0782 0x104c  FDResPub - ok
01:22:41.0782 0x104c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
01:22:41.0797 0x104c  FileInfo - ok
01:22:41.0797 0x104c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
01:22:41.0844 0x104c  Filetrace - ok
01:22:41.0875 0x104c  [ 35DAAD359197828D3CF3965764F5D82C, 03EFC98BCDBB568FDDE9FD0BAD604AEF2FFFA91484EBAEEA25CEA8BE0B72913C ] FintekCIR       C:\Windows\system32\DRIVERS\FintekCIR.sys
01:22:41.0891 0x104c  FintekCIR - ok
01:22:41.0891 0x104c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
01:22:41.0907 0x104c  flpydisk - ok
01:22:41.0922 0x104c  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
01:22:41.0938 0x104c  FltMgr - ok
01:22:41.0985 0x104c  [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A, 6587B22ED91F98D3E3614967F62D7A58F42C12F45F8E1D47835D195CD350BC54 ] FontCache       C:\Windows\system32\FntCache.dll
01:22:42.0063 0x104c  FontCache - ok
01:22:42.0109 0x104c  [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:22:42.0125 0x104c  FontCache3.0.0.0 - ok
01:22:42.0125 0x104c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
01:22:42.0141 0x104c  FsDepends - ok
01:22:42.0156 0x104c  [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
01:22:42.0156 0x104c  Fs_Rec - ok
01:22:42.0172 0x104c  [ B8B2A6E1558F8F5DE5CE431C5B2C7B09, 24A9F04A0622681A4E4B6BCC47C45016787C6036EAD828920812D9FAD49A71E3 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
01:22:42.0187 0x104c  fvevol - ok
01:22:42.0203 0x104c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
01:22:42.0203 0x104c  gagp30kx - ok
01:22:42.0406 0x104c  [ D154305DE6090E6E84E525F84BB08A06, 7B235178C3F26043AB7DB9EAD9A2185CEAF3C07BC48D63CA0EB6D56BCFEDF41A ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
01:22:42.0437 0x104c  GameConsoleService - ok
01:22:42.0484 0x104c  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc           C:\Windows\System32\gpsvc.dll
01:22:42.0531 0x104c  gpsvc - ok
01:22:42.0624 0x104c  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:22:42.0640 0x104c  gupdate - ok
01:22:42.0640 0x104c  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:22:42.0655 0x104c  gupdatem - ok
01:22:42.0655 0x104c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
01:22:42.0671 0x104c  hcw85cir - ok
01:22:42.0687 0x104c  [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:22:42.0718 0x104c  HdAudAddService - ok
01:22:42.0749 0x104c  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
01:22:42.0765 0x104c  HDAudBus - ok
01:22:42.0796 0x104c  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
01:22:42.0811 0x104c  HECIx64 - ok
01:22:42.0811 0x104c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
01:22:42.0827 0x104c  HidBatt - ok
01:22:42.0827 0x104c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
01:22:42.0843 0x104c  HidBth - ok
01:22:42.0874 0x104c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
01:22:42.0889 0x104c  HidIr - ok
01:22:42.0921 0x104c  [ AC0E56C858B86732420A44827B7CE2C9, 97E7A97C014456D9C3F330CDBDC28EA9E52BEF5533E632B41D37A81BADA09D66 ] hidkmdf         C:\Windows\system32\DRIVERS\hidkmdf.sys
01:22:42.0921 0x104c  hidkmdf - ok
01:22:42.0952 0x104c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
01:22:42.0999 0x104c  hidserv - ok
01:22:43.0030 0x104c  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
01:22:43.0108 0x104c  HidUsb - ok
01:22:43.0139 0x104c  [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc          C:\Windows\system32\kmsvc.dll
01:22:43.0186 0x104c  hkmsvc - ok
01:22:43.0201 0x104c  [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:22:43.0217 0x104c  HomeGroupListener - ok
01:22:43.0233 0x104c  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:22:43.0248 0x104c  HomeGroupProvider - ok
01:22:43.0295 0x104c  [ 37965381364B2E106E1DD7D74CDCAA43, 94C30FA88140E802A549549856145824122F138C2697301CDCAAEEEEA3858E12 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
01:22:43.0295 0x104c  HP Health Check Service - ok
01:22:43.0389 0x104c  [ DA075126F867727810EE9B98B3041C4C, 3298D7FDB79C64DE73B8C4309E3997311DD50BBF3FF5BE4C6800EF22AB491EEE ] HPAuto          C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
01:22:43.0404 0x104c  HPAuto - ok
01:22:43.0420 0x104c  [ 3DC11A802353401332D49C3CBFBBE5FC, E812E8A4ED64FEC346BE6B175CE651CFC553A23F31B0ABC5D50E6995A7F130DF ] HPClientSvc     C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
01:22:43.0435 0x104c  HPClientSvc - ok
01:22:43.0482 0x104c  [ A48A151D3FA7CB032A51453F087221C7, A74EFC7DC4F75BF29C9B459DCDF4D04F13F868D3D10F8D73606A5F03811170CA ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
01:22:43.0498 0x104c  HPDrvMntSvc.exe - ok
01:22:43.0529 0x104c  [ 71BD8A611E0677175D3938C9CEA7339A, 40A67671D231DAD8E9AEB5E38BCB8389192B373FD02ACCF960E9F287E1D8C9AD ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
01:22:43.0560 0x104c  hpqwmiex - ok
01:22:43.0560 0x104c  [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
01:22:43.0576 0x104c  HpSAMD - ok
01:22:43.0607 0x104c  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
01:22:43.0669 0x104c  HTTP - ok
01:22:43.0669 0x104c  [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
01:22:43.0685 0x104c  hwpolicy - ok
01:22:43.0685 0x104c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
01:22:43.0701 0x104c  i8042prt - ok
01:22:43.0747 0x104c  [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
01:22:43.0794 0x104c  iaStor - ok
01:22:43.0810 0x104c  [ 513DC087CFED7D2BB82F005385D3531F, 8ABEABCA28C1701A70261122D00CF550F845A43414A71885E301124F9F215351 ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
01:22:43.0841 0x104c  iaStorV - ok
01:22:43.0935 0x104c  [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:22:43.0966 0x104c  idsvc - ok
01:22:43.0966 0x104c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
01:22:43.0981 0x104c  iirsp - ok
01:22:44.0028 0x104c  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT          C:\Windows\System32\ikeext.dll
01:22:44.0091 0x104c  IKEEXT - ok
01:22:44.0215 0x104c  [ CB5FD9B681AD43B560490B5283DDC1C1, 359F4ACE7BE0FD6BF710AD1EEA48ED3F9E4A97A2B8318EC5616E34449D0C774F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
01:22:44.0293 0x104c  IntcAzAudAddService - ok
01:22:44.0309 0x104c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
01:22:44.0309 0x104c  intelide - ok
01:22:44.0325 0x104c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
01:22:44.0340 0x104c  intelppm - ok
01:22:44.0356 0x104c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
01:22:44.0403 0x104c  IPBusEnum - ok
01:22:44.0403 0x104c  [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:22:44.0449 0x104c  IpFilterDriver - ok
01:22:44.0465 0x104c  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
01:22:44.0527 0x104c  iphlpsvc - ok
01:22:44.0527 0x104c  [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
01:22:44.0543 0x104c  IPMIDRV - ok
01:22:44.0559 0x104c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
01:22:44.0590 0x104c  IPNAT - ok
01:22:44.0605 0x104c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
01:22:44.0621 0x104c  IRENUM - ok
01:22:44.0621 0x104c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
01:22:44.0637 0x104c  isapnp - ok
01:22:44.0652 0x104c  [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
01:22:44.0668 0x104c  iScsiPrt - ok
01:22:44.0683 0x104c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
01:22:44.0683 0x104c  kbdclass - ok
01:22:44.0699 0x104c  [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
01:22:44.0699 0x104c  kbdhid - ok
01:22:44.0730 0x104c  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso          C:\Windows\system32\lsass.exe
01:22:44.0746 0x104c  KeyIso - ok
01:22:44.0746 0x104c  [ E8B6FCC9C83535C67F835D407620BD27, 74B63F3BFB756FF0B0AD6A6C1535C0A1A0630295ECCBC078B00F2449718B0870 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
01:22:44.0761 0x104c  KSecDD - ok
01:22:44.0777 0x104c  [ A8C63880EF6F4D3FEC7B616B9C060215, 036AE3ABBF991F5748C5C46E1DF62FBBC832BCDBF8C1B6E3C22A22A3703BBBCA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
01:22:44.0793 0x104c  KSecPkg - ok
01:22:44.0793 0x104c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
01:22:44.0824 0x104c  ksthunk - ok
01:22:44.0871 0x104c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
01:22:44.0933 0x104c  KtmRm - ok
01:22:44.0949 0x104c  [ C926920B8978DE6ACFE9E15C709E9B57, 33B8002ABC30372B1CA8B6EC046757794CD7C9DA3CA4715B515B6894DC7E45CA ] LanmanServer    C:\Windows\system32\srvsvc.dll
01:22:44.0995 0x104c  LanmanServer - ok
01:22:45.0011 0x104c  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:22:45.0058 0x104c  LanmanWorkstation - ok
01:22:45.0151 0x104c  [ B1E1C8BB1392537E4D415FCDCB93B1D3, 8F47F88743C1FA0CD9EABF712BD42FDAE04BEFD8568A5BD74CA3146AA975D08E ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
01:22:45.0167 0x104c  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
01:22:47.0632 0x104c  Detect skipped due to KSN trusted
01:22:47.0632 0x104c  LightScribeService - ok
01:22:47.0647 0x104c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
01:22:47.0710 0x104c  lltdio - ok
01:22:47.0741 0x104c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
01:22:47.0788 0x104c  lltdsvc - ok
01:22:47.0803 0x104c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
01:22:47.0835 0x104c  lmhosts - ok
01:22:47.0913 0x104c  [ E38775922D4A4C05B5D96733AB4CE169, 92888BF351C4249C81189CA7F25419077017DD2F1F88FD91D1F4A51CEBF98A62 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
01:22:47.0944 0x104c  LMS - ok
01:22:47.0959 0x104c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
01:22:47.0975 0x104c  LSI_FC - ok
01:22:47.0991 0x104c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
01:22:48.0006 0x104c  LSI_SAS - ok
01:22:48.0006 0x104c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
01:22:48.0022 0x104c  LSI_SAS2 - ok
01:22:48.0022 0x104c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
01:22:48.0084 0x104c  LSI_SCSI - ok
01:22:48.0100 0x104c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
01:22:48.0147 0x104c  luafv - ok
01:22:48.0162 0x104c  [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
01:22:48.0178 0x104c  Mcx2Svc - ok
01:22:48.0178 0x104c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
01:22:48.0193 0x104c  megasas - ok
01:22:48.0209 0x104c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
01:22:48.0225 0x104c  MegaSR - ok
01:22:48.0256 0x104c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
01:22:48.0303 0x104c  MMCSS - ok
01:22:48.0303 0x104c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
01:22:48.0349 0x104c  Modem - ok
01:22:48.0349 0x104c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
01:22:48.0365 0x104c  monitor - ok
01:22:48.0381 0x104c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
01:22:48.0381 0x104c  mouclass - ok
01:22:48.0396 0x104c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
01:22:48.0412 0x104c  mouhid - ok
01:22:48.0412 0x104c  [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
01:22:48.0427 0x104c  mountmgr - ok
01:22:48.0474 0x104c  [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:22:48.0490 0x104c  MozillaMaintenance - ok
01:22:48.0490 0x104c  [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
01:22:48.0505 0x104c  mpio - ok
01:22:48.0521 0x104c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
01:22:48.0568 0x104c  mpsdrv - ok
01:22:48.0599 0x104c  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc          C:\Windows\system32\mpssvc.dll
01:22:48.0661 0x104c  MpsSvc - ok
01:22:48.0677 0x104c  [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
01:22:48.0693 0x104c  MRxDAV - ok
01:22:48.0708 0x104c  [ 767A4C3BCF9410C286CED15A2DB17108, D9EA9EF7D4048081B132B804E0AE5A60A58FA6B25B7F5B87D5D7E354B2D94C79 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
01:22:48.0724 0x104c  mrxsmb - ok
01:22:48.0739 0x104c  [ 920EE0FF995FCFDEB08C41605A959E1C, 977195011912166F7C7E209D90B973E3F507B5297504AF9B6797FA8D1051534C ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:22:48.0755 0x104c  mrxsmb10 - ok
01:22:48.0755 0x104c  [ 740D7EA9D72C981510A5292CF6ADC941, C55C2F73410C008F829D194EF072721A8D7945BCC48458982D2409761908E7AE ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:22:48.0771 0x104c  mrxsmb20 - ok
01:22:48.0786 0x104c  [ 2BA4FF3D5EB68587DD662A896F649C7D, E7262683BC370A279C33D0B83F7CE445E51584F0CF3DDA5FBB1C808265CDDB30 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
01:22:48.0786 0x104c  msahci - ok
01:22:48.0802 0x104c  [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
01:22:48.0802 0x104c  msdsm - ok
01:22:48.0817 0x104c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
01:22:48.0833 0x104c  MSDTC - ok
01:22:48.0849 0x104c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
01:22:48.0880 0x104c  Msfs - ok
01:22:48.0895 0x104c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
01:22:48.0927 0x104c  mshidkmdf - ok
01:22:48.0942 0x104c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
01:22:48.0942 0x104c  msisadrv - ok
01:22:48.0973 0x104c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
01:22:49.0020 0x104c  MSiSCSI - ok
01:22:49.0020 0x104c  msiserver - ok
01:22:49.0036 0x104c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
01:22:49.0067 0x104c  MSKSSRV - ok
01:22:49.0067 0x104c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
01:22:49.0114 0x104c  MSPCLOCK - ok
01:22:49.0114 0x104c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
01:22:49.0161 0x104c  MSPQM - ok
01:22:49.0176 0x104c  [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
01:22:49.0192 0x104c  MsRPC - ok
01:22:49.0192 0x104c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
01:22:49.0207 0x104c  mssmbios - ok
01:22:49.0207 0x104c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
01:22:49.0254 0x104c  MSTEE - ok
01:22:49.0254 0x104c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
01:22:49.0270 0x104c  MTConfig - ok
01:22:49.0270 0x104c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
01:22:49.0285 0x104c  Mup - ok
01:22:49.0301 0x104c  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent        C:\Windows\system32\qagentRT.dll
01:22:49.0363 0x104c  napagent - ok
01:22:49.0379 0x104c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
01:22:49.0410 0x104c  NativeWifiP - ok
01:22:49.0441 0x104c  [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS            C:\Windows\system32\drivers\ndis.sys
01:22:49.0473 0x104c  NDIS - ok
01:22:49.0488 0x104c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
01:22:49.0519 0x104c  NdisCap - ok
01:22:49.0535 0x104c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
01:22:49.0566 0x104c  NdisTapi - ok
01:22:49.0582 0x104c  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
01:22:49.0613 0x104c  Ndisuio - ok
01:22:49.0629 0x104c  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
01:22:49.0675 0x104c  NdisWan - ok
01:22:49.0675 0x104c  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
01:22:49.0722 0x104c  NDProxy - ok
01:22:49.0722 0x104c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
01:22:49.0753 0x104c  NetBIOS - ok
01:22:49.0769 0x104c  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
01:22:49.0816 0x104c  NetBT - ok
01:22:49.0831 0x104c  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon        C:\Windows\system32\lsass.exe
01:22:49.0847 0x104c  Netlogon - ok
01:22:49.0878 0x104c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
01:22:49.0941 0x104c  Netman - ok
01:22:49.0972 0x104c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:22:49.0972 0x104c  NetMsmqActivator - ok
01:22:49.0987 0x104c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:22:50.0003 0x104c  NetPipeActivator - ok
01:22:50.0019 0x104c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
01:22:50.0065 0x104c  netprofm - ok
01:22:50.0143 0x104c  [ 1982B291DF9833FB3ADC397EBD310A18, 09E97EE548218558625A49AC88BF761153E15F6F429DDCEE6B184590BAE6BC0A ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
01:22:50.0175 0x104c  netr28x - ok
01:22:50.0190 0x104c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:22:50.0190 0x104c  NetTcpActivator - ok
01:22:50.0206 0x104c  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:22:50.0206 0x104c  NetTcpPortSharing - ok
01:22:50.0221 0x104c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
01:22:50.0237 0x104c  nfrd960 - ok
01:22:50.0253 0x104c  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc          C:\Windows\System32\nlasvc.dll
01:22:50.0315 0x104c  NlaSvc - ok
01:22:50.0471 0x104c  [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
01:22:50.0549 0x104c  NOBU - ok
01:22:50.0549 0x104c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
01:22:50.0596 0x104c  Npfs - ok
01:22:50.0611 0x104c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
01:22:50.0658 0x104c  nsi - ok
01:22:50.0658 0x104c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
01:22:50.0705 0x104c  nsiproxy - ok
01:22:50.0752 0x104c  [ 1AD8FEF2D6AC7116B68B887A9782FD33, C3C584AA1B927AF775CCE4C5D95837535479EF2CA019393C7226FA5D2E854E26 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
01:22:50.0814 0x104c  Ntfs - ok
01:22:50.0814 0x104c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
01:22:50.0861 0x104c  Null - ok
01:22:51.0267 0x104c  [ 2218C0F9D4C694460340F2F8ADCCC9C0, 21F27ACD79A00C5E135B9107E3543047A002DBE3B01ADF24F83360BE3C962213 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
01:22:51.0579 0x104c  nvlddmkm - ok
01:22:51.0610 0x104c  [ DEAB10231CBDB0881FC25428EBE11506, 3FF30FD757B70B79F4D49298DD5A594787229E577B9AEED0EBF561470FDFB998 ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
01:22:51.0625 0x104c  nvraid - ok
01:22:51.0625 0x104c  [ 0AF7B8136794E23E87BE138992880E64, F7C5E192563DB7716E5594931CB1E0497A8819A86F29633654A659793F5294A8 ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
01:22:51.0641 0x104c  nvstor - ok
01:22:51.0672 0x104c  [ 5218967E54DBC9CB4AAEA53247A0F275, ED6B79623CD024C795DA14EBCDE0E8CC9EA2ACA5F0927D734E02612788A3CEE8 ] nvsvc           C:\Windows\system32\nvvsvc.exe
01:22:51.0688 0x104c  nvsvc - ok
01:22:51.0688 0x104c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
01:22:51.0703 0x104c  nv_agp - ok
01:22:51.0719 0x104c  [ 1490B742E560E337AC6D2F80CE9FE14B, DD12429EA600F882D6A92B8830049A37BA0273F6DB9A924F82489B84173E5523 ] NW1950          C:\Windows\system32\DRIVERS\NW1950.sys
01:22:51.0719 0x104c  NW1950 - ok
01:22:51.0735 0x104c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
01:22:51.0750 0x104c  ohci1394 - ok
01:22:51.0766 0x104c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
01:22:51.0797 0x104c  p2pimsvc - ok
01:22:51.0813 0x104c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
01:22:51.0844 0x104c  p2psvc - ok
01:22:51.0859 0x104c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
01:22:51.0875 0x104c  Parport - ok
01:22:51.0891 0x104c  [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
01:22:51.0891 0x104c  partmgr - ok
01:22:51.0906 0x104c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
01:22:51.0922 0x104c  PcaSvc - ok
01:22:51.0937 0x104c  [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci             C:\Windows\system32\DRIVERS\pci.sys
01:22:51.0953 0x104c  pci - ok
01:22:51.0953 0x104c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
01:22:51.0969 0x104c  pciide - ok
01:22:51.0969 0x104c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
01:22:51.0984 0x104c  pcmcia - ok
01:22:52.0000 0x104c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
01:22:52.0000 0x104c  pcw - ok
01:22:52.0031 0x104c  pdfcDispatcher - ok
01:22:52.0062 0x104c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
01:22:52.0109 0x104c  PEAUTH - ok
01:22:52.0406 0x104c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
01:22:52.0437 0x104c  PerfHost - ok
01:22:52.0499 0x104c  [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla             C:\Windows\system32\pla.dll
01:22:52.0593 0x104c  pla - ok
01:22:52.0624 0x104c  [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
01:22:52.0686 0x104c  PlugPlay - ok
01:22:52.0702 0x104c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
01:22:52.0702 0x104c  PNRPAutoReg - ok
01:22:52.0718 0x104c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
01:22:52.0749 0x104c  PNRPsvc - ok
01:22:52.0780 0x104c  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
01:22:52.0842 0x104c  PolicyAgent - ok
01:22:52.0858 0x104c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
01:22:52.0905 0x104c  Power - ok
01:22:52.0920 0x104c  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
01:22:52.0952 0x104c  PptpMiniport - ok
01:22:52.0983 0x104c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
01:22:52.0983 0x104c  Processor - ok
01:22:52.0998 0x104c  [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc         C:\Windows\system32\profsvc.dll
01:22:53.0045 0x104c  ProfSvc - ok
01:22:53.0061 0x104c  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
01:22:53.0076 0x104c  ProtectedStorage - ok
01:22:53.0092 0x104c  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
01:22:53.0123 0x104c  Psched - ok
01:22:53.0186 0x104c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
01:22:53.0232 0x104c  ql2300 - ok
01:22:53.0232 0x104c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
01:22:53.0310 0x104c  ql40xx - ok
01:22:53.0342 0x104c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
01:22:53.0373 0x104c  QWAVE - ok
01:22:53.0373 0x104c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
01:22:53.0388 0x104c  QWAVEdrv - ok
01:22:53.0404 0x104c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
01:22:53.0435 0x104c  RasAcd - ok
01:22:53.0466 0x104c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
01:22:53.0513 0x104c  RasAgileVpn - ok
01:22:53.0529 0x104c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
01:22:53.0576 0x104c  RasAuto - ok
01:22:53.0576 0x104c  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
01:22:53.0622 0x104c  Rasl2tp - ok
01:22:53.0654 0x104c  [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan          C:\Windows\System32\rasmans.dll
01:22:53.0700 0x104c  RasMan - ok
01:22:53.0716 0x104c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
01:22:53.0747 0x104c  RasPppoe - ok
01:22:53.0763 0x104c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
01:22:53.0794 0x104c  RasSstp - ok
01:22:53.0810 0x104c  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
01:22:53.0856 0x104c  rdbss - ok
01:22:53.0872 0x104c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
01:22:53.0888 0x104c  rdpbus - ok
01:22:53.0888 0x104c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
01:22:53.0919 0x104c  RDPCDD - ok
01:22:53.0934 0x104c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
01:22:53.0966 0x104c  RDPENCDD - ok
01:22:53.0981 0x104c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
01:22:54.0012 0x104c  RDPREFMP - ok
01:22:54.0028 0x104c  [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7, 02179089E0816AD544F370A8A3557498D09981F60CC94E497DC4A5A2BBBE1E48 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
01:22:54.0090 0x104c  RDPWD - ok
01:22:54.0106 0x104c  [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
01:22:54.0122 0x104c  rdyboost - ok
01:22:54.0137 0x104c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
01:22:54.0184 0x104c  RemoteAccess - ok
01:22:54.0215 0x104c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
01:22:54.0262 0x104c  RemoteRegistry - ok
01:22:54.0278 0x104c  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
01:22:54.0293 0x104c  RFCOMM - ok
01:22:54.0324 0x104c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
01:22:54.0356 0x104c  RpcEptMapper - ok
01:22:54.0387 0x104c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
01:22:54.0418 0x104c  RpcLocator - ok
01:22:54.0480 0x104c  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs           C:\Windows\system32\rpcss.dll
01:22:54.0543 0x104c  RpcSs - ok
01:22:54.0558 0x104c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
01:22:54.0605 0x104c  rspndr - ok
01:22:54.0636 0x104c  [ 3B01789EE4EAEE97F5EB46B711387D5E, 154D6D409E02AAEA8CC34FA70F71630D67A31F033F65EE854448112C45F164B4 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
01:22:54.0668 0x104c  RTL8167 - ok
01:22:54.0683 0x104c  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs           C:\Windows\system32\lsass.exe
01:22:54.0683 0x104c  SamSs - ok
01:22:54.0699 0x104c  [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
01:22:54.0714 0x104c  sbp2port - ok
01:22:54.0730 0x104c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
01:22:54.0777 0x104c  SCardSvr - ok
01:22:54.0777 0x104c  [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
01:22:54.0824 0x104c  scfilter - ok
01:22:54.0870 0x104c  [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] Schedule        C:\Windows\system32\schedsvc.dll
01:22:54.0948 0x104c  Schedule - ok
01:22:54.0980 0x104c  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc     C:\Windows\System32\certprop.dll
01:22:55.0026 0x104c  SCPolicySvc - ok
01:22:55.0042 0x104c  [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
01:22:55.0058 0x104c  SDRSVC - ok
01:22:55.0104 0x104c  [ 331E7BDE228914574FC9AE6CD520DAFA, 15C6364E73328E86E431DA0960DEE794F96A6E83FF82C9CA181E70127E395311 ] SeaPort         C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
01:22:55.0120 0x104c  SeaPort - ok
01:22:55.0136 0x104c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
01:22:55.0167 0x104c  secdrv - ok
01:22:55.0182 0x104c  [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon        C:\Windows\system32\seclogon.dll
01:22:55.0229 0x104c  seclogon - ok
01:22:55.0245 0x104c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
01:22:55.0276 0x104c  SENS - ok
01:22:55.0292 0x104c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
01:22:55.0307 0x104c  SensrSvc - ok
01:22:55.0307 0x104c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
01:22:55.0323 0x104c  Serenum - ok
01:22:55.0338 0x104c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
01:22:55.0354 0x104c  Serial - ok
01:22:55.0354 0x104c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
01:22:55.0370 0x104c  sermouse - ok
01:22:55.0385 0x104c  [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv      C:\Windows\system32\sessenv.dll
01:22:55.0416 0x104c  SessionEnv - ok
01:22:55.0432 0x104c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
01:22:55.0432 0x104c  sffdisk - ok
01:22:55.0448 0x104c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
01:22:55.0448 0x104c  sffp_mmc - ok
01:22:55.0463 0x104c  [ 178298F767FE638C9FEDCBDEF58BB5E4, 053D12CFEE5C54EA7D06F9C9CAE93544FE258A4825CDE2A14090BC81A96E1CF7 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
01:22:55.0463 0x104c  sffp_sd - ok
01:22:55.0479 0x104c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
01:22:55.0479 0x104c  sfloppy - ok
01:22:55.0510 0x104c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
01:22:55.0557 0x104c  SharedAccess - ok
01:22:55.0588 0x104c  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:22:55.0619 0x104c  ShellHWDetection - ok
01:22:55.0635 0x104c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
01:22:55.0635 0x104c  SiSRaid2 - ok
01:22:55.0650 0x104c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
01:22:55.0650 0x104c  SiSRaid4 - ok
01:22:55.0666 0x104c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
01:22:55.0697 0x104c  Smb - ok
01:22:55.0728 0x104c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
01:22:55.0728 0x104c  SNMPTRAP - ok
01:22:55.0744 0x104c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
01:22:55.0744 0x104c  spldr - ok
01:22:55.0775 0x104c  [ F8E1FA03CB70D54A9892AC88B91D1E7B, 55EECAAD4C7EC0868BE937F4ADDA026AFDFCC614E94DE4B3248BFF2BE7FF13E8 ] Spooler         C:\Windows\System32\spoolsv.exe
01:22:55.0806 0x104c  Spooler - ok
01:22:55.0916 0x104c  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc          C:\Windows\system32\sppsvc.exe
01:22:56.0056 0x104c  sppsvc - ok
01:22:56.0056 0x104c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
01:22:56.0103 0x104c  sppuinotify - ok
01:22:56.0118 0x104c  [ 43067A65522EAEC33D31A12D6FA8E3F4, 244CE66A10B34DC756962D0A164B34B98D89AB41B64C7AAF1F31E8642D8B013B ] srv             C:\Windows\system32\DRIVERS\srv.sys
01:22:56.0150 0x104c  srv - ok
01:22:56.0165 0x104c  [ 03715CF9C30B563DA35FC5F2B8F7B8E0, 694EE380955AAD3E21DD72D2656141017E113EC726E5CBE856EF4D7E4FE10387 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
01:22:56.0181 0x104c  srv2 - ok
01:22:56.0196 0x104c  [ FBD09635227A8026C0F7790F604343C6, 582D40DD57D33BF79642E6DF069E82187EF79978B7192D669FD21678B0D8A9C4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
01:22:56.0212 0x104c  srvnet - ok
01:22:56.0228 0x104c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
01:22:56.0274 0x104c  SSDPSRV - ok
01:22:56.0274 0x104c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
01:22:56.0321 0x104c  SstpSvc - ok
01:22:56.0337 0x104c  Steam Client Service - ok
01:22:56.0337 0x104c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
01:22:56.0352 0x104c  stexstor - ok
01:22:56.0384 0x104c  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc          C:\Windows\System32\wiaservc.dll
01:22:56.0415 0x104c  stisvc - ok
01:22:56.0415 0x104c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
01:22:56.0430 0x104c  swenum - ok
01:22:56.0446 0x104c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
01:22:56.0508 0x104c  swprv - ok
01:22:56.0586 0x104c  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain         C:\Windows\system32\sysmain.dll
01:22:56.0649 0x104c  SysMain - ok
01:22:56.0664 0x104c  [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:22:56.0696 0x104c  TabletInputService - ok
01:22:56.0696 0x104c  [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv         C:\Windows\System32\tapisrv.dll
01:22:56.0758 0x104c  TapiSrv - ok
01:22:56.0774 0x104c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
01:22:56.0805 0x104c  TBS - ok
01:22:56.0883 0x104c  [ 90A2D722CF64D911879D6C4A4F802A4D, 2D825BC1FD73315BF51F36CAEF6A8EFE9042A4C260151C6351064260CF699194 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
01:22:56.0945 0x104c  Tcpip - ok
01:22:57.0023 0x104c  [ 90A2D722CF64D911879D6C4A4F802A4D, 2D825BC1FD73315BF51F36CAEF6A8EFE9042A4C260151C6351064260CF699194 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
01:22:57.0070 0x104c  TCPIP6 - ok
01:22:57.0086 0x104c  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
01:22:57.0132 0x104c  tcpipreg - ok
01:22:57.0132 0x104c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
01:22:57.0179 0x104c  TDPIPE - ok
01:22:57.0179 0x104c  [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
01:22:57.0210 0x104c  TDTCP - ok
01:22:57.0226 0x104c  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
01:22:57.0273 0x104c  tdx - ok
01:22:57.0273 0x104c  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
01:22:57.0288 0x104c  TermDD - ok
01:22:57.0320 0x104c  [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService     C:\Windows\System32\termsrv.dll
01:22:57.0382 0x104c  TermService - ok
01:22:57.0398 0x104c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
01:22:57.0413 0x104c  Themes - ok
01:22:57.0444 0x104c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
01:22:57.0476 0x104c  THREADORDER - ok
01:22:57.0491 0x104c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
01:22:57.0538 0x104c  TrkWks - ok
01:22:57.0616 0x104c  [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:22:57.0647 0x104c  TrustedInstaller - ok
01:22:57.0663 0x104c  [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
01:22:57.0710 0x104c  tssecsrv - ok
01:22:57.0710 0x104c  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
01:22:57.0756 0x104c  tunnel - ok
01:22:57.0756 0x104c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
01:22:57.0772 0x104c  uagp35 - ok
01:22:57.0788 0x104c  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
01:22:57.0834 0x104c  udfs - ok
01:22:57.0850 0x104c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
01:22:57.0866 0x104c  UI0Detect - ok
01:22:57.0866 0x104c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
01:22:57.0881 0x104c  uliagpkx - ok
01:22:57.0897 0x104c  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
01:22:57.0897 0x104c  umbus - ok
01:22:57.0912 0x104c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
01:22:57.0928 0x104c  UmPass - ok
01:22:58.0068 0x104c  [ 02C298382359653BEC4C737C2AB7F9C5, 44F285478591DAD476B7FDF5F15A78C76FE3FB207408D1C665ACD54B758EAC1B ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
01:22:58.0146 0x104c  UNS - ok
01:22:58.0178 0x104c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
01:22:58.0224 0x104c  upnphost - ok
01:22:58.0224 0x104c  [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
01:22:58.0240 0x104c  usbccgp - ok
01:22:58.0256 0x104c  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
01:22:58.0271 0x104c  usbcir - ok
01:22:58.0287 0x104c  [ DF9F9AFC9AAABD8ED47975D44E38169A, 3EB9E900F35B13208D4B3F9FF3B42972EF3FAFEE1225CC144AC2340410B991C8 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
01:22:58.0287 0x104c  usbehci - ok
01:22:58.0302 0x104c  [ 372A91BC3C6603080A793880B0873785, DC24793760922B92278335AF3B752EBE4373132A1D5CD02EF86466DCC90EB560 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
01:22:58.0334 0x104c  usbhub - ok
01:22:58.0334 0x104c  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
01:22:58.0349 0x104c  usbohci - ok
01:22:58.0365 0x104c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
01:22:58.0443 0x104c  usbprint - ok
01:22:58.0443 0x104c  [ A60E7E0FA88FF067D049D525547CD5E9, A6929516C9FDB1C3537F3D65590A4026536E6131AFC9B9F70241EE76ACE191D3 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:22:58.0458 0x104c  USBSTOR - ok
01:22:58.0458 0x104c  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
01:22:58.0474 0x104c  usbuhci - ok
01:22:58.0490 0x104c  [ D501E12614B00A3252073101D6A1A74B, DFA3A83978125B3CE45C71DD9069E8A7938366D0F4B4B2401CDD07251253FA8C ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
01:22:58.0505 0x104c  usbvideo - ok
01:22:58.0521 0x104c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
01:22:58.0568 0x104c  UxSms - ok
01:22:58.0583 0x104c  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc        C:\Windows\system32\lsass.exe
01:22:58.0599 0x104c  VaultSvc - ok
01:22:58.0599 0x104c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
01:22:58.0614 0x104c  vdrvroot - ok
01:22:58.0646 0x104c  [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds             C:\Windows\System32\vds.exe
01:22:58.0677 0x104c  vds - ok
01:22:58.0677 0x104c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
01:22:58.0692 0x104c  vga - ok
01:22:58.0708 0x104c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
01:22:58.0739 0x104c  VgaSave - ok
01:22:58.0755 0x104c  [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
01:22:58.0770 0x104c  vhdmp - ok
01:22:58.0770 0x104c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
01:22:58.0786 0x104c  viaide - ok
01:22:58.0786 0x104c  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
01:22:58.0802 0x104c  volmgr - ok
01:22:58.0817 0x104c  [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
01:22:58.0833 0x104c  volmgrx - ok
01:22:58.0833 0x104c  [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
01:22:58.0848 0x104c  volsnap - ok
01:22:58.0864 0x104c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
01:22:58.0880 0x104c  vsmraid - ok
01:22:58.0942 0x104c  [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS             C:\Windows\system32\vssvc.exe
01:22:59.0004 0x104c  VSS - ok
01:22:59.0020 0x104c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
01:22:59.0036 0x104c  vwifibus - ok
01:22:59.0036 0x104c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
01:22:59.0051 0x104c  vwififlt - ok
01:22:59.0067 0x104c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
01:22:59.0129 0x104c  W32Time - ok
01:22:59.0129 0x104c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
01:22:59.0145 0x104c  WacomPen - ok
01:22:59.0145 0x104c  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
01:22:59.0192 0x104c  WANARP - ok
01:22:59.0192 0x104c  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
01:22:59.0238 0x104c  Wanarpv6 - ok
01:22:59.0301 0x104c  [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine        C:\Windows\system32\wbengine.exe
01:22:59.0348 0x104c  wbengine - ok
01:22:59.0363 0x104c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
01:22:59.0394 0x104c  WbioSrvc - ok
01:22:59.0410 0x104c  [ 8321C2CA3B62B61B293CDA3451984468, 856A079C2CCC75D633EA23E410D7F3ECDF368EAAAFF634CB82DDA545FD3A2F9C ] wcncsvc         C:\Windows\System32\wcncsvc.dll
01:22:59.0426 0x104c  wcncsvc - ok
01:22:59.0441 0x104c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:22:59.0457 0x104c  WcsPlugInService - ok
01:22:59.0457 0x104c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
01:22:59.0472 0x104c  Wd - ok
01:22:59.0488 0x104c  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
01:22:59.0504 0x104c  Wdf01000 - ok
01:22:59.0519 0x104c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
01:22:59.0550 0x104c  WdiServiceHost - ok
01:22:59.0550 0x104c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
01:22:59.0566 0x104c  WdiSystemHost - ok
01:22:59.0582 0x104c  [ 8A438CBB8C032A0C798B0C642FFBE572, 3200B9B6A7B87C1C47295FA416C99DE1FBB2DBBA3DA78D5CC88C26DCC4189D45 ] WebClient       C:\Windows\System32\webclnt.dll
01:22:59.0613 0x104c  WebClient - ok
01:22:59.0628 0x104c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
01:22:59.0675 0x104c  Wecsvc - ok
01:22:59.0691 0x104c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
01:22:59.0738 0x104c  wercplsupport - ok
01:22:59.0738 0x104c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
01:22:59.0784 0x104c  WerSvc - ok
01:22:59.0784 0x104c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
01:22:59.0831 0x104c  WfpLwf - ok
01:22:59.0831 0x104c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
01:22:59.0831 0x104c  WIMMount - ok
01:22:59.0847 0x104c  WinDefend - ok
01:22:59.0862 0x104c  WinHttpAutoProxySvc - ok
01:22:59.0987 0x104c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
01:23:00.0050 0x104c  Winmgmt - ok
01:23:00.0174 0x104c  [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM           C:\Windows\system32\WsmSvc.dll
01:23:00.0284 0x104c  WinRM - ok
01:23:00.0346 0x104c  [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
01:23:00.0377 0x104c  WinUsb - ok
01:23:00.0440 0x104c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
01:23:00.0486 0x104c  Wlansvc - ok
01:23:00.0627 0x104c  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
01:23:00.0689 0x104c  wlidsvc - ok
01:23:00.0705 0x104c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
01:23:00.0720 0x104c  WmiAcpi - ok
01:23:00.0736 0x104c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
01:23:00.0767 0x104c  wmiApSrv - ok
01:23:00.0783 0x104c  WMPNetworkSvc - ok
01:23:00.0798 0x104c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
01:23:00.0814 0x104c  WPCSvc - ok
01:23:00.0814 0x104c  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
01:23:00.0845 0x104c  WPDBusEnum - ok
01:23:00.0861 0x104c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
01:23:00.0892 0x104c  ws2ifsl - ok
01:23:00.0923 0x104c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
01:23:00.0939 0x104c  wscsvc - ok
01:23:00.0939 0x104c  WSearch - ok
01:23:01.0079 0x104c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
01:23:01.0173 0x104c  wuauserv - ok
01:23:01.0173 0x104c  [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
01:23:01.0220 0x104c  WudfPf - ok
01:23:01.0235 0x104c  [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
01:23:01.0282 0x104c  WUDFRd - ok
01:23:01.0298 0x104c  [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
01:23:01.0344 0x104c  wudfsvc - ok
01:23:01.0344 0x104c  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
01:23:01.0376 0x104c  WwanSvc - ok
01:23:01.0391 0x104c  ================ Scan global ===============================
01:23:01.0407 0x104c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
01:23:01.0438 0x104c  [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
01:23:01.0454 0x104c  [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
01:23:01.0469 0x104c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
01:23:01.0485 0x104c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
01:23:01.0500 0x104c  [ Global ] - ok
01:23:01.0500 0x104c  ================ Scan MBR ==================================
01:23:01.0500 0x104c  [ EA992228D7CB77EFD3BC631124E09ADC ] \Device\Harddisk0\DR0
01:23:01.0828 0x104c  \Device\Harddisk0\DR0 - ok
01:23:01.0844 0x104c  ================ Scan VBR ==================================
01:23:01.0844 0x104c  [ E42B7E9DFCE1AE26BEDCBD1CBE663784 ] \Device\Harddisk0\DR0\Partition1
01:23:01.0906 0x104c  \Device\Harddisk0\DR0\Partition1 - ok
01:23:01.0906 0x104c  [ 4D203AA96EEDDD447B2AF6662D05B290 ] \Device\Harddisk0\DR0\Partition2
01:23:01.0953 0x104c  \Device\Harddisk0\DR0\Partition2 - ok
01:23:01.0968 0x104c  [ 58911217C6936EB21CE7A8556BE0C048 ] \Device\Harddisk0\DR0\Partition3
01:23:01.0968 0x104c  \Device\Harddisk0\DR0\Partition3 - ok
01:23:01.0968 0x104c  ================ Scan generic autorun ======================
01:23:02.0390 0x104c  [ 63C3AED5744F0BB8884413D19BFDB99A, 84DDF092DDAF6109D6185E86165CE60CD43A03F4B3C2ECAA7B109F17BED43BDB ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
01:23:02.0826 0x104c  RtHDVCpl - ok
01:23:02.0842 0x104c  NvCplDaemon - ok
01:23:02.0889 0x104c  [ 554A50B5310E702029D3A675459108FF, 4757D5FFFAC7E73D4A3D931DB1399DDFDBD5811639BDA4517F886C21CC7F2574 ] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
01:23:02.0920 0x104c  hpsysdrv - ok
01:23:02.0951 0x104c  [ 5516C26A6AF8EB4E2CAB48EC98A74398, 2BF161DE944090B3B3792AE8F5985FCB09744B3EE626E8253A3861D86284652D ] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
01:23:02.0967 0x104c  HP Software Update - ok
01:23:03.0076 0x104c  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:23:03.0216 0x104c  Sidebar - ok
01:23:03.0232 0x104c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:23:03.0279 0x104c  mctadmin - ok
01:23:03.0310 0x104c  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:23:03.0357 0x104c  Sidebar - ok
01:23:03.0372 0x104c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:23:03.0388 0x104c  mctadmin - ok
01:23:03.0388 0x104c  Waiting for KSN requests completion. In queue: 44
01:23:04.0402 0x104c  Waiting for KSN requests completion. In queue: 44
01:23:05.0416 0x104c  Waiting for KSN requests completion. In queue: 44
01:23:06.0508 0x104c  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.11.550 ), 0x41000 ( enabled : updated )
01:23:06.0555 0x104c  Win FW state via NFP2: enabled
01:23:09.0004 0x104c  ============================================================
01:23:09.0004 0x104c  Scan finished
01:23:09.0004 0x104c  ============================================================
01:23:09.0020 0x1d04  Detected object count: 0
01:23:09.0020 0x1d04  Actual detected object count: 0